Check DNS, Urls + Redirects, Certificates and Content of your Website




F

Fatal redirect https ⇒ http

Checked:
20.11.2023 07:36:25


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
ceasefiretoday.com
A
23.21.157.88
Ashburn/Virginia/United States (US) - Amazon.com
Hostname: ec2-23-21-157-88.compute-1.amazonaws.com
yes
2
0

A
23.21.234.173
Ashburn/Virginia/United States (US) - Amazon.com
Hostname: ec2-23-21-234-173.compute-1.amazonaws.com
yes
2
0

AAAA

yes


www.ceasefiretoday.com
CNAME
ceasefiretoday.com
yes
1
0

A
23.21.157.88
Ashburn/Virginia/United States (US) - Amazon.com
Hostname: ec2-23-21-157-88.compute-1.amazonaws.com
yes



A
23.21.234.173
Ashburn/Virginia/United States (US) - Amazon.com
Hostname: ec2-23-21-234-173.compute-1.amazonaws.com
yes


*.ceasefiretoday.com
A
66.96.162.139
yes



AAAA

yes



CNAME

yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 46780, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 11.12.2023, 00:00:00 +, Signature-Inception: 20.11.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest 4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=



1 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 03.12.2023, 05:00:00 +, Signature-Inception: 20.11.2023, 04:00:00 +, KeyTag 46780, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46780 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 63246, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 01.12.2023, 17:24:21 +, Signature-Inception: 16.11.2023, 17:19:21 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: ceasefiretoday.com
ceasefiretoday.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "0hdvv9upmd57v24jh5u6kp1vpmrnqqo0" between the hashed NSEC3-owner "0hdvpu9tr6e6q096h7fe0c6g51ibaa4i" and the hashed NextOwner "0hdvvh784kfnct3m8r50gssf9frf9qcn". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 0hdvpu9tr6e6q096h7fe0c6g51ibaa4i.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 26.11.2023, 06:38:49 +, Signature-Inception: 19.11.2023, 05:28:49 +, KeyTag 63246, Signer-Name: com



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q2d6ni4i7eqh8na30ns61o48ul8g5". So that domain name is the Closest Encloser of "ceasefiretoday.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 26.11.2023, 05:26:01 +, Signature-Inception: 19.11.2023, 04:16:01 +, KeyTag 63246, Signer-Name: com



0 DNSKEY RR found




Zone: www.ceasefiretoday.com
www.ceasefiretoday.com
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
ceasefiretoday.com
  ns1.domain.com / 67m45
172.64.52.73
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


  ns2.domain.com / 67m66
172.64.53.117
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.

com
  a.gtld-servers.net / nnn1-par6


  b.gtld-servers.net / nnn1-eltxl1


  c.gtld-servers.net / nnn1-par6


  d.gtld-servers.net / nnn1-par6


  e.gtld-servers.net / nnn1-par6


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-gblon-3


  k.gtld-servers.net / nnn1-gblon-3


  l.gtld-servers.net / nnn1-gblon-3


  m.gtld-servers.net / nnn1-gblon-3


4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1700462155
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:1


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1700462170
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:12


Domain:ceasefiretoday.com
Zone-Name:ceasefiretoday.com
Primary:ns1.domain.com
Mail:dnsadmin.domain.com
Serial:2023101775
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:2


5. Screenshots

Startaddress: https://ceasefiretoday.com/, address used: https://ceasefiretoday.com/, Screenshot created 2023-11-20 07:48:48 +00:0

Mobil (412px x 732px)

476 milliseconds

Screenshot mobile - https://ceasefiretoday.com/
Mobil + Landscape (732px x 412px)

375 milliseconds

Screenshot mobile landscape - https://ceasefiretoday.com/
Screen (1280px x 1680px)

879 milliseconds

Screenshot Desktop - https://ceasefiretoday.com/

Mobile- and other Chrome-Checks

widthheight
visual Viewport396732
content Size3963058

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://ceasefiretoday.com/
23.21.157.88
301
https://ceasefiretoday.com/
0.220
A
content-length: 0
location: https://ceasefiretoday.com/
connection: close

• http://ceasefiretoday.com/
23.21.234.173
301
https://ceasefiretoday.com/
0.220
A
content-length: 0
location: https://ceasefiretoday.com/
connection: close

• http://www.ceasefiretoday.com/
23.21.157.88
301
https://www.ceasefiretoday.com/
0.217
A
content-length: 0
location: https://www.ceasefiretoday.com/
connection: close

• http://www.ceasefiretoday.com/
23.21.234.173
301
https://www.ceasefiretoday.com/
0.233
A
content-length: 0
location: https://www.ceasefiretoday.com/
connection: close

• https://www.ceasefiretoday.com/
23.21.157.88
301
http://ceasefiretoday.com/
Html is minified: 100.00 %
3.750
F
date: Mon, 20 Nov 2023 06:37:25 GMT
server: Apache
location: http://ceasefiretoday.com/
cache-control: max-age=0
expires: Mon, 20 Nov 2023 06:37:25 GMT
content-length: 234
content-type: text/html; charset=iso-8859-1
connection: close

• https://www.ceasefiretoday.com/
23.21.234.173
301
http://ceasefiretoday.com/
Html is minified: 100.00 %
3.780
F
date: Mon, 20 Nov 2023 06:37:29 GMT
server: Apache
location: http://ceasefiretoday.com/
cache-control: max-age=0
expires: Mon, 20 Nov 2023 06:37:29 GMT
content-length: 234
content-type: text/html; charset=iso-8859-1
connection: close

• https://ceasefiretoday.com/
23.21.157.88 GZip used - 12591 / 47132 - 73.29 %
Inline-JavaScript (∑/total): 3/8749 Inline-CSS (∑/total): 2/23331
200

Html is minified: 315.18 %
3.874
B
date: Mon, 20 Nov 2023 06:37:15 GMT
server: Apache
last-modified: Mon, 13 Nov 2023 20:37:56 GMT
etag: "b81c-60a0ea528ac30-gzip"
accept-ranges: bytes
cache-control: max-age=0
expires: Mon, 20 Nov 2023 06:37:15 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 12591
content-type: text/html
connection: close

• https://ceasefiretoday.com/
23.21.234.173 GZip used - 12591 / 47132 - 73.29 %
Inline-JavaScript (∑/total): 3/8749 Inline-CSS (∑/total): 2/23331
200

Html is minified: 315.18 %
3.627
B
date: Mon, 20 Nov 2023 06:37:20 GMT
server: Apache
last-modified: Mon, 13 Nov 2023 20:37:56 GMT
etag: "b81c-60a0ea528ac30-gzip"
accept-ranges: bytes
cache-control: max-age=0
expires: Mon, 20 Nov 2023 06:37:20 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 12591
content-type: text/html
connection: close

• http://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
23.21.157.88
301
https://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.264
A
Visible Content:
content-length: 0
location: https://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
connection: close

• http://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
23.21.234.173
301
https://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.236
A
Visible Content:
content-length: 0
location: https://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
connection: close

• http://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
23.21.157.88
301
https://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.217
A
Visible Content:
content-length: 0
location: https://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
connection: close

• http://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
23.21.234.173
301
https://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.220
A
Visible Content:
content-length: 0
location: https://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
connection: close

• https://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
http://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
3.687
F
Visible Content: Moved Permanently The document has moved here .
date: Mon, 20 Nov 2023 06:37:52 GMT
server: Apache
location: http://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
cache-control: max-age=0
expires: Mon, 20 Nov 2023 06:37:52 GMT
content-length: 303
content-type: text/html; charset=iso-8859-1
connection: close

• https://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/357
404

Html is minified: 250.79 %
3.640
A
Not Found
Visible Content: Page not found Sorry, the requested page could not be found.
date: Mon, 20 Nov 2023 06:37:47 GMT
server: Apache
content-length: 637
content-type: text/html; charset=iso-8859-1
connection: close

• https://23.21.157.88/
23.21.157.88
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/357
404

Html is minified: 250.79 %
3.626
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
small visible content (num chars: 60)
Page not found Sorry, the requested page could not be found.
date: Mon, 20 Nov 2023 06:37:37 GMT
server: Apache
content-length: 637
content-type: text/html; charset=iso-8859-1
connection: close

• https://23.21.234.173/
23.21.234.173
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/357
404

Html is minified: 250.79 %
3.593
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
small visible content (num chars: 60)
Page not found Sorry, the requested page could not be found.
date: Mon, 20 Nov 2023 06:37:42 GMT
server: Apache
content-length: 637
content-type: text/html; charset=iso-8859-1
connection: close

7. Comments


1. General Results, most used to calculate the result

Aname "ceasefiretoday.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 89449 (complete: 231048)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: ceasefiretoday.com has 2 different ip addresses (authoritative).
AGood: Minimal 2 ip addresses per domain name found: www.ceasefiretoday.com has 2 different ip addresses (authoritative).
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: ceasefiretoday.com has no ipv6 address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.ceasefiretoday.com has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):3 complete Content-Type - header (5 urls)
https://ceasefiretoday.com/ 23.21.157.88


Url with incomplete Content-Type - header - missing charset
https://ceasefiretoday.com/ 23.21.234.173


Url with incomplete Content-Type - header - missing charset
Ahttp://ceasefiretoday.com/ 23.21.157.88
301
https://ceasefiretoday.com/
Correct redirect http - https with the same domain name
Ahttp://ceasefiretoday.com/ 23.21.234.173
301
https://ceasefiretoday.com/
Correct redirect http - https with the same domain name
Ahttp://www.ceasefiretoday.com/ 23.21.157.88
301
https://www.ceasefiretoday.com/
Correct redirect http - https with the same domain name
Ahttp://www.ceasefiretoday.com/ 23.21.234.173
301
https://www.ceasefiretoday.com/
Correct redirect http - https with the same domain name
Bhttps://ceasefiretoday.com/ 23.21.157.88
200

Missing HSTS-Header
Bhttps://ceasefiretoday.com/ 23.21.234.173
200

Missing HSTS-Header
Bhttps://www.ceasefiretoday.com/ 23.21.157.88
301

Missing HSTS-Header
Bhttps://www.ceasefiretoday.com/ 23.21.234.173
301

Missing HSTS-Header
Bhttps://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404

Missing HSTS-Header
Bhttps://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
301

Missing HSTS-Header
Fhttps://www.ceasefiretoday.com/ 23.21.157.88
301
http://ceasefiretoday.com/
Wrong redirect https - http - never redirect https to http
Fhttps://www.ceasefiretoday.com/ 23.21.234.173
301
http://ceasefiretoday.com/
Wrong redirect https - http - never redirect https to http
Fhttps://www.ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
301
http://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect https - http - never redirect https to http
Mhttps://23.21.157.88/ 23.21.157.88
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://23.21.234.173/ 23.21.234.173
404

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://23.21.157.88/ 23.21.157.88
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://23.21.234.173/ 23.21.234.173
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain ceasefiretoday.com, 2 ip addresses.
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain www.ceasefiretoday.com, 2 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain ceasefiretoday.com, 2 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain www.ceasefiretoday.com, 2 ip addresses.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.ceasefiretoday.com

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

Fceasefiretoday.com 23.21.157.88
Content-Security-Policy
Critical: Missing Header:
Fceasefiretoday.com 23.21.157.88
X-Content-Type-Options
Critical: Missing Header:
Fceasefiretoday.com 23.21.157.88
Referrer-Policy
Critical: Missing Header:
Fceasefiretoday.com 23.21.157.88
Permissions-Policy
Critical: Missing Header:
Fceasefiretoday.com 23.21.234.173
Content-Security-Policy
Critical: Missing Header:
Fceasefiretoday.com 23.21.234.173
X-Content-Type-Options
Critical: Missing Header:
Fceasefiretoday.com 23.21.234.173
Referrer-Policy
Critical: Missing Header:
Fceasefiretoday.com 23.21.234.173
Permissions-Policy
Critical: Missing Header:

3. DNS- and NameServer - Checks

AInfo:: 7 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 2 Name Servers.
AInfo:: 7 Queries complete, 7 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 3.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 2 different Name Servers found: ns1.domain.com, ns2.domain.com, 2 Name Servers included in Delegation: ns1.domain.com, ns2.domain.com, 2 Name Servers included in 1 Zone definitions: ns1.domain.com, ns2.domain.com, 1 Name Servers listed in SOA.Primary: ns1.domain.com.
AGood: Only one SOA.Primary Name Server found.: ns1.domain.com.
AGood: SOA.Primary Name Server included in the delegation set.: ns1.domain.com.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns1.domain.com, ns2.domain.com
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 2 different Name Servers found
Warning: No Name Server IPv6 address found. IPv6 is the future, so your name servers should be visible via IPv6.: 2 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 2 Name Servers, 1 Top Level Domain: com
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: domain.com
Warning: All Name Servers from the same Country / IP location.: 2 Name Servers, 1 Countries: CA
AInfo: Ipv4-Subnet-list: 2 Name Servers, 1 different subnets (first Byte): 172., 1 different subnets (first two Bytes): 172.64., 2 different subnets (first three Bytes): 172.64.52., 172.64.53.
AGood: Name Server IPv4-addresses from different subnet found:
AGood: Nameserver supports TCP connections: 2 good Nameserver
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 13 good Nameserver
Nameserver doesn't pass all EDNS-Checks: ns1.domain.com / 172.64.52.73: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (67m45). COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns2.domain.com / 172.64.53.117: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (67m66). COOKIE: ok. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 supports GZip.
https://ceasefiretoday.com/ 23.21.157.88
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://ceasefiretoday.com/ 23.21.234.173
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://ceasefiretoday.com/ 23.21.157.88
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://ceasefiretoday.com/ 23.21.234.173
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://ceasefiretoday.com/ 23.21.157.88
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://ceasefiretoday.com/ 23.21.234.173
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
AGood: All script Elements (type text/javascript) and src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
AGood: All CSS / JavaScript files are sent with GZip. That reduces the content of the files. 4 external CSS / JavaScript files found
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 0 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 4 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 4 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
https://ceasefiretoday.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
3.640 seconds
Warning: 404 needs more then one second
https://23.21.157.88/ 23.21.157.88
404
3.626 seconds
Warning: 404 needs more then one second
https://23.21.234.173/ 23.21.234.173
404
3.593 seconds
Warning: 404 needs more then one second
ADuration: 751946 milliseconds, 751.946 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
ceasefiretoday.com
23.21.157.88
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
ceasefiretoday.com
23.21.157.88
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=ceasefiretoday.com

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


ceasefiretoday.com
23.21.234.173
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

ceasefiretoday.com
23.21.234.173
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=ceasefiretoday.com

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


www.ceasefiretoday.com
23.21.157.88
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

www.ceasefiretoday.com
23.21.157.88
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=ceasefiretoday.com

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


www.ceasefiretoday.com
23.21.234.173
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

www.ceasefiretoday.com
23.21.234.173
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=ceasefiretoday.com

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


ceasefiretoday.com
ceasefiretoday.com
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

ceasefiretoday.com
ceasefiretoday.com
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=ceasefiretoday.com

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


www.ceasefiretoday.com
www.ceasefiretoday.com
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

www.ceasefiretoday.com
www.ceasefiretoday.com
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=ceasefiretoday.com

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


23.21.157.88
23.21.157.88
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

23.21.157.88
23.21.157.88
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate
1CN=ip-172-31-86-210.ec2.internal


23.21.234.173
23.21.234.173
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

23.21.234.173
23.21.234.173
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate
1CN=ip-172-31-86-210.ec2.internal


9. Certificates

1.
1.
CN=ceasefiretoday.com
18.10.2023
16.01.2024
151 days expired
ceasefiretoday.com, www.ceasefiretoday.com - 2 entries
1.
1.
CN=ceasefiretoday.com
18.10.2023

16.01.2024
151 days expired
ceasefiretoday.com, www.ceasefiretoday.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:043F331A23454E24F1421A51BA3FCCAAF0D6
Thumbprint:34483FB34B03DF848287170EF2F83B6D37DC5AA8
SHA256 / Certificate:2Kn1DcNoxCo5EWbMSsFFO6l9682e2aCJ1Jo/DpKShQw=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f3f576a47c00a257495212e56db202c909cbcf005a905738ecf07a83dc5d12a3
SHA256 hex / Subject Public Key Information (SPKI):f3f576a47c00a257495212e56db202c909cbcf005a905738ecf07a83dc5d12a3 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 457 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 457 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 4006 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 4006 days


KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


2.
1.
CN=ip-172-31-86-210.ec2.internal
01.04.2021
30.03.2031
expires in 2479 days
ip-172-31-86-210.ec2.internal - 1 entry
2.
1.
CN=ip-172-31-86-210.ec2.internal
01.04.2021

30.03.2031
expires in 2479 days
ip-172-31-86-210.ec2.internal - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:52699FBCA93C76AA159ECABBE0EA4073A5EB916B
Thumbprint:DD1F69ACEAC132DD7159EDA94538C781ED077C67
SHA256 / Certificate:ZPBKYEuz1v+B3bLp1PL3xfudjAe1joGXeRUfKWPZJLY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):52f0d81c49c9750f09c19989dad4b785fed21af7825e368363d65efc513185ae
SHA256 hex / Subject Public Key Information (SPKI):52f0d81c49c9750f09c19989dad4b785fed21af7825e368363d65efc513185ae
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=R3, O=Let's Encrypt, C=US
0
0
1

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
6027662168
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-10-18 01:25:24
2024-01-16 01:25:23
ceasefiretoday.com, www.ceasefiretoday.com - 2 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=R3, O=Let's Encrypt, C=US
0 /0 new
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
10817521220
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-10-17 23:25:24
2024-01-16 00:25:23
ceasefiretoday.com, www.ceasefiretoday.com
2 entries



11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://ceasefiretoday.com/
23.21.157.88
a

19

0


0
0
0


link
stylesheet
1

0
0
1
1
0
0
-1

link
other
3

0
2
0
0
0
0


meta
og
9

0
2
0
0
0
0


meta
other
5

0


0
0
0


script

1

0
0
1
1
0
0
-1

style

1

0


0
0
0

https://ceasefiretoday.com/
23.21.234.173
a

19

0


0
0
0


link
stylesheet
1

0
0
1
1
0
0
-1

link
other
3

0
2
0
0
0
0


meta
og
9

0
2
0
0
0
0


meta
other
5

0


0
0
0


script

1

0
0
1
1
0
0
-1

style

1

0


0
0
0

https://23.21.157.88/
23.21.157.88
meta
other
1

0


0
0
0

https://23.21.234.173/
23.21.234.173
meta
other
1

0


0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://ceasefiretoday.com/
23.21.157.88
a

https://ctt.ac/icLcJ


2
ok








a

https://docs.google.com/document/d/e/2PACX-1vQAdO3MZWjmpNCqNRtyDN72QnMGaYX4jegUhsAMpnMqlJIlrCRXyD2uOgO8Z01Ygfl6YtDVEOLpXeRj/pub


2
ok








a

https://donate.doctorswithoutborders.org/secure/psearch-monthly-tabbed


1
ok








a

https://fcnl.quorum.us/campaign/51886/


1
ok








a

https://pcrf1.app.neoncrm.com/forms/general


1
ok








a

https://petitions.ourcommons.ca/en/Petition/Sign/e-4649


1
ok








a

https://samidoun.net/2023/10/calendar-of-resistance-for-palestine-events-and-actions-around-the-world/


2
ok








a

https://secure.actblue.com/donate/mo-unrwa


1
ok








a

https://sign.moveon.org/petitions/do-everything-you-can-to-stop-all-loss-of-life-now?source=ceasefirenowebsite


1
ok








a

https://www.amnesty.org/en/petition/demand-a-ceasefire-by-all-parties-to-end-civilian-suffering/


1
ok








a

https://www.dsausa.org/no-money-for-massacres-phonebanks/


1
ok








a

https://www.fcnl.org/updates/2023-10/calling-ceasefire-advocacy-toolkit


1
ok








a

https://www.ourcommons.ca/members/en


1
ok








a

https://www.oxfam.org/en/open-call-immediate-ceasefire-occupied-palestinian-territory


1
ok








a

https://www.parliament.uk/get-involved/contact-an-mp-or-lord/contact-your-mp/


1
ok








a

tel:1-202-224-3121


1
ok








link
apple-touch-icon
assets/images/apple-touch-icon.png?v=64130ccd
200

1
ok
, missing X-Content-Type-Options nosniff

10623 Bytes






link
canonical
https://ceasefiretoday.com


1
ok








link
icon
assets/images/favicon.png?v=64130ccd
200

1
ok
, missing X-Content-Type-Options nosniff

3808 Bytes






link
stylesheet
https://fonts.googleapis.com/css2?display=swap&family=Sora:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700
200

1
ok
text/css; charset=utf-8, X-Content-Type-Options nosniff found

GZip: 223/832 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-nPE7s594WrMVZuu53nEM4ZhqJBOwsYZzUG/fOTU0W9M=
sha384-rbwxa8Q0KE2NvdqR7B1PJP8vZLdRYyYVQsGu4zbPab4RlqmWqXtuBsiVHOzE2tmy
sha512-zfl10D57sTWWUnMtbB7U5rf4xfs6hr9H7iGKLmnhpNmOfJBSLQrJG1hcCwdO91oaQGOyeQw7Km7wwEFk1lA1CA==

<link rel="stylesheet" href="https://fonts.googleapis.com/css2?display=swap&family=Sora:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700" crossorigin="anonymous" integrity="sha256-nPE7s594WrMVZuu53nEM4ZhqJBOwsYZzUG/fOTU0W9M=" />



Content loaded via url("...")

https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmScMnn-K.ttf1
https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSdgnn-K.ttf1
https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSdSnn-K.ttf1
https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSe1mX-K.ttf1

meta

utf-8


1
ok








meta
og:description
Resources and action items to call for an end to the violence in Gaza.


1
ok








meta
og:image
https://ceasefiretoday.com/assets/images/share.jpg?v=64130ccd
200

1
ok
, missing X-Content-Type-Options nosniff

55781 Bytes






meta
og:image:height
606


1
ok








meta
og:image:type
image/jpeg


1
ok








meta
og:image:width
1194


1
ok








meta
og:site_name
Ceasefire In Gaza NOW!


1
ok








meta
og:title
Ceasefire In Gaza NOW!


1
ok








meta
og:type
website


1
ok








meta
og:url
https://ceasefiretoday.com
200

1
ok
, missing X-Content-Type-Options nosniff

12591 Bytes






meta
twitter:card
summary_large_image


1
ok








meta
color-scheme
light only


1
ok








meta
description
Resources and action items to call for an end to the violence in Gaza.


1
ok








meta
viewport
width=device-width,initial-scale=1


1
ok








script
src
//www.googletagmanager.com/gtag/js?id=G-P1G9QPXWXY
200

1
ok
async attribute found application/javascript; charset=UTF-8, missing X-Content-Type-Options nosniff

Cache-Control: private, max-age=900 - max-age too short.
GZip: 92110/280369 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-jZsdg0syoDjEA4WQJBNix2wtrDrp8hYtj/21Y79I10Y=
sha384-WuzERel49/Jymr4nSggDecZLgsMytISC8Z6uojHrEqykjuFqW9JvF4tMgAMdMSlP
sha512-tsU0nvI/h2hclnsq0Fn3wvITO6XKmQ0n5nneSEHSsZJjUEN+iBawBIJ5bnj0+A6x55GhbO2H+wtZdJk85wgxZw==

<script src="//www.googletagmanager.com/gtag/js?id=G-P1G9QPXWXY" crossorigin="anonymous" integrity="sha256-jZsdg0syoDjEA4WQJBNix2wtrDrp8hYtj/21Y79I10Y=" />




style

data:image/svg+xml;charset=utf8,%3Csvg%20viewBox%3D%220%200%20512%20512%22%20width%3D%22512%22%20height%3D%22512%22%20version%3D%221.1%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%20%3Cfilter%20id%3D%22noise%22%3E%20%3CfeTurbulence%20type%3D%22fractalNoise%22%20baseFrequency%3D%220.875%22%20result%3D%22noise%22%20%2F%3E%20%3CfeColorMatrix%20type%3D%22matrix%22%20values%3D%220.03125%200%200%200%200%200%200.04296875%200%200%200%200%200%200.05078125%200%200%200%200%200%200.6875%200%22%20%2F%3E%20%3C%2Ffilter%3E%20%3Crect%20filter%3D%22url%28%23noise%29%22%20x%3D%220%22%20y%3D%220%22%20width%3D%22512%22%20height%3D%22512%22%20fill%3D%22transparent%22%20opacity%3D%221%22%20%2F%3E%3C%2Fsvg%3E
Image:
ok







23.21.234.173
a

https://ctt.ac/icLcJ


2
ok








a

https://docs.google.com/document/d/e/2PACX-1vQAdO3MZWjmpNCqNRtyDN72QnMGaYX4jegUhsAMpnMqlJIlrCRXyD2uOgO8Z01Ygfl6YtDVEOLpXeRj/pub


2
ok








a

https://donate.doctorswithoutborders.org/secure/psearch-monthly-tabbed


1
ok








a

https://fcnl.quorum.us/campaign/51886/


1
ok








a

https://pcrf1.app.neoncrm.com/forms/general


1
ok








a

https://petitions.ourcommons.ca/en/Petition/Sign/e-4649


1
ok








a

https://samidoun.net/2023/10/calendar-of-resistance-for-palestine-events-and-actions-around-the-world/


2
ok








a

https://secure.actblue.com/donate/mo-unrwa


1
ok








a

https://sign.moveon.org/petitions/do-everything-you-can-to-stop-all-loss-of-life-now?source=ceasefirenowebsite


1
ok








a

https://www.amnesty.org/en/petition/demand-a-ceasefire-by-all-parties-to-end-civilian-suffering/


1
ok








a

https://www.dsausa.org/no-money-for-massacres-phonebanks/


1
ok








a

https://www.fcnl.org/updates/2023-10/calling-ceasefire-advocacy-toolkit


1
ok








a

https://www.ourcommons.ca/members/en


1
ok








a

https://www.oxfam.org/en/open-call-immediate-ceasefire-occupied-palestinian-territory


1
ok








a

https://www.parliament.uk/get-involved/contact-an-mp-or-lord/contact-your-mp/


1
ok








a

tel:1-202-224-3121


1
ok








link
apple-touch-icon
assets/images/apple-touch-icon.png?v=64130ccd
200

1
ok
, missing X-Content-Type-Options nosniff

10623 Bytes






link
canonical
https://ceasefiretoday.com


1
ok








link
icon
assets/images/favicon.png?v=64130ccd
200

1
ok
, missing X-Content-Type-Options nosniff

3808 Bytes






link
stylesheet
https://fonts.googleapis.com/css2?display=swap&family=Sora:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700
200

1
ok
text/css; charset=utf-8, X-Content-Type-Options nosniff found

GZip: 223/832 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-nPE7s594WrMVZuu53nEM4ZhqJBOwsYZzUG/fOTU0W9M=
sha384-rbwxa8Q0KE2NvdqR7B1PJP8vZLdRYyYVQsGu4zbPab4RlqmWqXtuBsiVHOzE2tmy
sha512-zfl10D57sTWWUnMtbB7U5rf4xfs6hr9H7iGKLmnhpNmOfJBSLQrJG1hcCwdO91oaQGOyeQw7Km7wwEFk1lA1CA==

<link rel="stylesheet" href="https://fonts.googleapis.com/css2?display=swap&family=Sora:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700" crossorigin="anonymous" integrity="sha256-nPE7s594WrMVZuu53nEM4ZhqJBOwsYZzUG/fOTU0W9M=" />



Content loaded via url("...")

https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmScMnn-K.ttf1
https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSdgnn-K.ttf1
https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSdSnn-K.ttf1
https://fonts.gstatic.com/s/sora/v12/xMQOuFFYT72X5wkB_18qmnndmSe1mX-K.ttf1

meta

utf-8


1
ok








meta
og:description
Resources and action items to call for an end to the violence in Gaza.


1
ok








meta
og:image
https://ceasefiretoday.com/assets/images/share.jpg?v=64130ccd
200

1
ok
, missing X-Content-Type-Options nosniff

55781 Bytes






meta
og:image:height
606


1
ok








meta
og:image:type
image/jpeg


1
ok








meta
og:image:width
1194


1
ok








meta
og:site_name
Ceasefire In Gaza NOW!


1
ok








meta
og:title
Ceasefire In Gaza NOW!


1
ok








meta
og:type
website


1
ok








meta
og:url
https://ceasefiretoday.com
200

1
ok
, missing X-Content-Type-Options nosniff

12591 Bytes






meta
twitter:card
summary_large_image


1
ok








meta
color-scheme
light only


1
ok








meta
description
Resources and action items to call for an end to the violence in Gaza.


1
ok








meta
viewport
width=device-width,initial-scale=1


1
ok








script
src
//www.googletagmanager.com/gtag/js?id=G-P1G9QPXWXY
200

1
ok
async attribute found application/javascript; charset=UTF-8, missing X-Content-Type-Options nosniff

Cache-Control: private, max-age=900 - max-age too short.
GZip: 92110/280369 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-jZsdg0syoDjEA4WQJBNix2wtrDrp8hYtj/21Y79I10Y=
sha384-WuzERel49/Jymr4nSggDecZLgsMytISC8Z6uojHrEqykjuFqW9JvF4tMgAMdMSlP
sha512-tsU0nvI/h2hclnsq0Fn3wvITO6XKmQ0n5nneSEHSsZJjUEN+iBawBIJ5bnj0+A6x55GhbO2H+wtZdJk85wgxZw==

<script src="//www.googletagmanager.com/gtag/js?id=G-P1G9QPXWXY" crossorigin="anonymous" integrity="sha256-jZsdg0syoDjEA4WQJBNix2wtrDrp8hYtj/21Y79I10Y=" />




style

data:image/svg+xml;charset=utf8,%3Csvg%20viewBox%3D%220%200%20512%20512%22%20width%3D%22512%22%20height%3D%22512%22%20version%3D%221.1%22%20xmlns%3D%22http%3A%2F%2Fwww.w3.org%2F2000%2Fsvg%22%3E%20%3Cfilter%20id%3D%22noise%22%3E%20%3CfeTurbulence%20type%3D%22fractalNoise%22%20baseFrequency%3D%220.875%22%20result%3D%22noise%22%20%2F%3E%20%3CfeColorMatrix%20type%3D%22matrix%22%20values%3D%220.03125%200%200%200%200%200%200.04296875%200%200%200%200%200%200.05078125%200%200%200%200%200%200.6875%200%22%20%2F%3E%20%3C%2Ffilter%3E%20%3Crect%20filter%3D%22url%28%23noise%29%22%20x%3D%220%22%20y%3D%220%22%20width%3D%22512%22%20height%3D%22512%22%20fill%3D%22transparent%22%20opacity%3D%221%22%20%2F%3E%3C%2Fsvg%3E
Image:
ok







https://23.21.157.88/
23.21.157.88
meta
viewport
width=device-width,initial-scale=1,user-scalable=no


1
ok







https://23.21.234.173/
23.21.234.173
meta
viewport
width=device-width,initial-scale=1,user-scalable=no


1
ok








12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1.domain.com, ns2.domain.com

QNr.DomainTypeNS used
1
com
NS
h.root-servers.net (2001:500:1::53)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ns1.domain.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: lee.ns.cloudflare.com, sarah.ns.cloudflare.com

Answer: lee.ns.cloudflare.com
108.162.193.129, 172.64.33.129, 173.245.59.129, 2606:4700:58::adf5:3b81, 2803:f800:50::6ca2:c181, 2a06:98c1:50::ac40:2181

Answer: sarah.ns.cloudflare.com
108.162.194.218, 162.159.38.218, 172.64.34.218, 2606:4700:50::a29f:26da, 2803:f800:50::6ca2:c2da, 2a06:98c1:50::ac40:22da
3
ns2.domain.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: lee.ns.cloudflare.com, sarah.ns.cloudflare.com

Answer: lee.ns.cloudflare.com
108.162.193.129, 172.64.33.129, 173.245.59.129, 2606:4700:58::adf5:3b81, 2803:f800:50::6ca2:c181, 2a06:98c1:50::ac40:2181

Answer: sarah.ns.cloudflare.com
108.162.194.218, 162.159.38.218, 172.64.34.218, 2606:4700:50::a29f:26da, 2803:f800:50::6ca2:c2da, 2a06:98c1:50::ac40:22da
4
ns1.domain.com: 172.64.52.73
A
lee.ns.cloudflare.com (2606:4700:58::adf5:3b81)
5
ns1.domain.com: No AAAA record found
AAAA
lee.ns.cloudflare.com (2606:4700:58::adf5:3b81)
6
ns2.domain.com: 172.64.53.117
A
lee.ns.cloudflare.com (2606:4700:58::adf5:3b81)
7
ns2.domain.com: No AAAA record found
AAAA
lee.ns.cloudflare.com (2606:4700:58::adf5:3b81)


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.ceasefiretoday.com
-2

Server failure - The name server was unable to process this query due to a problem with the name server
2
0
ceasefiretoday.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
ceasefiretoday.com
v=spf1 ip4:66.96.128.0/18 include:websitewelcome.com ?all
ok
1
0
www.ceasefiretoday.com
v=spf1 ip4:66.96.128.0/18 include:websitewelcome.com ?all
ok
1
0
_acme-challenge.ceasefiretoday.com


1
0
_acme-challenge.www.ceasefiretoday.com

Name Error - The domain name does not exist
1
0
_acme-challenge.ceasefiretoday.com.ceasefiretoday.com

perhaps wrong
1
0
_acme-challenge.www.ceasefiretoday.com.ceasefiretoday.com

perhaps wrong
1
0
_acme-challenge.www.ceasefiretoday.com.www.ceasefiretoday.com

Name Error - The domain name does not exist
1
0


15. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

ceasefiretoday.com
30
mx.ceasefiretoday.com
01ok

A


66.96.140.142
02ok

A


66.96.140.143
02ok

CNAME


00ok
_dmarc
TXT
_dmarc.ceasefiretoday.com

00ok



16. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
ceasefiretoday.com
23.21.157.88
443
5 Ciphers69.68 sec
0 without, 5 FS
100.00 %
ceasefiretoday.com
23.21.234.173
443
5 Ciphers69.78 sec
0 without, 5 FS
100.00 %
www.ceasefiretoday.com
23.21.157.88
443
5 Ciphers67.90 sec
0 without, 5 FS
100.00 %
www.ceasefiretoday.com
23.21.234.173
443
5 Ciphers69.40 sec
0 without, 5 FS
100.00 %
Complete

4
20 Ciphers276.75 sec69.19 sec/Check
0 without, 20 FS
100.00 %

Details
DomainIPPortCipher (OpenSsl / IANA)
ceasefiretoday.com
23.21.157.88
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
5 Ciphers, 69.68 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD



DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DH
RSA
AESGCM(128)
AEAD

23.21.234.173
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
5 Ciphers, 69.78 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD



DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DH
RSA
AESGCM(128)
AEAD
www.ceasefiretoday.com
23.21.157.88
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
5 Ciphers, 67.90 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD



DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DH
RSA
AESGCM(128)
AEAD

23.21.234.173
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
5 Ciphers, 69.40 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD



DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DH
RSA
AESGCM(128)
AEAD


17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=9ac5c6e1-e851-4615-b7dc-8e0e2af1d4c7


Last Result: https://check-your-website.server-daten.de/?q=ceasefiretoday.com - 2023-11-20 07:36:25


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=ceasefiretoday.com" target="_blank">Check this Site: ceasefiretoday.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro