Shortcuts: 1. Basic DNS | 2. Url-Checks | 3. Comments | 4. Connections | 5. Certificates | 6. CT-Logs | 7. Html-Content | 8. CAA | 9. TXT |


N

No trusted Certificate

Checked:
18.05.2019 21:34:27


Older results

1. Basic DNS and Nameserver Checks

HostTIP-Addressis auth.∑ Queries∑ Timeout
2a01:238:301b::1228
AAAA
2a01:238:301b::1228
yes




No DNSSEC - Informations found



No Nameserver entries found



No SOA entries found

2. Url-Checks


show header:
Domainname Http-StatusredirectSec.G
• http://[2a01:0238:301b:0000:0000:0000:0000:1228]/
2a01:238:301b::1228
301
https://[2a01:0238:301b:0000:0000:0000:0000:1228]/
0.020
E
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/html
Location: https://[2a01:0238:301b:0000:0000:0000:0000:1228]/
Set-Cookie: [2A01:0238:301B:0000:0000:0000:0000:1228]=ba5b23b2-2557-4bbe-8070-93a4cb387fa8; Path=/; Domain=[2A01:0238:301B:0000:0000:0000:0000:1228]; HttpOnly
Date: Sat, 18 May 2019 19:34:29 GMT
Connection: close

• https://[2a01:0238:301b:0000:0000:0000:0000:1228]/
2a01:238:301b::1228
200

0.154
N
Certificate error: RemoteCertificateNameMismatch
Content-Type: text/html
Strict-Transport-Security: max-age=63072000; includeSubDomains
Public-Key-Pins: max-age=2592000; pin-sha256="Vjs8r4z+80wjNcr1YKepWQboSIRi63WsWXhIMN+eWys="; pin-sha256="C5+lpZ7tcVwmwQIMcRtPbsQtWLABXhQzejna0wHFr8M="; includeSubDomains
P3P: CP="NOI CUR OUR STA"
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Referrer-Policy: no-referrer-when-downgrade
Expect-CT: enforce, max-age=2592000, report-uri="/-expect-ct.html"
Feature-Policy: camera 'self'
Content-Security-Policy: default-src 'none'; style-src 'self' 'unsafe-inline'; img-src 'self'; font-src 'self'; script-src 'self'; connect-src 'self'; child-src 'self'; report-uri /-cspr.html
Date: Sat, 18 May 2019 19:34:29 GMT
Connection: close
Content-Length: 0

• http://[2a01:0238:301b:0000:0000:0000:0000:1228]/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:238:301b::1228
404

0.017
A
Not Found
Visible Content: No such page
Content-Type: text/html; charset=utf-8
Server: Microsoft-IIS/8.5
Date: Sat, 18 May 2019 19:34:29 GMT
Connection: close
Content-Length: 38

3. Comments

Aname "2a01:238:301b::1228" is ipv6 address, public suffix is not defined
Agood: All ip addresses are public addresses
Agood: destination is https
Agood - only one version with Http-Status 200
Agood: one preferred version: non-www is preferred
Agood: every https has a Strict Transport Security Header
Agood: HSTS max-age is long enough, 63072000 seconds = 730 days
Agood: HSTS has includeSubdomains - directive
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):1 complete Content-Type - header (2 urls)
https://[2a01:0238:301b:0000:0000:0000:0000:1228]/ 2a01:238:301b::1228


Url with incomplete Content-Type - header - missing charset
Ehttp://[2a01:0238:301b:0000:0000:0000:0000:1228]/ 2a01:238:301b::1228
301
https://[2a01:0238:301b:0000:0000:0000:0000:1228]/
wrong redirect one domain http to other domain https - first redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security).
Nhttps://[2a01:0238:301b:0000:0000:0000:0000:1228]/ 2a01:238:301b::1228
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
ADuration: 2954 milliseconds, 2.954 seconds


4. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
[2a01:0238:301b:0000:0000:0000:0000:1228]
2a01:238:301b::1228
443
name does not match
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok


5. Certificates

1.
1.
CN=*.server-daten.de
02.04.2019
01.07.2019
expires in 37 days
*.server-daten.de, server-daten.de - 2 entries

KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:SHA256 With RSA-Encryption
Serial Number:04BD15A983BB26EB5C9A4740044A2A06A613
Thumbprint:AE154C8ABD39C3383A8EE852F31C3E7C6A18615F
SHA256 / Certificate:cbUKxUhqJiq0ezESsp0/sg6JFQb3QSC9T+Vz2kXanC4=
SHA256 hex / Cert (DANE * 0 1):71b50ac5486a262ab47b3112b29d3fb20e891506f74120bd4fe573da45da9c2e
SHA256 hex / PublicKey (DANE * 1 1):7dd73755589a7613631cd99ad92a2ab71c47a5e552f9a117aab1f08dc8e63a0e
OCSP - Url:http://ocsp.int-x3.letsencrypt.org
OCSP - must staple:yes
Certificate Transparency:yes


2.
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
17.03.2016
17.03.2021
expires in 662 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0A0141420000015385736A0B85ECA708
Thumbprint:E6A3B45B062D509B3382282D196EFE97D5956CCB
SHA256 / Certificate:JYR9Zo608E/dQLErawdAxWfafQJDCOtsLJb+QdneIY0=
SHA256 hex / Cert (DANE * 0 1):25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
SHA256 hex / PublicKey (DANE * 1 1):60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18
OCSP - Url:http://isrg.trustid.ocsp.identrust.com
OCSP - must staple:no
Certificate Transparency:no


3.
CN=DST Root CA X3, O=Digital Signature Trust Co.
30.09.2000
30.09.2021
expires in 859 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:44AFB080D6A327BA893039862EF8406B
Thumbprint:DAC9024F54D8F6DF94935FB1732638CA6AD77C13
SHA256 / Certificate:BocmAzGnJAPZCfEF5pvPDTLhvSST/8bZIG0RvNZ3Bzk=
SHA256 hex / Cert (DANE * 0 1):0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739
SHA256 hex / PublicKey (DANE * 1 1):563b3caf8cfef34c2335caf560a7a95906e8488462eb75ac59784830df9e5b2b
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no



6. Last Certificates - Certificate Transparency Log Check (BETA)

1. Source CertSpotter - active certificates

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow.

No CRT - CT-Log entries found


7. Html-Content - Entries (BETA - mixed content and other checks)

No Html-Content entries found. Only checked if https + status 200/401/403/404


8. CAA - Entries

No CAA entries found


9. TXT - Entries

No TXT entries found



Permalink: https://check-your-website.server-daten.de/?i=cb7a459d-a2ca-4e03-ac88-1803fdce3f26


Last Result: https://check-your-website.server-daten.de/?q=%5b2a01%3a238%3a301b%3a%3a1228%5d - 2019-05-18 21:34:27