Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

D

 

Wrong redirect http ⇒ http

 

Checked:
21.09.2024 06:05:21

 

Older results

No older results found

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
lambeth.gov.uk
A
151.101.2.137
San Francisco/California/United States (US) - Fastly, Inc.
No Hostname found
yes
1
0

A
151.101.66.137
San Francisco/California/United States (US) - Fastly, Inc.
No Hostname found
yes
1
0

A
151.101.130.137
San Francisco/California/United States (US) - Fastly, Inc.
No Hostname found
yes
1
0

A
151.101.194.137
San Francisco/California/United States (US) - Fastly, Inc.
No Hostname found
yes
1
0

AAAA

yes


www.lambeth.gov.uk
CNAME
global.axistwelve.com
yes
1
0

CNAME
k.sni.global.fastly.net
yes


www.lambeth.gov.uk
A
151.101.242.137
Milan/Lombardy/Italy (IT) - Fastly, Inc.
No Hostname found
no


*.lambeth.gov.uk
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20038, Flags 256






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.10.2024, 00:00:00 +, Signature-Inception: 19.09.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: uk

uk
1 DS RR in the parent zone found






DS with Algorithm 8, KeyTag 43876, DigestType 2 and Digest oQftKsG9FNkkFzvH6CehFTWCByOU+Scro34jU7xllgM=






1 RRSIG RR to validate DS RR found






RRSIG-Owner uk., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 03.10.2024, 17:00:00 +, Signature-Inception: 20.09.2024, 16:00:00 +, KeyTag 20038, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 43056, Flags 256






Public Key with Algorithm 8, KeyTag 43876, Flags 257 (SEP = Secure Entry Point)






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner uk., Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 22.10.2024, 14:14:12 +, Signature-Inception: 17.09.2024, 13:46:56 +, KeyTag 43876, Signer-Name: uk






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 43876 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 43876, DigestType 2 and Digest "oQftKsG9FNkkFzvH6CehFTWCByOU+Scro34jU7xllgM=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: gov.uk

gov.uk
2 DS RR in the parent zone found






DS with Algorithm 8, KeyTag 17539, DigestType 2 and Digest LwoKZduekw9bLAQl9n32ZBbAdhJGUqKB2aj/p3OCj1c=






DS with Algorithm 8, KeyTag 695, DigestType 2 and Digest cndZLb2Jk73nBwTbq9MK/buFBX5ljvFCjxj12aU0vOA=






1 RRSIG RR to validate DS RR found






RRSIG-Owner gov.uk., Algorithm: 8, 2 Labels, original TTL: 300 sec, Signature-expiration: 19.10.2024, 18:31:15 +, Signature-Inception: 14.09.2024, 17:51:32 +, KeyTag 43056, Signer-Name: uk






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 43056 used to validate the DS RRSet in the parent zone






7 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 695, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 16180, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 17539, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 18198, Flags 256






Public Key with Algorithm 8, KeyTag 23541, Flags 256






Public Key with Algorithm 8, KeyTag 52549, Flags 256






Public Key with Algorithm 8, KeyTag 58200, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner gov.uk., Algorithm: 8, 2 Labels, original TTL: 7200 sec, Signature-expiration: 23.10.2024, 03:28:31 +, Signature-Inception: 18.09.2024, 03:07:07 +, KeyTag 695, Signer-Name: gov.uk






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 695 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 695, DigestType 2 and Digest "cndZLb2Jk73nBwTbq9MK/buFBX5ljvFCjxj12aU0vOA=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: lambeth.gov.uk

lambeth.gov.uk
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "465c2tienk0m670evrislfd9a7mgrlsr" between the hashed NSEC3-owner "402102nqi3hugsftrhc2uqul4uf3qs4e" and the hashed NextOwner "4iefetsvbg54jo02mro0eualuil4jbh1". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: CNAME, RRSIG Validated: RRSIG-Owner 402102nqi3hugsftrhc2uqul4uf3qs4e.gov.uk., Algorithm: 8, 3 Labels, original TTL: 14400 sec, Signature-expiration: 24.10.2024, 09:22:18 +, Signature-Inception: 19.09.2024, 08:37:28 +, KeyTag 52549, Signer-Name: gov.uk






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "58i52iqlrcob2peg45is2ano18fc2bjp" as Owner. That's the Hash of "gov.uk" with the NextHashedOwnerName "7vcalb1ug09eqkb77hbagh8evloeao6j". So that domain name is the Closest Encloser of "lambeth.gov.uk". Opt-Out: True.
Bitmap: A, NS, SOA, TXT, AAAA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner 58i52iqlrcob2peg45is2ano18fc2bjp.gov.uk., Algorithm: 8, 3 Labels, original TTL: 3600 sec, Signature-expiration: 20.10.2024, 10:01:57 +, Signature-Inception: 15.09.2024, 09:49:18 +, KeyTag 52549, Signer-Name: gov.uk






0 DNSKEY RR found









Zone: www.lambeth.gov.uk

www.lambeth.gov.uk
0 DS RR in the parent zone found



Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20038, Flags 256






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.10.2024, 00:00:00 +, Signature-Inception: 19.09.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: com

com
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=






1 RRSIG RR to validate DS RR found






RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 03.10.2024, 17:00:00 +, Signature-Inception: 20.09.2024, 16:00:00 +, KeyTag 20038, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 59354, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 29.09.2024, 14:02:35 +, Signature-Inception: 14.09.2024, 13:57:35 +, KeyTag 19718, Signer-Name: com






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: axistwelve.com

axistwelve.com
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "uei1vu7k3tbgp5tfhjtk8mmojidjfuhs" between the hashed NSEC3-owner "uei1u2ijbd0ffhqgbt7lhchpqgo8mhgo" and the hashed NextOwner "uei29vhc81m2nbjdpnb10j98tec9p6tl". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner uei1u2ijbd0ffhqgbt7lhchpqgo8mhgo.com., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 28.09.2024, 01:36:31 +, Signature-Inception: 21.09.2024, 00:26:31 +, KeyTag 59354, Signer-Name: com






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q3udg8cekkae7rukpgct1dvssh8ll". So that domain name is the Closest Encloser of "axistwelve.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 25.09.2024, 00:25:58 +, Signature-Inception: 17.09.2024, 23:15:58 +, KeyTag 59354, Signer-Name: com






0 DNSKEY RR found









Zone: global.axistwelve.com

global.axistwelve.com
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
lambeth.gov.uk
  ns1.virginmedia.net / d7a107ff-47a4-493d-b316-38e201d70c34
62.253.162.237
London/England/United Kingdom (GB) - Virgin Media Limited


  ns2.virginmedia.net / 5e4af3db-02ae-4ac7-92b9-9e76876b6d2e
194.168.4.237
East Wellow/England/United Kingdom (GB) - Virgin Media Limited


  ns3.virginmedia.net / d5fd988b-9832-49b4-bd3f-56aacc1fcc52
62.253.162.37
London/England/United Kingdom (GB) - Virgin Media Limited


  ns4.virginmedia.net / e3bc0f49-daf0-4f1c-8eb3-425e474809a4
194.168.4.33
East Wellow/England/United Kingdom (GB) - Virgin Media Limited

gov.uk
  dns1.nic.uk
213.248.216.1
Oxford/England/United Kingdom (GB) - Nominet


 
2a01:618:400::1
Oxford/England/United Kingdom (GB) - Nominet


  dns2.nic.uk
103.49.80.1
Oxford/England/United Kingdom (GB) - NOMINET-NS


 
2401:fd80:400::1
Ashburn/Virginia/United States (US) - Nominet UK


  dns3.nic.uk
213.248.220.1
London/England/United Kingdom (GB) - Nominet


 
2a01:618:404::1
Oxford/England/United Kingdom (GB) - Nominet


  dns4.nic.uk
43.230.48.1
Oxford/England/United Kingdom (GB) - NOMINET-NS


 
2401:fd80:404::1
Sydney/New South Wales/Australia (AU) - Nominet UK


  nsa.nic.uk / TLD_Host1.Frankfurt_Node1
156.154.100.3
New York/United States (US) - NeuStar, Inc.


 
2001:502:ad09::3
Herndon/Virginia/United States (US) - NeuStar, Inc.


  nsb.nic.uk / TLD_Host2.Frankfurt_Node1
156.154.101.3
New York/United States (US) - NeuStar, Inc.


 
2001:502:2eda::3
Herndon/Virginia/United States (US) - NeuStar, Inc.


  nsc.nic.uk / TLD_Host2.Frankfurt_Node1
156.154.102.3
Miami/Florida/United States (US) - NeuStar, Inc.


 
2610:a1:1009::3
Ashburn/Virginia/United States (US) - NeuStar, Inc.


  nsd.nic.uk / TLD_Host1.Frankfurt_Node1
156.154.103.3
New York/United States (US) - NeuStar, Inc.


 
2610:a1:1010::3
Herndon/Virginia/United States (US) - NeuStar, Inc.

uk
  dns1.nic.uk


  dns2.nic.uk


  dns3.nic.uk


  dns4.nic.uk


  nsa.nic.uk / TLD_Host2.Frankfurt_Node1


  nsb.nic.uk / TLD_Host2.Frankfurt_Node1


  nsc.nic.uk / TLD_Host1.Frankfurt_Node1


  nsd.nic.uk / TLD_Host1.Frankfurt_Node1


axistwelve.com
  ns-1314.awsdns-36.org / 1b0dd431bbab75f1ba38c5bd87648827 -
205.251.197.34
Herndon/Virginia/United States (US) - Amazon.com


 
2600:9000:5305:2200::1
New York/United States (US) - Amazon.com


  ns-1790.awsdns-31.co.uk / 3aa1922ddad633bc46f6d4ce3d48f706 -
205.251.198.254
Ashburn/Virginia/United States (US) - Amazon.com


 
2600:9000:5306:fe00::1
Seattle/Washington/United States (US) - Amazon.com


  ns-492.awsdns-61.com / bd63b90d365b5fbdd0e95e8c01ff4101 -
205.251.193.236
Ashburn/Virginia/United States (US) - Amazon.com


 
2600:9000:5301:ec00::1
Seattle/Washington/United States (US) - Amazon.com


  ns-545.awsdns-04.net / 47b80f1e33d899ac8faac0c2221a21ef -
205.251.194.33
Ashburn/Virginia/United States (US) - Amazon.com


 
2600:9000:5302:2100::1
Seattle/Washington/United States (US) - Amazon.com

com
  a.gtld-servers.net / nnn1-defra-5


  b.gtld-servers.net / nnn1-elwaw4


  c.gtld-servers.net / nnn1-par6


  d.gtld-servers.net / nnn1-defra-5


  e.gtld-servers.net / nnn1-par6


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-ein4


  k.gtld-servers.net / nnn1-frmrs-2


  l.gtld-servers.net / nnn1-frmrs-2


  m.gtld-servers.net / nnn1-frmrs-2

 

4. SOA-Entries


Domain:uk
Zone-Name:uk
Primary:dns1.nic.uk
Mail:hostmaster.nic.uk
Serial:1726891362
Refresh:7200
Retry:900
Expire:2419200
TTL:10800
num Entries:6


Domain:uk
Zone-Name:uk
Primary:dns1.nic.uk
Mail:hostmaster.nic.uk
Serial:1726891363
Refresh:7200
Retry:900
Expire:2419200
TTL:10800
num Entries:2


Domain:gov.uk
Zone-Name:gov.uk
Primary:dns1.nic.uk
Mail:hostmaster.nominet.org.uk
Serial:1726853564
Refresh:900
Retry:300
Expire:2419200
TTL:3600
num Entries:16


Domain:lambeth.gov.uk
Zone-Name:lambeth.gov.uk
Primary:ns1.virginmedia.net
Mail:hostmaster.virginmedia.net
Serial:2024091900
Refresh:86400
Retry:7200
Expire:2419200
TTL:1800
num Entries:4



Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1726891524
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:9


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1726891539
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:4


Domain:axistwelve.com
Zone-Name:axistwelve.com
Primary:ns-545.awsdns-04.net
Mail:awsdns-hostmaster.amazon.com
Serial:1
Refresh:7200
Retry:900
Expire:1209600
TTL:86400
num Entries:8


5. Screenshots

Startaddress: https://www.lambeth.gov.uk/, address used: https://www.lambeth.gov.uk/, Screenshot created 2024-09-21 06:12:51 +00:0

 

Mobil (412px x 732px)

 

1114 milliseconds

 

Screenshot mobile - https://www.lambeth.gov.uk/
Mobil + Landscape (732px x 412px)

 

1101 milliseconds

 

Screenshot mobile landscape - https://www.lambeth.gov.uk/
Screen (1280px x 1680px)

 

1368 milliseconds

 

Screenshot Desktop - https://www.lambeth.gov.uk/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport396732
content Size3966515

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://lambeth.gov.uk/
151.101.2.137
301
http://www.lambeth.gov.uk/

0.050
D
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:25 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6949-MXP, cache-mxp6949-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891646.912417,VS0,VE0
Content-Length: 0

• http://lambeth.gov.uk/
151.101.66.137
301
http://www.lambeth.gov.uk/

0.033
D
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:25 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-fra-eddf8230081-FRA, cache-fra-eddf8230081-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891646.962984,VS0,VE0
Content-Length: 0

• http://lambeth.gov.uk/
151.101.130.137
301
http://www.lambeth.gov.uk/

0.050
D
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:25 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6941-MXP, cache-mxp6941-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891646.779878,VS0,VE0
Content-Length: 0

• http://lambeth.gov.uk/
151.101.194.137
301
http://www.lambeth.gov.uk/

0.050
D
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:25 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6967-MXP, cache-mxp6967-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891646.845231,VS0,VE0
Content-Length: 0

• http://www.lambeth.gov.uk/
151.101.242.137
301
https://www.lambeth.gov.uk/

0.046
A
Connection: close
Server: Varnish
Retry-After: 0
Location: https://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:26 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6968-MXP, cache-mxp6968-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891646.078497,VS0,VE1
Content-Length: 0

• https://lambeth.gov.uk/
151.101.2.137
301
https://www.lambeth.gov.uk/

6.716
A
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: https://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:41 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6947-MXP, cache-mxp6947-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891662.635848,VS0,VE0
Content-Length: 0

• https://lambeth.gov.uk/
151.101.66.137
301
https://www.lambeth.gov.uk/

6.736
A
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: https://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:49 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6957-MXP, cache-mxp6957-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891669.140196,VS0,VE1
Content-Length: 0

• https://lambeth.gov.uk/
151.101.130.137
301
https://www.lambeth.gov.uk/

6.753
A
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: https://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:26 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6943-MXP, cache-mxp6943-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891646.191698,VS0,VE0
Content-Length: 0

• https://lambeth.gov.uk/
151.101.194.137
301
https://www.lambeth.gov.uk/

6.690
A
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: https://www.lambeth.gov.uk/
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:07:34 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6942-MXP, cache-mxp6942-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891654.083639,VS0,VE0
Content-Length: 0

• https://www.lambeth.gov.uk/
151.101.242.137 gzip used - 8514 / 43704 - 80.52 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
200

Html is minified: 117.80 %
Other inline scripts (∑/total): 1/500
7.016
A
Connection: keep-alive
Server: Apache
Cache-Control: public, max-age=900
x-drupal-dynamic-cache: MISS
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
fastly-drupal-html: YES
x-drupal-cache: HIT
ETag: "1726483082-gzip"
Access-Control-Allow-Origin: https://moderngov.lambeth.gov.uk
Accept-Ranges: bytes
Age: 0
Date: Sat, 21 Sep 2024 04:07:56 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6966-MXP, cache-mxp6966-MXP
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1726891677.710303,VS0,VS0,VE134
Vary: Cookie,Accept-Encoding
Content-Length: 8514
Content-Language: en
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Mon, 16 Sep 2024 10:38:02 GMT
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8

• http://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.101.2.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.033
D
Visible Content:
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:08:06 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-fra-eddf8230050-FRA, cache-fra-eddf8230050-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891687.762250,VS0,VE0
Content-Length: 0

• http://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.101.66.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.047
D
Visible Content:
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:08:07 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6961-MXP, cache-mxp6961-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891687.495117,VS0,VE1
Content-Length: 0

• http://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.101.130.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.043
D
Visible Content:
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:08:05 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-fra-etou8220071-FRA, cache-fra-etou8220071-FRA
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891685.280284,VS0,VE0
Content-Length: 0

• http://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.101.194.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.053
D
Visible Content:
Connection: close
Server: Varnish
Retry-After: 0
Cache-Control: max-age=86400
Location: http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:08:06 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6929-MXP, cache-mxp6929-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891686.025030,VS0,VE0
Content-Length: 0

• http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
151.101.242.137
301
https://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

0.056
A
Visible Content:
Connection: close
Server: Varnish
Retry-After: 0
Location: https://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Accept-Ranges: bytes
Date: Sat, 21 Sep 2024 04:08:08 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-mxp6967-MXP, cache-mxp6967-MXP
X-Cache: HIT, HIT
X-Cache-Hits: 0, 0
X-Timer: S1726891688.297882,VS0,VE0
Content-Length: 0

• https://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
404

Html is minified: 117.69 %
Other inline scripts (∑/total): 2/892
6.970
A
Not Found
Visible Content:
Connection: keep-alive
Server: Apache
Cache-Control: public, max-age=900
x-drupal-dynamic-cache: UNCACHEABLE
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
x-generator: Drupal 10 (https://www.drupal.org)
fastly-drupal-html: YES
x-drupal-cache: MISS
ETag: "1726891727"
Access-Control-Allow-Origin: https://moderngov.lambeth.gov.uk
Accept-Ranges: bytes
Age: 0
Date: Sat, 21 Sep 2024 04:08:47 GMT
Via: 1.1 varnish
Strict-Transport-Security: max-age=31557600
X-Served-By: cache-fra-etou8220031-FRA, cache-fra-etou8220031-FRA
X-Cache: MISS, MISS
X-Cache-Hits: 0, 0
X-Timer: S1726891728.598015,VS0,VS0,VE264
Vary: Cookie
Content-Length: 25633
Content-Language: en
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Last-Modified: Sat, 21 Sep 2024 04:08:47 GMT
Content-Type: text/html; charset=UTF-8

• https://151.101.2.137/
151.101.2.137
421

Html is minified: 102.06 %
6.744
N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-mxp6959
Content-Length: 297
Content-Type: text/plain; charset=utf-8

• https://151.101.66.137/
151.101.66.137
421

Html is minified: 102.06 %
6.724
N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-mxp6963
Content-Length: 297
Content-Type: text/plain; charset=utf-8

• https://151.101.130.137/
151.101.130.137
421

Html is minified: 102.06 %
6.800
N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-mxp6929
Content-Length: 297
Content-Type: text/plain; charset=utf-8

• https://151.101.194.137/
151.101.194.137
421

Html is minified: 102.06 %
6.850
N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-mxp6948
Content-Length: 297
Content-Type: text/plain; charset=utf-8

• https://151.101.242.137/
151.101.242.137
421

Html is minified: 102.06 %
6.816
N
Misdirected Request
Certificate error: RemoteCertificateNameMismatch
Connection: keep-alive
x-served-by: cache-mxp6978
Content-Length: 297
Content-Type: text/plain; charset=utf-8

 

7. Comments


1. General Results, most used to calculate the result

Aname "lambeth.gov.uk" is domain, public suffix is ".gov.uk", top-level-domain is ".uk", top-level-domain-type is "country-code", Country is United Kingdom of Great Britain and Northern Ireland, tld-manager is "Nominet UK", num .uk-domains preloaded: 5101 (complete: 245733)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: lambeth.gov.uk has 4 different ip addresses (authoritative).
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: lambeth.gov.uk has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: www is preferred
AGood: No cookie sent via http.
AExcellent: Domain is in the Google-Preload-List
AExcellent: Domain is in the Mozilla/Firefox-Preload-List
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Ahttp://www.lambeth.gov.uk/ 151.101.242.137
301
https://www.lambeth.gov.uk/
Correct redirect http - https with the same domain name
Dhttp://lambeth.gov.uk/ 151.101.2.137
301
http://www.lambeth.gov.uk/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/ 151.101.66.137
301
http://www.lambeth.gov.uk/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/ 151.101.130.137
301
http://www.lambeth.gov.uk/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/ 151.101.194.137
301
http://www.lambeth.gov.uk/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 151.101.2.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 151.101.66.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 151.101.130.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 151.101.194.137
301
http://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Mhttps://151.101.2.137/ 151.101.2.137
421

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://151.101.66.137/ 151.101.66.137
421

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://151.101.130.137/ 151.101.130.137
421

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://151.101.194.137/ 151.101.194.137
421

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://151.101.242.137/ 151.101.242.137
421

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://151.101.2.137/ 151.101.2.137
421

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://151.101.66.137/ 151.101.66.137
421

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://151.101.130.137/ 151.101.130.137
421

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://151.101.194.137/ 151.101.194.137
421

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://151.101.242.137/ 151.101.242.137
421

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain lambeth.gov.uk, 4 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain lambeth.gov.uk, 4 ip addresses.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.lambeth.gov.uk

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

Awww.lambeth.gov.uk 151.101.242.137
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
A
X-Frame-Options
Ok: Header without syntax errors found: SAMEORIGIN
B

Info: Header is deprecated. May not longer work in modern browsers. SAMEORIGIN. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
Fwww.lambeth.gov.uk 151.101.242.137
Content-Security-Policy
Critical: Missing Header:
Fwww.lambeth.gov.uk 151.101.242.137
Referrer-Policy
Critical: Missing Header:
Fwww.lambeth.gov.uk 151.101.242.137
Permissions-Policy
Critical: Missing Header:
Bwww.lambeth.gov.uk 151.101.242.137
Cross-Origin-Embedder-Policy
Info: Missing Header
Bwww.lambeth.gov.uk 151.101.242.137
Cross-Origin-Opener-Policy
Info: Missing Header
Bwww.lambeth.gov.uk 151.101.242.137
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

AInfo:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
AInfo:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.ns1.virginmedia.net (62.253.162.237), ns2.virginmedia.net (194.168.4.237), ns3.virginmedia.net (62.253.162.37), ns4.virginmedia.net (194.168.4.33)
AGood (1 - 3.0):: An average of 0.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 4 different Name Servers found: ns1.virginmedia.net, ns2.virginmedia.net, ns3.virginmedia.net, ns4.virginmedia.net, 4 Name Servers included in Delegation: ns1.virginmedia.net, ns2.virginmedia.net, ns3.virginmedia.net, ns4.virginmedia.net, 4 Name Servers included in 1 Zone definitions: ns1.virginmedia.net, ns2.virginmedia.net, ns3.virginmedia.net, ns4.virginmedia.net, 1 Name Servers listed in SOA.Primary: ns1.virginmedia.net.
AGood: Only one SOA.Primary Name Server found.: ns1.virginmedia.net.
AGood: SOA.Primary Name Server included in the delegation set.: ns1.virginmedia.net.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns1.virginmedia.net, ns2.virginmedia.net, ns3.virginmedia.net, ns4.virginmedia.net
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 4 different Name Servers found
Warning: No Name Server IPv6 address found. IPv6 is the future, so your name servers should be visible via IPv6.: 4 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 4 Name Servers, 1 Top Level Domain: net
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: virginmedia.net
Warning: All Name Servers from the same Country / IP location.: 4 Name Servers, 1 Countries: GB
AInfo: Ipv4-Subnet-list: 4 Name Servers, 2 different subnets (first Byte): 194., 62., 2 different subnets (first two Bytes): 194.168., 62.253., 2 different subnets (first three Bytes): 194.168.4., 62.253.162.
AGood: Name Server IPv4-addresses from different subnet found:
AGood: Nameserver supports TCP connections: 4 good Nameserver
AGood: Nameserver supports Echo Capitalization: 4 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 4 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 4 good Nameserver
Nameserver doesn't pass all EDNS-Checks: dns1.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns1.nic.uk / 213.248.216.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns1.nic.uk / 2a01:618:400::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns2.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns2.nic.uk / 103.49.80.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns2.nic.uk / 2401:fd80:400::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns3.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns3.nic.uk / 213.248.220.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns3.nic.uk / 2a01:618:404::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns4.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns4.nic.uk / 43.230.48.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns4.nic.uk / 2401:fd80:404::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
AGood: No https + http status 200 with inline CSS / JavaScript found
https://www.lambeth.gov.uk/ 151.101.242.137
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
https://www.lambeth.gov.uk/ 151.101.242.137
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 6 script elements without defer/async.
https://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 5 script elements without defer/async.
Warning: Svg-Images greater 1024 Bytes without internal compression are found. Svg is an Xml-Application, so Compression is required to reduce the size of the file. 4 images (type image/svg+xml, image/x-icon, image/vnd.microsoft.icon) found without compression.
Warning: CSS / JavaScript found without Compression. Compress these ressources, gzip, deflate, br are checked. 3 external CSS / JavaScript files without Compression found - 9 with Compression, 12 complete
AGood: All images with internal compression not compressed. Some Images (.png, .jpg, .jpeg, .webp, .gif) are already compressed, so an additional compression isn't helpful. 8 images (type image/png, image/jpg, image/jpeg, image/webp, image/gif) found without additional Compression. Not required because these images are already compressed
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 13 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 2 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 15 complete.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 12 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 12 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AGood: Some img-elements have a valid alt-attribute.: 12 img-elements found, 10 img-elements with correct alt-attributes (defined, not an empty value).
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 0 img-elements without alt-attribute, 2 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
http://lambeth.gov.uk/ 151.101.2.137
301

Warning: HSTS header sent via http has no effect
http://lambeth.gov.uk/ 151.101.66.137
301

Warning: HSTS header sent via http has no effect
http://lambeth.gov.uk/ 151.101.130.137
301

Warning: HSTS header sent via http has no effect
http://lambeth.gov.uk/ 151.101.194.137
301

Warning: HSTS header sent via http has no effect
http://www.lambeth.gov.uk/ 151.101.242.137
301

Warning: HSTS header sent via http has no effect
https://www.lambeth.gov.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
6.970 seconds
Warning: 404 needs more then one second
AInfo: Different Server-Headers found
ADuration: 456870 milliseconds, 456.870 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
lambeth.gov.uk
151.101.2.137
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
lambeth.gov.uk
151.101.2.137
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


lambeth.gov.uk
151.101.66.137
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

lambeth.gov.uk
151.101.66.137
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


lambeth.gov.uk
151.101.130.137
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

lambeth.gov.uk
151.101.130.137
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


lambeth.gov.uk
151.101.194.137
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

lambeth.gov.uk
151.101.194.137
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


www.lambeth.gov.uk
151.101.242.137
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.lambeth.gov.uk
151.101.242.137
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


www.lambeth.gov.uk
www.lambeth.gov.uk
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.lambeth.gov.uk
www.lambeth.gov.uk
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


151.101.2.137
151.101.2.137
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

151.101.2.137
151.101.2.137
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


151.101.66.137
151.101.66.137
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

151.101.66.137
151.101.66.137
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


151.101.130.137
151.101.130.137
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

151.101.130.137
151.101.130.137
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


151.101.194.137
151.101.194.137
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

151.101.194.137
151.101.194.137
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


151.101.242.137
151.101.242.137
443
name does not match
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

151.101.242.137
151.101.242.137
443
name does not match
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

 

9. Certificates

1.
1.
CN=www.lambeth.gov.uk
01.02.2024
31.01.2025
expires in 116 days
www.lambeth.gov.uk, lambeth.gov.uk - 2 entries
1.
1.
CN=www.lambeth.gov.uk
01.02.2024

31.01.2025
expires in 116 days


www.lambeth.gov.uk, lambeth.gov.uk - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0350602C112C7789
Thumbprint:3DFDC929C7686D578842FB4B48B6D0B0F6714E1F
SHA256 / Certificate:o7+8dyOvX8IPHWKMc+Qnc//JpaL0byRsFvX5Ped80Cw=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):558564c2859fc98180f454b45977c17f8babd90759e00ff89fd6579df0e4c58b
SHA256 hex / Subject Public Key Information (SPKI):558564c2859fc98180f454b45977c17f8babd90759e00ff89fd6579df0e4c58b (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=www.lambeth.gov.uk
01.02.2024
31.01.2025
expires in 116 days
www.lambeth.gov.uk, lambeth.gov.uk - 2 entries

2.
CN=www.lambeth.gov.uk
01.02.2024

31.01.2025
expires in 116 days


www.lambeth.gov.uk, lambeth.gov.uk - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0350602C112C7789
Thumbprint:3DFDC929C7686D578842FB4B48B6D0B0F6714E1F
SHA256 / Certificate:o7+8dyOvX8IPHWKMc+Qnc//JpaL0byRsFvX5Ped80Cw=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):558564c2859fc98180f454b45977c17f8babd90759e00ff89fd6579df0e4c58b
SHA256 hex / Subject Public Key Information (SPKI):558564c2859fc98180f454b45977c17f8babd90759e00ff89fd6579df0e4c58b (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=www.lambeth.gov.uk
01.02.2024
31.01.2025
expires in 116 days
www.lambeth.gov.uk, lambeth.gov.uk - 2 entries

3.
CN=www.lambeth.gov.uk
01.02.2024

31.01.2025
expires in 116 days


www.lambeth.gov.uk, lambeth.gov.uk - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0350602C112C7789
Thumbprint:3DFDC929C7686D578842FB4B48B6D0B0F6714E1F
SHA256 / Certificate:o7+8dyOvX8IPHWKMc+Qnc//JpaL0byRsFvX5Ped80Cw=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):558564c2859fc98180f454b45977c17f8babd90759e00ff89fd6579df0e4c58b
SHA256 hex / Subject Public Key Information (SPKI):558564c2859fc98180f454b45977c17f8babd90759e00ff89fd6579df0e4c58b (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




4.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 2399 days


4.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 2399 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:07
Thumbprint:27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
SHA256 / Certificate:lzpBJ2/9AeAnoqrUnjTDeEbT6Xb/amILZxLjODIEGqY=
SHA256 hex / Cert (DANE * 0 1):973a41276ffd01e027a2aad49e34c37846d3e976ff6a620b6712e33832041aa6
SHA256 hex / PublicKey (DANE * 1 1):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SHA256 hex / Subject Public Key Information (SPKI):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




5.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 2399 days


5.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 2399 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:07
Thumbprint:27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
SHA256 / Certificate:lzpBJ2/9AeAnoqrUnjTDeEbT6Xb/amILZxLjODIEGqY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SHA256 hex / Subject Public Key Information (SPKI):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




6.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 2399 days


6.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 2399 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:07
Thumbprint:27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
SHA256 / Certificate:lzpBJ2/9AeAnoqrUnjTDeEbT6Xb/amILZxLjODIEGqY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SHA256 hex / Subject Public Key Information (SPKI):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




7.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.01.2014
30.05.2031
expires in 2426 days


7.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.01.2014

30.05.2031
expires in 2426 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:1BE715
Thumbprint:340B2880F446FCC04E59ED33F52B3D08D6242964
SHA256 / Certificate:Oi++kokeV/4F1XCH9I5zDxflpfU+9APWGOW3TXp+bss=
SHA256 hex / Cert (DANE * 0 1):3a2fbe92891e57fe05d57087f48e730f17e5a5f53ef403d618e5b74d7a7e6ecb
SHA256 hex / PublicKey (DANE * 1 1):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SHA256 hex / Subject Public Key Information (SPKI):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




8.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.09.2009
01.01.2038
expires in 4834 days


8.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.09.2009

01.01.2038
expires in 4834 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00
Thumbprint:47BEABC922EAE80E78783462A79F45C254FDE68B
SHA256 / Certificate:RRQLMkfrnMjFtPDXtTCR9zKSCJ5uWmPidJ3TrKkZjto=
SHA256 hex / Cert (DANE * 0 1):45140b3247eb9cc8c5b4f0d7b53091f73292089e6e5a63e2749dd3aca9198eda
SHA256 hex / PublicKey (DANE * 1 1):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SHA256 hex / Subject Public Key Information (SPKI):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





9.
CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 2399 days


9.
CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 2399 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:2003
Thumbprint:841D4A9FC9D3B2F0CA5FAB95525AB2066ACF8322
SHA256 / Certificate:m/WJZ1RZlhlFEtthdxUa/plwauo9o2/u562fizwFB8s=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SHA256 hex / Subject Public Key Information (SPKI):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




10.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004
29.06.2034
expires in 3552 days


10.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004

29.06.2034
expires in 3552 days




KeyalgorithmRSA encryption ( bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:00
Thumbprint:2796BAE63F1801E277261BA0D77770028F20EEE4
SHA256 / Certificate:w4Rr8kuek8pkJ0wOxnwezF4CT/ys0tdAGTUOgf5UauQ=
SHA256 hex / Cert (DANE * 0 1):c3846bf24b9e93ca64274c0ec67c1ecc5e024ffcacd2d74019350e81fe546ae4
SHA256 hex / PublicKey (DANE * 1 1):5632d97bfa775bf3c99ddea52fc2553410864016729c52dd6524c8a9c3b4489f
SHA256 hex / Subject Public Key Information (SPKI):5632d97bfa775bf3c99ddea52fc2553410864016729c52dd6524c8a9c3b4489f
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





11.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004
29.06.2034
expires in 3552 days


11.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004

29.06.2034
expires in 3552 days




KeyalgorithmRSA encryption ( bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:00
Thumbprint:2796BAE63F1801E277261BA0D77770028F20EEE4
SHA256 / Certificate:w4Rr8kuek8pkJ0wOxnwezF4CT/ys0tdAGTUOgf5UauQ=
SHA256 hex / Cert (DANE * 0 1):c3846bf24b9e93ca64274c0ec67c1ecc5e024ffcacd2d74019350e81fe546ae4
SHA256 hex / PublicKey (DANE * 1 1):5632d97bfa775bf3c99ddea52fc2553410864016729c52dd6524c8a9c3b4489f
SHA256 hex / Subject Public Key Information (SPKI):5632d97bfa775bf3c99ddea52fc2553410864016729c52dd6524c8a9c3b4489f
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




2.
1.
CN=k.sni-649-default.ssl.fastly.net
12.01.2024
12.02.2025
expires in 128 days
k.sni-649-default.ssl.fastly.net - 1 entry
2.
1.
CN=k.sni-649-default.ssl.fastly.net
12.01.2024

12.02.2025
expires in 128 days


k.sni-649-default.ssl.fastly.net - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:01BF3733AC84428DDEBF6AF0B203B529
Thumbprint:6CD18D2D533D388673EB03BF4F45D2378C1BDC7C
SHA256 / Certificate:0qRI6O3SbRp6sfbvw2PcYW4OcIOZj/tK+Kq6XcCVWJs=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):005601125ee1dd73ed0f99ffe05aab2032e5ee53fe9c2d4584ea83ad80772c70
SHA256 hex / Subject Public Key Information (SPKI):005601125ee1dd73ed0f99ffe05aab2032e5ee53fe9c2d4584ea83ad80772c70 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.globalsign.com/ca/gsatlasr3dvtlsca2024q1
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=GlobalSign Atlas R3 DV TLS CA 2024 Q1, O=GlobalSign nv-sa, C=BE
18.10.2023
18.10.2025
expires in 376 days


2.
CN=GlobalSign Atlas R3 DV TLS CA 2024 Q1, O=GlobalSign nv-sa, C=BE
18.10.2023

18.10.2025
expires in 376 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:7FB6A0EA55E28C044C952E95D6349F5C
Thumbprint:5AC7AC8A9E756DC0960419EE66673B9CDFD37EAC
SHA256 / Certificate:AVL4Y1T8qVJbKAwjP32mz4tfI3PEJkRyMiauZyONsZA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):b08caeb09ad4920695f8db94938d63fe53665f51d84733a6d1482570ed750e89
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp2.globalsign.com/rootr3
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
18.03.2009
18.03.2029
expires in 1623 days


3.
CN=GlobalSign, O=GlobalSign, OU=GlobalSign Root CA - R3
18.03.2009

18.03.2029
expires in 1623 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04000000000121585308A2
Thumbprint:D69B561148F01C77C54578C10926DF5B856976AD
SHA256 / Certificate:y7Ui17fxJ61qAROGW98c1BAufQdZr2NafPRyDcljxTs=
SHA256 hex / Cert (DANE * 0 1):cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b
SHA256 hex / PublicKey (DANE * 1 1):706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SHA256 hex / Subject Public Key Information (SPKI):706bb1017c855c59169bad5c1781cf597f12d2cad2f63d1a4aa37493800ffb80
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
//certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
0
2
2

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
7749231784
precert
//certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
2024-07-19 12:44:27
2025-08-20 12:44:27
*.lambeth.gov.uk, lambeth.gov.uk - 2 entries


6669677096
leaf cert
//certs.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2
2024-01-31 23:09:27
2025-01-30 23:06:45
lambeth.gov.uk, www.lambeth.gov.uk - 2 entries


 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

 

11. Html-Content - Entries

Summary


Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://www.lambeth.gov.uk/
151.101.242.137
a

65

0


0
0
0


form

2
12,318 Bytes
0
2
0
0
0
0


img

2
5,664 Bytes
0
2
0
0
0
0


link
stylesheet
2
20,740 Bytes
0
2
0
0
0
0


link
other
7
26,792 Bytes
0
5
0
0
0
0


meta
og
1
36,026 Bytes
0
0
1
1
0
0
-1

meta
twitter
1
36,026 Bytes
0
0
1
1
0
0
-1

meta
other
9

0


0
0
0


picture

8

0


0
0
0


script

6
74,200 Bytes
0
5
1
0
0
0

 

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://www.lambeth.gov.uk/
151.101.242.137
a




1
ok















a

#main-content


1
ok















a

/


1
ok















a

/about-council


2
ok















a

/about-council/contact-us


1
ok















a

/about-council/modern-slavery?utm_source=footer&utm_campaign=modernslavery


1
ok















a

/about-council/privacy-data-protection?utm_source=footer&utm_campaign=privacy


1
ok















a

/about-council/transparency-open-data


1
ok















a

/adult-social-care-health


2
ok















a

/benefits-financial-support


1
ok















a

/births-deaths-ceremonies-citizenship


1
ok















a

/browse-a-z


1
ok















a

/business-rates-services-licensing


1
ok















a

/buying-commercial-services-council?utm_source=D8Bnavigation&utm_campaign=LambethGold


2
ok















a

/children-young-people-families


2
ok















a

/community-safety-anti-social-behaviour


1
ok















a

/community-solutions


1
ok















a

/costofliving


1
ok















a

/council-services


2
ok















a

/council-tax


2
ok















a

/environmental-services


1
ok















a

/feedback-form


1
ok















a

/housing


2
ok















a

/jobs-skills


2
ok















a

/libraries-archives


1
ok















a

/log-or-sign-mylambeth?utm_source=D8LBLHeader


2
ok















a

/make-payment?utm_source=D8Bnavigation&utm_campaign=payment


2
ok















a

/parking


2
ok















a

/parks-sports-leisure


1
ok















a

/planning-building-control


1
ok















a

/rubbish-recycling


2
ok















a

/schools-education


1
ok















a

/services


1
ok















a

/streets-roads-transport


1
ok















a

/voting-elections


1
ok















a

/your-community


2
ok















a

http://love.lambeth.gov.uk/?utm_source=footer&utm_campaign=news


1
ok















a

https://love.lambeth.gov.uk/lambeth-council-announces-1-1-million-investment-in-active-lambeth-leisure-centres-upgrades/


1
ok















a

https://love.lambeth.gov.uk/lambeth-council-to-invest-1-7-million-in-library-refurbishment-and-innovation/


1
ok















a

https://love.lambeth.gov.uk/lambeth-new-no-need-to-stress-your-black-bin-needs-less-campaign-to-boost-recycling/


2
ok















a

https://public.govdelivery.com/accounts/UKLAMBETH/subscriber/new


1
ok















a

https://twitter.com/lambeth_council


1
ok















a

https://www.facebook.com/LambethCouncil/


1
ok















a

https://www.instagram.com/lambeth_council/?hl=en


1
ok















a

https://www.lambeth.gov.uk/accessibility/accessibility-statement-lambeth-council-website?utm_source=D8LBLFooter


1
ok















a

https://www.lambeth.gov.uk/consultations/have-your-say-lambeths-council-tax-support-scheme-0


1
ok















a

https://www.lambeth.gov.uk/consultations/have-your-say-penalty-charge-notice-pcn-banding-review


1
ok















a

https://www.lambeth.gov.uk/consultations/have-your-say-school-streets-expansion-phase-4


1
ok















a

https://www.lambeth.gov.uk/lambeth-heritage-festival


1
ok















a

https://www.linkedin.com/company/london-borough-of-lambeth


1
ok















a

https://www.youtube.com/user/LambethCouncil


1
ok















form
get
/search/content?keys=searchterm
200

2
ok
text/html; charset=UTF-8
X-Content-Type-Options nosniff found





6159 Bytes






ETag: "1726891792-gzip"



img
src
/themes/custom/lambeth_theme/images/logo.svg
200

1
ok
no alt-Attributeimage/svg+xml
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 2832 Bytes






ETag: "b10-6028c9a8d5913"



img
src
/themes/custom/lambeth_theme/images/logo.svg
200

1
ok
alt: Lambeth logoimage/svg+xml
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 2832 Bytes






ETag: "b10-6028c9a8d5913"



link
apple-touch-icon
/apple-touch-icon.png?v=XBy3YnR4m4
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 7474 Bytes






ETag: "1d32-6028c9a8ed662"



link
canonical
https://www.lambeth.gov.uk/


1
ok















link
icon
/favicon-16x16.png?v=XBy3YnR4m4
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 843 Bytes






ETag: "34b-6028c9a8d10db"



link
icon
/favicon-32x32.png?v=XBy3YnR4m4
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 1254 Bytes






ETag: "4e6-6028c9a8d10db"



link
mask-icon
/safari-pinned-tab.svg?v=XBy3YnR4m4
200

1
ok
image/svg+xml
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 2135 Bytes






ETag: "857-6028c9a8f43c4"



link
shortcut icon
/favicon.ico?v=XBy3YnR4m4
200

1
ok
image/vnd.microsoft.icon
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 15086 Bytes






ETag: "3aee-6028c9a8ed662"



link
shortlink
https://www.lambeth.gov.uk/


1
ok















link
stylesheet
/sites/default/files/css/css_aJbtHBN5RTQ5NWKstVexeKEtzKmB8W0b-3RWypQLsy8.css?delta=1&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo
200

1
ok
text/css
X-Content-Type-Options nosniff found





No Cache-Control - header
Compression (gzip): 18308/121759 Bytes






ETag: "4784-62121e35f8314"

local SRI possible, possible hash-values:

 

sha256-MZmX2MZedY2QyvAvuahWKs4rLpWkoPoYYrddqEnPo7Y=
sha384-7uHlyB7a3HRq4cFSZtWI6FxRAxHwmr5N5nf/q7ZJN2NAG2Jx4c2jTyP6E+D3+HqP
sha512-66vj2D8ejljpGjzp+hj3ktSML68ZsH8sU4WQTj8uIqKLuh0K8mdTBYfEtLAc2xcAmhNNeXTenejsjEBV5gSwSQ==

 

<link rel="stylesheet" href="/sites/default/files/css/css_aJbtHBN5RTQ5NWKstVexeKEtzKmB8W0b-3RWypQLsy8.css?delta=1&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo" crossorigin="anonymous" integrity="sha256-MZmX2MZedY2QyvAvuahWKs4rLpWkoPoYYrddqEnPo7Y=" />


Content loaded via url("...")

 

/themes/contrib/classy/images/icons/73b355/check.svg1
/themes/contrib/classy/images/icons/e29700/warning.svg1
/themes/contrib/classy/images/icons/e32700/error.svg1
/themes/contrib/classy/images/misc/feed.svg1
/themes/contrib/classy/images/misc/help.png1
/themes/contrib/classy/images/misc/menu-expanded.png1
/themes/custom/lambeth_theme/dist/fonts/opensans-bold-webfont.woff1
/themes/custom/lambeth_theme/dist/fonts/opensans-bold-webfont.woff21
/themes/custom/lambeth_theme/dist/fonts/opensans-italic-webfont.woff1
/themes/custom/lambeth_theme/dist/fonts/opensans-italic-webfont.woff21
/themes/custom/lambeth_theme/dist/fonts/opensans-regular-webfont.woff1
/themes/custom/lambeth_theme/dist/fonts/opensans-regular-webfont.woff21
/themes/custom/lambeth_theme/dist/images/forward-sprite.svg2
/themes/custom/lambeth_theme/dist/images/icons/close-sprite.svg1
/themes/custom/lambeth_theme/dist/images/mask-banner.svg2

link
stylesheet
/sites/default/files/css/css_VEt1Y5tTNJRyQ_GlkvSX21oDoqo8EjUHumdogNS9WjA.css?delta=0&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo
200

1
ok
text/css
X-Content-Type-Options nosniff found





No Cache-Control - header
Compression (gzip): 2432/8681 Bytes






ETag: "980-62121e35ee6d0"

local SRI possible, possible hash-values:

 

sha256-LQ6uYqRhwEpa3f3ahAT9Rh9StR3BqBbkKw0vhiRVBys=
sha384-0q9wzL8XTFX+gGbxchsO3bZG2RoHHbYrlL0/LgVSBlXMid+CKx2ZOSS28c5vLDyt
sha512-gvxB8XXsLIigTWE5wf+kTNct8ppPNGA+bZ/4qllpYaTdpJnv3SzJicBunTMLqqUIzyHPVARrIruaR+Rst3TvSA==

 

<link rel="stylesheet" href="/sites/default/files/css/css_VEt1Y5tTNJRyQ_GlkvSX21oDoqo8EjUHumdogNS9WjA.css?delta=0&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo" crossorigin="anonymous" integrity="sha256-LQ6uYqRhwEpa3f3ahAT9Rh9StR3BqBbkKw0vhiRVBys=" />


Content loaded via url("...")

 

/modules/contrib/sitemorse_lite/css/images/full-loading.gif1
/modules/contrib/sitemorse_lite/images/sitemorse-icon.svg1
/themes/contrib/stable/images/core/icons/000000/move.svg1
/themes/contrib/stable/images/core/icons/73b355/check.svg1
/themes/contrib/stable/images/core/icons/787878/move.svg1
/themes/contrib/stable/images/core/icons/787878/twistie-down.svg1
/themes/contrib/stable/images/core/icons/787878/twistie-up.svg1
/themes/contrib/stable/images/core/icons/e29700/warning.svg1
/themes/contrib/stable/images/core/icons/e32700/error.svg1
/themes/contrib/stable/images/core/loading-small.gif1
/themes/contrib/stable/images/core/throbber-active.gif2
/themes/contrib/stable/images/core/throbber-inactive.png1
/themes/contrib/stable/images/core/tree.png2
/themes/contrib/stable/images/core/tree-bottom.png1

meta
charset
utf-8


1
ok















meta
og:image
https://upload.wikimedia.org/wikipedia/en/thumb/d/d8/Lb_lambeth_logo.svg/1280px-Lb_lambeth_logo.svg.png
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 36026 Bytes






ETag: 15e04c4c18664dd89953e32df6ef9820

Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

 

sha256-EMCjqEFujFid4fNyEhSkdGZhRBZ0S4OpdF3PwNAE2gA=
sha384-EIz/Han/RKRo6t44I2/as9We1bsqV/tz2L0sR4Vk0sUI/yiiIh3nAWHM35DkcuFf
sha512-Gsf8Ce76X8zCSs4UrcmX+XJYdbiqTiodbvDKuFc213m4J9W5llETZjS9ZMjz/fRvJEWq9v4/1s6ApIWU1bJ/og==

 

<meta crossorigin="anonymous" integrity="sha256-EMCjqEFujFid4fNyEhSkdGZhRBZ0S4OpdF3PwNAE2gA=" />



meta
Generator
Drupal 10 (LocalGov Drupal | https://localgovdrupal.org)


1
ok















meta
google-site-verification
nr1bKgGixFnFawACKzJvwJNaTX03pRE_vLVmo1hJYgc


1
ok















meta
google-translate-customization
5cec12f06db53796-de282cc62f13929b-gf7c62351e5c5e8d5-10


1
ok















meta
HandheldFriendly
true


1
ok















meta
MobileOptimized
width


1
ok















meta
msapplication-TileColor
#da532c


1
ok















meta
theme-color
#ffffff


1
ok















meta
twitter:image
https://upload.wikimedia.org/wikipedia/en/thumb/d/d8/Lb_lambeth_logo.svg/1280px-Lb_lambeth_logo.svg.png
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 36026 Bytes






ETag: 15e04c4c18664dd89953e32df6ef9820

Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

 

sha256-EMCjqEFujFid4fNyEhSkdGZhRBZ0S4OpdF3PwNAE2gA=
sha384-EIz/Han/RKRo6t44I2/as9We1bsqV/tz2L0sR4Vk0sUI/yiiIh3nAWHM35DkcuFf
sha512-Gsf8Ce76X8zCSs4UrcmX+XJYdbiqTiodbvDKuFc213m4J9W5llETZjS9ZMjz/fRvJEWq9v4/1s6ApIWU1bJ/og==

 

<meta crossorigin="anonymous" integrity="sha256-EMCjqEFujFid4fNyEhSkdGZhRBZ0S4OpdF3PwNAE2gA=" />



meta
viewport
width=device-width, initial-scale=1.0


1
ok















picture


• source
media: (min-width: 768px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_16_5/public/2024-09/heritage-festival-love-lambeth-720-x-368.jpg?itok=8COAfLXD 1x


1
ok







/sites/default/files/styles/large_16_5/public/2024-09/heritage-festival-love-lambeth-720-x-368.jpg?itok=8COAfLXD 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 93274 Bytes






ETag: "16c5a-62188eb2b1aff"


• source
media: screen and (min-width: 1200px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_16_5_2x/public/2024-09/heritage-festival-love-lambeth-720-x-368.jpg?itok=ML7eV2tu 1x


1
ok







/sites/default/files/styles/large_16_5_2x/public/2024-09/heritage-festival-love-lambeth-720-x-368.jpg?itok=ML7eV2tu 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 263974 Bytes






ETag: "40726-62188c9f44d64"

• img




/sites/default/files/styles/small_16_5/public/2024-09/heritage-festival-love-lambeth-720-x-368.jpg?itok=1BXyOMW1
200

1
ok
alt: Collage of black and white three photos of photographer, family and Shakespeareimage/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 31388 Bytes






ETag: "7a9c-62188cb0db246"



picture


• source
media: (min-width: 768px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2024-09/bins.jpg?itok=774uMGGp 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2024-09/bins.jpg?itok=774uMGGp 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 136797 Bytes






ETag: "2165d-6212069ebf0d3"

• img




/sites/default/files/styles/large_3_2_768x512/public/2024-09/bins.jpg?itok=5wgew1uz
200

1
ok
alt: collection of binsimage/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 50399 Bytes






ETag: "c4df-62120806ee7e1"



picture


• source
media: (min-width: 768px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2024-09/stay-in-peace-bridge-homepage_0.jpg?itok=Nc4n2NAr 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2024-09/stay-in-peace-bridge-homepage_0.jpg?itok=Nc4n2NAr 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 246572 Bytes






ETag: "3c32c-62188cec33bc6"

• img




/sites/default/files/styles/large_3_2_768x512/public/2024-09/stay-in-peace-bridge-homepage_0.jpg?itok=53dPdn9K
200

1
ok
alt: Stay in peace bridge mural on Brixton Road railway bridgeimage/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 85241 Bytes






ETag: "14cf9-62188ed9d7f59"



picture


• source
media: (min-width: 768px)
type: image/png



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2024-09/active-Love-Lambeth-1.png?itok=936eRfn1 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2024-09/active-Love-Lambeth-1.png?itok=936eRfn1 1x
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 1373710 Bytes






ETag: "14f60e-62238b4f3e9b7"

• img




/sites/default/files/styles/large_3_2_768x512/public/2024-09/active-Love-Lambeth-1.png?itok=F4od8qFs
200

1
ok
alt: Children accompanied by adult playing on foam play gymimage/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 728961 Bytes






ETag: "b1f81-62238b9ab9648"



picture


• source
media: (min-width: 768px)
type: image/png



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2024-09/library-Love-Lambeth-.png?itok=wy-Lkkg3 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2024-09/library-Love-Lambeth-.png?itok=wy-Lkkg3 1x
200

1
ok
image/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 1552433 Bytes






ETag: "17b031-62238c49bab6d"

• img




/sites/default/files/styles/large_3_2_768x512/public/2024-09/library-Love-Lambeth-.png?itok=0I8zTyyj
200

1
ok
alt: Brixton Library Windrush Squareimage/png
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 815412 Bytes






ETag: "c7134-62238e47b3cb8"



picture


• source
media: (min-width: 768px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2023-10/Have%20your%20say%20-%20purple.jpg?itok=RvPEYOw2 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2023-10/Have%20your%20say%20-%20purple.jpg?itok=RvPEYOw2 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 51414 Bytes






ETag: "c8d6-6078826d39670"

• img




/sites/default/files/styles/large_3_2_768x512/public/2023-10/Have%20your%20say%20-%20purple.jpg?itok=o8OLVwix
200

1
ok
alt: Have your say graphic on purple backgroundimage/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 19220 Bytes






ETag: "4b14-6078835854b0d"



picture


• source
media: (min-width: 768px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2024-03/Have%20your%20say%20-%20blue.jpg?itok=9ggDZSfy 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2024-03/Have%20your%20say%20-%20blue.jpg?itok=9ggDZSfy 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 52649 Bytes






ETag: "cda9-614009deb1093"

• img




/sites/default/files/styles/large_3_2_768x512/public/2024-03/Have%20your%20say%20-%20blue.jpg?itok=YjJJVbbO
200

1
ok
alt: Have your say white text on pink backgroundimage/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 20144 Bytes






ETag: "4eb0-61400aa09f7bb"



picture


• source
media: (min-width: 768px)
type: image/jpeg



1
ok














srcset
/sites/default/files/styles/large_3_2_2x/public/2024-06/Have%20your%20say%20-%20blue%20%281%29.jpg?itok=ZQWoqOPK 1x


1
ok







/sites/default/files/styles/large_3_2_2x/public/2024-06/Have%20your%20say%20-%20blue%20%281%29.jpg?itok=ZQWoqOPK 1x
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 52741 Bytes






ETag: "ce05-61a3aff645509"

• img




/sites/default/files/styles/large_3_2_768x512/public/2024-06/Have%20your%20say%20-%20blue%20%281%29.jpg?itok=nMXEUB4W
200

1
ok
alt: Have your sayimage/jpeg
X-Content-Type-Options nosniff found





No Cache-Control header
No Compression - 20083 Bytes






ETag: "4e73-61a3b1709e77f"



script
src
//translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
200

1
ok
Missing defer / async attribute. text/javascript; charset=utf-8
X-Content-Type-Options nosniff found





Cache-Control: no-store, must-revalidate, no-cache, max-age=0 - max-age too short.
Compression (gzip): 31526/91740 Bytes






Server-Header Access-Control-Allow-Origin: not found
Cross-Origin Resource Sharing (CORS) not supported



script
src
/sites/default/files/google_tag/deafult_gtm_container/google_tag.script.js?sj6pyc
200

1
ok
Missing defer / async attribute. text/javascript
X-Content-Type-Options nosniff found





No Cache-Control - header
347 Bytes






ETag: "15b-61cdf6bcd5ff5"

local SRI possible, possible hash-values:

 

sha256-kCawKbyNSqZB0WLikXYVC0XyTbt4TG8TPYNFA7E/EjE=
sha384-OEfwLcU+9izsGn1/LDkXFPO6nfTFXTOG8BGcZffGRYCckht+1779Ti7n1rBUuXuJ
sha512-F7C2gRYoDI4hhSJ5YOLk7/jy+85Sp/mTctFgVAm7dMUdveqnqMte/Aftm7byVzctoBOeBwSUVx7J/umCWuhAjw==

 

<script src="/sites/default/files/google_tag/deafult_gtm_container/google_tag.script.js?sj6pyc" crossorigin="anonymous" integrity="sha256-kCawKbyNSqZB0WLikXYVC0XyTbt4TG8TPYNFA7E/EjE=" />



script
src
/sites/default/files/js/js_1ua8ub9BQTBfe7TS59Db5YLRPJRFUOKfDyljqKHiNBo.js?scope=footer&delta=3&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo
200

1
ok
Missing defer / async attribute. text/javascript
X-Content-Type-Options nosniff found





No Cache-Control - header
Compression (gzip): 5871/18610 Bytes






ETag: "16ef-62121e88f11c8"

local SRI possible, possible hash-values:

 

sha256-RGtQeDF/02P2mS5923lpIYjM0WOVvXjx5uhB6WD89kY=
sha384-W5NA6RqxbppPAWjGcErOIFmxlKiNXf824sKBD9lw/9s4hJvUStvGuXdH8DttXn//
sha512-xdoFPg4T+nmPNVQMSzt6aZ8Z/Y5aKtLqG8AD6Jh0K+GREfmb+MUg2TA4Ggrwh5jV6kFaoUquYB5Lr0VDIxYf1w==

 

<script src="/sites/default/files/js/js_1ua8ub9BQTBfe7TS59Db5YLRPJRFUOKfDyljqKHiNBo.js?scope=footer&delta=3&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo" crossorigin="anonymous" integrity="sha256-RGtQeDF/02P2mS5923lpIYjM0WOVvXjx5uhB6WD89kY=" />



script
src
/sites/default/files/js/js_a7olwEpYDje8J4r2iGoSHZ3I3UcsLvqeFCO-S_Jy0PU.js?scope=footer&delta=0&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo
200

1
ok
Missing defer / async attribute. text/javascript
X-Content-Type-Options nosniff found





No Cache-Control - header
224 Bytes






ETag: "e0-62121e6eec6f2"

local SRI possible, possible hash-values:

 

sha256-Db9Tq6B/dDUh5xoXgSOSDgw7lGHlvNqY3OAqpY2Vjmo=
sha384-hebpUZf9xfX7oyvIGae09e/qxnJvXFHEF6jpcUGHJm0eWsPXik5g9eoZV1BYQ2LI
sha512-0XBOMPWmuFqYuyODNFSwViRaBR823F6E2LGv3spNWpnGCOSSNPoFHLxSbYgiQr8lo13KW6gEmtL5YUbP4YkJBg==

 

<script src="/sites/default/files/js/js_a7olwEpYDje8J4r2iGoSHZ3I3UcsLvqeFCO-S_Jy0PU.js?scope=footer&delta=0&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo" crossorigin="anonymous" integrity="sha256-Db9Tq6B/dDUh5xoXgSOSDgw7lGHlvNqY3OAqpY2Vjmo=" />



script
src
/sites/default/files/js/js_FwWb5m8Q4RdK3zfkXlZaczZSFfaZ6_39ARySWJYyo6g.js?scope=header&delta=0&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo
200

1
ok
Missing defer / async attribute. text/javascript
X-Content-Type-Options nosniff found





No Cache-Control - header
Compression (gzip): 33305/96899 Bytes






ETag: "8219-62121e6e139ed"

local SRI possible, possible hash-values:

 

sha256-9LZ5Q2Y2oEjriQibQionBqYVK1IMDDlZnJvXtDsHEr4=
sha384-5E6akGXVQpY4FKwGitACDBXD5PM4TbyIFUrC/YLp+RWTPxhu8JGfgAKtXwXsGSjL
sha512-PnU0TwOXuE1psf1l84s66bxTtc/viRGC5hDtbaF9ziUxDCul23+mqoF41GScHFQbLPcAzYno1Wkv1rp8kjEyQw==

 

<script src="/sites/default/files/js/js_FwWb5m8Q4RdK3zfkXlZaczZSFfaZ6_39ARySWJYyo6g.js?scope=header&delta=0&language=en&theme=lambeth_theme&include=eJx9j1sOQiEMRDeEsiRSriMQCyUtmOjqxWj0xg__znT6mDLViJHDyKgIGdyh5nFFG-FceCzlrAxUUUPgRf4jnd1soY-0mGUjTnINdgFjSPOJJRK7jcns9mp6c4UZJZjbROGbaCUu97VjH8YnkcQ4DKVmTOPXtq4riOuklJR6Nn_S2YmP38pxtj4jF8s47QLO-HzBwm70n_lzt1Jph4o2HycJfQo" crossorigin="anonymous" integrity="sha256-9LZ5Q2Y2oEjriQibQionBqYVK1IMDDlZnJvXtDsHEr4=" />



script
src
/themes/custom/lambeth_theme/components/01-atoms/images/icons/svgxuse.min.js?sj6pyc
200

1
ok
Missing defer / async attribute. text/javascript
X-Content-Type-Options nosniff found





No Cache-Control - header
Compression required: 2927 Bytes






ETag: "b6f-6028c9a8d6e9b"

local SRI possible, possible hash-values:

 

sha256-+xblFIDxgSu6OfR6TdLhVHZzVrhw8eXiVk8PRi9ACY8=
sha384-MkHBXrq/hKL+qEM/8nJH9O8Cxl9+8PqOCYZGw61C/aq5aHrDQlf6CxxsQtOrujCJ
sha512-yipBrwYdC4+gC3Rm6FY8KG+2xNTU+frQScGdqXFWanTQn9ZBRBNJ3R3vQ+7gkAxu2ilb5SuFer0DL+dNTTtyhg==

 

<script src="/themes/custom/lambeth_theme/components/01-atoms/images/icons/svgxuse.min.js?sj6pyc" crossorigin="anonymous" integrity="sha256-+xblFIDxgSu6OfR6TdLhVHZzVrhw8eXiVk8PRi9ACY8=" />


 

12. Html-Parsing via https://validator.nu/ / https://validator.w3.org/nu/ (started 2024-09-28, 09:00, alpha)

  Unfortunately, there are differences between the first used validator.nu and validator.w3.org/nu/ - switched to validator.w3.org/nu/. Looks like some error messages (link - fetchpriority attribute) of validator.nu are obsolete, not seen in the w3.org-version and not found in the current specification: link may have a fetchpriority attribute.

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1.virginmedia.net, ns2.virginmedia.net, ns3.virginmedia.net, ns4.virginmedia.net

 

QNr.DomainTypeNS used
1
net
NS
a.root-servers.net (2001:503:ba3e::2:30)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ns1.virginmedia.net: 62.253.162.237
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2.virginmedia.net
194.168.4.237

Answer: ns3.virginmedia.net
62.253.162.37

Answer: ns4.virginmedia.net
194.168.4.33

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
global.axistwelve.com



1
0
www.lambeth.gov.uk



1
0
lambeth.gov.uk
0

no CAA entry found
1
0
axistwelve.com
0

no CAA entry found
1
0
gov.uk
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0
uk
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
lambeth.gov.uk
0ed1fe018ae7987de492a04c13907e69c3f31f6847
ok
1
0
lambeth.gov.uk
99so8td5viuldum52j0hk8o8ha
ok
1
0
lambeth.gov.uk
Eu64MLoNfwtWiDNAmml2OiewVeU4M82cUlScQon2vxBZ6CvaS9Kpyr8uRkNKUMOTRKui/I+ThfzenquBbeRmVQ==
ok
1
0
lambeth.gov.uk
fastly-domain-delegation-580444-202337
ok
1
0
lambeth.gov.uk
fastly-domain-delegation-MjKHGrtGF-07102020
looks good, but no _acme-challenge in domain name?
1
0
lambeth.gov.uk
globalsign-domain-verification= ai868glffnoj63e5mmvf42hdsr
ok
1
0
lambeth.gov.uk
globalsign-domain-verification=5330b200a61d8101f901302c2560a1eb
ok
1
0
lambeth.gov.uk
globalsign-domain-verification=59D22F780C4D751CF2F1344EE262F4CE
ok
1
0
lambeth.gov.uk
globalsign-domain-verification=72F224EE118679549A4880C3876CFEB7
ok
1
0
lambeth.gov.uk
globalsign-domain-verification=7A273CB6452E09CD5E59515021E3F74E
ok
1
0
lambeth.gov.uk
google-site-verification=DFNdcHhpzvaqlJRC0skk57Pkdv0NKcaxJaj8_Jf3GZs
ok
1
0
lambeth.gov.uk
lambeth.gov.uk:google-site-verification=nr1bKgGixFnFawACKzJvwJNaTX03pRE_vLVmo1hJYgc
ok
1
0
lambeth.gov.uk
MS=ms84433249
ok
1
0
lambeth.gov.uk
oi016rtekr5tc7c9hffe0so04k
ok
1
0
lambeth.gov.uk
v=spf1 ip4:192.254.121.3/32 ip4:82.148.232.164/32 ip4:81.21.76.54 ip4:91.216.55.0/24 ip4:160.34.64.28/32 ip4:81.105.164.114/32 ip4:178.20.195.70/32 ip4:178.20.195.230/32 ip4:52.56.65.211/32 ip4:141.145.47.19/31 ip4:212.21.101.140/31 ip4:160.34.31.19/31 ip4:95.131.251.28/32 ip4:212.140.253.251/31 ip4:185.199.221.229/32 ip6:2a03:2800:500::d3/128 include:_uk.axiell.com include:eu._netblocks.mimecast.com include:_spf.hornbill.com include:spf.protection.outlook.com include:sendgrid.net include:spf_c.oraclecloud.com include:_spf.firmstep.com mx -all
ok
1
0
www.lambeth.gov.uk


1
0
global.axistwelve.com


1
0
_acme-challenge.lambeth.gov.uk
_W5QvkDGLKwvRR2j2QqFCWf8p6BNVKIoc8yDtUFJmkE
looks good, correct length, correct characters
1
0
_acme-challenge.www.lambeth.gov.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.global.axistwelve.com

Name Error - The domain name does not exist
1
0
_acme-challenge.lambeth.gov.uk.lambeth.gov.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.www.lambeth.gov.uk.lambeth.gov.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.www.lambeth.gov.uk.www.lambeth.gov.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.global.axistwelve.com.global.axistwelve.com

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

lambeth.gov.uk
10
lambeth-gov-uk.mail.protection.outlook.com
02ok

A


52.101.73.1
04ok

A


52.101.68.32
04ok

A


52.101.73.15
04ok

A


52.101.73.19
04ok

CNAME


-40ok
MX

lambeth.gov.uk
20
lambeth-gov-uk.mail.protection.outlook.com
02ok

A


52.101.68.25
04ok

A


52.101.68.18
04ok

A


52.101.68.12
04ok

A


52.101.73.2
04ok

CNAME


-40ok
SPF
TXT
lambeth.gov.uk

v=spf1 ip4:192.254.121.3/32 ip4:82.148.232.164/32 ip4:81.21.76.54 ip4:91.216.55.0/24 ip4:160.34.64.28/32 ip4:81.105.164.114/32 ip4:178.20.195.70/32 ip4:178.20.195.230/32 ip4:52.56.65.211/32 ip4:141.145.47.19/31 ip4:212.21.101.140/31 ip4:160.34.31.19/31 ip4:95.131.251.28/32 ip4:212.140.253.251/31 ip4:185.199.221.229/32 ip6:2a03:2800:500::d3/128 include:_uk.axiell.com include:eu._netblocks.mimecast.com include:_spf.hornbill.com include:spf.protection.outlook.com include:sendgrid.net include:spf_c.oraclecloud.com include:_spf.firmstep.com mx -all
ok

TXT
_uk.axiell.com

v=spf1 ip4:81.109.161.67/32 ~all
ok

TXT
eu._netblocks.mimecast.com

v=spf1 ip4:195.130.217.0/24 ip4:91.220.42.0/24 ip4:146.101.78.0/24 ip4:207.82.80.0/24 ip4:213.167.81.0/25 ip4:193.7.207.0/25 ip4:213.167.75.0/25 ip4:185.58.85.0/24 ip4:185.58.86.0/24 ip4:193.7.206.0/25 ip4:147.28.36.0/24 ~all
ok

TXT
_spf.hornbill.com

v=spf1 ip4:83.126.54.37 ip4:195.188.254.41 ip4:195.188.254.37 ip4:78.129.173.107 ip4:78.129.173.114 ip4:78.129.173.119 ip4:83.222.231.136 ip4:87.117.243.10 ip4:64.89.44.0/23 ip4:80.193.227.105 ip4:69.174.249.200 ip4:212.71.225.67 ip4:212.71.225.20 ip4:64.34.188.200 ip4:84.207.237.45 ip4:84.207.237.44 ip4:84.207.237.39 ip6:2001:4d40:840c::/48 ~all
ok

TXT
spf.protection.outlook.com

v=spf1 ip4:40.92.0.0/15 ip4:40.107.0.0/16 ip4:52.100.0.0/15 ip4:52.102.0.0/16 ip4:52.103.0.0/17 ip4:104.47.0.0/17 ip6:2a01:111:f400::/48 ip6:2a01:111:f403::/49 ip6:2a01:111:f403:8000::/51 ip6:2a01:111:f403:c000::/51 ip6:2a01:111:f403:f000::/52 -all
ok

TXT
sendgrid.net

v=spf1 ip4:167.89.0.0/17 ip4:208.117.48.0/20 ip4:50.31.32.0/19 ip4:198.37.144.0/20 ip4:198.21.0.0/21 ip4:192.254.112.0/20 ip4:168.245.0.0/17 ip4:149.72.0.0/16 ip4:159.183.0.0/16 include:ab.sendgrid.net ~all
ok

TXT
spf_c.oraclecloud.com

v=spf1 ip4:147.154.59.192/26 ip4:147.154.123.119 include:spf_s1.oraclecloud.com include:spf_s2.oraclecloud.com ip4:170.52.3.228 ip4:192.29.143.169 ip4:159.112.165.64/26 ip4:192.29.42.231 ip4:129.149.37.192/26 ip4:158.178.219.192/26 ip4:158.179.11.192/26 ip4:170.52.4.253 ip4:147.154.14.34 ip4:81.208.187.192/26 ip4:204.216.114.64/26 ip4:158.180.181.192/26 ip4:158.179.135.64/26 ip4:79.72.112.64/26 ip4:64.181.146.64/26 -all
ok

TXT
_spf.firmstep.com

v=spf1 ip4:185.250.239.105 ip4:159.135.227.84 ip4:78.129.221.27 ip4:78.129.221.109 ip4:199.19.224.193 -all
ok

MX
lambeth.gov.uk

lambeth-gov-uk.mail.protection.outlook.com
ok

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.68.27
8192Duplicated ipv4 found.

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.68.12
8192Duplicated ipv4 found.

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.73.1
8192Duplicated ipv4 found.

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.68.10
8192Duplicated ipv4 found.

MX
lambeth.gov.uk

lambeth-gov-uk.mail.protection.outlook.com
ok

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.68.27
8192Duplicated ipv4 found.

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.68.12
8192Duplicated ipv4 found.

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.73.1
8192Duplicated ipv4 found.

MX-A
lambeth-gov-uk.mail.protection.outlook.com

52.101.68.10
8192Duplicated ipv4 found.

TXT
ab.sendgrid.net

v=spf1 ip4:223.165.113.0/24 ip4:223.165.115.0/24 ip4:223.165.118.0/23 ip4:223.165.120.0/23 ~all
ok

TXT
spf_s1.oraclecloud.com

v=spf1 ip4:216.131.131.240/28 ip4:141.145.63.16/28 ip4:129.152.95.16/28 ip4:129.152.79.16/28 ip4:207.127.109.192/26 ip4:151.104.48.26 ip4:151.104.61.235 ip4:84.235.196.192/26 ip4:84.235.197.192/26 ip4:84.8.179.64/26 ip4:159.13.87.0/26 ip4:129.148.11.192/26 ip4:207.127.107.192/26 ip4:147.154.255.192/26 ip4:192.29.216.192/26 ip4:146.56.127.192/26 ip4:192.29.91.192/26 ip4:204.216.119.192/26 ip4:129.153.243.192/26 -all
ok

TXT
spf_s2.oraclecloud.com

v=spf1 ip4:147.154.189.192/26 ip4:141.145.79.16/28 ip4:129.148.219.192/26 ip4:129.157.31.16/28 ip4:207.211.139.192/26 ip4:155.248.28.128/26 ip4:155.248.119.192/26 ip4:155.248.115.192/26 ip4:129.149.63.192/26 ip4:192.29.172.192/26 ip4:207.127.72.64/26 ip4:192.29.207.192/26 ip4:192.29.232.192/26 ip4:192.29.137.192/26 ip4:204.216.127.192/26 ip4:192.29.178.192/26 ip4:129.149.22.192/26 ip4:79.72.22.64/26 ip4:79.72.39.64/26 -all
ok
_dmarc
TXT
_dmarc.lambeth.gov.uk

v=DMARC1; p=quarantine; pct=100; fo=1; ri=3600; rua=mailto:6c9165a4@inbox.ondmarc.com,mailto:dmarc-rua@dmarc.service.gov.uk;ruf=mailto:6c9165a4@inbox.ondmarc.com
ok

TXT
lambeth.gov.uk._report._dmarc.dmarc.service.gov.uk

mailto:dmarc-rua@dmarc.service.gov.uk
okMail domain unequal current domain. Check required, if there is a confirming _report._dmarc-Record. See RFC 7489, 7.1.

TXT
lambeth.gov.uk._report._dmarc.inbox.ondmarc.com

mailto:6c9165a4@inbox.ondmarc.com
okMail domain unequal current domain. Check required, if there is a confirming _report._dmarc-Record. See RFC 7489, 7.1.

TXT
lambeth.gov.uk._report._dmarc.dmarc.service.gov.uk

v=DMARC1;
okConfirmed. Sending reports to external domain is allowed.

TXT
lambeth.gov.uk._report._dmarc.inbox.ondmarc.com

v=DMARC1;
okConfirmed. Sending reports to external domain is allowed.

 

 

17. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
lambeth.gov.uk
151.101.2.137
443
6 Ciphers41.49 sec
0 without, 6 FS
100.00 %
lambeth.gov.uk
151.101.66.137
443
6 Ciphers41.67 sec
0 without, 6 FS
100.00 %
lambeth.gov.uk
151.101.130.137
443
6 Ciphers41.64 sec
0 without, 6 FS
100.00 %
lambeth.gov.uk
151.101.194.137
443
6 Ciphers40.84 sec
0 without, 6 FS
100.00 %
Complete

4
24 Ciphers
6.00 Ciphers/Check
165.64 sec41.41 sec/Check
0 without, 24 FS
100.00 %

Details
DomainIPPortCipher (OpenSsl / IANA)
lambeth.gov.uk
151.101.2.137
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 41.49 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1


151.101.66.137
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 41.67 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1


151.101.130.137
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 41.64 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1


151.101.194.137
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 40.84 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=3ae55b30-81a5-4a2f-828a-f4a65f8c38b4

 

Last Result: https://check-your-website.server-daten.de/?q=lambeth.gov.uk - 2024-09-21 06:05:21

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=lambeth.gov.uk" target="_blank">Check this Site: lambeth.gov.uk</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=lambeth.gov.uk