Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 0 of max. 8 Checks (03:44:13)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A

 

Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. Html-Parsing | 13. NameServer-IPAddresses | 14. CAA | 15. TXT | 16. DomainServiceEntries | 17. Cipher Suites | 18. Portchecks |

 

N

 

No trusted Certificate

 

Checked:
08.11.2025 14:54:42

 

Older results

No older results found

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
88.99.0.38
A
88.99.0.38
Falkenstein/Saxony/Germany (DE) - Hetzner Online GmbH
Hostname: static.38.0.99.88.clients.your-server.de
yes


 

2. DNSSEC

 

No DNSSEC - Informations found

 

3. Name Servers

 

No Nameserver entries found

 

4. SOA-Entries

 

No SOA entries found

5. Screenshots

No Screenshot listed, because no screenshot found. Perhaps the check is too old, the feature startet 2019-12-23.

 

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://88.99.0.38/
88.99.0.38
404

Html is minified: 105.56 %
0.030
M
Not Found
X-Content-Type-Options: nosniff
Date: Sat, 08 Nov 2025 13:54:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19

• https://88.99.0.38/
88.99.0.38
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 105.56 %
Other inline scripts (∑/total): 0/0		2.170
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
X-Content-Type-Options: nosniff
Date: Sat, 08 Nov 2025 13:54:47 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19

• http://88.99.0.38/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
88.99.0.38
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 105.56 %
Other inline scripts (∑/total): 0/0		0.047
A
Not Found
Visible Content:
X-Content-Type-Options: nosniff
Date: Sat, 08 Nov 2025 13:54:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19

• https://88.99.0.38/
88.99.0.38
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 105.56 %
Other inline scripts (∑/total): 0/0		2.157
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
X-Content-Type-Options: nosniff
Date: Sat, 08 Nov 2025 13:54:50 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 19

 

7. Comments


1. General Results, most used to calculate the result

Aname "88.99.0.38" is ipv4 address, public suffix is not defined
AGood: All ip addresses are public addresses
AGood: No cookie sent via http.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Bhttps://88.99.0.38/ 88.99.0.38
404

Missing HSTS-Header
CError - no version with Http-Status 200
HFatal error: No https - result with http-status 200, no encryption
Mhttp://88.99.0.38/ 88.99.0.38
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://88.99.0.38/ 88.99.0.38
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://88.99.0.38/ 88.99.0.38
404

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://88.99.0.38/ 88.99.0.38
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://88.99.0.38/ 88.99.0.38
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.88.99.0.38

2. Header-Checks

Ahetzner 88.99.0.38
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
Fhetzner 88.99.0.38
Content-Security-Policy
Critical: Missing Header:
Fhetzner 88.99.0.38
Referrer-Policy
Critical: Missing Header:
Fhetzner 88.99.0.38
Permissions-Policy
Critical: Missing Header:
Bhetzner 88.99.0.38
Cross-Origin-Embedder-Policy
Info: Missing Header
Bhetzner 88.99.0.38
Cross-Origin-Opener-Policy
Info: Missing Header
Bhetzner 88.99.0.38
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks


4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
https://88.99.0.38/ 88.99.0.38
404
2.170 seconds
Warning: 404 needs more then one second
https://88.99.0.38/ 88.99.0.38
404
2.157 seconds
Warning: 404 needs more then one second
ADuration: 47573 milliseconds, 47.573 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
hetzner
88.99.0.38
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
hetzner
88.99.0.38
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate

1CN=TRAEFIK DEFAULT CERT


88.99.0.38
88.99.0.38
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

88.99.0.38
88.99.0.38
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
http/2 via ALPN supported 
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate

1CN=TRAEFIK DEFAULT CERT

 

9. Certificates

1.
1.
CN=TRAEFIK DEFAULT CERT
07.11.2025
07.11.2026
expires in 335 days		4122318a8cc8d6384025015bbcdafe57.8ceea1e909c20bc8be8cb2044f8e1542.traefik.default - 1 entry
1.
1.
CN=TRAEFIK DEFAULT CERT
07.11.2025

07.11.2026
expires in 335 days


4122318a8cc8d6384025015bbcdafe57.8ceea1e909c20bc8be8cb2044f8e1542.traefik.default - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:31519C1BE11CE98D306A91CFA167B172
Thumbprint:27163A24D404DF86D9505DD3B8BC90FF6833359A
SHA256 / Certificate:/DBy2ea+JKMPGWqK4GKCJHl53A+I/QR+3qk10oVKAAY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):327f79ba2214ffe8312b47d9a92a5ce123c576eceb712a85f7d50be8a86de195
SHA256 hex / Subject Public Key Information (SPKI):327f79ba2214ffe8312b47d9a92a5ce123c576eceb712a85f7d50be8a86de195 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.w3.org/nu/


No https result http status 200 and Content-Type text/html or text/xml found, no Html-Parsing - Check

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

 

 

No NameServer - IP address - Informations found

 

14. CAA - Entries

No CAA entries found

 

15. TXT - Entries

No TXT entries found

 

16. DomainService - Entries

No DomainServiceEntries entries found

 

 

17. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
hetzner
88.99.0.38
443
5 Ciphers34.74 sec
0 without, 5 FS
100.00 %
Complete

1
5 Ciphers
5.00 Ciphers/Check		34.74 sec34.74 sec/Check
0 without, 5 FS
100.00 %

Details
DomainIPPortCipher (OpenSsl / IANA)
hetzner
88.99.0.38
443
ECDHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xA8
 FS
5 Ciphers, 34.74 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x30
 FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x2F
 FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES256-SHA
 (Weak)
TLSv1
0xC0,0x14
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
 (Weak)
TLSv1
0xC0,0x13
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=146f6f4b-5184-4ffd-805f-f0d9ce516888

 

Last Result: https://check-your-website.server-daten.de/?q=88.99.0.38&h=hetzner - 2025-11-08 14:54:42

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=88.99.0.38&h=hetzner" target="_blank">Check this Site: 88.99.0.38</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=88.99.0.38&h=hetzner

 

 

Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • USt-IdNr.: DE221734518

 

Errors, ideas, questions? Use the Contact form • A project using Server-Daten - Web Database solutions