Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

Top config

Checked:
18.07.2022 12:49:08

Older results

No older results found

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
gitlab.sphaera.ru	A	85.117.232.63 Moscow/Russia (RU) - Sfera, JSC No Hostname found	yes	1	0
	AAAA		yes
www.gitlab.sphaera.ru		Name Error	yes	1	0
*.sphaera.ru	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes
*.gitlab.sphaera.ru	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 20826, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.08.2022, 00:00:00 +, Signature-Inception: 11.07.2022, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: ru
ru	1 DS RR in the parent zone found


	DS with Algorithm 8, KeyTag 33257, DigestType 2 and Digest ZBoLoCehAn0v0XtXQ5MYBO67MpuLUUo1fR7ykPFZ158=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner ru., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 31.07.2022, 05:00:00 +, Signature-Inception: 18.07.2022, 04:00:00 +, KeyTag 20826, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20826 used to validate the DS RRSet in the parent zone


	3 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 33257, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 53436, Flags 256


	Public Key with Algorithm 8, KeyTag 53643, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner ru., Algorithm: 8, 1 Labels, original TTL: 345600 sec, Signature-expiration: 04.08.2022, 00:00:00 +, Signature-Inception: 15.07.2022, 00:00:00 +, KeyTag 33257, Signer-Name: ru


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 33257 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 33257, DigestType 2 and Digest "ZBoLoCehAn0v0XtXQ5MYBO67MpuLUUo1fR7ykPFZ158=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: sphaera.ru
sphaera.ru	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "0iprkd38slb63qp0tvh7g7kf7ckntf1f" between the hashed NSEC3-owner "0ioh6jfan48d664vrm75juiqgllrddnv" and the hashed NextOwner "0iu5v0dga8abbh4gtl23leo0tf950fhp". So the parent zone confirmes the not-existence of a DS RR. Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 0ioh6jfan48d664vrm75juiqgllrddnv.ru., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 11.08.2022, 23:05:17 +, Signature-Inception: 12.07.2022, 08:18:07 +, KeyTag 53643, Signer-Name: ru


	DS-Query in the parent zone sends valid NSEC3 RR with the Hash "tdui9d4jkuds8b9t86gj39pgflcnlgm5" as Owner. That's the Hash of "ru" with the NextHashedOwnerName "te33kgtaqu9m5crq3ibsilqu11gfgttt". So that domain name is the Closest Encloser of "sphaera.ru". Opt-Out: True. Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner tdui9d4jkuds8b9t86gj39pgflcnlgm5.ru., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 11.08.2022, 14:39:13 +, Signature-Inception: 12.07.2022, 08:18:07 +, KeyTag 53643, Signer-Name: ru


	0 DNSKEY RR found




Zone: gitlab.sphaera.ru
gitlab.sphaera.ru	0 DS RR in the parent zone found


	0 DNSKEY RR found




Zone: www.gitlab.sphaera.ru
www.gitlab.sphaera.ru	0 DS RR in the parent zone found

3. Name Servers

Domain	Nameserver	NS-IP
www.gitlab.sphaera.ru	• ns3-l2.nic.ru
gitlab.sphaera.ru	• ns3-l2.nic.ru / ns3-l2.nic.ru	193.232.146.1 Moscow/Russia (RU) - JSC "RU-CENTER"	•
sphaera.ru	• ns3-l2.nic.ru / ns3-l2.nic.ru	193.232.146.1 Moscow/Russia (RU) - JSC "RU-CENTER"	•
	• ns4-cloud.nic.ru / nscloud1-4.reg.ru	89.104.95.34 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.95.33 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.95.30 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.93.34 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.93.33 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.93.30 Moscow/Russia (RU) - Ru-Center	•
	•	194.67.73.81 Moscow/Russia (RU) - "Domain names registrar REG.RU", Ltd	•
	•	194.67.73.79 Moscow/Russia (RU) - "Domain names registrar REG.RU", Ltd	•
	• ns4-l2.nic.ru / nscache-dp04.prod.int.nic.ru	91.217.20.20 Moscow/Russia (RU) - JSC "RU-CENTER"	•
	• ns8-cloud.nic.ru / nscloud1-6.reg.ru	89.104.95.36 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.95.35 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.95.31 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.93.36 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.93.35 Moscow/Russia (RU) - Ru-Center	•
	•	89.104.93.31 Moscow/Russia (RU) - Ru-Center	•
	•	194.67.73.82 Moscow/Russia (RU) - "Domain names registrar REG.RU", Ltd	•
	•	194.67.73.80 Moscow/Russia (RU) - "Domain names registrar REG.RU", Ltd	•
	• ns8-l2.nic.ru / nscache-ct04.prod.int.nic.ru	91.217.21.20 Moscow/Russia (RU) - JSC "RU-CENTER"	•
ru	• a.dns.ripn.net / gamma-m9-ns5.ripn.net		•
	• b.dns.ripn.net / gamma-spb.ripn.net		•
	• d.dns.ripn.net / tau-lax.ripn.net		•
	• e.dns.ripn.net / gamma-ekt.ripn.net		•
	• f.dns.ripn.net		•

4. SOA-Entries

Domain:	ru
Zone-Name:	ru
Primary:	a.dns.ripn.net
Mail:	hostmaster.ripn.net
Serial:	4052122
Refresh:	86400
Retry:	14400
Expire:	2592000
TTL:	3600
num Entries:	5

Domain:	sphaera.ru
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	1

Domain:	sphaera.ru
Zone-Name:	sphaera.ru
Primary:	ns3-l2.nic.ru
Mail:	sphaera.sphaera.ru
Serial:	65012786
Refresh:	3600
Retry:	1800
Expire:	2592000
TTL:	600
num Entries:	18

Domain:	gitlab.sphaera.ru
Zone-Name:	sphaera.ru
Primary:	ns3-l2.nic.ru
Mail:	sphaera.sphaera.ru
Serial:	65012786
Refresh:	3600
Retry:	1800
Expire:	2592000
TTL:	600
num Entries:	1

Domain:	www.gitlab.sphaera.ru
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	1

5. Screenshots

Startaddress: https://gitlab.sphaera.ru/users/sign_in, address used: https://gitlab.sphaera.ru/users/sign_in, Screenshot created 2022-07-18 12:52:20 +00:0

Mobil (412px x 732px)

459 milliseconds

Screenshot mobile - https://gitlab.sphaera.ru/users/sign_in

Mobil + Landscape (732px x 412px)

442 milliseconds

Screenshot mobile landscape - https://gitlab.sphaera.ru/users/sign_in

Screen (1280px x 1680px)

2276 milliseconds

Screenshot Desktop - https://gitlab.sphaera.ru/users/sign_in

Mobile- and other Chrome-Checks

	width	height
visual Viewport	396	732
content Size	396	761

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://gitlab.sphaera.ru/ 85.117.232.63	302	https://gitlab.sphaera.ru/	0.150	A
Date: Mon, 18 Jul 2022 10:51:20 GMT
Connection: close
Content-Length: 0
Location: https://gitlab.sphaera.ru/

• https://gitlab.sphaera.ru/ 85.117.232.63	302	https://gitlab.sphaera.ru/users/sign_in Html is minified: 100.00 %	4.403	A
Connection: close
Content-Length: 105
Date: Mon, 18 Jul 2022 10:51:21 GMT
Location: https://gitlab.sphaera.ru/users/sign_in
Content-Type: text/html; charset=utf-8
Server: nginx
Cache-Control: no-cache
Pragma: no-cache
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01G88EY674JN67BBQNWJGYT9BA
X-Runtime: 0.013702
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin

• https://gitlab.sphaera.ru/users/sign_in No Compression used - 9266 / 28472 - 32.54 % possible Inline-JavaScript (∑/total): 3/543 Inline-CSS (∑/total): 1/18040	200	Html is minified: 292.71 % Other inline scripts (∑/total): 3/543	4.227	A
small visible content (num chars: 387) GitLab A complete DevOps platform GitLab is a single application for the entire software development lifecycle. From project planning and source code management to CI/CD, monitoring, and security. This is a self-managed instance of GitLab. Sphaera AD Standard Sphaera AD Username Password Remember me Username or email Password Remember me Forgot your password? Explore Help About GitLab
Connection: close
Transfer-Encoding: chunked
Date: Mon, 18 Jul 2022 10:51:32 GMT
Content-Type: text/html; charset=utf-8
Etag: W/"b6bf90e0c750e7e998026267ce545879"
Server: nginx
Vary: Accept-Encoding,Accept
Cache-Control: max-age=0, private, must-revalidate
Content-Security-Policy:
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Set-Cookie: _gitlab_session=959acf086c264904bd4923c8631d35bf; path=/; expires=Mon, 18 Jul 2022 12:51:32 GMT; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01G88EYHGTCG003Y2QPCC4SKA4
X-Runtime: 0.043675
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin

• http://gitlab.sphaera.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 85.117.232.63	302	https://gitlab.sphaera.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.147	A
Visible Content:
Date: Mon, 18 Jul 2022 10:51:26 GMT
Connection: close
Content-Length: 0
Location: https://gitlab.sphaera.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

• https://gitlab.sphaera.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	302	https://gitlab.sphaera.ru/users/sign_in Html is minified: 100.00 % Other inline scripts (∑/total): 0/0	3.870	A
Visible Content: You are being redirected .
Connection: close
Content-Length: 105
Date: Mon, 18 Jul 2022 10:51:37 GMT
Location: https://gitlab.sphaera.ru/users/sign_in
Content-Type: text/html; charset=utf-8
Server: nginx
Cache-Control: no-cache
Permissions-Policy: interest-cohort=()
Pragma: no-cache
Set-Cookie: _gitlab_session=b83243a8020e905c6e6908f89b9e1ae0; path=/; expires=Mon, 18 Jul 2022 12:51:37 GMT; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: DENY
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 01G88EYPD0VY0Q4ZSDCXSJ88AF
X-Runtime: 0.015513
X-Ua-Compatible: IE=edge
X-Xss-Protection: 1; mode=block
Strict-Transport-Security: max-age=63072000
Referrer-Policy: strict-origin-when-cross-origin

• https://85.117.232.63/ 85.117.232.63 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/1296	403	Html is minified: 185.79 % Other inline scripts (∑/total): 0/0	4.297	N
Forbidden ( The server denied the specified Uniform Resource Locator (URL). Contact the server administrator. )
Certificate error: RemoteCertificateNameMismatch
Connection: close
Pragma: no-cache
Cache-Control: no-cache
Content-Type: text/html
Content-Length: 3151

7. Comments

	1. General Results, most used to calculate the result
A	name "gitlab.sphaera.ru" is subdomain, public suffix is ".ru", top-level-domain is ".ru", top-level-domain-type is "country-code", Country is Russian Federation (the), tld-manager is "Coordination Center for TLD RU", num .ru-domains preloaded: 1928 (complete: 175327)
A	Good: All ip addresses are public addresses
	Warning: Only one ip address found: gitlab.sphaera.ru has only one ip address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: gitlab.sphaera.ru has no ipv6 address.
A	Good: No asked Authoritative Name Server had a timeout
A	DNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
A	https://gitlab.sphaera.ru/ 85.117.232.63	302	https://gitlab.sphaera.ru/users/sign_in	Correct redirect https to https
A	https://gitlab.sphaera.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	302	https://gitlab.sphaera.ru/users/sign_in	Correct redirect https to https
A	Good: destination is https
A	Good - only one version with Http-Status 200
A	Good: one preferred version: non-www is preferred
A	Good: No cookie sent via http.
A	Good: every cookie sent via https is marked as secure
A	Good: Every cookie has a SameSite Attribute with a correct value Strict/Lax/None
	HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
A	Good: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):1 complete Content-Type - header (2 urls)
	https://85.117.232.63/ 85.117.232.63			Url with incomplete Content-Type - header - missing charset
A	http://gitlab.sphaera.ru/ 85.117.232.63	302	https://gitlab.sphaera.ru/	Correct redirect http - https with the same domain name
M	https://85.117.232.63/ 85.117.232.63	403		Misconfiguration - main pages should never send http status 400 - 499
N	https://85.117.232.63/ 85.117.232.63	403		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain gitlab.sphaera.ru, 1 ip addresses, 1 different http results.
	2. Header-Checks
	3. DNS- and NameServer - Checks
A	Info:: 16 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 5 Name Servers.
A	Info:: 16 Queries complete, 16 with IPv6, 0 with IPv4.
A	Good: All DNS Queries done via IPv6.
	Ok (4 - 8):: An average of 3.2 queries per domain name server required to find all ip addresses of all name servers.
A	Info:: 5 different Name Servers found: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru, 5 Name Servers included in Delegation: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru, 5 Name Servers included in 1 Zone definitions: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru, 1 Name Servers listed in SOA.Primary: ns3-l2.nic.ru.
A	Good: Only one SOA.Primary Name Server found.: ns3-l2.nic.ru.
A	Good: SOA.Primary Name Server included in the delegation set.: ns3-l2.nic.ru.
A	Good: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru
A	Good: All Name Server Domain Names have a Public Suffix.
A	Good: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
A	Good: All Name Server ip addresses are public.
A	Good: Minimal 2 different name servers (public suffix and public ip address) found: 5 different Name Servers found
	Warning: No Name Server IPv6 address found. IPv6 is the future, so your name servers should be visible via IPv6.: 5 different Name Servers found
	Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 5 Name Servers, 1 Top Level Domain: ru
	Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: nic.ru
	Warning: All Name Servers from the same Country / IP location.: 5 Name Servers, 1 Countries: RU
A	Info: Ipv4-Subnet-list: 19 Name Servers, 4 different subnets (first Byte): 193., 194., 89., 91., 4 different subnets (first two Bytes): 193.232., 194.67., 89.104., 91.217., 6 different subnets (first three Bytes): 193.232.146., 194.67.73., 89.104.93., 89.104.95., 91.217.20., 91.217.21.
A	Good: Name Server IPv4-addresses from different subnet found:
A	Good: Nameserver supports TCP connections: 1 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 1 good Nameserver
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 1 good Nameserver
A	Good: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 1 good Nameserver
	Nameserver doesn't pass all EDNS-Checks: ns3-l2.nic.ru: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	4. Content- and Performance-critical Checks
	https://gitlab.sphaera.ru/users/sign_in	200		Warning: https result with status 200 and size greater then 1024 Bytes without Compression found. Add Compression support (gzip, deflate, br - these are checked) so the html content is compressed.
	https://gitlab.sphaera.ru/users/sign_in	200		Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
	https://gitlab.sphaera.ru/users/sign_in	200		Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
	https://gitlab.sphaera.ru/users/sign_in	200		Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
A	Good: All script Elements (type text/javascript) and src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
	Warning: CSS / JavaScript found without Compression. Compress these ressources, gzip, deflate, br are checked. 8 external CSS / JavaScript files without GZip found - 0 with GZip, 8 complete
	Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 0 external CSS / JavaScript files without Cache-Control-Header, 8 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 8 complete.
	Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 1 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 1 complete.
A	Good: All checked attribute values are enclosed in quotation marks (" or ').
A	Good: All img-elements have a valid alt-attribute.: 1 img-elements found.
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
A	Duration: 202017 milliseconds, 202.017 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

gitlab.sphaera.ru

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

supported

gitlab.sphaera.ru

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

supported

no http/2 via ALPN

Tls.1.2
Tls.1.1
Tls.1.0

no http/2 via ALPN

Tls.1.2
Tls.1.1
Tls.1.0

Chain (complete)	1	CN=sphaera.ru
	2	CN=R3, O=Let's Encrypt, C=US

gitlab.sphaera.ru

85.117.232.63

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

supported

gitlab.sphaera.ru

85.117.232.63

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

supported

no http/2 via ALPN
No SNI required - domain included in main certificate

Tls.1.2
Tls.1.1
Tls.1.0

no http/2 via ALPN
No SNI required - domain included in main certificate

Tls.1.2
Tls.1.1
Tls.1.0

Chain (complete)	1	CN=sphaera.ru
	2	CN=R3, O=Let's Encrypt, C=US

85.117.232.63

443

name does not match

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

supported

85.117.232.63

443

name does not match

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

supported

no http/2 via ALPN
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0

no http/2 via ALPN
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0

Chain (complete)	1	CN=sphaera.ru
	2	CN=R3, O=Let's Encrypt, C=US

9. Certificates

CN=sphaera.ru

15.07.2022

13.10.2022
942 days expired

*.sphaera.ru, sphaera.ru - 2 entries

CN=sphaera.ru

15.07.2022

13.10.2022
942 days expired

*.sphaera.ru, sphaera.ru - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	04736D1D09D0A2DCA1704DDBA3AD5DEC31FF
Thumbprint:	C6526EFA5CBC8D682BD3F13A90F376995C8331F1
SHA256 / Certificate:	aQIbGSje9AKRLdL1Pf/jhCNySQVyJN1eEYQyTj/a+F0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	6bca36c677fd4063d09416effb472feb8e60f30fffbe7db5c15bebd9f8dd7c21
SHA256 hex / Subject Public Key Information (SPKI):	6bca36c677fd4063d09416effb472feb8e60f30fffbe7db5c15bebd9f8dd7c21 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://r3.o.lencr.org
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 126 days

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 126 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:	A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:	Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 3675 days

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 3675 days

Keyalgorithm	RSA encryption (4096 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	008210CFB0D240E3594463E0BB63828B00
Thumbprint:	CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:	lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):	96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Small Code Update - wait one minute

11. Html-Content - Entries

Summary

							Subresource Integrity (SRI)
Domainname	HtmlElement	rel/property	∑	∑ size	∑ problems	∑ int.	∑ ext.	∑ Origin poss.	∑ SRI ParseErrors	∑ SRI valid	∑ SRI missing
https://gitlab.sphaera.ru/users/sign_in	a		6		0			0	0	0
	form		2	105 Bytes	0	2	0	0	0	0
	link	stylesheet	3	829,380 Bytes	0	3	0	0	0	0
	link	other	10	847,002 Bytes	0	9	0	0	0	0
	meta	og	8	3,616 Bytes	0	2	0	0	0	0
	meta	other	15	4,328 Bytes	0	1	0	0	0	0
	script		5	941,831 Bytes	0	5	0	0	0	0
https://85.117.232.63/ 85.117.232.63	img		1		0			0	0	0
	meta	other	1		0			0	0	0
	style		4		0			0	0	0

Details (currently limited to 500 rows - some problems with spam users)

Domainname

Html-Element

name/equiv/ property/rel

href/src/content

HttpStatus

msg

∑

Status

https://gitlab.sphaera.ru/users/sign_in

#ldapmain

#login-pane

/explore

/help

/users/password/new

https://about.gitlab.com

form

post

/users/auth/ldapmain/callback

302

https://gitlab.sphaera.ru/users/sign_in

text/html; charset=utf-8
X-Content-Type-Options nosniff found

105 Bytes

form

post

/users/sign_in

200

text/html; charset=utf-8
X-Content-Type-Options nosniff found

28472 Bytes

link

apple-touch-icon

/assets/touch-icon-ipad-a6eec6aeb9da138e507593b464fdac213047e49d3093fc30e90d9a995df83ba3.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 2465 Bytes

link

apple-touch-icon

/assets/touch-icon-ipad-retina-8ebe416f5313483d9c1bc772b5bbe03ecad52a54eba443e5215a22caed2a16a2.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 5662 Bytes

link

apple-touch-icon

/assets/touch-icon-iphone-5a9cee0e8a51212e70b90c87c12f382c428870c0ff67d1eb034d884b78d2dae7.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 1949 Bytes

link

apple-touch-icon

/assets/touch-icon-iphone-retina-72e2aadf86513a56e050e7f0f2355deaa19cc17ed97bbe5147847f2748e5a3e3.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 3460 Bytes

link

mask-icon

/assets/logo-d36b5212042cebc89b96df4bf6ac24e43db316143e89926c0db839ff694d2de4.svg

200

image/svg+xml
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 2475 Bytes

link

preload

/assets/application_utilities-9856e36a68dc266437560c856c958206733ce2b1c98e6ff67cec523006616702.css

200

text/css; charset=utf-8
X-Content-Type-Options nosniff found

Compression required: 93336 Bytes

link

preload

/assets/application-8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353.css

200

text/css; charset=utf-8
X-Content-Type-Options nosniff found

Compression required: 727079 Bytes

link

preload

/assets/highlight/themes/white-908e5b573e957d2f33c4980b155592e27d2a3ed7076866f2a486fedf0b4337f0.css

200

text/css; charset=utf-8
X-Content-Type-Options nosniff found

Compression required: 8965 Bytes

link

/search/opensearch.xml

link

shortcut icon

/assets/favicon-7901bd695fb93edb07975966062049829afb56cf11511236e61bcf425070e36e.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 1611 Bytes

link

stylesheet

/assets/application_utilities-9856e36a68dc266437560c856c958206733ce2b1c98e6ff67cec523006616702.css

200

text/css; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 93336 Bytes

local SRI possible, possible hash-values:

sha256-mFbjamjcJmQ3VgyFbJWCBnM84rHJjm/2fOxSMAZhZwI=
sha384-f9VzKTh4DZud6Qs6gLKdKazFRuggtcOtYBfXgaqt/6iYjUwMdgd4tfwQi5Vra1nc
sha512-nuniUfMHIQ/Xc4mAr2pzYDhAQ/XuUXka3MnSjQZARjdMjo2cArg2SdyrtCfFwGJA8B35ZoUiYancPCeG/CHj/w==

Content loaded via url("...")

data:image/svg+xml;utf8,<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path fill-rule="evenodd" d="M10.707 7.293a1 1 0 0 1 0 1.414l-3 3a1 1 0 0 1-1.414-1.414L8.586 8 6.293 5.707a1 1 0 0 1 1.414-1.414l3 3z"/></svg>	2

data:image/svg+xml;utf8,<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path fill-rule="evenodd" d="M5.293 7.293a1 1 0 0 0 0 1.414l3 3a1 1 0 0 0 1.414-1.414L7.414 8l2.293-2.293a1 1 0 0 0-1.414-1.414l-3 3z"/></svg>	2

data:image/svg+xml;utf8,<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path fill-rule="evenodd" d="M7.293 10.707a1 1 0 0 0 1.414 0l3-3a1 1 0 0 0-1.414-1.414L8 8.586 5.707 6.293a1 1 0 0 0-1.414 1.414l3 3z"/></svg>	6

link

stylesheet

/assets/application-8b78708916f28aa9e54dacf9c9c08d720837ce78d8260c36c0f828612567d353.css

200

text/css; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 727079 Bytes

local SRI possible, possible hash-values:

sha256-nnoL5kMV3ClHJ/ZfGc1DfTnGOLD7yVXD3xepxwpE2S4=
sha384-7R97tiN6EjaBd46EtIil3IUdvyetixaFLD5kOSptD6X8TY2xOjVETslQlOr3YamE
sha512-UwgJzIohn3c2XdkFi8lyuv4ZZl13W54rSRuMWTKF79h364zIH8M3kwnV6iu6UyTC5S3UxX71iLvW/D8pVXPNKQ==

Content loaded via url("...")

./checkmark-10859545577c4790e4fc67ed0a112cedc0af8260b6d24a500d70ef5a01737b2e.png

./icon_anchor-297aa9b0225eff3d6d0da74ce042a0ed5575b92aa66b7109a5e060a795b42e36.svg

./icons-stacked-f55b5152b1b2d03ec4f8ea2eb2d4357a3a3d344c70df055648e44148b71ed95c.svg#comment

./icons-stacked-f55b5152b1b2d03ec4f8ea2eb2d4357a3a3d344c70df055648e44148b71ed95c.svg#doc-versions

./icons-stacked-f55b5152b1b2d03ec4f8ea2eb2d4357a3a3d344c70df055648e44148b71ed95c.svg#link

./illustrations/image_comment_light_cursor@2x-6eb274d388a8bbdbdaeee008afc79ef9dab89fb7d5409cd08739ae08059a3ce4.svg

./illustrations/image_comment_light_cursor-c587347a929a56f8b4d78d991607598f69daef0bcc58e972cabcb72ed96663d2.svg

./onion_skin_sprites-5c13bf92d3d6bdf19bba75b00fee5b492a43bec51bf78a01ba158b0ad099a48b.gif

./swipemode_sprites-522fecbb380f3edfa9b09006e88a51fbcb5c26d95dba87d2e09a363a863cd4e4.gif

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAeCAYAAAAsEj5rAAAAU0lEQVR42u3VOwoAMAgE0dwfAnNjU26bYkBCFGwfiL9VVWoO+BJ4Gf3gtsEKKoFBNTCoCAYVwaAiGNQGMUHMkjGbgjk2mIONuXo0nC8XnCf1JXgArVIZAQh5TKYAAAAASUVORK5CYII=	1

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABQAAAAeCAYAAAAsEj5rAAAAUklEQVR42u3VMQoAIBADQf8Pgj+OD9hG2CtONJB2ymQkKe0HbwAP0xucDiQWARITIDEBEnMgMQ8S8+AqBIl6kKgHiXqQqAeJepBo/z38J/U0uAHlaBkBl9I4GwAAAABJRU5ErkJggg==	1

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABwAAAAcCAYAAAByDd+UAAAFu0lEQVRIia1WTahkVxH+quqce7vf6zdvJpHoIlkYJ2SiJiIokmQjgoGgIAaEIYuYXWICgojiwkmC4taFwhjcyIDusogEIwwiSSCKPwsdwzAg0SjJ9Izzk5n3+nXfe8+pqizOvd395scfsJqi6dPnnDr11Vc/NJ1OwUTosqJLCmYCHCAC2mSHs+ojZv6AO46Y+20AhIneJsafhPhXVZSXDk7qi+aOLhtQNuBmQtcarAKjTXpn2+l3u2yPunvZSABRucjcAV/eMZuM48/Go/g1d19kc4wq+e8MZjWkbI/P5t2P3RFFbv7SQdyBlBUx8N8OTuqjMcof+N94yMPrY2DMm/ytnb32J0QrY+6AqsHM4Q64O9SKDmerKDD3Oy/tNL9vk342CC8RuU6n0ymCMHb22scu7zQngtASOjUHE1BX4UUAv4b7Ow6qiXCXuz/UdvogAAweDY943/b4cAz0ZlYHXeMsnT07RVb7wMUr8ykI4H5HVkMd5Rcb4/jNURVOL5qErAaAUUdCCIJ5kx5q2nw8m39ImEAAsjpE6PStB0YfMcd1wqqG3Xn7A3PfZyyKnNjaqD4fmE/fCNKshirIyY1xvI+Av6g5QIAIIWX7cJPssboSiBBEeKmsZne0Sb8kzAUWNYyq8NvbDo0fZ6beqxuLmqOOMr/lwOh+YXpXtbjERGja9JyZ9+HxpXKb9Gj5oywRESbj+Cj1ENG1QViTGBl1FbC1We1tbVRfHWIoQkhqH9xbpE92XUbb6VJZ1R4crjRz1JWcDMJvLdoMcyAEhjuwHo8Bfndg3mbszhOY+adVlMtD3po51OwzIQiEaams7oeJhxRw1FFOVpFRRUYIhMBAFRnjOsC8IFHHUA4TQQhgAqpAiIFfGbxkIqj54ayGbL7UoOqHCniAEKHLNr26l+D9wQJzeUwMAnfHvEnLECzZRwRV++d60ptjW9VLZeolEJG6GwCCE0CFVNB+Ay0NEqoQYG4YYFu7B8IEVRt3uRzy/osIoLV9QZimWXGHUMFdmI6M64DUF2Je88R9VZqCSP+QlcF5k+4tCzSsXaqjINuK6UyE0+s/mk6/qFq8oAIL9pqMLhkGsNrOyoOIlszust3aJv0U9+kFdwjTGwWl1YdF+KWlQSZ0Se/psj8yGVdg5tJyfH96EBWmLtoEMwMzMFt031NzGWLLzKhC+KV7H5ZeeaMOPxemma2x68puc0LN3+/u6LJiePS6MKHvn4wu6cPzJj0hsioeMfDrEvjv5r6W9gBvjKJujuKzQ0URIZj75NylvT+mbHfXQa4rwAMaVRTMm/SFyzvNy0yF6+4AM+1ubcSnqkAIUjQKl1RKSbE5jt+vovx1MBqF0WW7/d1Z80ab9BtmuJ3Xk5cJKds9TZt/uLPXvtiTrQ+dIwqfAejUvM1os6FNikXKUHfQ+ekUsXT5u85enJ0CaBSkkGEo1syUQ+DfMdE/4GA1uzupf9zdbzhOmLsF4efHVXjaHHAzmDtGdQRd/Nc5wAEJjNki3XfhyvwVNz80xANrht3LsENY9cBBdN1L9GUyyvFRFZ42t75sBvCQRykbRlU4tT2pPxoCvzx09d4GmPs200M6wKdWSDGK8mppYSWdhAlt0qeaLv+IadXU9/Evq4FAZ8ej+LmtcTxaRX4NWI0Uag5Vg1p5MYg8BnlhXIdPHDow+vTWZvVMVttXDLqkTzZdPj6Qii6cP1cSvIdl3iQkNYyi9HH0I22y+93tY3DcQkTZgQtM+POoCr8x97eylkmtrgKuztrvXJ21x/aNKuqIkZ/fntRfCdcTfhUTAIhRzoDojJD0aSNLLwMzmpT7+JaLtyf1MwDo6qz9djFaUq3t9MlFmy/c1OCSceY9fMsVaL9mvH9ocXdkdWxv1scAePG0THAhMOaLdOw/Gvxfxb1w4eCapyIENUcV5M3/u8FitAxZ25P6GAHT3UX39Srw+QOb1ZffA98Dl2Wy1BYkAAAAAElFTkSuQmCC	1

data:image/svg+xml, %3csvg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="4 0 8 16"%3e %3cpath style="fill: %23666;" fill-rule="evenodd" d="M11.707085,11.7071 L7.999975,15.4142 L4.292875,11.7071 C3.902375,11.3166 3.902375, 10.6834 4.292875,10.2929 C4.683375,9.90237 5.316575,9.90237 5.707075,10.2929 L6.999975, 11.5858 L6.999975,2 C6.999975,1.44771 7.447695,1 7.999975,1 C8.552255,1 8.999975,1.44771 8.999975,2 L8.999975,11.5858 L10.292865,10.2929 C10.683395 ,9.90237 11.316555,9.90237 11.707085,10.2929 C12.097605,10.6834 12.097605,11.3166 11.707085,11.7071 Z"/%3e %3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns="http://www.w3.org/2000/svg" width="24" height="24" viewBox="4 0 8 16"%3e %3cpath style="fill: %23666;" fill-rule="evenodd" d="M4.29289,4.2971 L8,0.59 L11.7071,4.2971 C12.0976,4.6876 12.0976,5.3208 11.7071,5.7113 C11.3166,6.10183 10.6834, 6.10183 10.2929,5.7113 L9,4.4184 L9,14.0042 C9,14.55649 8.55228,15.0042 8,15.0042 C7.44772,15.0042 7,14.55649 7,14.0042 L7,4.4184 L5.70711,5.7113 C5.31658,6.10183 4.68342,6.10183 4.29289,5.7113 C3.90237,5.3208 3.90237,4.6876 4.29289,4.2971 Z"/%3e %3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' fill='%23fff' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath d='M2.75 0l-1.5 1.5L3.75 4l-2.5 2.5L2.75 8l4-4-4-4z'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' fill='%23fff' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath d='M5.25 0l-4 4 4 4 1.5-1.5L4.25 4l2.5-2.5L5.25 0z'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' viewBox='0 0 4 5'%3e%3cpath fill='%23343a40' d='M2 0L0 2h4zm0 5L0 3h4z'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='101' height='101' view-box='0 0 101 101' preserveAspectRatio='none'%3e%3cpath fill='white' d='M51 1l25 23 24 22H1l25-22z'/%3e%3cpath fill='white' opacity='.3' d='M51 101l25-23 24-22H1l25 22z'/%3e%3c/svg%3e	2

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='101' height='101' view-box='0 0 101 101' preserveAspectRatio='none'%3e%3cpath fill='white' opacity='.3' d='M51 1l25 23 24 22H1l25-22z'/%3e%3cpath fill='white' d='M51 101l25-23 24-22H1l25 22z'/%3e%3c/svg%3e	2

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='101' height='101' view-box='0 0 101 101' preserveAspectRatio='none'%3e%3cpath fill='white' opacity='.3' d='M51 1l25 23 24 22H1l25-22zM51 101l25-23 24-22H1l25 22z'/%3e%3c/svg%3e	2

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='12' height='12' viewBox='-4 -4 8 8'%3e%3ccircle r='3' fill='%23fff'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='30' height='30' viewBox='0 0 30 30'%3e%3cpath stroke='rgba%280, 0, 0, 0.5%29' stroke-linecap='round' stroke-miterlimit='10' stroke-width='2' d='M4 7h22M4 15h22M4 23h22'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='30' height='30' viewBox='0 0 30 30'%3e%3cpath stroke='rgba%28255, 255, 255, 0.5%29' stroke-linecap='round' stroke-miterlimit='10' stroke-width='2' d='M4 7h22M4 15h22M4 23h22'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='4' height='4' viewBox='0 0 4 4'%3e%3cpath stroke='%23fff' d='M0 2h4'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='4' height='5' viewBox='0 0 4 5'%3e%3cpath fill='%23404040' d='M2 0L0 2h4zm0 5L0 3h4z'/%3e%3c/svg%3e	1

data:image/svg+xml,%3csvg xmlns='http://www.w3.org/2000/svg' width='8' height='8' viewBox='0 0 8 8'%3e%3cpath fill='%23fff' d='M6.564.75l-3.59 3.612-1.538-1.55L0 4.26l2.974 2.99L8 2.193z'/%3e%3c/svg%3e	1

data:image/svg+xml;utf8,<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path fill-rule="evenodd" d="M10.707 7.293a1 1 0 0 1 0 1.414l-3 3a1 1 0 0 1-1.414-1.414L8.586 8 6.293 5.707a1 1 0 0 1 1.414-1.414l3 3z"/></svg>	1

data:image/svg+xml;utf8,<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path fill-rule="evenodd" d="M5.293 7.293a1 1 0 0 0 0 1.414l3 3a1 1 0 0 0 1.414-1.414L7.414 8l2.293-2.293a1 1 0 0 0-1.414-1.414l-3 3z"/></svg>	1

data:image/svg+xml;utf8,<svg viewBox="0 0 16 16" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink"><path fill-rule="evenodd" d="M7.293 10.707a1 1 0 0 0 1.414 0l3-3a1 1 0 0 0-1.414-1.414L8 8.586 5.707 6.293a1 1 0 0 0-1.414 1.414l3 3z"/></svg>	2

link

stylesheet

/assets/highlight/themes/white-908e5b573e957d2f33c4980b155592e27d2a3ed7076866f2a486fedf0b4337f0.css

200

text/css; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 8965 Bytes

local SRI possible, possible hash-values:

sha256-kI5bVz6VfS8zxJgLFVWS4n0qPtcHaGbypIb+3wtDN/A=
sha384-McgIE7ilSmm6dUTz+F5cMVSvyT8xJJ2jdCMkUStgaRZEyXV6wusnpNXIuiQUjYlB
sha512-dsa97hAp3x7XFYMXumBNmsMxEXYaMm6GH+ZHv7oiEIRxjAjvtAeJw7jmnlfEGgP73sS1WKSlKkRls3as4sa3IQ==

Content loaded via url("...")

/assets/icons-stacked-f55b5152b1b2d03ec4f8ea2eb2d4357a3a3d344c70df055648e44148b71ed95c.svg#link

meta

charset

utf-8

meta

og:description

GitLab Community Edition

meta

og:image

https://gitlab.sphaera.ru/assets/gitlab_logo-7ae504fe4f68fdebb3c2034e36621930cd36ea87924c11ff65dbcb8ed50dca58.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 3616 Bytes

meta

og:image:height

meta

og:image:width

meta

og:site_name

GitLab

meta

og:title

meta

og:type

object

meta

og:url

https://gitlab.sphaera.ru/users/sign_in

200

text/html; charset=utf-8
X-Content-Type-Options nosniff found

28472 Bytes

meta

twitter:card

summary

meta

twitter:description

GitLab Community Edition

meta

twitter:image

https://gitlab.sphaera.ru/assets/gitlab_logo-7ae504fe4f68fdebb3c2034e36621930cd36ea87924c11ff65dbcb8ed50dca58.png

meta

twitter:title

meta

X-UA-Compatible

IE=edge

meta

action-cable-url

/-/cable

meta

csp-nonce

meta

csrf-param

authenticity_token

meta

csrf-token

CrPnbW7spsaSq693CibeizpHA5sRsQI5KareVcg2ZJ+w5hh+VU9scNTpP1TMQJMqJ3a7eaXITBA67vbpq67WTg==

meta

description

GitLab Community Edition

meta

msapplication-TileColor

#30353E

meta

msapplication-TileImage

/assets/msapplication-tile-1196ec67452f618d39cdd85e2e3a542f76574c071051ae7effbfde01710eb17d.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

No Compression - 4328 Bytes

meta

theme-color

#292961

meta

viewport

width=device-width, initial-scale=1, maximum-scale=1

script

src

/assets/webpack/commons-pages.admin.sessions-pages.ldap.omniauth_callbacks-pages.omniauth_callbacks-pages.profiles.t-f04c18ab.b07dfe05.chunk.js

200

defer attribute found

text/javascript; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 26797 Bytes

local SRI possible, possible hash-values:

sha256-P7fEf9U1cNpyyGu5QakXQfaZR+8PtLjhMXPKkgeDZbk=
sha384-2oNmtXuBzUL1AI+45eH8cDLGygOWtvYoPOKcS6fVIKWvqHgaXO/Cfzy48B2WqNL3
sha512-JYtEgq005OiT2TPT9KFuP/dh2zwbi/sH72jGPLDzvcuA5I9XZQYEkbsbWHaaju2GjJAtq27CFPW8eFpPyQHLIg==

script

src

/assets/webpack/commons-pages.admin.sessions-pages.sessions-pages.sessions.new.8f313fa6.chunk.js

200

defer attribute found

text/javascript; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 13748 Bytes

local SRI possible, possible hash-values:

sha256-cm5+1Ac5ne4zLi5pEGhcgiyhRpV5WpcY5uR3CEmHfBg=
sha384-kgOEwtyZankRIu98u4IGtd/bFt0RdgnpL/nxBA9bdErc+ZqXqsrk/26O0/k+PB2m
sha512-qFRJDeqQjkcg+/MVAPSf+tB/JlS1hgNZe1WM1wHNmfJe+iralHa08fHzXuBJY9RLnMr676VnZSXBoZG5iPyNfg==

script

src

/assets/webpack/main.fb387d50.chunk.js

200

defer attribute found

text/javascript; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 880960 Bytes

local SRI possible, possible hash-values:

sha256-mxXtPGa1YcMMznDw7rzBenxFas2IcExy3ysqW8MvrfM=
sha384-h1dijIpLr3Dj1lRsvxbLUCqD33ItZexUpVNBqGZsH+iH3GC8YPoxJ7lh6JXHDII3
sha512-Ci1NlTbAZtBndEEJvVif6fWNyzBeXd9gaC6KgPNBv6NRJiXvY+5Q7LjAp4qI0zfnLIzGk6wQ7nlDjMrdaV0EOQ==

script

src

/assets/webpack/pages.sessions.new.6fd52457.chunk.js

200

defer attribute found

text/javascript; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 7104 Bytes

local SRI possible, possible hash-values:

sha256-LIjnzYumSCJ9g2HqHZB4AQZ+Qa05BZ1Ix2Xc68auWD8=
sha384-CCMyyBW+wpHchR4tsXVWrNPW8tKb4MF7IxuCn/m5EKizWbmJocrigrt7L2gdZqFq
sha512-R1CrAiyYaNDbRsXxwRp++D08WmtGRd3YjKVbrwDfgsKPJD1o2W2Ns5FepIuQkeZxkjDnJAc72iqnmoL8hl2UTg==

script

src

/assets/webpack/runtime.2364a9fc.bundle.js

200

defer attribute found

text/javascript; charset=utf-8
X-Content-Type-Options nosniff found

Cache-Control: public - max-age missing.

Compression required: 13222 Bytes

local SRI possible, possible hash-values:

sha256-iSr9bZWAjpn0tDNFo3mdguFVK56/RAFcUJ6wD80I4Ko=
sha384-bgT17c96q+DVD+go8CRR3U/TGfaruk41UtSZ9SD0DhU/a52Jos4tHBi94uXf53lD
sha512-FqxVQuSzFA2YqcUxjlNGbEtP/mXNDqSm9AZZLhVwAlGoNtZLFZoWcTOQOe8ZIWnirhRQ66ZKZF9JnWBf6YFK4w==

https://85.117.232.63/
85.117.232.63

img

src

/Wbo-27F86B72-A027-4573-B9C0-D5BFBDD8FE1B/logo.png

alt: ForeFront

meta

content-type

text/html; charset=utf-8

style

/Wbo-27F86B72-A027-4573-B9C0-D5BFBDD8FE1B/bg.gif

style

/Wbo-27F86B72-A027-4573-B9C0-D5BFBDD8FE1B/bullet.gif

style

/Wbo-27F86B72-A027-4573-B9C0-D5BFBDD8FE1B/sidetext.png

style

/Wbo-27F86B72-A027-4573-B9C0-D5BFBDD8FE1B/topright.gif

12. Html-Parsing via https://validator.w3.org/nu/

Small Code update, wait one minute

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns3-l2.nic.ru, ns4-cloud.nic.ru, ns4-l2.nic.ru, ns8-cloud.nic.ru, ns8-l2.nic.ru

QNr.	Domain	Type	NS used
1	ru	NS	d.root-servers.net (2001:500:2d::d)
	Answer: a.dns.ripn.net, b.dns.ripn.net, d.dns.ripn.net, e.dns.ripn.net, f.dns.ripn.net
2	ns3-l2.nic.ru	NS	a.dns.ripn.net (2001:678:17:0:193:232:128:6)
	Answer: ns5.nic.ru, ns6.nic.ru, ns9.nic.ru
	Answer: ns5.nic.ru 2a02:2090:e800:9000:31:177:67:100, 31.177.67.100
	Answer: ns6.nic.ru 2a02:2090:ec00:9040:31:177:74:100, 31.177.74.100
	Answer: ns9.nic.ru 2a02:2090:e400:7000:31:177:85:186, 31.177.85.186
3	ns4-cloud.nic.ru	NS	a.dns.ripn.net (2001:678:17:0:193:232:128:6)
	Answer: ns5.nic.ru, ns6.nic.ru, ns9.nic.ru
	Answer: ns5.nic.ru 2a02:2090:e800:9000:31:177:67:100, 31.177.67.100
	Answer: ns6.nic.ru 2a02:2090:ec00:9040:31:177:74:100, 31.177.74.100
	Answer: ns9.nic.ru 2a02:2090:e400:7000:31:177:85:186, 31.177.85.186
4	ns4-l2.nic.ru	NS	a.dns.ripn.net (2001:678:17:0:193:232:128:6)
	Answer: ns5.nic.ru, ns6.nic.ru, ns9.nic.ru
	Answer: ns5.nic.ru 2a02:2090:e800:9000:31:177:67:100, 31.177.67.100
	Answer: ns6.nic.ru 2a02:2090:ec00:9040:31:177:74:100, 31.177.74.100
	Answer: ns9.nic.ru 2a02:2090:e400:7000:31:177:85:186, 31.177.85.186
5	ns8-cloud.nic.ru	NS	a.dns.ripn.net (2001:678:17:0:193:232:128:6)
	Answer: ns5.nic.ru, ns6.nic.ru, ns9.nic.ru
	Answer: ns5.nic.ru 2a02:2090:e800:9000:31:177:67:100, 31.177.67.100
	Answer: ns6.nic.ru 2a02:2090:ec00:9040:31:177:74:100, 31.177.74.100
	Answer: ns9.nic.ru 2a02:2090:e400:7000:31:177:85:186, 31.177.85.186
6	ns8-l2.nic.ru	NS	a.dns.ripn.net (2001:678:17:0:193:232:128:6)
	Answer: ns5.nic.ru, ns6.nic.ru, ns9.nic.ru
	Answer: ns5.nic.ru 2a02:2090:e800:9000:31:177:67:100, 31.177.67.100
	Answer: ns6.nic.ru 2a02:2090:ec00:9040:31:177:74:100, 31.177.74.100
	Answer: ns9.nic.ru 2a02:2090:e400:7000:31:177:85:186, 31.177.85.186
7	ns3-l2.nic.ru: 193.232.146.1	A	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
8	ns3-l2.nic.ru: No AAAA record found	AAAA	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
9	ns4-cloud.nic.ru: 194.67.73.79, 194.67.73.81, 89.104.93.30, 89.104.93.33, 89.104.93.34, 89.104.95.30, 89.104.95.33, 89.104.95.34	A	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
10	ns4-cloud.nic.ru: No AAAA record found	AAAA	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
11	ns4-l2.nic.ru: 91.217.20.20	A	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
12	ns4-l2.nic.ru: No AAAA record found	AAAA	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
13	ns8-cloud.nic.ru: 194.67.73.80, 194.67.73.82, 89.104.93.31, 89.104.93.35, 89.104.93.36, 89.104.95.31, 89.104.95.35, 89.104.95.36	A	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
14	ns8-cloud.nic.ru: No AAAA record found	AAAA	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
15	ns8-l2.nic.ru: 91.217.21.20	A	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)
16	ns8-l2.nic.ru: No AAAA record found	AAAA	ns5.nic.ru (2a02:2090:e800:9000:31:177:67:100)

14. CAA - Entries

Domainname	Value	∑ Queries
gitlab.sphaera.ru	no CAA entry found	1
sphaera.ru	no CAA entry found	1
ru	no CAA entry found	1

15. TXT - Entries

Domainname	TXT Entry	Status	∑ Queries
sphaera.ru	MS=ms79916831	ok	1
sphaera.ru	v=spf1 mx a ip4:85.117.232.0/24 ip4:87.245.186.240/29 include:spf.protection.outlook.com -all	ok	1
gitlab.sphaera.ru		ok	1
_acme-challenge.gitlab.sphaera.ru		Name Error - The domain name does not exist	1
_acme-challenge.gitlab.sphaera.ru.sphaera.ru		Name Error - The domain name does not exist	1
_acme-challenge.gitlab.sphaera.ru.gitlab.sphaera.ru		Name Error - The domain name does not exist	1

16. DomainService - Entries

No DomainServiceEntries entries found

17. Cipher Suites

No results

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

Permalink: https://check-your-website.server-daten.de/?i=3e9077cc-25a8-4474-8840-24716d9d6a71

Last Result: https://check-your-website.server-daten.de/?q=gitlab.sphaera.ru - 2022-07-18 12:49:08

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=gitlab.sphaera.ru" target="_blank">Check this Site: gitlab.sphaera.ru</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=gitlab.sphaera.ru

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

Mobile- and other Chrome-Checks

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

Summary

Details (currently limited to 500 rows - some problems with spam users)

12. Html-Parsing via https://validator.w3.org/nu/

13. Nameserver - IP-Adresses

14. CAA - Entries

15. TXT - Entries

16. DomainService - Entries

17. Cipher Suites

18. Portchecks