Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
stoff81.online
A
139.162.181.76
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies, Inc.
Hostname: 139-162-181-76.ip.linodeusercontent.com
yes
1
0

AAAA
2a01:7e01::f03c:95ff:feed:783e
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies, Inc.

yes


www.stoff81.online
A
139.162.181.76
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies, Inc.
Hostname: 139-162-181-76.ip.linodeusercontent.com
yes
1
0

AAAA
2a01:7e01::f03c:95ff:feed:783e
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies, Inc.

yes


*.stoff81.online
A
139.162.181.76
yes



AAAA
2a01:7e01::f03c:95ff:feed:783e
yes



CNAME

yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 21.11.2024, 00:00:00 +, Signature-Inception: 31.10.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: online

online
2 DS RR in the parent zone found






DS with Algorithm 8, KeyTag 4267, DigestType 2 and Digest ZtcBBgnLGema0dooM92rjKLnrMHOhwzCjSnnbrU9Obo=






DS with Algorithm 8, KeyTag 19282, DigestType 2 and Digest JwaiFr04Klgjx0bOaFy8hMoSqcIn5HeSq9mQ+niF27A=






1 RRSIG RR to validate DS RR found






RRSIG-Owner online., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 17.11.2024, 05:00:00 +, Signature-Inception: 04.11.2024, 04:00:00 +, KeyTag 61050, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 61050 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 19282, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 40750, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner online., Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 12.11.2024, 14:45:03 +, Signature-Inception: 13.10.2024, 13:15:03 +, KeyTag 19282, Signer-Name: online






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 19282 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 19282, DigestType 2 and Digest "JwaiFr04Klgjx0bOaFy8hMoSqcIn5HeSq9mQ+niF27A=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: stoff81.online

stoff81.online
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "bjqemtbhqv2ttme27l9qr2rt58apdqa2" between the hashed NSEC3-owner "bjq1lntefck31g5701umff4bft98vjcr" and the hashed NextOwner "bjqh92i9gu5as4ejtrhk1u29j9nvihet". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner bjq1lntefck31g5701umff4bft98vjcr.online., Algorithm: 8, 2 Labels, original TTL: 900 sec, Signature-expiration: 12.11.2024, 16:33:46 +, Signature-Inception: 13.10.2024, 15:03:46 +, KeyTag 40750, Signer-Name: online






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "1ribnbjb5koke6vekotivtq00v2eqsdj" as Owner. That's the Hash of "online" with the NextHashedOwnerName "1riid8g9tuqkkq0g8doh8lu6fddm3pu9". So that domain name is the Closest Encloser of "stoff81.online". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner 1ribnbjb5koke6vekotivtq00v2eqsdj.online., Algorithm: 8, 2 Labels, original TTL: 900 sec, Signature-expiration: 12.11.2024, 14:45:03 +, Signature-Inception: 13.10.2024, 13:15:03 +, KeyTag 40750, Signer-Name: online






0 DNSKEY RR found









Zone: www.stoff81.online

www.stoff81.online
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.stoff81.online
  lunlun.ns.giantpanda.com


  yangyang.ns.giantpanda.com

stoff81.online
  lunlun.ns.giantpanda.com
75.2.45.63
Seattle/Washington/United States (US) - Amazon.com, Inc.


  yangyang.ns.giantpanda.com
3.33.232.36
Toronto/Ontario/Canada (CA) - Amazon.com, Inc.

online
  a.nic.online


  b.nic.online


  e.nic.online


  f.nic.online


  ns0.centralnic.net

 

4. SOA-Entries


Domain:online
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:online
Zone-Name:online
Primary:ns0.centralnic.net
Mail:hostmaster.centralnic.net
Serial:1382876
Refresh:900
Retry:1800
Expire:6048000
TTL:3600
num Entries:4


Domain:stoff81.online
Zone-Name:stoff81.online
Primary:lunlun.ns.giantpanda.com
Mail:admin.giantpanda.com
Serial:2013020401
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:2


Domain:www.stoff81.online
Zone-Name:www.stoff81.online
Primary:lunlun.ns.giantpanda.com
Mail:admin.giantpanda.com
Serial:2013020401
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:2


5. Screenshots

Startaddress: https://stoff81.online/, address used: https://stoff81.online/, Screenshot created 2024-11-04 18:01:41 +00:0

 

Mobil (412px x 732px)

 

1089 milliseconds

 

Screenshot mobile - https://stoff81.online/
Mobil + Landscape (732px x 412px)

 

1082 milliseconds

 

Screenshot mobile landscape - https://stoff81.online/
Screen (1280px x 1680px)

 

1174 milliseconds

 

Screenshot Desktop - https://stoff81.online/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412732
content Size412732

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://stoff81.online/
139.162.181.76 gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
0.030

Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: session_id=fe64b81781e9d30f5be259e2b1dcbe18; Path=/; HttpOnly; Max-Age=86400; Expires=Monday, 04-Nov-2024 16:54:55 GMT
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• http://stoff81.online/
2a01:7e01::f03c:95ff:feed:783e gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
0.030

Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Set-Cookie: session_id=d142a3289792d108a8a5cfc504226906; Path=/; HttpOnly; Max-Age=86400; Expires=Monday, 04-Nov-2024 16:54:55 GMT
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• http://www.stoff81.online/
139.162.181.76 gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
0.013
H
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• http://www.stoff81.online/
2a01:7e01::f03c:95ff:feed:783e gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
0.034
H
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• https://stoff81.online/
139.162.181.76 gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
2.233
B
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:54:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• https://stoff81.online/
2a01:7e01::f03c:95ff:feed:783e gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
2.000
B
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:54:59 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• https://www.stoff81.online/
139.162.181.76 gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
2.077
B
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:55:02 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• https://www.stoff81.online/
2a01:7e01::f03c:95ff:feed:783e gzip used - 841 / 1496 - 43.78 %
200

Html is minified: 210.11 %
1.967
B
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:55:05 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 841

• http://stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
139.162.181.76 gzip used - 23 / 3 - -666.67 %
404

Html is minified: 100.00 %
0.016
A
Not Found
Visible Content:
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:55:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/plain
Content-Encoding: gzip
Content-Length: 23

• http://stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7e01::f03c:95ff:feed:783e gzip used - 23 / 3 - -666.67 %
404

Html is minified: 100.00 %
0.017
A
Not Found
Visible Content:
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:55:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/plain
Content-Encoding: gzip
Content-Length: 23

• http://www.stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
139.162.181.76 gzip used - 23 / 3 - -666.67 %
404

Html is minified: 100.00 %
0.013
A
Not Found
Visible Content:
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:55:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/plain
Content-Encoding: gzip
Content-Length: 23

• http://www.stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7e01::f03c:95ff:feed:783e gzip used - 23 / 3 - -666.67 %
404

Html is minified: 100.00 %
0.016
A
Not Found
Visible Content:
Server: openresty/1.25.3.2
Date: Mon, 04 Nov 2024 16:55:08 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0; includeSubDomains; preload
Content-Type: text/plain
Content-Encoding: gzip
Content-Length: 23

• https://139.162.181.76/
139.162.181.76
-103


0.033
P
SecureConnectionError (3, 0x80131501). The SSL connection could not be established, see inner exception. Authentication failed because the remote party sent a TLS alert: 'InternalError' (FF: SSL_ERROR_INTERNAL_ERROR_ALERT)

• https://[2a01:7e01:0000:0000:f03c:95ff:feed:783e]/
2a01:7e01::f03c:95ff:feed:783e
-103


0.016
P
SecureConnectionError (3, 0x80131501). The SSL connection could not be established, see inner exception. Authentication failed because the remote party sent a TLS alert: 'InternalError' (FF: SSL_ERROR_INTERNAL_ERROR_ALERT)

 

7. Comments


1. General Results, most used to calculate the result

Aname "stoff81.online" is domain, public suffix is ".online", top-level-domain is ".online", top-level-domain-type is "generic", tld-manager is "DotOnline Inc.", num .online-domains preloaded: 630 (complete: 251685)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: stoff81.online has 2 different ip addresses (authoritative).
AGood: Minimal 2 ip addresses per domain name found: www.stoff81.online has 2 different ip addresses (authoritative).
AGood: Ipv4 and Ipv6 addresses per domain name found: stoff81.online has 1 ipv4, 1 ipv6 addresses
AGood: Ipv4 and Ipv6 addresses per domain name found: www.stoff81.online has 1 ipv4, 1 ipv6 addresses
AGood: No asked Authoritative Name Server had a timeout
AGood: HSTS has preload directive
Warning: HSTS preload sent, but not in Preload-List. Never send a preload directive if you don't know what preload means. Check https://hstspreload.org/ to learn the basics about the Google-Preload list. If you send a preload directive, you should **immediately** add your domain to the HSTS preload list via https://hstspreload.org/ . If Google accepts the domain, so the status is "pending": Note that new entries are hardcoded into the Chrome source code and can take several months before they reach the stable version. So you will see this message some months. If you don't want that or if you don't understand "preload", but if you send a preload directive and if you have correct A-redirects, everybody can add your domain to that list. Then you may have problems, it's not easy to undo that. So if you don't want your domain preloaded, remove the preload directive.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (12 urls)
http://stoff81.online/ 139.162.181.76


Url with incomplete Content-Type - header - missing charset
http://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e


Url with incomplete Content-Type - header - missing charset
http://www.stoff81.online/ 139.162.181.76


Url with incomplete Content-Type - header - missing charset
http://www.stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e


Url with incomplete Content-Type - header - missing charset
https://stoff81.online/ 139.162.181.76


Url with incomplete Content-Type - header - missing charset
https://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e


Url with incomplete Content-Type - header - missing charset
https://www.stoff81.online/ 139.162.181.76


Url with incomplete Content-Type - header - missing charset
https://www.stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e


Url with incomplete Content-Type - header - missing charset
http://stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 139.162.181.76


Url with incomplete Content-Type - header - missing charset
http://stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2a01:7e01::f03c:95ff:feed:783e


Url with incomplete Content-Type - header - missing charset
http://www.stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 139.162.181.76


Url with incomplete Content-Type - header - missing charset
http://www.stoff81.online/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2a01:7e01::f03c:95ff:feed:783e


Url with incomplete Content-Type - header - missing charset
BWarning: HSTS max-age is too short - minimum 31536000 = 365 days required, 0 seconds = 0 days found
http://stoff81.online/ 139.162.181.76
200
session_id=fe64b81781e9d30f5be259e2b1dcbe18; Path=/; HttpOnly; Max-Age=86400; Expires=Monday
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://stoff81.online/ 139.162.181.76
200
04-Nov-2024 16:54:55 GMT
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200
session_id=d142a3289792d108a8a5cfc504226906; Path=/; HttpOnly; Max-Age=86400; Expires=Monday
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200
04-Nov-2024 16:54:55 GMT
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
Bhttp://stoff81.online/ 139.162.181.76
200
session_id=fe64b81781e9d30f5be259e2b1dcbe18; Path=/; HttpOnly; Max-Age=86400; Expires=Monday
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://stoff81.online/ 139.162.181.76
200
04-Nov-2024 16:54:55 GMT
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200
session_id=d142a3289792d108a8a5cfc504226906; Path=/; HttpOnly; Max-Age=86400; Expires=Monday
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200
04-Nov-2024 16:54:55 GMT
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
CError - no preferred version www or non-www. Select one version as preferred version, then add a redirect https + not-preferred version to https + preferred version. Perhaps in your port 443 vHost something like "RewriteEngine on" + "RewriteCond %{SERVER_NAME} = example.com" + "ReWriteRule ^ https://www.example.com%{REQUEST_URI} [END,QSA,R=permanent]" (three rows, without the "). That should create a redirect https + example.com ⇒ https + www.example.com. Or switch both values to use the non-www version as your preferred version.
CError - more then one version with Http-Status 200. After all redirects, all users (and search engines) should see the same https url: Non-www or www, but not both with http status 200.
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Ostoff81.online / 139.162.181.76 / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 11 Cipher Suites without Forward Secrecy found
Ostoff81.online / 2a01:7e01::f03c:95ff:feed:783e / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 11 Cipher Suites without Forward Secrecy found
Owww.stoff81.online / 139.162.181.76 / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 11 Cipher Suites without Forward Secrecy found
Owww.stoff81.online / 2a01:7e01::f03c:95ff:feed:783e / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 11 Cipher Suites without Forward Secrecy found
XFatal error: Nameserver doesn't support TCP connection: lunlun.ns.giantpanda.com: Timeout
XFatal error: Nameserver doesn't support TCP connection: lunlun.ns.giantpanda.com / 75.2.45.63: Timeout
XFatal error: Nameserver doesn't support TCP connection: yangyang.ns.giantpanda.com: Timeout
XFatal error: Nameserver doesn't support TCP connection: yangyang.ns.giantpanda.com / 3.33.232.36: Timeout
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain stoff81.online, 2 ip addresses.
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain www.stoff81.online, 2 ip addresses.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain stoff81.online, 2 ip addresses.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain www.stoff81.online, 2 ip addresses.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.stoff81.online

2. Header-Checks

Fstoff81.online 139.162.181.76
Content-Security-Policy
Critical: Missing Header:
Fstoff81.online 139.162.181.76
X-Content-Type-Options
Critical: Missing Header:
Fstoff81.online 139.162.181.76
Referrer-Policy
Critical: Missing Header:
Fstoff81.online 139.162.181.76
Permissions-Policy
Critical: Missing Header:
Bstoff81.online 139.162.181.76
Cross-Origin-Embedder-Policy
Info: Missing Header
Bstoff81.online 139.162.181.76
Cross-Origin-Opener-Policy
Info: Missing Header
Bstoff81.online 139.162.181.76
Cross-Origin-Resource-Policy
Info: Missing Header
Fstoff81.online 2a01:7e01::f03c:95ff:feed:783e
Content-Security-Policy
Critical: Missing Header:
Fstoff81.online 2a01:7e01::f03c:95ff:feed:783e
X-Content-Type-Options
Critical: Missing Header:
Fstoff81.online 2a01:7e01::f03c:95ff:feed:783e
Referrer-Policy
Critical: Missing Header:
Fstoff81.online 2a01:7e01::f03c:95ff:feed:783e
Permissions-Policy
Critical: Missing Header:
Bstoff81.online 2a01:7e01::f03c:95ff:feed:783e
Cross-Origin-Embedder-Policy
Info: Missing Header
Bstoff81.online 2a01:7e01::f03c:95ff:feed:783e
Cross-Origin-Opener-Policy
Info: Missing Header
Bstoff81.online 2a01:7e01::f03c:95ff:feed:783e
Cross-Origin-Resource-Policy
Info: Missing Header
Fwww.stoff81.online 139.162.181.76
Content-Security-Policy
Critical: Missing Header:
Fwww.stoff81.online 139.162.181.76
X-Content-Type-Options
Critical: Missing Header:
Fwww.stoff81.online 139.162.181.76
Referrer-Policy
Critical: Missing Header:
Fwww.stoff81.online 139.162.181.76
Permissions-Policy
Critical: Missing Header:
Bwww.stoff81.online 139.162.181.76
Cross-Origin-Embedder-Policy
Info: Missing Header
Bwww.stoff81.online 139.162.181.76
Cross-Origin-Opener-Policy
Info: Missing Header
Bwww.stoff81.online 139.162.181.76
Cross-Origin-Resource-Policy
Info: Missing Header
Fwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
Content-Security-Policy
Critical: Missing Header:
Fwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
X-Content-Type-Options
Critical: Missing Header:
Fwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
Referrer-Policy
Critical: Missing Header:
Fwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
Permissions-Policy
Critical: Missing Header:
Bwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
Cross-Origin-Embedder-Policy
Info: Missing Header
Bwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
Cross-Origin-Opener-Policy
Info: Missing Header
Bwww.stoff81.online 2a01:7e01::f03c:95ff:feed:783e
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

AInfo:: 7 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 2 Name Servers.
AInfo:: 7 Queries complete, 7 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 3.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 2 different Name Servers found: lunlun.ns.giantpanda.com, yangyang.ns.giantpanda.com, 2 Name Servers included in Delegation: lunlun.ns.giantpanda.com, yangyang.ns.giantpanda.com, 2 Name Servers included in 1 Zone definitions: lunlun.ns.giantpanda.com, yangyang.ns.giantpanda.com, 1 Name Servers listed in SOA.Primary: lunlun.ns.giantpanda.com.
AGood: Only one SOA.Primary Name Server found.: lunlun.ns.giantpanda.com.
AGood: SOA.Primary Name Server included in the delegation set.: lunlun.ns.giantpanda.com.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: lunlun.ns.giantpanda.com, yangyang.ns.giantpanda.com
AGood: All Name Server Domain Names have a Public Suffix.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 2 different Name Servers found
Warning: No Name Server IPv6 address found. IPv6 is the future, so your name servers should be visible via IPv6.: 2 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 2 Name Servers, 1 Top Level Domain: com
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: giantpanda.com
AGood: Name servers with different Country locations found: 2 Name Servers, 2 Countries: CA, US
A
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
XFatal error: Nameserver doesn't support EDNS with max. 512 Byte Udp payload or sends more then 512 Bytes: lunlun.ns.giantpanda.com
XFatal error: Nameserver doesn't support EDNS with max. 512 Byte Udp payload or sends more then 512 Bytes: yangyang.ns.giantpanda.com
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
https://stoff81.online/ 139.162.181.76
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://www.stoff81.online/ 139.162.181.76
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://www.stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
http://www.stoff81.online/ 139.162.181.76
200

Warning: HSTS header sent via http has no effect
http://www.stoff81.online/ 2a01:7e01::f03c:95ff:feed:783e
200

Warning: HSTS header sent via http has no effect
ADuration: 570290 milliseconds, 570.290 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
stoff81.online
139.162.181.76
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
stoff81.online
139.162.181.76
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=stoff81.online


2CN=R10, O=Let's Encrypt, C=US


stoff81.online
2a01:7e01::f03c:95ff:feed:783e
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

stoff81.online
2a01:7e01::f03c:95ff:feed:783e
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=stoff81.online


2CN=R10, O=Let's Encrypt, C=US


www.stoff81.online
139.162.181.76
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.stoff81.online
139.162.181.76
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=stoff81.online


2CN=R10, O=Let's Encrypt, C=US


www.stoff81.online
2a01:7e01::f03c:95ff:feed:783e
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.stoff81.online
2a01:7e01::f03c:95ff:feed:783e
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=stoff81.online


2CN=R10, O=Let's Encrypt, C=US

 

9. Certificates

1.
1.
CN=stoff81.online
01.11.2024
30.01.2025
14 days expired
*.stoff81.online, stoff81.online - 2 entries
1.
1.
CN=stoff81.online
01.11.2024

30.01.2025
14 days expired


*.stoff81.online, stoff81.online - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:044545F1FD41C78CFEC8BCB8DAD49BF27977
Thumbprint:D1BB74DC10B61D22CF8C8445952A40896D1F37F6
SHA256 / Certificate:ee1lAgza9JALOTxxt6wITMyDq343oEKzVyUUkFiz0Kc=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):bd18e587c65f35e2fcb30694d4b8c9a2fe0ba99713cc38fb84592b4caa5c9209
SHA256 hex / Subject Public Key Information (SPKI):bd18e587c65f35e2fcb30694d4b8c9a2fe0ba99713cc38fb84592b4caa5c9209 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://r10.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R10, O=Let's Encrypt, C=US
13.03.2024
13.03.2027
expires in 758 days


2.
CN=R10, O=Let's Encrypt, C=US
13.03.2024

13.03.2027
expires in 758 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:4BA85293F79A2FA273064BA8048D75D0
Thumbprint:00ABEFD055F9A9C784FFDEABD1DCDD8FED741436
SHA256 / Certificate:nXw/GqatKy7A1c8eJG+NmubLyf0HVa03u5dLHy+2A/M=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):Error find_SubjectPublicKeyInfo_in_Certificate - no result found
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3763 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3763 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=R10, O=Let's Encrypt, C=US
0
0
4
CN=R11, O=Let's Encrypt, C=US
0
0
3

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
8553718398
leaf cert
CN=R10, O=Let's Encrypt, C=US
2024-11-01 18:06:14
2025-01-30 18:06:13
*.stoff81.online, stoff81.online - 2 entries


8458630388
leaf cert
CN=R11, O=Let's Encrypt, C=US
2024-10-21 08:31:48
2025-01-19 08:31:47
*.stoff81.online, stoff81.online - 2 entries


8458547363
leaf cert
CN=R10, O=Let's Encrypt, C=US
2024-10-21 08:18:06
2025-01-19 08:18:05
*.stoff81.online, stoff81.online - 2 entries


7999994098
leaf cert
CN=R11, O=Let's Encrypt, C=US
2024-08-22 07:51:31
2024-11-20 07:51:30
*.stoff81.online, stoff81.online - 2 entries


7827794859
leaf cert
CN=R11, O=Let's Encrypt, C=US
2024-07-30 04:35:15
2024-10-28 04:35:14
www.stoff81.online - 1 entries


7827784886
leaf cert
CN=R10, O=Let's Encrypt, C=US
2024-07-30 04:32:42
2024-10-28 04:32:41
www.stoff81.online - 1 entries


7826090901
leaf cert
CN=R10, O=Let's Encrypt, C=US
2024-07-29 23:19:31
2024-10-27 23:19:30
www.stoff81.online - 1 entries


 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=R10, O=Let's Encrypt, C=US
0
0
2
CN=R11, O=Let's Encrypt, C=US
0
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
13945273806
leaf cert
CN=R11, O=Let's Encrypt, C=US
2024-07-30 02:35:15
2024-10-28 03:35:14
www.stoff81.online
1 entries


13928897438
precert
CN=R10, O=Let's Encrypt, C=US
2024-07-30 02:32:42
2024-10-28 03:32:41
www.stoff81.online
1 entries


13942660777
precert
CN=R10, O=Let's Encrypt, C=US
2024-07-29 21:19:31
2024-10-27 22:19:30
www.stoff81.online
1 entries


 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.w3.org/nu/

Url used (first standard-https-result with http status 200): https://stoff81.online/

Summary

Good: No non-document-errors
4 errors
0 warnings

TypeMessagenum found
1.errorNo space between attributes.2
2.errorMissing space before doctype name.1
3.errorElement title must not be empty.1

Details


TypeMessage + Sample
1errorMissing space before doctype name.

From line 1, column 10 to line 1, column 10

<!doctypehtml><html lang
2errorNo space between attributes.

From line 1, column 102 to line 1, column 102

nitial-scale=1"name=viewport><
3errorElement title must not be empty.

From line 1, column 123 to line 1, column 130

rt><title></title><link
4errorNo space between attributes.

From line 1, column 258 to line 1, column 258

AASUVORK5CYII="rel=icon type=i

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: lunlun.ns.giantpanda.com, yangyang.ns.giantpanda.com

 

QNr.DomainTypeNS used
1
com
NS
e.root-servers.net (2001:500:a8::e)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
lunlun.ns.giantpanda.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: stevie.ns.cloudflare.com, terin.ns.cloudflare.com

Answer: terin.ns.cloudflare.com
108.162.193.236, 172.64.33.236, 173.245.59.236, 2606:4700:58::adf5:3bec, 2803:f800:50::6ca2:c1ec, 2a06:98c1:50::ac40:21ec

Answer: stevie.ns.cloudflare.com
108.162.194.106, 162.159.38.106, 172.64.34.106, 2606:4700:50::a29f:266a, 2803:f800:50::6ca2:c26a, 2a06:98c1:50::ac40:226a
3
yangyang.ns.giantpanda.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: stevie.ns.cloudflare.com, terin.ns.cloudflare.com

Answer: terin.ns.cloudflare.com
108.162.193.236, 172.64.33.236, 173.245.59.236, 2606:4700:58::adf5:3bec, 2803:f800:50::6ca2:c1ec, 2a06:98c1:50::ac40:21ec

Answer: stevie.ns.cloudflare.com
108.162.194.106, 162.159.38.106, 172.64.34.106, 2606:4700:50::a29f:266a, 2803:f800:50::6ca2:c26a, 2a06:98c1:50::ac40:226a
4
lunlun.ns.giantpanda.com: 75.2.45.63
A
stevie.ns.cloudflare.com (2606:4700:50::a29f:266a)
5
lunlun.ns.giantpanda.com: No AAAA record found
AAAA
stevie.ns.cloudflare.com (2606:4700:50::a29f:266a)
6
yangyang.ns.giantpanda.com: 3.33.232.36
A
stevie.ns.cloudflare.com (2606:4700:50::a29f:266a)
7
yangyang.ns.giantpanda.com: No AAAA record found
AAAA
stevie.ns.cloudflare.com (2606:4700:50::a29f:266a)

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.stoff81.online
0

no CAA entry found
1
0
stoff81.online
0

no CAA entry found
1
0
online
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
stoff81.online

ok
1
0
www.stoff81.online

ok
1
0
_acme-challenge.stoff81.online

missing entry or wrong length
1
0
_acme-challenge.www.stoff81.online

missing entry or wrong length
1
0
_acme-challenge.stoff81.online.stoff81.online

perhaps wrong
1
0
_acme-challenge.www.stoff81.online.stoff81.online

perhaps wrong
1
0
_acme-challenge.www.stoff81.online.www.stoff81.online

perhaps wrong
1
0

 

16. DomainService - Entries

No DomainServiceEntries entries found

 

 

17. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
stoff81.online
139.162.181.76
443
19 Ciphers75.88 sec
11 without, 8 FS
42.11 %
stoff81.online
2a01:7e01::f03c:95ff:feed:783e
443
19 Ciphers70.84 sec
11 without, 8 FS
42.11 %
www.stoff81.online
139.162.181.76
443
19 Ciphers75.55 sec
11 without, 8 FS
42.11 %
www.stoff81.online
2a01:7e01::f03c:95ff:feed:783e
443
19 Ciphers70.83 sec
11 without, 8 FS
42.11 %
Complete

4
76 Ciphers
19.00 Ciphers/Check
293.10 sec73.28 sec/Check
44 without, 32 FS
42.11 %

Details
DomainIPPortCipher (OpenSsl / IANA)
stoff81.online
139.162.181.76
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
19 Ciphers, 75.88 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES256-SHA384
(Weak)
TLSv1.2
0xC0,0x28
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDH
RSA
AES(256)
SHA384




AES256-GCM-SHA384
(Weak)
TLSv1.2
0x00,0x9D
No FS

TLS_RSA_WITH_AES_256_GCM_SHA384

RSA
RSA
AESGCM(256)
AEAD




AES256-SHA256
(Weak)
TLSv1.2
0x00,0x3D
No FS

TLS_RSA_WITH_AES_256_CBC_SHA256

RSA
RSA
AES(256)
SHA256




AES256-CCM8
(Weak)
TLSv1.2
0xC0,0xA1
No FS

TLS_RSA_WITH_AES_256_CCM_8

RSA
RSA
AESCCM8(256)
AEAD




AES256-CCM
(Weak)
TLSv1.2
0xC0,0x9D
No FS

TLS_RSA_WITH_AES_256_CCM

RSA
RSA
AESCCM(256)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




AES128-GCM-SHA256
(Weak)
TLSv1.2
0x00,0x9C
No FS

TLS_RSA_WITH_AES_128_GCM_SHA256

RSA
RSA
AESGCM(128)
AEAD




AES128-SHA256
(Weak)
TLSv1.2
0x00,0x3C
No FS

TLS_RSA_WITH_AES_128_CBC_SHA256

RSA
RSA
AES(128)
SHA256




AES128-CCM8
(Weak)
TLSv1.2
0xC0,0xA0
No FS

TLS_RSA_WITH_AES_128_CCM_8

RSA
RSA
AESCCM8(128)
AEAD




AES128-CCM
(Weak)
TLSv1.2
0xC0,0x9C
No FS

TLS_RSA_WITH_AES_128_CCM

RSA
RSA
AESCCM(128)
AEAD




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1




AES256-SHA
(Weak)
SSLv3
0x00,0x35
No FS

TLS_RSA_WITH_AES_256_CBC_SHA

RSA
RSA
AES(256)
SHA1




ECDHE-RSA-DES-CBC3-SHA
(Weak)
SSLv3
0xC0,0x12
FS

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

ECDH
RSA
3DES(168)
SHA1




DES-CBC3-SHA
(Weak)
SSLv3
0x00,0x0A
No FS

TLS_RSA_WITH_3DES_EDE_CBC_SHA

RSA
RSA
3DES(168)
SHA1




AES128-SHA
(Weak)
SSLv3
0x00,0x2F
No FS

TLS_RSA_WITH_AES_128_CBC_SHA

RSA
RSA
AES(128)
SHA1


2a01:7e01::f03c:95ff:feed:783e
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
19 Ciphers, 70.84 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES256-SHA384
(Weak)
TLSv1.2
0xC0,0x28
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDH
RSA
AES(256)
SHA384




AES256-GCM-SHA384
(Weak)
TLSv1.2
0x00,0x9D
No FS

TLS_RSA_WITH_AES_256_GCM_SHA384

RSA
RSA
AESGCM(256)
AEAD




AES256-SHA256
(Weak)
TLSv1.2
0x00,0x3D
No FS

TLS_RSA_WITH_AES_256_CBC_SHA256

RSA
RSA
AES(256)
SHA256




AES256-CCM8
(Weak)
TLSv1.2
0xC0,0xA1
No FS

TLS_RSA_WITH_AES_256_CCM_8

RSA
RSA
AESCCM8(256)
AEAD




AES256-CCM
(Weak)
TLSv1.2
0xC0,0x9D
No FS

TLS_RSA_WITH_AES_256_CCM

RSA
RSA
AESCCM(256)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




AES128-GCM-SHA256
(Weak)
TLSv1.2
0x00,0x9C
No FS

TLS_RSA_WITH_AES_128_GCM_SHA256

RSA
RSA
AESGCM(128)
AEAD




AES128-SHA256
(Weak)
TLSv1.2
0x00,0x3C
No FS

TLS_RSA_WITH_AES_128_CBC_SHA256

RSA
RSA
AES(128)
SHA256




AES128-CCM8
(Weak)
TLSv1.2
0xC0,0xA0
No FS

TLS_RSA_WITH_AES_128_CCM_8

RSA
RSA
AESCCM8(128)
AEAD




AES128-CCM
(Weak)
TLSv1.2
0xC0,0x9C
No FS

TLS_RSA_WITH_AES_128_CCM

RSA
RSA
AESCCM(128)
AEAD




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1




AES256-SHA
(Weak)
SSLv3
0x00,0x35
No FS

TLS_RSA_WITH_AES_256_CBC_SHA

RSA
RSA
AES(256)
SHA1




ECDHE-RSA-DES-CBC3-SHA
(Weak)
SSLv3
0xC0,0x12
FS

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

ECDH
RSA
3DES(168)
SHA1




DES-CBC3-SHA
(Weak)
SSLv3
0x00,0x0A
No FS

TLS_RSA_WITH_3DES_EDE_CBC_SHA

RSA
RSA
3DES(168)
SHA1




AES128-SHA
(Weak)
SSLv3
0x00,0x2F
No FS

TLS_RSA_WITH_AES_128_CBC_SHA

RSA
RSA
AES(128)
SHA1

www.stoff81.online
139.162.181.76
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
19 Ciphers, 75.55 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES256-SHA384
(Weak)
TLSv1.2
0xC0,0x28
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDH
RSA
AES(256)
SHA384




AES256-GCM-SHA384
(Weak)
TLSv1.2
0x00,0x9D
No FS

TLS_RSA_WITH_AES_256_GCM_SHA384

RSA
RSA
AESGCM(256)
AEAD




AES256-SHA256
(Weak)
TLSv1.2
0x00,0x3D
No FS

TLS_RSA_WITH_AES_256_CBC_SHA256

RSA
RSA
AES(256)
SHA256




AES256-CCM8
(Weak)
TLSv1.2
0xC0,0xA1
No FS

TLS_RSA_WITH_AES_256_CCM_8

RSA
RSA
AESCCM8(256)
AEAD




AES256-CCM
(Weak)
TLSv1.2
0xC0,0x9D
No FS

TLS_RSA_WITH_AES_256_CCM

RSA
RSA
AESCCM(256)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




AES128-GCM-SHA256
(Weak)
TLSv1.2
0x00,0x9C
No FS

TLS_RSA_WITH_AES_128_GCM_SHA256

RSA
RSA
AESGCM(128)
AEAD




AES128-SHA256
(Weak)
TLSv1.2
0x00,0x3C
No FS

TLS_RSA_WITH_AES_128_CBC_SHA256

RSA
RSA
AES(128)
SHA256




AES128-CCM8
(Weak)
TLSv1.2
0xC0,0xA0
No FS

TLS_RSA_WITH_AES_128_CCM_8

RSA
RSA
AESCCM8(128)
AEAD




AES128-CCM
(Weak)
TLSv1.2
0xC0,0x9C
No FS

TLS_RSA_WITH_AES_128_CCM

RSA
RSA
AESCCM(128)
AEAD




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1




AES256-SHA
(Weak)
SSLv3
0x00,0x35
No FS

TLS_RSA_WITH_AES_256_CBC_SHA

RSA
RSA
AES(256)
SHA1




ECDHE-RSA-DES-CBC3-SHA
(Weak)
SSLv3
0xC0,0x12
FS

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

ECDH
RSA
3DES(168)
SHA1




DES-CBC3-SHA
(Weak)
SSLv3
0x00,0x0A
No FS

TLS_RSA_WITH_3DES_EDE_CBC_SHA

RSA
RSA
3DES(168)
SHA1




AES128-SHA
(Weak)
SSLv3
0x00,0x2F
No FS

TLS_RSA_WITH_AES_128_CBC_SHA

RSA
RSA
AES(128)
SHA1


2a01:7e01::f03c:95ff:feed:783e
443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
19 Ciphers, 70.83 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-RSA-AES256-SHA384
(Weak)
TLSv1.2
0xC0,0x28
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDH
RSA
AES(256)
SHA384




AES256-GCM-SHA384
(Weak)
TLSv1.2
0x00,0x9D
No FS

TLS_RSA_WITH_AES_256_GCM_SHA384

RSA
RSA
AESGCM(256)
AEAD




AES256-SHA256
(Weak)
TLSv1.2
0x00,0x3D
No FS

TLS_RSA_WITH_AES_256_CBC_SHA256

RSA
RSA
AES(256)
SHA256




AES256-CCM8
(Weak)
TLSv1.2
0xC0,0xA1
No FS

TLS_RSA_WITH_AES_256_CCM_8

RSA
RSA
AESCCM8(256)
AEAD




AES256-CCM
(Weak)
TLSv1.2
0xC0,0x9D
No FS

TLS_RSA_WITH_AES_256_CCM

RSA
RSA
AESCCM(256)
AEAD




ECDHE-RSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x27
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




AES128-GCM-SHA256
(Weak)
TLSv1.2
0x00,0x9C
No FS

TLS_RSA_WITH_AES_128_GCM_SHA256

RSA
RSA
AESGCM(128)
AEAD




AES128-SHA256
(Weak)
TLSv1.2
0x00,0x3C
No FS

TLS_RSA_WITH_AES_128_CBC_SHA256

RSA
RSA
AES(128)
SHA256




AES128-CCM8
(Weak)
TLSv1.2
0xC0,0xA0
No FS

TLS_RSA_WITH_AES_128_CCM_8

RSA
RSA
AESCCM8(128)
AEAD




AES128-CCM
(Weak)
TLSv1.2
0xC0,0x9C
No FS

TLS_RSA_WITH_AES_128_CCM

RSA
RSA
AESCCM(128)
AEAD




ECDHE-RSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x14
FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x13
FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1




AES256-SHA
(Weak)
SSLv3
0x00,0x35
No FS

TLS_RSA_WITH_AES_256_CBC_SHA

RSA
RSA
AES(256)
SHA1




ECDHE-RSA-DES-CBC3-SHA
(Weak)
SSLv3
0xC0,0x12
FS

TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA

ECDH
RSA
3DES(168)
SHA1




DES-CBC3-SHA
(Weak)
SSLv3
0x00,0x0A
No FS

TLS_RSA_WITH_3DES_EDE_CBC_SHA

RSA
RSA
3DES(168)
SHA1




AES128-SHA
(Weak)
SSLv3
0x00,0x2F
No FS

TLS_RSA_WITH_AES_128_CBC_SHA

RSA
RSA
AES(128)
SHA1

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=392175d6-b94d-41e1-9e97-0c01c1f2bcd7

 

Last Result: https://check-your-website.server-daten.de/?q=stoff81.online - 2024-11-04 17:52:18

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=stoff81.online" target="_blank">Check this Site: stoff81.online</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=stoff81.online