Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

A

 

Top config

 

Checked:
14.06.2022 00:19:29

 

Older results

No older results found

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
bmdrive.bombeiros.to.gov.br
CNAME
ws.bombeiros.to.gov.br
yes
1
0

A
131.72.217.147
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda
Hostname: smtp.ahdu.to.gov.br
yes



A
187.29.146.147
Palmas/Tocantins/Brazil (BR) - Claro S.A
Hostname: smtp.ahdu.to.gov.br
yes


www.bmdrive.bombeiros.to.gov.br

Name Error
yes
1
0
*.bombeiros.to.gov.br
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


*.bmdrive.bombeiros.to.gov.br
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 47671, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.07.2022, 00:00:00 +, Signature-Inception: 10.06.2022, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: br

br
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 2471, DigestType 2 and Digest Xk81mYuPkJVX+hGcTL/cotZgom8GnvAGtAN1igfRouQ=






2 RRSIG RR to validate DS RR found






RRSIG-Owner br., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 26.06.2022, 19:00:00 +, Signature-Inception: 13.06.2022, 18:00:00 +, KeyTag 47671, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 47671 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 2471, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 24560, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner br., Algorithm: 13, 1 Labels, original TTL: 21600 sec, Signature-expiration: 03.07.2022, 12:00:00 +, Signature-Inception: 12.06.2022, 12:00:00 +, KeyTag 2471, Signer-Name: br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 2471 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 2471, DigestType 2 and Digest "Xk81mYuPkJVX+hGcTL/cotZgom8GnvAGtAN1igfRouQ=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: gov.br

gov.br
2 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 20657, DigestType 2 and Digest cTlGjX0uYalvqEYWZj90iSrga+zAqabWHt8kC4GvhwI=






DS with Algorithm 13, KeyTag 3034, DigestType 2 and Digest b8vjERvggDuk6CW4jV/MaFLWsBgKoqwjxuX6Wrr6al8=






2 RRSIG RR to validate DS RR found






RRSIG-Owner gov.br., Algorithm: 13, 2 Labels, original TTL: 21600 sec, Signature-expiration: 27.06.2022, 12:00:08 +, Signature-Inception: 13.06.2022, 11:00:08 +, KeyTag 24560, Signer-Name: br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 24560 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 3034, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 20657, Flags 257 (SEP = Secure Entry Point)






2 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner gov.br., Algorithm: 13, 2 Labels, original TTL: 21600 sec, Signature-expiration: 27.06.2022, 22:15:08 +, Signature-Inception: 13.06.2022, 21:15:08 +, KeyTag 20657, Signer-Name: gov.br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 20657 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 20657, DigestType 2 and Digest "cTlGjX0uYalvqEYWZj90iSrga+zAqabWHt8kC4GvhwI=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: to.gov.br

to.gov.br
1 DS RR in the parent zone found






DS with Algorithm 5, KeyTag 2524, DigestType 1 and Digest qU2O6xE1DT1Ac/lqXyy0lN25i7A=






2 RRSIG RR to validate DS RR found






RRSIG-Owner to.gov.br., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 20.06.2022, 12:10:10 +, Signature-Inception: 06.06.2022, 11:10:10 +, KeyTag 20657, Signer-Name: gov.br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 20657 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 5, KeyTag 2524, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 5, KeyTag 58636, Flags 257 (SEP = Secure Entry Point)






2 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner to.gov.br., Algorithm: 5, 3 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 17:18:35 +, KeyTag 2524, Signer-Name: to.gov.br






RRSIG-Owner to.gov.br., Algorithm: 5, 3 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 17:18:35 +, KeyTag 58636, Signer-Name: to.gov.br






Status: Good - Algorithmus 5 and DNSKEY with KeyTag 2524 used to validate the DNSKEY RRSet






Status: Good - Algorithmus 5 and DNSKEY with KeyTag 58636 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 5, KeyTag 2524, DigestType 1 and Digest "qU2O6xE1DT1Ac/lqXyy0lN25i7A=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: bombeiros.to.gov.br

bombeiros.to.gov.br
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "bombeiros.to.gov.br" and the NextOwner "bomjesus.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: NS, RRSIG, NSEC






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "bombeiros.to.gov.br" and the NextOwner "bomjesus.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: NS, RRSIG, NSEC






1 DNSKEY RR found






Public Key with Algorithm 5, KeyTag 31081, Flags 257 (SEP = Secure Entry Point)






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner bombeiros.to.gov.br., Algorithm: 5, 4 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good - Algorithmus 5 and DNSKEY with KeyTag 31081 used to validate the DNSKEY RRSet






Error: DNSKEY 31081 signs DNSKEY RRset, but no confirming DS RR in the parent zone found. No chain of trust created.



Zone: bmdrive.bombeiros.to.gov.br

bmdrive.bombeiros.to.gov.br
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: A, RRSIG, NSEC






RRSIG Type 5 validates the CNAME - Result: ws.bombeiros.to.gov.br
Validated: RRSIG-Owner bmdrive.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br



Zone: www.bmdrive.bombeiros.to.gov.br

www.bmdrive.bombeiros.to.gov.br
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "bmdrive.bombeiros.to.gov.br" and the NextOwner "distec.bombeiros.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: CNAME, RRSIG, NSEC



Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 47671, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.07.2022, 00:00:00 +, Signature-Inception: 10.06.2022, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: br

br
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 2471, DigestType 2 and Digest Xk81mYuPkJVX+hGcTL/cotZgom8GnvAGtAN1igfRouQ=






2 RRSIG RR to validate DS RR found






RRSIG-Owner br., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 26.06.2022, 19:00:00 +, Signature-Inception: 13.06.2022, 18:00:00 +, KeyTag 47671, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 47671 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 2471, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 24560, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner br., Algorithm: 13, 1 Labels, original TTL: 21600 sec, Signature-expiration: 03.07.2022, 12:00:00 +, Signature-Inception: 12.06.2022, 12:00:00 +, KeyTag 2471, Signer-Name: br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 2471 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 2471, DigestType 2 and Digest "Xk81mYuPkJVX+hGcTL/cotZgom8GnvAGtAN1igfRouQ=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: gov.br

gov.br
2 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 20657, DigestType 2 and Digest cTlGjX0uYalvqEYWZj90iSrga+zAqabWHt8kC4GvhwI=






DS with Algorithm 13, KeyTag 3034, DigestType 2 and Digest b8vjERvggDuk6CW4jV/MaFLWsBgKoqwjxuX6Wrr6al8=






2 RRSIG RR to validate DS RR found






RRSIG-Owner gov.br., Algorithm: 13, 2 Labels, original TTL: 21600 sec, Signature-expiration: 27.06.2022, 12:00:08 +, Signature-Inception: 13.06.2022, 11:00:08 +, KeyTag 24560, Signer-Name: br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 24560 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 3034, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 20657, Flags 257 (SEP = Secure Entry Point)






2 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner gov.br., Algorithm: 13, 2 Labels, original TTL: 21600 sec, Signature-expiration: 27.06.2022, 22:25:08 +, Signature-Inception: 13.06.2022, 21:25:08 +, KeyTag 20657, Signer-Name: gov.br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 20657 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 20657, DigestType 2 and Digest "cTlGjX0uYalvqEYWZj90iSrga+zAqabWHt8kC4GvhwI=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: to.gov.br

to.gov.br
1 DS RR in the parent zone found






DS with Algorithm 5, KeyTag 2524, DigestType 1 and Digest qU2O6xE1DT1Ac/lqXyy0lN25i7A=






2 RRSIG RR to validate DS RR found






RRSIG-Owner to.gov.br., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 20.06.2022, 12:10:10 +, Signature-Inception: 06.06.2022, 11:10:10 +, KeyTag 20657, Signer-Name: gov.br






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 20657 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 5, KeyTag 2524, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 5, KeyTag 58636, Flags 257 (SEP = Secure Entry Point)






2 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner to.gov.br., Algorithm: 5, 3 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 17:18:35 +, KeyTag 2524, Signer-Name: to.gov.br






RRSIG-Owner to.gov.br., Algorithm: 5, 3 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 17:18:35 +, KeyTag 58636, Signer-Name: to.gov.br






Status: Good - Algorithmus 5 and DNSKEY with KeyTag 2524 used to validate the DNSKEY RRSet






Status: Good - Algorithmus 5 and DNSKEY with KeyTag 58636 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 5, KeyTag 2524, DigestType 1 and Digest "qU2O6xE1DT1Ac/lqXyy0lN25i7A=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: bombeiros.to.gov.br

bombeiros.to.gov.br
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "bombeiros.to.gov.br" and the NextOwner "bomjesus.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: NS, RRSIG, NSEC






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "bombeiros.to.gov.br" and the NextOwner "bomjesus.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: NS, RRSIG, NSEC






1 DNSKEY RR found






Public Key with Algorithm 5, KeyTag 31081, Flags 257 (SEP = Secure Entry Point)






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner bombeiros.to.gov.br., Algorithm: 5, 4 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good - Algorithmus 5 and DNSKEY with KeyTag 31081 used to validate the DNSKEY RRSet






Error: DNSKEY 31081 signs DNSKEY RRset, but no confirming DS RR in the parent zone found. No chain of trust created.



Zone: ws.bombeiros.to.gov.br

ws.bombeiros.to.gov.br
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: A, RRSIG, NSEC






0 DNSKEY RR found












RRSIG Type 1 validates the A - Result: 131.72.217.147 187.29.146.147
Validated: RRSIG-Owner ws.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






CNAME-Query sends a valid NSEC RR as result with the query name "ws.bombeiros.to.gov.br" equal the NSEC-owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, RRSIG, NSEC Validated: RRSIG-Owner ws.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good. NoData-Proof required and found.






TXT-Query sends a valid NSEC RR as result with the query name "ws.bombeiros.to.gov.br" equal the NSEC-owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the zone confirmes the not-existence of that TXT RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, RRSIG, NSEC Validated: RRSIG-Owner ws.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good. NoData-Proof required and found.






AAAA-Query sends a valid NSEC RR as result with the query name "ws.bombeiros.to.gov.br" equal the NSEC-owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, RRSIG, NSEC Validated: RRSIG-Owner ws.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good. NoData-Proof required and found.






TLSA-Query (_443._tcp.ws.bombeiros.to.gov.br) sends a valid NSEC RR as result with the owner name ws.bombeiros.to.gov.br. So that's the Closest Encloser of the query name. TLSA-Query sends a valid NSEC RR as result and covers the Wildcard expansion of the ClosestEncloser with the owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So that NSEC confirms the not-existence of the Wildcard expansion. TLSA-Query (_443._tcp.ws.bombeiros.to.gov.br) sends a valid NSEC RR as result with the query name "_443._tcp.ws.bombeiros.to.gov.br" between the NSEC-owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the zone confirmes the not-existence of that TLSA RR.TLSA-Query (_443._tcp.ws.bombeiros.to.gov.br) sends a valid NSEC RR as result with the parent Wildcard "*._tcp.ws.bombeiros.to.gov.br" between the NSEC-owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the zone confirmes the not-existence of that Wildcard-expansion.
Bitmap: A, RRSIG, NSEC Validated: RRSIG-Owner ws.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good. NXDomain-Proof required and found.






CAA-Query sends a valid NSEC RR as result with the query name "ws.bombeiros.to.gov.br" equal the NSEC-owner "ws.bombeiros.to.gov.br" and the NextOwner "ws-homo.bombeiros.to.gov.br". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists).
Bitmap: A, RRSIG, NSEC Validated: RRSIG-Owner ws.bombeiros.to.gov.br., Algorithm: 5, 5 Labels, original TTL: 3600 sec, Signature-expiration: 09.10.2023, 12:00:00 +, Signature-Inception: 07.06.2022, 12:56:58 +, KeyTag 31081, Signer-Name: bombeiros.to.gov.br






Status: Good. NoData-Proof required and found.

 

3. Name Servers

DomainNameserverNS-IP
www.bmdrive.bombeiros.to.gov.br
  ns.to.gov.br

bombeiros.to.gov.br
T  ns.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


 
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
187.29.146.1
Palmas/Tocantins/Brazil (BR) - Claro S.A


 
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


  ns1.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


T  ns2.to.gov.br
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


  ns3.to.gov.br
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


  ns4.to.gov.br
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda

to.gov.br
  ns.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


T 
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
187.29.146.1
Palmas/Tocantins/Brazil (BR) - Claro S.A


 
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


T  ns1.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


  ns2.to.gov.br
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


  ns3.to.gov.br
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


T  ns4.to.gov.br
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda

gov.br
T  a.dns.br
2001:12f8:6::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  b.dns.br / b6.b.dns.br
2001:12f8:8::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  c.dns.br / c5.c.dns.br
2001:12f8:a::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  d.dns.br / d5.d.dns.br
2001:12f8:4::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  e.dns.br / e1.e.dns.br
2001:12f8:2::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - Núcleo de Inf. e Coord. do Ponto BR - NIC.


  f.dns.br / f7.a.f.dns.br
2001:12f8:c::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - Núcleo de Inf. e Coord. do Ponto BR - NIC.

br
  a.dns.br / a6.a.dns.br


T  b.dns.br / b3.b.dns.br


  c.dns.br / c6.c.dns.br


  d.dns.br / d4.d.dns.br


  e.dns.br / e1.e.dns.br


  f.dns.br / f6.f.dns.br


ws.bombeiros.to.gov.br
  ns.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


 
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
187.29.146.1
Palmas/Tocantins/Brazil (BR) - Claro S.A


 
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A

bombeiros.to.gov.br
T  ns.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


 
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
187.29.146.1
Palmas/Tocantins/Brazil (BR) - Claro S.A


 
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


  ns1.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


  ns2.to.gov.br
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


  ns3.to.gov.br
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


  ns4.to.gov.br
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda

to.gov.br
T  ns.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


T 
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


 
187.29.146.1
Palmas/Tocantins/Brazil (BR) - Claro S.A


 
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


T  ns1.to.gov.br
128.201.16.20
Palmas/Tocantins/Brazil (BR) - Agencia De Tecnologia DA Informacao


  ns2.to.gov.br
131.72.217.1
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda


  ns3.to.gov.br
187.29.146.20
Palmas/Tocantins/Brazil (BR) - Claro S.A


T  ns4.to.gov.br
131.72.217.20
Palmas/Tocantins/Brazil (BR) - Nova Telecom Ltda

gov.br
T  a.dns.br
2001:12f8:6::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  b.dns.br / b8.b.dns.br
2001:12f8:8::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  c.dns.br / c1.c.dns.br
2001:12f8:a::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  d.dns.br / d2.d.dns.br
2001:12f8:4::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - NÔcleo de Inf. e Coord. do Ponto BR - NIC.BR


  e.dns.br / e8.e.dns.br
2001:12f8:2::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - Núcleo de Inf. e Coord. do Ponto BR - NIC.


  f.dns.br / f7.a.f.dns.br
2001:12f8:c::10
Brooklin Paulista/Sao Paulo/Brazil (BR) - Núcleo de Inf. e Coord. do Ponto BR - NIC.

br
  a.dns.br / a1.a.dns.br


  b.dns.br / b6.b.dns.br


  c.dns.br / c3.c.dns.br


  d.dns.br / d2.d.dns.br


  e.dns.br / e8.e.dns.br


  f.dns.br / f4.f.dns.br

 

4. SOA-Entries


Domain:br
Zone-Name:br
Primary:a.dns.br
Mail:hostmaster.registro.br
Serial:2022164534
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:6


Domain:gov.br
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:gov.br
Zone-Name:gov.br
Primary:a.dns.br
Mail:hostmaster.registro.br
Serial:2022164536
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:5


Domain:to.gov.br
Zone-Name:to.gov.br
Primary:ns.to.gov.br
Mail:abuse.to.gov.br
Serial:2022060700
Refresh:3600
Retry:900
Expire:1209600
TTL:3600
num Entries:9


Domain:bombeiros.to.gov.br
Zone-Name:bombeiros.to.gov.br
Primary:ns.to.gov.br
Mail:abuse.to.gov.br
Serial:2022060700
Refresh:3600
Retry:900
Expire:1209600
TTL:3600
num Entries:9


Domain:www.bmdrive.bombeiros.to.gov.br
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1



Domain:br
Zone-Name:br
Primary:a.dns.br
Mail:hostmaster.registro.br
Serial:2022164538
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:6


Domain:gov.br
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:gov.br
Zone-Name:gov.br
Primary:a.dns.br
Mail:hostmaster.registro.br
Serial:2022164538
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:5


Domain:to.gov.br
Zone-Name:to.gov.br
Primary:ns.to.gov.br
Mail:abuse.to.gov.br
Serial:2022060700
Refresh:3600
Retry:900
Expire:1209600
TTL:3600
num Entries:9


Domain:bombeiros.to.gov.br
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:2


Domain:bombeiros.to.gov.br
Zone-Name:bombeiros.to.gov.br
Primary:ns.to.gov.br
Mail:abuse.to.gov.br
Serial:2022060700
Refresh:3600
Retry:900
Expire:1209600
TTL:3600
num Entries:7


Domain:ws.bombeiros.to.gov.br
Zone-Name:bombeiros.to.gov.br
Primary:ns.to.gov.br
Mail:abuse.to.gov.br
Serial:2022060700
Refresh:3600
Retry:900
Expire:1209600
TTL:3600
num Entries:5


5. Screenshots

Startaddress: https://bmdrive.bombeiros.to.gov.br/index.php/login, address used: https://bmdrive.bombeiros.to.gov.br/index.php/login, Screenshot created 2022-06-14 00:34:42 +00:0

 

Mobil (412px x 732px)

 

1119 milliseconds

 

Screenshot mobile - https://bmdrive.bombeiros.to.gov.br/index.php/login
Mobil + Landscape (732px x 412px)

 

1014 milliseconds

 

Screenshot mobile landscape - https://bmdrive.bombeiros.to.gov.br/index.php/login
Screen (1280px x 1680px)

 

5343 milliseconds

 

Screenshot Desktop - https://bmdrive.bombeiros.to.gov.br/index.php/login

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412732
content Size412732

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://bmdrive.bombeiros.to.gov.br/
131.72.217.147
301
https://bmdrive.bombeiros.to.gov.br/
Html is minified: 100.00 %
0.503
A
Date: Mon, 13 Jun 2022 22:32:49 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://bmdrive.bombeiros.to.gov.br/
Content-Length: 337
Connection: close
Content-Type: text/html; charset=iso-8859-1

• http://bmdrive.bombeiros.to.gov.br/
187.29.146.147
301
https://bmdrive.bombeiros.to.gov.br/
Html is minified: 100.00 %
0.496
A
Date: Mon, 13 Jun 2022 22:32:49 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://bmdrive.bombeiros.to.gov.br/
Content-Length: 337
Connection: close
Content-Type: text/html; charset=iso-8859-1

• https://bmdrive.bombeiros.to.gov.br/
131.72.217.147
302
https://bmdrive.bombeiros.to.gov.br/index.php/login

9.634
A
Date: Mon, 13 Jun 2022 22:32:51 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade, close
Set-Cookie: ocm092nlf93j=skmqlm7qk9u29vd43actafbnfk; path=/; secure; HttpOnly; SameSite=Lax,oc_sessionPassphrase=qDRO859m6yHDjPR5K%2F1XL4dIUWQcca2vXdxWcKRwlCqa2o40MfLpPaMEgRDlz5jxEqveypyA5Bt%2FEoGRW7UAk4H1N2soRHr9CeyaVdjl2%2B0Xg0owr5%2B7kmUhE%2BRgd%2FhY; path=/; secure; HttpOnly; SameSite=Lax,ocm092nlf93j=atoe77as77eaol6tvjv2lm6151; path=/; secure; HttpOnly; SameSite=Lax,__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax,__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-ZXcyazBqUmpFS2tLMHNCbTZDSHRoaVFQdzE1QldrejFqdnRMT3BZVzRiQT06RTMzSXBudFNKT1J0dHZJbGpXN1kxR1Y0OWd0emFDaTd4SXdIUU93dTJkOD0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Location: https://bmdrive.bombeiros.to.gov.br/index.php/login
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://bmdrive.bombeiros.to.gov.br/
187.29.146.147
302
https://bmdrive.bombeiros.to.gov.br/index.php/login

5.757
A
Date: Mon, 13 Jun 2022 22:33:01 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade, close
Set-Cookie: ocm092nlf93j=4qckdrspaug9f2rtr7q4g9na51; path=/; secure; HttpOnly; SameSite=Lax,oc_sessionPassphrase=ZQ%2ByVDadZOBqJ0h%2Ff0Bepm4Ag6VtZbrwRztxQpzRrToXaLIgQEnNw3dg5pODm4T2XaSPE%2BcwzQyFq9EAkhMpM75%2B3sMZP%2BBiUbfyGOO34MkECRh5iag5SC59XRimClH%2B; path=/; secure; HttpOnly; SameSite=Lax,ocm092nlf93j=eglksoli2pcrvq6detgta0c013; path=/; secure; HttpOnly; SameSite=Lax,__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax,__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-KzM2QjZSU0p3Q3ZoVi9CYUZlOUFkNzhPeFJ5c1Zjc3pGWDlDS0J1REo4Zz06a1V6RmtVM1pxMktyYjZrY1Y0WVNEWTFGdFhmallxOTdjQlZ4ZkhmR2NZMD0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Location: https://bmdrive.bombeiros.to.gov.br/index.php/login
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://bmdrive.bombeiros.to.gov.br/index.php/login

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
200

Html is minified: 102.46 %
Other inline scripts (∑/total): 0/0
6.130
A
small visible content (num chars: 160)
Este aplicativo requer JavaScript para sua correta operação. Por favor habilite o JavaScript e recarregue a página. CBM-TO CBM-TO – Por um Tocantins mais seguro
Date: Mon, 13 Jun 2022 22:33:27 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade, close
Set-Cookie: ocm092nlf93j=lp08iaa0pott1t67l9t8svr6j9; path=/; secure; HttpOnly; SameSite=Lax,oc_sessionPassphrase=so9pHKryma3Z2kfKzd3aB%2FqahtPvlM%2Bh5brpbvlIMJLZx5%2F8rfUbxWEryIPYb3SV%2B7F7Z4oPgKwysRVvdJvbN84YUBb5YpTRpctpj1a8xi1T93M7iNF1pHXXK%2BtCmAY3; path=/; secure; HttpOnly; SameSite=Lax,ocm092nlf93j=bejda8a8ttuhqtql3h3stfgjsi; path=/; secure; HttpOnly; SameSite=Lax,__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax,__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self' stun.nextcloud.com:443;media-src 'self';frame-src 'self';frame-ancestors 'self';worker-src 'self' blob:;form-action 'self'
Content-Encoding: gzip
Feature-Policy: autoplay 'self';camera 'self';fullscreen 'self';geolocation 'none';microphone 'self';payment 'none'
Content-Length: 4089
Content-Type: text/html; charset=UTF-8

• http://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
131.72.217.147
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
https://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0
0.493
A
Visible Content: Moved Permanently The document has moved here . Apache/2.4.41 (Ubuntu) Server at bmdrive.bombeiros.to.gov.br Port 80
Date: Mon, 13 Jun 2022 22:33:08 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 406
Connection: close
Content-Type: text/html; charset=iso-8859-1

• http://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
187.29.146.147
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
https://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0
0.487
A
Visible Content: Moved Permanently The document has moved here . Apache/2.4.41 (Ubuntu) Server at bmdrive.bombeiros.to.gov.br Port 80
Date: Mon, 13 Jun 2022 22:33:09 GMT
Server: Apache/2.4.41 (Ubuntu)
Location: https://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 406
Connection: close
Content-Type: text/html; charset=iso-8859-1

• https://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

302
https://bmdrive.bombeiros.to.gov.br/index.php/login

4.770
A
Visible Content:
Date: Mon, 13 Jun 2022 22:33:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade, close
Set-Cookie: ocm092nlf93j=8ivhjr4rhokieuu67ia1snd2nc; path=/; secure; HttpOnly; SameSite=Lax,oc_sessionPassphrase=xGhmbGnvWWK7PSOn9YJWEI7L8TgVOx2%2FGxrGecCp9qrYgIAm873efhYDemyJ23G%2FVW9%2BWpsNIvdjOXIU2%2Fx2bL6JnpXka07TC0xmjpDlPyFQUEsk0%2Fus6JoDipAQDB8h; path=/; secure; HttpOnly; SameSite=Lax,ocm092nlf93j=f57gams64jpql4b1e686qvr7vb; path=/; secure; HttpOnly; SameSite=Lax,__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax,__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-R0E4TEdPU1czbGx1WjdnYnlCbXJDY3g4T2hUN0VyemFZQkNKeTk4dTFzWT06THpzZ0lOenVralVoRis1ODhHL01JdWN4ZDJXSldlNnBVeUhIbUk1THU0MD0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Location: https://bmdrive.bombeiros.to.gov.br/index.php/login
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://131.72.217.147/
131.72.217.147
400

Html is minified: 103.19 %
9.093
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Date: Mon, 13 Jun 2022 22:33:11 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade, close
Set-Cookie: ocm092nlf93j=q980ntf856gr2cgcr530nfrd8e; path=/; secure; HttpOnly; SameSite=Lax,oc_sessionPassphrase=vaY5SyVlKBPc%2B%2BNzHUVHn57PBUk%2BhjVSeQ0J41nnaRIGq8zNb7W0N0tgS84H0QBzfW%2FWipJ%2B1P9PLg6s2S5PJOzMMYwH3yfYL4uH4DYDMJgW0Nt6NEtvZ3Sxy%2FX5%2BXRx; path=/; secure; HttpOnly; SameSite=Lax,ocm092nlf93j=7t0ct3qjsjsm7vm6ufpr986eur; path=/; secure; HttpOnly; SameSite=Lax,__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax,__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-NlNmemM0QWdLWlRMUmVCYVVJZ0hUU3FaSDJlRU82WGlBWmVFQWMzdk1oND06dlhQR0ovUmtVOHo5Qm9jakY4eGhIMUQ4YWpYeWI1MnBlOFN2Y1ArN1FFbz0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

• https://187.29.146.147/
187.29.146.147
400

Html is minified: 103.19 %
6.250
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Date: Mon, 13 Jun 2022 22:33:20 GMT
Server: Apache/2.4.41 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Referrer-Policy: no-referrer
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Robots-Tag: none
X-XSS-Protection: 1; mode=block
Upgrade: h2,h2c
Connection: Upgrade, close
Set-Cookie: ocm092nlf93j=oa2er026fcd5l8ft1oql6udlth; path=/; secure; HttpOnly; SameSite=Lax,oc_sessionPassphrase=7tfMWosxywqjvOLmDeAMgstVE%2FbmcOxZwT2ey0llqIDKwzAIgoj2GEl8duRVKtFmQW5Ips0YhxNS%2Bbrh%2BU9liiUX7HwJKeMMyQ%2BwDBavms9dXPCmE6yjm8Sjw0ueec5a; path=/; secure; HttpOnly; SameSite=Lax,ocm092nlf93j=3b08b6c9ku1meap3sc4sim6oq6; path=/; secure; HttpOnly; SameSite=Lax,__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax,__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Security-Policy: default-src 'self'; script-src 'self' 'nonce-TnhZZXhwdjhwZHVkREJ1UDNmT3lDQ1JSVEIrM0FaT3JrQVhycTcxalNCQT06ZEd4Vmtlbk56NE91Vm1MbXRyckVXMlZuSjNhQWNkWEIyR3lGM2ZJaUgzMD0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

 

7. Comments


1. General Results, most used to calculate the result

Aname "bmdrive.bombeiros.to.gov.br" is subdomain, public suffix is ".to.gov.br", top-level-domain is ".br", top-level-domain-type is "country-code", Country is Brazil, tld-manager is "Comite Gestor da Internet no Brasil", num .br-domains preloaded: 2181 (complete: 175327)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: bmdrive.bombeiros.to.gov.br has 2 different ip addresses (authoritative).
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: bmdrive.bombeiros.to.gov.br has no ipv6 address.
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
Ahttps://bmdrive.bombeiros.to.gov.br/ 131.72.217.147
302
https://bmdrive.bombeiros.to.gov.br/index.php/login
Correct redirect https to https
Ahttps://bmdrive.bombeiros.to.gov.br/ 187.29.146.147
302
https://bmdrive.bombeiros.to.gov.br/index.php/login
Correct redirect https to https
Ahttps://bmdrive.bombeiros.to.gov.br/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
https://bmdrive.bombeiros.to.gov.br/index.php/login
Correct redirect https to https
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
AGood: every cookie sent via https is marked as secure
AGood: Every cookie has a SameSite Attribute with a correct value Strict/Lax/None
AGood: every https has a Strict Transport Security Header
AGood: HSTS max-age is long enough, 31536000 seconds = 365 days
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Ahttp://bmdrive.bombeiros.to.gov.br/ 131.72.217.147
301
https://bmdrive.bombeiros.to.gov.br/
Correct redirect http - https with the same domain name
Ahttp://bmdrive.bombeiros.to.gov.br/ 187.29.146.147
301
https://bmdrive.bombeiros.to.gov.br/
Correct redirect http - https with the same domain name
Mhttps://131.72.217.147/ 131.72.217.147
400

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://187.29.146.147/ 187.29.146.147
400

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://131.72.217.147/ 131.72.217.147
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://187.29.146.147/ 187.29.146.147
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
XFatal error: Nameserver doesn't support TCP connection: a.dns.br / 2001:12f8:6::10: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns.to.gov.br / 131.72.217.1: Fatal error (0)
XFatal error: Nameserver doesn't support TCP connection: ns.to.gov.br / 131.72.217.20: Fatal error (0)
XFatal error: Nameserver doesn't support TCP connection: ns.to.gov.br / 187.29.146.1: Fatal error (0)
XFatal error: Nameserver doesn't support TCP connection: ns3.to.gov.br / 187.29.146.20: Fatal error (0)
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain bmdrive.bombeiros.to.gov.br, 2 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain bmdrive.bombeiros.to.gov.br, 2 ip addresses, 1 different http results.

2. Header-Checks


3. DNS- and NameServer - Checks

AInfo:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 5 Name Servers.
AInfo:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.ns.to.gov.br (187.29.146.1), ns1.to.gov.br (128.201.16.20), ns2.to.gov.br (131.72.217.1), ns3.to.gov.br (187.29.146.20), ns4.to.gov.br (131.72.217.20)
AGood (1 - 3.0):: An average of 0.4 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 5 different Name Servers found: ns.to.gov.br, ns1.to.gov.br, ns2.to.gov.br, ns3.to.gov.br, ns4.to.gov.br, 5 Name Servers included in Delegation: ns.to.gov.br, ns1.to.gov.br, ns2.to.gov.br, ns3.to.gov.br, ns4.to.gov.br, 5 Name Servers included in 2 Zone definitions: ns.to.gov.br, ns1.to.gov.br, ns2.to.gov.br, ns3.to.gov.br, ns4.to.gov.br, 1 Name Servers listed in SOA.Primary: ns.to.gov.br.
AGood: Only one SOA.Primary Name Server found.: ns.to.gov.br.
AGood: SOA.Primary Name Server included in the delegation set.: ns.to.gov.br.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AInfo: Ipv4-Subnet-list: 9 Name Servers, 3 different subnets (first Byte): 128., 131., 187., 3 different subnets (first two Bytes): 128.201., 131.72., 187.29., 3 different subnets (first three Bytes): 128.201.16., 131.72.217., 187.29.146.
AGood: Name Server IPv4-addresses from different subnet found:
AGood: Nameserver supports TCP connections: 18 good Nameserver
XNameserver Timeout checking Echo Capitalization: a.dns.br / 2001:12f8:6::10
XNameserver Timeout checking Echo Capitalization: b.dns.br
XNameserver Timeout checking Echo Capitalization: ns.to.gov.br / 128.201.16.20
XNameserver Timeout checking Echo Capitalization: ns.to.gov.br / 131.72.217.1
XNameserver Timeout checking Echo Capitalization: ns2.to.gov.br / 131.72.217.1
XNameserver Timeout checking Echo Capitalization: ns4.to.gov.br / 131.72.217.20
XNameserver Timeout checking EDNS512: a.dns.br / 2001:12f8:6::10
XNameserver Timeout checking EDNS512: ns.to.gov.br / 131.72.217.1
XNameserver Timeout checking EDNS512: ns1.to.gov.br / 128.201.16.20
Nameserver doesn't pass all EDNS-Checks: a.dns.br / 2001:12f8:6::10: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: a.dns.br / 2001:12f8:6::10: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: fatal timeout. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 128.201.16.20: OP100: fatal timeout. FLAGS: fatal timeout. V1: ok. V1OP100: ok. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: fatal timeout. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.1: OP100: fatal timeout. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: fatal timeout. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: fatal timeout. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: ok. V1: fatal timeout. V1OP100: ok. V1FLAGS: ok. DNSSEC: fatal timeout. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: fatal timeout. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: fatal timeout. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns1.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns1.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: fatal timeout. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns1.to.gov.br / 128.201.16.20: OP100: ok. FLAGS: ok. V1: fatal timeout. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns2.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns2.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: fatal timeout. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns2.to.gov.br / 131.72.217.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns4.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns4.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: fatal timeout. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns4.to.gov.br / 131.72.217.20: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: fatal timeout. COOKIE: ok. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
AGood: No https + http status 200 with inline CSS / JavaScript found
AGood: Every https result with status 200 has a minified Html-Content with a quota lower then 110 %.
https://bmdrive.bombeiros.to.gov.br/index.php/login
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
AGood: All script Elements (type text/javascript) and src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
Warning: CSS / JavaScript found without Compression. Compress these ressources, gzip, deflate, br are checked. 2 external CSS / JavaScript files without GZip found - 18 with GZip, 20 complete
AGood: All images with internal compression not compressed. Some Images (.png, .jpg, .jpeg, .webp, .gif) are already compressed, so an additional compression isn't helpful. 1 images (type image/png, image/jpg) found without additional GZip. Not required because these images are already compressed
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 0 external CSS / JavaScript files without Cache-Control-Header, 1 with Cache-Control, but no max-age, 1 with Cache-Control max-age too short (minimum 7 days), 18 with Cache-Control long enough, 20 complete.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 0 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 1 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 1 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 1 img-elements without alt-attribute, 0 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 922113 milliseconds, 922.113 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
bmdrive.bombeiros.to.gov.br
bmdrive.bombeiros.to.gov.br
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
bmdrive.bombeiros.to.gov.br
bmdrive.bombeiros.to.gov.br
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain - too much certificates, don't send root certificates

1CN=bmdrive.bombeiros.to.gov.br


2CN=R3, O=Let's Encrypt, C=US


3CN=ISRG Root X1, O=Internet Security Research Group, C=US


bmdrive.bombeiros.to.gov.br
131.72.217.147
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok

bmdrive.bombeiros.to.gov.br
131.72.217.147
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain - too much certificates, don't send root certificates

1CN=bmdrive.bombeiros.to.gov.br


2CN=R3, O=Let's Encrypt, C=US


3CN=ISRG Root X1, O=Internet Security Research Group, C=US


bmdrive.bombeiros.to.gov.br
187.29.146.147
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok

bmdrive.bombeiros.to.gov.br
187.29.146.147
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
No SNI required - domain included in main certificate
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain - too much certificates, don't send root certificates

1CN=bmdrive.bombeiros.to.gov.br


2CN=R3, O=Let's Encrypt, C=US


3CN=ISRG Root X1, O=Internet Security Research Group, C=US


131.72.217.147
131.72.217.147
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok

131.72.217.147
131.72.217.147
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain - too much certificates, don't send root certificates

1CN=bmdrive.bombeiros.to.gov.br


2CN=R3, O=Let's Encrypt, C=US


3CN=ISRG Root X1, O=Internet Security Research Group, C=US


187.29.146.147
187.29.146.147
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok

187.29.146.147
187.29.146.147
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain - too much certificates, don't send root certificates

1CN=bmdrive.bombeiros.to.gov.br


2CN=R3, O=Let's Encrypt, C=US


3CN=ISRG Root X1, O=Internet Security Research Group, C=US

 

9. Certificates

1.
1.
CN=bmdrive.bombeiros.to.gov.br
23.04.2022
22.07.2022
873 days expired
bmdrive.bombeiros.to.gov.br, distec.bombeiros.to.gov.br, eventos.bombeiros.to.gov.br, intranet-homologacao.bombeiros.to.gov.br, intranet.bombeiros.to.gov.br, prevenir-homologacao.bombeiros.to.gov.br, prevenir.bombeiros.to.gov.br, protege.bombeiros.to.gov.br, siocb-homologacao.bombeiros.to.gov.br, siocb.bombeiros.to.gov.br, sistemas.bombeiros.to.gov.br, ws-homo.bombeiros.to.gov.br, ws.bombeiros.to.gov.br - 13 entries
1.
1.
CN=bmdrive.bombeiros.to.gov.br
23.04.2022

22.07.2022
873 days expired


bmdrive.bombeiros.to.gov.br, distec.bombeiros.to.gov.br, eventos.bombeiros.to.gov.br, intranet-homologacao.bombeiros.to.gov.br, intranet.bombeiros.to.gov.br, prevenir-homologacao.bombeiros.to.gov.br, prevenir.bombeiros.to.gov.br, protege.bombeiros.to.gov.br, siocb-homologacao.bombeiros.to.gov.br, siocb.bombeiros.to.gov.br, sistemas.bombeiros.to.gov.br, ws-homo.bombeiros.to.gov.br, ws.bombeiros.to.gov.br - 13 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04D81B72EF4DF12E292E96854EBDD4E3D984
Thumbprint:1956D72BD626B89B82829DA2115374AB55BA7F79
SHA256 / Certificate:d8XS7G6b9AA18OBpl7f4U1JBjKlX3+3uKpRupUqyIhg=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):b75209034246eeee465333407b1eaf35cb2fb0ef43f3f2c15d237688151ed79d
SHA256 hex / Subject Public Key Information (SPKI):b75209034246eeee465333407b1eaf35cb2fb0ef43f3f2c15d237688151ed79d (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 278 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 278 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3827 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3827 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Small Code Update - wait one minute

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Small Code Update - wait one minute

 

11. Html-Content - Entries

Summary


Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://bmdrive.bombeiros.to.gov.br/index.php/login
a

2

0


0
0
0


img

1
161,212 Bytes
0
1
0
0
0
0


link
stylesheet
4
7,899 Bytes
0
4
0
0
0
0


link
other
4
7,062 Bytes
0
3
0
0
0
0


meta
og
6
2,918 Bytes
0
2
0
0
0
0


meta
apple
1

0


0
0
0


meta
other
5

0


0
0
0


script

16
91,725 Bytes
0
16
0
0
0
0

 

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://bmdrive.bombeiros.to.gov.br/index.php/login

a

https://bmdrive.bombeiros.to.gov.br


1
ok















a

https://www.enable-javascript.com/


1
ok















img
src
/index.php/apps/theming/image/logo?useSvg=1&v=52
200

1
ok
no alt-Attributeimage/png
X-Content-Type-Options nosniff found





Cache-Control: private, max-age=3600, must-revalidate - max-age too short.
No Compression - 161212 Bytes








link
apple-touch-icon
/core/img/favicon-touch.png
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 2918 Bytes








link
icon
/core/img/favicon.ico
200

1
ok
image/vnd.microsoft.icon
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 3262 Bytes








link
manifest
/index.php/apps/theming/manifest?v=52


1
ok















link
mask-icon
/core/img/favicon-mask.svg
200

1
ok
image/svg+xml
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 with long duration found.
882 Bytes








link
stylesheet
/apps/files_rightclick/css/app.css?v=46c85d58-52
200

1
ok
text/css
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
199 Bytes






local SRI possible, possible hash-values:

 

sha256-LR87ktdZG2mgbLi9bNqOTS+k7Z67RwSImQeAokI9C7c=
sha384-06AxmrXqmpxvhFBgMJ0ozHn5lNMH8Vx2HfmVpdmpSh7OvLyMN2QA8jBF+D6nwMd/
sha512-mWSSuV5a/ybLeQ8EsD6md/1A6jLfJcmZWaVOrrFgTqYpZMPo94IIpJ2qw686eAWz9VT975u+ylOgmOcVikcmsw==

 

<link rel="stylesheet" href="/apps/files_rightclick/css/app.css?v=46c85d58-52" crossorigin="anonymous" integrity="sha256-LR87ktdZG2mgbLi9bNqOTS+k7Z67RwSImQeAokI9C7c=" />



link
stylesheet
/core/css/guest.css?v=7df69112-52
200

1
ok
text/css
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 5525 Bytes






local SRI possible, possible hash-values:

 

sha256-x50Klzik8DMiyTIu7KoRk3oh+CyzyqOFWUPDswqi8Gw=
sha384-XXrsiqNd3C/ImBU5HTkrcyjrAwwMkTa+5A2stunewfq/fevt+QYk3EXpHd2d0Ui5
sha512-pO7u4HfSyfj2EL5HaRp6zpPgO8Qo1DbNbNn7uVmq+n/nGMl4ApygOw3xDEZv2k233Prse6o/QAS5eqdonrASbw==

 

<link rel="stylesheet" href="/core/css/guest.css?v=7df69112-52" crossorigin="anonymous" integrity="sha256-x50Klzik8DMiyTIu7KoRk3oh+CyzyqOFWUPDswqi8Gw=" />


Content loaded via url("...")

 

../img/actions/caret-white.svg?v=11
../img/actions/checkbox-mark-white.svg1
../img/actions/checkmark-white.svg?v=11
../img/actions/confirm.svg?v=21
../img/actions/confirm-white.svg?v=21
../img/actions/error-white.svg?v=11
../img/actions/info-white.svg?v=21
../img/actions/toggle.svg?v=11
../img/background.png?v=22
../img/loading.gif1
../img/loading-dark.gif1
../img/loading-small.gif1
../img/loading-small-dark.gif1
../img/logo/logo.svg?v=11

link
stylesheet
/index.php/apps/accessibility/css/user-a82fd95db10ff25dfad39f07372ebe37
200

1
ok
text/css;charset=UTF-8
X-Content-Type-Options nosniff found





Cache-Control: max-age=31536000, immutable - with long duration found.
Compression required: 1072 Bytes






local SRI possible, possible hash-values:

 

sha256-oKr7iuyz7KARPCbCUFg3YIh80t7Anc4bZkBYf/uhM2A=
sha384-fRB6H6U2lHLkHF8tgr5ZzjH2gNueEvtd0BIrzy8we0HTlgXPV16Hu2OzOvFYbu3r
sha512-pgQUJ+eyE/16LIWCHfrBGkNK6nelACAwoxb/bdvOJV7VcbzG5skv74mBezEebBA4RPwXe7QDOy0F+352MUfxgA==

 

<link rel="stylesheet" href="/index.php/apps/accessibility/css/user-a82fd95db10ff25dfad39f07372ebe37" crossorigin="anonymous" integrity="sha256-oKr7iuyz7KARPCbCUFg3YIh80t7Anc4bZkBYf/uhM2A=" />


Content loaded via url("...")

 

/apps/accessibility/css/../../../core/img/actions/checkbox-mark-dark.svg1
/apps/accessibility/css/../../../core/img/actions/checkbox-mixed-dark.svg1
/index.php/svg/core/actions/checkbox-mark?color=000&v=11
/index.php/svg/core/actions/more?color=fff&v=11
/index.php/svg/core/actions/search?color=fff&v=11
/index.php/svg/core/actions/settings?color=fff&v=11
/index.php/svg/core/places/contacts?color=fff&v=11

link
stylesheet
/index.php/apps/theming/styles?v=52
200

1
ok
text/css;charset=UTF-8
X-Content-Type-Options nosniff found





Compression required: 1103 Bytes






local SRI possible, possible hash-values:

 

sha256-ifu+0zqCTP6YQewSraNhJsYVRQ1zc7M/ujf9xiRRgaA=
sha384-qHvcBqBB0qPVmvqZPOV1xiTUlWuGJDGkQNElUdMvdntvdT0hgfMgdsJu8JA7XhJC
sha512-vu24o+nxqu8eYeTuhSQQbfjCoMo4qPYx0XRt2nHHsmfV/7IZeHO0DsHmMhhBvVw7MuMEoUdEgYp3bKOgZIDi7A==

 

<link rel="stylesheet" href="/index.php/apps/theming/styles?v=52" crossorigin="anonymous" integrity="sha256-ifu+0zqCTP6YQewSraNhJsYVRQ1zc7M/ujf9xiRRgaA=" />


Content loaded via url("...")

 

./img/core/filetypes/folder.svg?v=521
./img/core/filetypes/folder-drag-accept.svg?v=521
./img/core/filetypes/text.svg?v=521
/apps/theming/css/../../../core/img/actions/confirm.svg1
/apps/theming/css/../../../core/img/actions/search.svg1
/index.php/apps/theming/image/background?v=521
/index.php/apps/theming/image/logo?v=521
/index.php/apps/theming/image/logoheader?v=521

meta
charset
utf-8


1
ok















meta
og:description
Por um Tocantins mais seguro


1
ok















meta
og:image
https://bmdrive.bombeiros.to.gov.br/core/img/favicon-touch.png
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 2918 Bytes








meta
og:site_name
CBM-TO


1
ok















meta
og:title
CBM-TO


1
ok















meta
og:type
website


1
ok















meta
og:url
https://bmdrive.bombeiros.to.gov.br/
302
https://bmdrive.bombeiros.to.gov.br/index.php/login
1
ok
text/html; charset=UTF-8
X-Content-Type-Options nosniff found





0 Bytes








meta
X-UA-Compatible
IE=edge


1
ok















meta
apple-itunes-app
app-id=1125420102


1
ok















meta
robots
noindex, nofollow


1
ok















meta
theme-color
#E0E0E0


1
ok















meta
viewport
width=device-width, initial-scale=1.0, minimum-scale=1.0


1
ok















script
src
/apps/files_rightclick/js/files.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 1268 Bytes






local SRI possible, possible hash-values:

 

sha256-PBi5wM4+pGjuvvG976qVT8bUW98+DeR9DM1+gjzinkU=
sha384-EKmCB+MtdbGlU02AEUgezziw4JM++o02KO4sxGwBWhFCKrCd8clobMWPVkzdHhBP
sha512-tfL4WyzM9iCimzmL51isP3QofGtdLLm2zeDSFUzWdK5axvDQk/NR1sGxZ1Cap4VAuUamipBEmKgdr8C0SWyJtQ==

 

<script src="/apps/files_rightclick/js/files.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-PBi5wM4+pGjuvvG976qVT8bUW98+DeR9DM1+gjzinkU=" />



script
src
/apps/files_rightclick/js/script.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 3219 Bytes






local SRI possible, possible hash-values:

 

sha256-ImP9ubQwKSVs8h7hpXfj1MyRrhUJSSAMBXM7GeHhWRI=
sha384-oz3FeiEkCWUpvcGxFe0lc0vHRHpvgaga6ts9uF5lMHUf/kO+DunGPsgCGKfnUn33
sha512-jDxJYxtP1u8YlX9IvYzR0g/AQrnwi2YYJjZQ108k5kdO47wTn6iccP1QMoXQSvQR1wvMt+PbsFyZIQxfyDVulQ==

 

<script src="/apps/files_rightclick/js/script.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-ImP9ubQwKSVs8h7hpXfj1MyRrhUJSSAMBXM7GeHhWRI=" />



script
src
/apps/files_rightclick/l10n/pt_BR.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
463 Bytes






local SRI possible, possible hash-values:

 

sha256-AwXI+307x0F8hx1KNZPrUfvRF0RqJIHc84NWXTaffgU=
sha384-w38VJ0RGC6EmhwLjWJ3RIE1hw26XlwJMl+08sDy4qLlWjCduQ8G3flzU29DyGID/
sha512-njApwxk8I9HKB7Q9yVVN5TvbRTgFhTE+wrXUSAKJHSNWuGK9zcOJl7kTlD0Pqa8pUZfSn/ePm+n5u0LfkJLghA==

 

<script src="/apps/files_rightclick/l10n/pt_BR.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-AwXI+307x0F8hx1KNZPrUfvRF0RqJIHc84NWXTaffgU=" />



script
src
/apps/files_sharing/js/dist/main.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 590 Bytes






local SRI possible, possible hash-values:

 

sha256-vfIPodoaVABbT9E/zwEOG3ZI9dWGD3I/tEjFknX/kxk=
sha384-7yqnXlZRUXb2nUJ//hbpLfM4KCL+nSoWTMGITeZ8K3sX+wUVSp0VF/Zd4tuCyK8j
sha512-Ze5sv2xhlErIKzuOJFnyW9675/ZYY1V8XygCQPb++3CGdx8c+vxrWX0lskShyx27UjSBzfQGwn7eDtIMka4cMQ==

 

<script src="/apps/files_sharing/js/dist/main.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-vfIPodoaVABbT9E/zwEOG3ZI9dWGD3I/tEjFknX/kxk=" />



script
src
/apps/files_sharing/l10n/pt_BR.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 5181 Bytes






local SRI possible, possible hash-values:

 

sha256-rXLDoJMBaahHozhDelunRCqyVMwoVFs8wJLF8+j1TxQ=
sha384-neuUQbrG6kRAY0UFD/9n4c0oM9UTs4npY+dnAYlkRZz/L6zqWMLfHRkW6vJMCrwz
sha512-5mMJlb3elAhY+jkk8U0/hqOpuRJUvqeLR0CIZpRFv8TvGdEymBx0qipXEzRXvsEcAEwkx8dzcWue9NWazIxbcw==

 

<script src="/apps/files_sharing/l10n/pt_BR.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-rXLDoJMBaahHozhDelunRCqyVMwoVFs8wJLF8+j1TxQ=" />



script
src
/apps/files_videoplayer/js/main.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 2945 Bytes






local SRI possible, possible hash-values:

 

sha256-gYVBnrYXJ+KiKOpB7fv4fM/YRjeCRFz7UBvELokBMvA=
sha384-LYDEtEuz2qacyh1lzqKS86ipnP/bBurZmL7Ikq8rt1L5UDrqLXJOmx7ySUVi/IdM
sha512-pscb0UuhQpOcW+Q9k+Rm4g0bZWRjTm6DXb6nhr8WcLX2m5Dq543qWMkR8L/uFKRZ0NxVJpsefUbm+WGB2ligkg==

 

<script src="/apps/files_videoplayer/js/main.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-gYVBnrYXJ+KiKOpB7fv4fM/YRjeCRFz7UBvELokBMvA=" />



script
src
/apps/theming/js/theming.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
60 Bytes






local SRI possible, possible hash-values:

 

sha256-7E5z5JvKP25SPD39ZuWPoVfIHE2l6z+gzqpYm6jcB4U=
sha384-RgfcEmN83rAzQ22NMxXMt+aycjGGuR1FOu0Lwguj2MOFZ1WIIYPjRA0M3KPXYkv3
sha512-R1ZIFQ46FERE2rH4436ql+eKqBCuI4MIpeSahNGHoovE6BzeJPCFjtzRwr5x+SkADJ+ve9v82W+uKszcTMMpIg==

 

<script src="/apps/theming/js/theming.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-7E5z5JvKP25SPD39ZuWPoVfIHE2l6z+gzqpYm6jcB4U=" />



script
src
/apps/theming/l10n/pt_BR.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 1475 Bytes






local SRI possible, possible hash-values:

 

sha256-UWBnjHq/RojwuUjsnM5OWwjbGRPaFR9PfRzbvE75YiQ=
sha384-3R/CmkMQIzUegbzA8cXUeot5kXJEQLCMiWgSR++tldyJKldQRMvWFZOdDbL8FCXk
sha512-cHQCyoEiCdFmozpg10yV9a6KfcuA5mCxFN7n16i1DdyOyT0YfbZkBMaE1Y1a/88PUFe+spYdWXCGjb1nis3uaw==

 

<script src="/apps/theming/l10n/pt_BR.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-UWBnjHq/RojwuUjsnM5OWwjbGRPaFR9PfRzbvE75YiQ=" />



script
src
/core/js/backgroundjobs.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
608 Bytes






local SRI possible, possible hash-values:

 

sha256-om34eo4gphKuSopt4P36t7/j/Ca5wHLYZdcJ7gdn7+A=
sha384-mQCgjm8D2pLYNnzl94siUw5TmDrhb/tqo7fjm4kiJPf2pD6V/Kqr5Jv0WQqIdEQJ
sha512-9PTZia3K1MRtZNCzqjn7yCnGQLfuuvtaMHhxYD70letD2etn2HAZnNi3iTzfMBM4htWAeKn6Eiq8VjsmgfzX6w==

 

<script src="/core/js/backgroundjobs.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-om34eo4gphKuSopt4P36t7/j/Ca5wHLYZdcJ7gdn7+A=" />



script
src
/core/js/dist/files_client.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 41015 Bytes






local SRI possible, possible hash-values:

 

sha256-u1DGN2Lv45X36jQ3kBz+xonnayZICBNNpTdqn4tdnrE=
sha384-999ongJWpDke+nsXb8LYqn2isVKKRm7SHmSirXOh/LBVRzCBH58otHqMMGGiLaKt
sha512-9LjQQ+OJuuvqwptrpcsVrJnhOOUCxDDXjq6NKgvrx2b+TzsWBlMKn8SD5f+y+EK8ywW9JZJDh8ImsjJOFBDcVw==

 

<script src="/core/js/dist/files_client.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-u1DGN2Lv45X36jQ3kBz+xonnayZICBNNpTdqn4tdnrE=" />



script
src
/core/js/dist/files_fileinfo.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 8606 Bytes






local SRI possible, possible hash-values:

 

sha256-VxEQwuY7FvjNcPRKWWM7GokWZ3LZnvg1BvT8+/GyzDQ=
sha384-NAYaIlLnhbe6MRwurYmXaYCpy2mPN6WcZQPkT5P1mEwOk502gQWG1J2h5unLiZIe
sha512-pnNSsnAFQTnB5yLpIu1gAT3EPpNs8MMdDBe7fj0fWIKyjBBhm0bRZoGRgDbxCGguGc87bEChEhP4HYtv3z7HrA==

 

<script src="/core/js/dist/files_fileinfo.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-VxEQwuY7FvjNcPRKWWM7GokWZ3LZnvg1BvT8+/GyzDQ=" />



script
src
/core/js/dist/login.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 244212 Bytes






local SRI possible, possible hash-values:

 

sha256-2JKe3mRXF6fTs5TWQJ3JjYgdhU4cRuFOm/3/aA/RIKA=
sha384-fZDq2Gst/7UaKPIfBSiWIRN2/OeizaA5BxT51C+cSGWg/UMgRLvXTJLglL9shkP2
sha512-4iGTc9a3V2b21iPW9mjKXYN2qHD6XL/ymOfwl5kSWZjO92eWs8bo34YCS8wYVp1LKQFTmPUVNda9lSnnIrMRGA==

 

<script src="/core/js/dist/login.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-2JKe3mRXF6fTs5TWQJ3JjYgdhU4cRuFOm/3/aA/RIKA=" />



script
src
/core/js/dist/main.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 439876 Bytes






local SRI possible, possible hash-values:

 

sha256-iqZmDrcNOVHgWQxeOuN8f7ZtauT044YfX5HA1OwRKjs=
sha384-rGT8E8nHQdrA+QjSc4CX3CxZVPzpoYUy0paw8aiuPbhNbj2tfx+uGpFe1jGKAgpJ
sha512-LBrvGtvrrPSPld5RdBs88r6qNM73XaEb5rEYYT38c05vhEEj2yME2e8pd1/veunNL7d1t08ucn4+XXvovZtISw==

 

<script src="/core/js/dist/main.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-iqZmDrcNOVHgWQxeOuN8f7ZtauT044YfX5HA1OwRKjs=" />



script
src
/core/l10n/pt_BR.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=15778463 - with long duration found.
Compression required: 19158 Bytes






local SRI possible, possible hash-values:

 

sha256-OklJR+0Eo9XwwvozwK2Fz+1jth6G5bnFOzL5xOwrO2c=
sha384-+vLEZa9AwChb4dMlsMC9aJdQPi6i3hD7nfznwFldE6F5x2tSKWRRJ2Qp/hv3UWbJ
sha512-9CjNjb1C9RpqC/4A3ckRoKCGgOQMG9k9qywRF/4EAgN2C+fmZj2A2ZxlblCt29Ww+wAspEsqz6KgGaMC61ucAw==

 

<script src="/core/l10n/pt_BR.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-OklJR+0Eo9XwwvozwK2Fz+1jth6G5bnFOzL5xOwrO2c=" />



script
src
/index.php/core/js/oc.js?v=7df69112
200

1
ok
defer attribute found text/javascript;charset=UTF-8
X-Content-Type-Options nosniff found





Cache-Control: no-cache, no-store, must-revalidate - max-age missing.
Compression required: 4155 Bytes






local SRI possible, possible hash-values:

 

sha256-OJ6QnGK7EyUWLdkhvteCnRSNEF1qLBJEK/HDHdzb+Uo=
sha384-EefUVhit0ObXsIibm6u1SfzHI1jCI/7NUtvWbKBfvqghjqVHrb5ELX7bkIYh6Z/Q
sha512-0nh3idMjb/nnDc7NR5bTgqPVgYuBkhAHesfWRd1JwXZBktGoxC9fgwp42qdz7bNTpgRSPzHaPWzyIpAsZORhTA==

 

<script src="/index.php/core/js/oc.js?v=7df69112" crossorigin="anonymous" integrity="sha256-OJ6QnGK7EyUWLdkhvteCnRSNEF1qLBJEK/HDHdzb+Uo=" />



script
src
/index.php/js/core/merged-template-prepend.js?v=7df69112-52
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: max-age=31536000, immutable - with long duration found.
Compression required: 2982 Bytes






local SRI possible, possible hash-values:

 

sha256-tbFUZx1lyjU4SRz+mhpt0l1hS68aQ7yDFNdp/ul6oGI=
sha384-/ZsywZK10PI9cBOuQnvlRwO7JPaf658h7z9Ljzva9GsCm8gqB5D/ITBY8UnE8RG/
sha512-z5kReHvCk1JBAUr7a/rOy7ns1rKbJAthPMyKqNIv8V3fSByxPfIu3zy/LYVlSsRTnrGJeEmtfJbSjCpmHk5pmg==

 

<script src="/index.php/js/core/merged-template-prepend.js?v=7df69112-52" crossorigin="anonymous" integrity="sha256-tbFUZx1lyjU4SRz+mhpt0l1hS68aQ7yDFNdp/ul6oGI=" />


 

12. Html-Parsing via https://validator.w3.org/nu/

Small Code update, wait one minute

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns.to.gov.br, ns1.to.gov.br, ns2.to.gov.br, ns3.to.gov.br, ns4.to.gov.br

 

QNr.DomainTypeNS used
1
br
NS
l.root-servers.net (2001:500:9f::42)

Answer: a.dns.br, b.dns.br, c.dns.br, d.dns.br, e.dns.br, f.dns.br
2
ns.to.gov.br: 187.29.146.1
NS
b.dns.br (2001:12f8:8::10)

Answer: ns1.to.gov.br
128.201.16.20

Answer: ns2.to.gov.br
131.72.217.1

Answer: ns3.to.gov.br
187.29.146.20

Answer: ns4.to.gov.br
131.72.217.20

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
bmdrive.bombeiros.to.gov.br



1
0
ws.bombeiros.to.gov.br
0

no CAA entry found
1
0
bombeiros.to.gov.br
0

no CAA entry found
1
0

0

no CAA entry found
1
0
to.gov.br
0

no CAA entry found
1
0

0

no CAA entry found
1
0
gov.br
0

no CAA entry found
1
0

0

no CAA entry found
1
0
br
0

no CAA entry found
1
0

0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
bombeiros.to.gov.br
v=spf1 include:_spf.google.com ~all
ok
1
0
bmdrive.bombeiros.to.gov.br


1
0
_acme-challenge.ws.bombeiros.to.gov.br

Name Error - The domain name does not exist
1
0
_acme-challenge.bmdrive.bombeiros.to.gov.br

Name Error - The domain name does not exist
1
0
_acme-challenge.ws.bombeiros.to.gov.br.ws.bombeiros.to.gov.br

Name Error - The domain name does not exist
1
0
_acme-challenge.bmdrive.bombeiros.to.gov.br.bombeiros.to.gov.br

Name Error - The domain name does not exist
2
1
_acme-challenge.bmdrive.bombeiros.to.gov.br.bmdrive.bombeiros.to.gov.br

Name Error - The domain name does not exist
2
1

 

16. DomainService - Entries

No DomainServiceEntries entries found

 

 

17. Cipher Suites

No Ciphers found

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=260047ee-9acb-4189-ac1d-c458892be609

 

Last Result: https://check-your-website.server-daten.de/?q=bmdrive.bombeiros.to.gov.br - 2022-06-14 00:19:29

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=bmdrive.bombeiros.to.gov.br" target="_blank">Check this Site: bmdrive.bombeiros.to.gov.br</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=bmdrive.bombeiros.to.gov.br