Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

A+

Top configuration, no warnings +Preload

Checked:
13.02.2023 10:46:03

Older results

No older results found

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
truenas.sergiosy.dev	A	187.194.143.180 Cholula/Puebla/Mexico (MX) - Uninet S.A. de C.V. Hostname: dsl-187-194-143-180-dyn.prod-infinitum.com.mx	yes	1	0
	AAAA		yes
www.truenas.sergiosy.dev		Name Error	yes	1	0
*.sergiosy.dev	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes
*.truenas.sergiosy.dev	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 951, Flags 256


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 03.03.2023, 00:00:00 +, Signature-Inception: 10.02.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: dev
dev	1 DS RR in the parent zone found


	DS with Algorithm 8, KeyTag 60074, DigestType 2 and Digest uULizlrr9i/KWdBXB+bbt5UhHVQNitugLp6J6DNCR4U=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner dev., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 26.02.2023, 05:00:00 +, Signature-Inception: 13.02.2023, 04:00:00 +, KeyTag 951, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 951 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 58138, Flags 256


	Public Key with Algorithm 8, KeyTag 60074, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner dev., Algorithm: 8, 1 Labels, original TTL: 300 sec, Signature-expiration: 03.03.2023, 13:36:24 +, Signature-Inception: 09.02.2023, 13:36:24 +, KeyTag 60074, Signer-Name: dev


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 60074 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 60074, DigestType 2 and Digest "uULizlrr9i/KWdBXB+bbt5UhHVQNitugLp6J6DNCR4U=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: sergiosy.dev
sergiosy.dev	1 DS RR in the parent zone found


	DS with Algorithm 8, KeyTag 37939, DigestType 2 and Digest 1hK+UIXfgO8Y/jbl1qwKwtzcjtTbRxX+uJAg/Cuxb5E=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner sergiosy.dev., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 03.03.2023, 13:36:24 +, Signature-Inception: 09.02.2023, 13:36:24 +, KeyTag 58138, Signer-Name: dev


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 58138 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 37939, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 41974, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner sergiosy.dev., Algorithm: 8, 2 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 37939, Signer-Name: sergiosy.dev


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 37939 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 37939, DigestType 2 and Digest "1hK+UIXfgO8Y/jbl1qwKwtzcjtTbRxX+uJAg/Cuxb5E=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: truenas.sergiosy.dev
truenas.sergiosy.dev	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "7h1tnsh940dgtiut4ni84jgka63u75m4" between the hashed NSEC3-owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the hashed NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So the parent zone confirmes the not-existence of a DS RR. Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	0 DNSKEY RR found





	RRSIG Type 1 validates the A - Result: 187.194.143.180 Validated: RRSIG-Owner truenas.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 60 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	CNAME-Query sends a valid NSEC3 RR as result with the hashed query name "7h1tnsh940dgtiut4ni84jgka63u75m4" equal the hashed NSEC3-owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the hashed NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	Status: Good. NoData-Proof required and found.


	TXT-Query sends a valid NSEC3 RR as result with the hashed query name "7h1tnsh940dgtiut4ni84jgka63u75m4" equal the hashed NSEC3-owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the hashed NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So the zone confirmes the not-existence of that TXT RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	Status: Good. NoData-Proof required and found.


	AAAA-Query sends a valid NSEC3 RR as result with the hashed query name "7h1tnsh940dgtiut4ni84jgka63u75m4" equal the hashed NSEC3-owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the hashed NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	Status: Good. NoData-Proof required and found.


	TLSA-Query (_443._tcp.truenas.sergiosy.dev) sends a valid NSEC3 RR as result with the hashed owner name "7h1tnsh940dgtiut4ni84jgka63u75m4" (unhashed: truenas.sergiosy.dev). So that's the Closest Encloser of the query name. TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Wildcard expansion of the ClosestEncloser "c44bnr8u8r63kjflpunq0fl31eggi9mj" (unhashed: *.truenas.sergiosy.dev) with the owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So that NSEC3 confirms the not-existence of the Wildcard expansion. TLSA-Query (_443._tcp.truenas.sergiosy.dev) sends a valid NSEC3 RR as result with the hashed query name "ejk0ktr2lt9mr4k3t43thmbtqubhlebs" between the hashed NSEC3-owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the hashed NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So the zone confirmes the not-existence of that TLSA RR. Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Next Closer Name "pv4185vkkue47s647ag56643aufc1d8s" (unhashed: _tcp.truenas.sergiosy.dev) with the owner "fi289h84aajs2jongknffo1lcmp9r76q" and the NextOwner "sg72iccmifqhmhac5btb5oi74hcgr7uj". So that NSEC3 confirms the not-existence of the Next Closer Name. Bitmap: A, RRSIG Validated: RRSIG-Owner fi289h84aajs2jongknffo1lcmp9r76q.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	Status: Good. NXDomain-Proof required and found.


	CAA-Query sends a valid NSEC3 RR as result with the hashed query name "7h1tnsh940dgtiut4ni84jgka63u75m4" equal the hashed NSEC3-owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the hashed NextOwner "f768usi2gcr1sao2850cd1eb2565v4ci". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	Status: Good. NoData-Proof required and found.

Zone: www.truenas.sergiosy.dev
www.truenas.sergiosy.dev	0 DS RR in the parent zone found


	DS-Query in the parent zone sends valid NSEC3 RR with the Hash "7h1tnsh940dgtiut4ni84jgka63u75m4" as Owner. That's the Hash of "truenas.sergiosy.dev" with the NextHashedOwnerName "f768usi2gcr1sao2850cd1eb2565v4ci". So that domain name is the Closest Encloser of "www.truenas.sergiosy.dev". Opt-Out: False. Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev


	The ClosestEncloser says, that "*.truenas.sergiosy.dev" with the Hash "c44bnr8u8r63kjflpunq0fl31eggi9mj" is a possible Wildcard of the DS Query Name. But the DS-Query in the parent zone sends a valid NSEC3 RR With the owner "7h1tnsh940dgtiut4ni84jgka63u75m4" and the Next Owner "f768usi2gcr1sao2850cd1eb2565v4ci", so the Hash of the wildcard is between these hashes. So that NSEC3 proves the Not-existence of that wildcard expansion. Opt-Out: False. Bitmap: A, RRSIG Validated: RRSIG-Owner 7h1tnsh940dgtiut4ni84jgka63u75m4.sergiosy.dev., Algorithm: 8, 3 Labels, original TTL: 300 sec, Signature-expiration: 04.03.2023, 18:16:52 +, Signature-Inception: 10.02.2023, 18:16:52 +, KeyTag 41974, Signer-Name: sergiosy.dev

3. Name Servers

Domain	Nameserver	NS-IP
www.truenas.sergiosy.dev	• ns-cloud-a1.googledomains.com
truenas.sergiosy.dev	• ns-cloud-a1.googledomains.com	216.239.32.106 Mountain View/California/United States (US) - Google LLC	•
	•	2001:4860:4802:32::6a Mountain View/California/United States (US) - Google LLC	•
sergiosy.dev	• ns-cloud-a1.googledomains.com	216.239.32.106 Mountain View/California/United States (US) - Google LLC	•
	•	2001:4860:4802:32::6a Mountain View/California/United States (US) - Google LLC	•
	• ns-cloud-a2.googledomains.com	216.239.34.106 Mountain View/California/United States (US) - Google LLC	•
	•	2001:4860:4802:34::6a Mountain View/California/United States (US) - Google LLC	•
	• ns-cloud-a3.googledomains.com	216.239.36.106 Mountain View/California/United States (US) - Google LLC	•
	•	2001:4860:4802:36::6a Mountain View/California/United States (US) - Google LLC	•
	• ns-cloud-a4.googledomains.com	216.239.38.106 Mountain View/California/United States (US) - Google LLC	•
	•	2001:4860:4802:38::6a Mountain View/California/United States (US) - Google LLC	•
dev	• ns-tld1.charlestonroadregistry.com		•
	• ns-tld2.charlestonroadregistry.com		•
	• ns-tld3.charlestonroadregistry.com		•
	• ns-tld4.charlestonroadregistry.com		•
	• ns-tld5.charlestonroadregistry.com		•

4. SOA-Entries

Domain:	dev
Zone-Name:	dev
Primary:	ns-tld1.charlestonroadregistry.com
Mail:	cloud-dns-hostmaster.google.com
Serial:	1
Refresh:	21600
Retry:	3600
Expire:	259200
TTL:	300
num Entries:	5

Domain:	sergiosy.dev
Zone-Name:	sergiosy.dev
Primary:	ns-cloud-a1.googledomains.com
Mail:	cloud-dns-hostmaster.google.com
Serial:	43
Refresh:	21600
Retry:	3600
Expire:	259200
TTL:	300
num Entries:	8

Domain:	truenas.sergiosy.dev
Zone-Name:	sergiosy.dev
Primary:	ns-cloud-a1.googledomains.com
Mail:	cloud-dns-hostmaster.google.com
Serial:	43
Refresh:	21600
Retry:	3600
Expire:	259200
TTL:	300
num Entries:	2

Domain:	www.truenas.sergiosy.dev
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	1

5. Screenshots

Startaddress: https://truenas.sergiosy.dev/ui/, address used: https://truenas.sergiosy.dev/ui/sessions/signin, Screenshot created 2023-02-13 10:50:39 +00:0

Mobil (412px x 732px)

1704 milliseconds

Screenshot mobile - https://truenas.sergiosy.dev/ui/sessions/signin

Mobil + Landscape (732px x 412px)

1690 milliseconds

Screenshot mobile landscape - https://truenas.sergiosy.dev/ui/sessions/signin

Screen (1280px x 1680px)

3782 milliseconds

Screenshot Desktop - https://truenas.sergiosy.dev/ui/sessions/signin

Mobile- and other Chrome-Checks

	width	height
visual Viewport	412	732
content Size	412	732

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://truenas.sergiosy.dev/ 187.194.143.180	307	https://truenas.sergiosy.dev:443/ Html is minified: 109.33 %	0.386	A
Server: nginx
Date: Mon, 13 Feb 2023 09:47:03 GMT
Content-Type: text/html
Content-Length: 164
Connection: close
Location: https://truenas.sergiosy.dev:443/

• https://truenas.sergiosy.dev/ 187.194.143.180	302	https://truenas.sergiosy.dev/ui/ Html is minified: 111.29 %	5.920	A
Server: nginx
Date: Mon, 13 Feb 2023 09:47:04 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://truenas.sergiosy.dev/ui/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN

• https://truenas.sergiosy.dev:443/	302	https://truenas.sergiosy.dev/ui/ Html is minified: 111.29 %	6.093	A
Server: nginx
Date: Mon, 13 Feb 2023 09:47:18 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://truenas.sergiosy.dev/ui/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN

• https://truenas.sergiosy.dev/ui/ Inline-JavaScript (∑/total): 10/138 Inline-CSS (∑/total): 0/0	200	Html is minified: 126.93 % Other inline scripts (∑/total): 1/138	4.950	A
small visible content (num chars: 23) </mat-icon> </app-root>
Server: nginx
Date: Mon, 13 Feb 2023 09:47:25 GMT
Content-Type: text/html
Last-Modified: Wed, 08 Feb 2023 12:59:38 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: must-revalidate
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

• http://truenas.sergiosy.dev/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 187.194.143.180 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	307	https://truenas.sergiosy.dev:443/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Html is minified: 109.33 % Other inline scripts (∑/total): 0/0	0.390	A
Visible Content: 307 Temporary Redirect nginx
Server: nginx
Date: Mon, 13 Feb 2023 09:47:11 GMT
Content-Type: text/html
Content-Length: 164
Connection: close
Location: https://truenas.sergiosy.dev:443/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

• https://truenas.sergiosy.dev:443/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	302	https://truenas.sergiosy.dev/ui/ Html is minified: 111.29 % Other inline scripts (∑/total): 0/0	5.007	A
Visible Content: 302 Found nginx
Server: nginx
Date: Mon, 13 Feb 2023 09:47:31 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://truenas.sergiosy.dev/ui/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN

• https://187.194.143.180/ 187.194.143.180	302	https://187.194.143.180/ui/ Html is minified: 111.29 %	5.676	N
Certificate error: RemoteCertificateNameMismatch
Server: nginx
Date: Mon, 13 Feb 2023 09:47:11 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: https://187.194.143.180/ui/
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN

• https://187.194.143.180/ui/ Inline-JavaScript (∑/total): 10/138 Inline-CSS (∑/total): 0/0	200	Html is minified: 126.93 % Other inline scripts (∑/total): 1/138	4.896	N
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 23) </mat-icon> </app-root>
Server: nginx
Date: Mon, 13 Feb 2023 09:47:37 GMT
Content-Type: text/html
Last-Modified: Wed, 08 Feb 2023 12:59:38 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: must-revalidate
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Permissions-Policy: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
Referrer-Policy: strict-origin
X-Frame-Options: SAMEORIGIN
Content-Encoding: gzip

7. Comments

	1. General Results, most used to calculate the result
A	name "truenas.sergiosy.dev" is subdomain, public suffix is ".dev", top-level-domain is ".dev", top-level-domain-type is "generic", tld-manager is "Charleston Road Registry Inc.", num .dev-domains preloaded: 13 (complete: 216710)
A	Good: All ip addresses are public addresses
	Warning: Only one ip address found: truenas.sergiosy.dev has only one ip address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: truenas.sergiosy.dev has no ipv6 address.
A	Good: No asked Authoritative Name Server had a timeout
A	DNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
A	https://truenas.sergiosy.dev:443/	302	https://truenas.sergiosy.dev/ui/	Correct redirect https to https
A	https://truenas.sergiosy.dev/ 187.194.143.180	302	https://truenas.sergiosy.dev/ui/	Correct redirect https to https
A	https://truenas.sergiosy.dev:443/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	302	https://truenas.sergiosy.dev/ui/	Correct redirect https to https
A	https://187.194.143.180/ 187.194.143.180	302	https://187.194.143.180/ui/	Correct redirect https to https
A	Good: destination is https
A	Good - only one version with Http-Status 200
A	Good: one preferred version: non-www is preferred
A	Good: No cookie sent via http.
A	Good: every https has a Strict Transport Security Header
A	Good: HSTS max-age is long enough, 63072000 seconds = 730 days
A	Good: HSTS has includeSubdomains - directive
A	Good: HSTS has preload directive
A	Excellent: Main Domain is in the Google-Preload-List
A	Excellent: Main Domain is in the Mozilla/Firefox-Preload-List
A	HSTS-Preload-Status: Preloaded. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
A	Good: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (2 urls)
	https://truenas.sergiosy.dev/ui/			Url with incomplete Content-Type - header - missing charset
	https://187.194.143.180/ui/			Url with incomplete Content-Type - header - missing charset
N	https://187.194.143.180/ 187.194.143.180	302	https://187.194.143.180/ui/	Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	https://187.194.143.180/ui/	200		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain truenas.sergiosy.dev, 1 ip addresses, 1 different http results.
B	No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.truenas.sergiosy.dev
	2. Header-Checks
A	truenas.sergiosy.dev	X-Content-Type-Options		Ok: Header without syntax errors found: nosniff
A		Referrer-Policy		Ok: Header without syntax errors found: strict-origin
A		Permissions-Policy		Ok: Header without syntax errors found: geolocation=(),midi=(),sync-xhr=(),microphone=(),camera=(),magnetometer=(),gyroscope=(),fullscreen=(self),payment=()
A		X-Frame-Options		Ok: Header without syntax errors found: SAMEORIGIN
B				Info: Header is deprecated. May not longer work in modern browsers. SAMEORIGIN. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A		X-Xss-Protection		Ok: Header without syntax errors found: 1; mode=block
B				Info: Header is deprecated. May not longer work in modern browsers. 1; mode=block
F	truenas.sergiosy.dev	Content-Security-Policy		Critical: Missing Header:
	3. DNS- and NameServer - Checks
A	Info:: 13 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
A	Info:: 13 Queries complete, 12 with IPv6, 1 with IPv4.
	Warning: Only some DNS Queries done via ipv6. IPv6 is the future, so the name servers of your name servers should have ipv6 addresses.
	Ok (4 - 8):: An average of 3.3 queries per domain name server required to find all ip addresses of all name servers.
A	Info:: 4 different Name Servers found: ns-cloud-a1.googledomains.com, ns-cloud-a2.googledomains.com, ns-cloud-a3.googledomains.com, ns-cloud-a4.googledomains.com, 4 Name Servers included in Delegation: ns-cloud-a1.googledomains.com, ns-cloud-a2.googledomains.com, ns-cloud-a3.googledomains.com, ns-cloud-a4.googledomains.com, 4 Name Servers included in 1 Zone definitions: ns-cloud-a1.googledomains.com, ns-cloud-a2.googledomains.com, ns-cloud-a3.googledomains.com, ns-cloud-a4.googledomains.com, 1 Name Servers listed in SOA.Primary: ns-cloud-a1.googledomains.com.
A	Good: Only one SOA.Primary Name Server found.: ns-cloud-a1.googledomains.com.
A	Good: SOA.Primary Name Server included in the delegation set.: ns-cloud-a1.googledomains.com.
A	Good: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns-cloud-a1.googledomains.com, ns-cloud-a2.googledomains.com, ns-cloud-a3.googledomains.com, ns-cloud-a4.googledomains.com
A	Good: All Name Server Domain Names have a Public Suffix.
A	Good: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
A	Good: All Name Server ip addresses are public.
A	Good: Minimal 2 different name servers (public suffix and public ip address) found: 4 different Name Servers found
A	Good: All name servers have ipv4- and ipv6-addresses.: 4 different Name Servers found
	Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 4 Name Servers, 1 Top Level Domain: com
	Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: googledomains.com
	Warning: All Name Servers from the same Country / IP location.: 4 Name Servers, 1 Countries: US
A	Info: Ipv4-Subnet-list: 4 Name Servers, 1 different subnets (first Byte): 216., 1 different subnets (first two Bytes): 216.239., 4 different subnets (first three Bytes): 216.239.32., 216.239.34., 216.239.36., 216.239.38.
A	Good: Name Server IPv4-addresses from different subnet found:
A	Info: IPv6-Subnet-list: 4 Name Servers with IPv6, 1 different subnets (first block): 2001:, 1 different subnets (first two blocks): 2001:4860:, 1 different subnets (first three blocks): 2001:4860:4802:, 4 different subnets (first four blocks): 2001:4860:4802:0032:, 2001:4860:4802:0034:, 2001:4860:4802:0036:, 2001:4860:4802:0038:
A	Good: Name Server IPv6 addresses from different subnets found.
A	Good: Nameserver supports TCP connections: 2 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 2 good Nameserver
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
A	Good: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 2 good Nameserver
	Nameserver doesn't pass all EDNS-Checks: ns-cloud-a1.googledomains.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	4. Content- and Performance-critical Checks
A	Good: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
	https://truenas.sergiosy.dev/ui/	200		Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
	https://187.194.143.180/ui/	200		Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
	https://truenas.sergiosy.dev/ui/	200		Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
	https://187.194.143.180/ui/	200		Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
A	Good: Every https connection via port 443 supports the http/2 protocol via ALPN.
	https://truenas.sergiosy.dev/ui/	200		Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 9 script elements without defer/async.
	https://187.194.143.180/ui/	200		Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 9 script elements without defer/async.
A	Good: All CSS / JavaScript files are sent compressed (gzip, deflate, br checked). That reduces the content of the files. 14 external CSS / JavaScript files found
	Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 14 external CSS / JavaScript files without Cache-Control-Header, 14 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 28 complete.
A	Good: All checked attribute values are enclosed in quotation marks (" or ').
A	Info: No img element found, no alt attribute checked
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
A	Duration: 290200 milliseconds, 290.200 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

truenas.sergiosy.dev

443

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

truenas.sergiosy.dev

443

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

http/2 via ALPN supported

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=truenas.sergiosy.dev
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

truenas.sergiosy.dev

187.194.143.180

443

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

truenas.sergiosy.dev

187.194.143.180

443

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

http/2 via ALPN supported
No SNI required - domain included in main certificate

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
No SNI required - domain included in main certificate

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=truenas.sergiosy.dev
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

187.194.143.180

443

name does not match

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

187.194.143.180

443

name does not match

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=truenas.sergiosy.dev
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

187.194.143.180

443

name does not match

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

187.194.143.180

443

name does not match

Tls12

ECDH Ephermal

255

Aes256

256

Sha384

not supported

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=truenas.sergiosy.dev
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

9. Certificates

CN=truenas.sergiosy.dev

09.02.2023

10.05.2023
677 days expired

laptk.sergiosy.dev, truenas.sergiosy.dev - 2 entries

CN=truenas.sergiosy.dev

09.02.2023

10.05.2023
677 days expired

laptk.sergiosy.dev, truenas.sergiosy.dev - 2 entries

Keyalgorithm	EC Public Key (256 bit, prime256v1)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0332775B92BB9503F265DD85CF2E119F5821
Thumbprint:	DF618905C3B5A10CF355E5BC13A15137CD9E3F2F
SHA256 / Certificate:	gHB34Q+Mt+c2dXTwnliUQdhGHvAWSAAMjI+x85Gpbw0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	d717039bb285c7180a9f98a7ba78b96719b846d10fe8b958bb4df7ff2e819ccc
SHA256 hex / Subject Public Key Information (SPKI):	d717039bb285c7180a9f98a7ba78b96719b846d10fe8b958bb4df7ff2e819ccc (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://r3.o.lencr.org
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 182 days

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 182 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:	A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:	Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 3731 days

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 3731 days

Keyalgorithm	RSA encryption (4096 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	008210CFB0D240E3594463E0BB63828B00
Thumbprint:	CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:	lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):	96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuer				last 7 days	active	num Certs
CN=R3, O=Let's Encrypt, C=US				0	0	2

CertSpotter-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
4807154438 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-02-10 22:33:33	2023-05-11 22:33:32	truenas.sergiosy.dev - 1 entries
4801247917 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-02-09 17:36:27	2023-05-10 17:36:26	laptk.sergiosy.dev, truenas.sergiosy.dev - 2 entries

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Small Code Update - wait one minute

11. Html-Content - Entries

Summary

							Subresource Integrity (SRI)
Domainname	HtmlElement	rel/property	∑	∑ size	∑ problems	∑ int.	∑ ext.	∑ Origin poss.	∑ SRI ParseErrors	∑ SRI valid	∑ SRI missing
https://truenas.sergiosy.dev/ui/	link	stylesheet	5		0	5	0	0	0	0
	link	other	11	39,003 Bytes	0	10	0	0	0	0
	meta	other	8	4,488 Bytes	0	1	0	0	0	0
	script		9		0	9	0	0	0	0
https://187.194.143.180/ui/	link	stylesheet	5		0			0	0	0
	link	other	11		0			0	0	0
	meta	other	8		0			0	0	0
	script		9		0			0	0	0

Details (currently limited to 500 rows - some problems with spam users)

Domainname

Html-Element

name/equiv/ property/rel

href/src/content

HttpStatus

msg

∑

Status

https://truenas.sergiosy.dev/ui/

link

apple-touch-icon

assets/images/apple-icon-114x114.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 3642 Bytes

link

apple-touch-icon

assets/images/apple-icon-120x120.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 3747 Bytes

link

apple-touch-icon

assets/images/apple-icon-144x144.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 4488 Bytes

link

apple-touch-icon

assets/images/apple-icon-152x152.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 4816 Bytes

link

apple-touch-icon

assets/images/apple-icon-180x180.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 5836 Bytes

link

apple-touch-icon

assets/images/apple-icon-57x57.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 1808 Bytes

link

apple-touch-icon

assets/images/apple-icon-60x60.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 1947 Bytes

link

apple-touch-icon

assets/images/apple-icon-72x72.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 2330 Bytes

link

apple-touch-icon

assets/images/apple-icon-76x76.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 2431 Bytes

link

icon

assets/images/android-icon-192x192.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 7958 Bytes

link

manifest

assets/manifest.json

link

stylesheet

assets/fonts/text-security/text-security.css

200

text/css
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 298 Bytes

local SRI possible, possible hash-values:

sha256-QE5le4O+0IUiGwpckU/m46BgeFDe0VMogBL3MbAU7sY=
sha384-wlBFDnJ52SfCA0NfHdk3ErmcT0ZY/nnVgGV3Yq/dwqOkDhQ+Y9mUW47VIkdnHPLw
sha512-DhXDo5ArTCGVtakqh/RIFM3ntiof1mhx++qWrIWw9SMpkoFFg3m+LgDmqkvwm7sK4LS9hUQYY4Fpp1nxG9DADw==

Content loaded via url("...")

text-security-circle.woff2

text-security-circle-compat.eot

text-security-circle-compat.eot?#iefix

text-security-circle-compat.ttf

text-security-circle-compat.woff2

text-security-disc.woff2

text-security-disc-compat.eot

text-security-disc-compat.eot?#iefix

text-security-disc-compat.ttf

text-security-disc-compat.woff2

text-security-square.woff2

text-security-square-compat.eot

text-security-square-compat.eot?#iefix

text-security-square-compat.ttf

text-security-square-compat.woff2

link

stylesheet

assets/iconfont/material-icons.css

200

text/css
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

435 Bytes

local SRI possible, possible hash-values:

sha256-zb3U63Oid7y/JBIhvtjDt7RE6yAk8/bxaoZzFp7cPgA=
sha384-MYtViMKL34gmzswIW3ajzRfD1gK4Ev7e3HaaXCOHjtL63+gvvXhvS/KZUs4RkitJ
sha512-qFWgRAR/BuZLOl6cf9cf8Q/CcSRkoNMy8y266oSWxUNTGM6OWBf38e5ZA20GbL/Fw+f2I1c0VZxbZImwyaZhtw==

Content loaded via url("...")

MaterialIcons-Regular.eot

MaterialIcons-Regular.ttf

MaterialIcons-Regular.woff

MaterialIcons-Regular.woff2

link

stylesheet

assets/iconfont/mdi/css/materialdesignicons.min.css

200

text/css
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 45276 Bytes

local SRI possible, possible hash-values:

sha256-orhFmLdAikn1cv90PcWIa93VOQx4tAQWA32hnBP40M4=
sha384-HSrBCFKnppu0i3QEsSJjl7RJDS7q0LR5D9kOAeADftBj56rufnb2JERzztGgYJ88
sha512-Hnppe3mmKsJgk3DWalzK4YrkR/gnFN7bFN+z0FGTAs2G/K4eWr7I5XzDs+ZBoOfScg6mUvHFiIbrTLn8NwLOhA==

Content loaded via url("...")

../fonts/materialdesignicons-webfont.eot?#iefix&v=4.9.95

../fonts/materialdesignicons-webfont.eot?v=4.9.95

../fonts/materialdesignicons-webfont.ttf?v=4.9.95

../fonts/materialdesignicons-webfont.woff?v=4.9.95

../fonts/materialdesignicons-webfont.woff2?v=4.9.95

link

stylesheet

assets/iconfont/primeicons/primeicons.css

200

text/css
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 1524 Bytes

local SRI possible, possible hash-values:

sha256-qz0DfkHlE1nDS94/hsnvQsTOji4EByvkDfpXrqfCtsU=
sha384-CqCJ6ljjSXgX53wm84IkniNVZnVEqhfjFvTbdefGGny9DCwY2fV9gQxLTAUS8LOY
sha512-GA+DDKV8brIl/d/UOXRCGU17P83x84FQlXVQzsIkx9iR0K+Dlx7ET9B8mMNaFJmI4uiXW4cJmiUMr4pummj4jQ==

Content loaded via url("...")

fonts/primeicons.eot

fonts/primeicons.eot?#iefix

fonts/primeicons.svg?#primeicons

fonts/primeicons.ttf

fonts/primeicons.woff

link

stylesheet

styles.278ad6cadcdd3b273dd6.css

200

text/css
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 129614 Bytes

local SRI possible, possible hash-values:

sha256-lzS0VEJ/M+UoTjgvsPDtzsp/fbv4+n9eQ3htfBgjuuQ=
sha384-eEByG0QvJYUSeqbReQJ5+UQr4Dnz3cA3JIlUpqRuvnsDTblH+q/PFdU6S3fvyJ1S
sha512-sQtZr7gOrTd12nEYaM2l1SOQQVLRWzjX2GyT8wogDhOS+VNaKyddb3yt8ZxTKc7PNTWfCp+wsFVikBte0BNzzA==

Content loaded via url("...")

/assets/images/sidebar-bg.jpg

/assets/images/sidebar-bg-dark.jpg

cancel.5516ffcfd33c30d5a3f7.png

color.6441e63a57ccc5105bad.png

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAABAAAAASCAYAAABSO15qAAAAGXRFWHRTb2Z0d2FyZQBBZG9iZSBJbWFnZVJlYWR5ccllPAAABAhpVFh0WE1MOmNvbS5hZG9iZS54bXAAAAAAADw/eHBhY2tldCBiZWdpbj0i77u/IiBpZD0iVzVNME1wQ2VoaUh6cmVTek5UY3prYzlkIj8+IDx4OnhtcG1ldGEgeG1sbnM6eD0iYWRvYmU6bnM6bWV0YS8iIHg6eG1wdGs9IkFkb2JlIFhNUCBDb3JlIDUuNi1jMDY3IDc5LjE1Nzc0NywgMjAxNS8wMy8zMC0yMzo0MDo0MiAgICAgICAgIj4gPHJkZjpSREYgeG1sbnM6cmRmPSJodHRwOi8vd3d3LnczLm9yZy8xOTk5LzAyLzIyLXJkZi1zeW50YXgtbnMjIj4gPHJkZjpEZXNjcmlwdGlvbiByZGY6YWJvdXQ9IiIgeG1sbnM6eG1wTU09Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC9tbS8iIHhtbG5zOnN0UmVmPSJodHRwOi8vbnMuYWRvYmUuY29tL3hhcC8xLjAvc1R5cGUvUmVzb3VyY2VSZWYjIiB4bWxuczp4bXA9Imh0dHA6Ly9ucy5hZG9iZS5jb20veGFwLzEuMC8iIHhtbG5zOmRjPSJodHRwOi8vcHVybC5vcmcvZGMvZWxlbWVudHMvMS4xLyIgeG1wTU06T3JpZ2luYWxEb2N1bWVudElEPSJ1dWlkOjY1RTYzOTA2ODZDRjExREJBNkUyRDg4N0NFQUNCNDA3IiB4bXBNTTpEb2N1bWVudElEPSJ4bXAuZGlkOkYzRkRFQjcxODUzNTExRTU4RTQwRkQwODFEOUZEMEE3IiB4bXBNTTpJbnN0YW5jZUlEPSJ4bXAuaWlkOkYzRkRFQjcwODUzNTExRTU4RTQwRkQwODFEOUZEMEE3IiB4bXA6Q3JlYXRvclRvb2w9IkFkb2JlIFBob3Rvc2hvcCBDQyAyMDE1IChNYWNpbnRvc2gpIj4gPHhtcE1NOkRlcml2ZWRGcm9tIHN0UmVmOmluc3RhbmNlSUQ9InhtcC5paWQ6MTk5NzA1OGEtZDI3OC00NDZkLWE4ODgtNGM4MGQ4YWI1NzNmIiBzdFJlZjpkb2N1bWVudElEPSJhZG9iZTpkb2NpZDpwaG90b3Nob3A6YzRkZmQxMGMtY2NlNS0xMTc4LWE5OGQtY2NkZmM5ODk5YWYwIi8+IDxkYzp0aXRsZT4gPHJkZjpBbHQ+IDxyZGY6bGkgeG1sOmxhbmc9IngtZGVmYXVsdCI+Z2x5cGhpY29uczwvcmRmOmxpPiA8L3JkZjpBbHQ+IDwvZGM6dGl0bGU+IDwvcmRmOkRlc2NyaXB0aW9uPiA8L3JkZjpSREY+IDwveDp4bXBtZXRhPiA8P3hwYWNrZXQgZW5kPSJyIj8+5iogFwAAAGhJREFUeNpiYGBgKABigf///zOQg0EARH4A4gZyDIIZ8B/JoAJKDIDhB0CcQIkBRBtEyABkgxwoMQCGD6AbRKoBGAYxQgXIBRuZGKgAKPIC3QLxArnRSHZCIjspk52ZKMrOFBUoAAEGAKnq593MQAZtAAAAAElFTkSuQmCC	1

data-table.40742b4faed98d0250a5.eot

data-table.40742b4faed98d0250a5.eot?#iefix

data-table.53c319729491b7686d65.woff

data-table.7eda0c04830dac128c76.svg#data-table

data-table.93be7e0fc94594d266a2.ttf

DroidSansMono.c8126ff44eb3e6a61d0d.ttf

hue.f8505bd4d6f3e3aa435b.png

line.39c65dcc08f7edb347b6.gif

loading.9347db5956a89b0bab38.gif

password-meter.eea288d50533d7995ec1.png

primeicons.04701ca33ce96d325419.ttf

primeicons.1d79a0559e5f13294dee.woff

primeicons.c2e128a00fca2640240d.eot

primeicons.c2e128a00fca2640240d.eot?#iefix

primeicons.fa2c83d2f35244bb10dc.svg?#primeicons

Roboto-Black.8afe3ed70f5ef2813ba8.ttf

Roboto-BlackItalic.7336356dcbed62c84515.ttf

Roboto-Bold.6dafca5a4f1e31f2bdf1.ttf

Roboto-BoldItalic.d17b86957cee6a280e7a.ttf

Roboto-Italic.7b9923bbf8996da54770.ttf

Roboto-Light.73fd17b88d34c2b2f437.ttf

Roboto-LightItalic.e53d1fb66605bf6cbc4b.ttf

Roboto-Medium.32be89b11725274cd3e8.ttf

Roboto-MediumItalic.ed9fbccb5bb0c1acf86c.ttf

Roboto-Regular.1ba679c05036b34bf359.ttf

Roboto-Thin.a76225673323123d2989.ttf

Roboto-ThinItalic.53496aed2032f7a0bcbd.ttf

sprite-green.8e5de21074924111b919.png

meta

charset

utf-8

meta

CACHE-CONTROL

NO-CACHE

meta

Expires

-1

meta

Pragma

no-cache

meta

msapplication-TileColor

#ffffff

meta

msapplication-TileImage

assets/images/ms-icon-144x144.png

200

image/png
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

No Compression - 4488 Bytes

meta

theme-color

#ffffff

meta

viewport

width=device-width, initial-scale=1

script

src

assets/scripts/ie-support/ie-polyfills.min.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 28329 Bytes

local SRI possible, possible hash-values:

sha256-T2hyAexcVWy64vLI+G2z7LrcRvMKukI0uxG4fwXU4IU=
sha384-tILtHA5bUGWLVp5w8F35lXEczPmanYTtvCWD4BhtoHv/0IpVSvjWUmFjWt+ZLWRJ
sha512-iF51+DHAAed80+ERjj7yurEIAmCPHnMVLW0OhVXK4tf8BOVwmQxki/13ZWeDfKJfMaQBC++6d3Kfip53nz7/kw==

script

src

assets/scripts/product.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

44 Bytes

local SRI possible, possible hash-values:

sha256-l6NK4ITsqzRCWw7UhOrZTNAqvlaEfnWLpti/O0ksYx4=
sha384-y1wNJO/jqbLmln1rPkty51gfDZ3seBCxexK87WqR4cMTCCXP3StVMh12fKHsIQOM
sha512-MjMvM/jtNpY/AE0QhoPQArMiOXI2jFeUaunbPZ5QKomMsiFft0PdPa2jLXW5nL0qrENYd/Om/QiKHRCMDmRSHw==

script

src

main-es2016.b7ad565b8a1a818620f9.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 1239836 Bytes

local SRI possible, possible hash-values:

sha256-qaxo817uzO1Ui0jKJancHidCi81fqOURQtAwvj1NIGY=
sha384-duSOdki+2dUI4pda0aPGFKFpBzS8Pz5lNmi/HOE6Gg0oud7o2HIoq+J9ZJ+JB4ky
sha512-hwqpdHJbS9qAJPWhM9aBrjWZbgAD4gugpA72b1A5YHYCpJ/6mPRQ/l5EXdJkva0jQZCa0WbgWnsj5bT8Su71uA==

script

src

main-es5.b7ad565b8a1a818620f9.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 1293097 Bytes

local SRI possible, possible hash-values:

sha256-dlYGM2Y0bTl1Xzcl6zE1MErL7LQtiFea2+edEwZ+Xpw=
sha384-GmbWVdIwiHS2kxmZLNx0Jyt76gzCmRHY7oz/GvQSTWyWluqWXBSMypukYHk3Y06Y
sha512-iLJXdUV98xLF44B7PQrZMQ5dfbETGFiJHGwyV/vVs8/4rrvvFKPHGQxDlqMTrCR9yEcBBjiOACET7xriNOz5Vg==

script

src

polyfills-es2016.1ebe99e93f900ed8d783.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 19572 Bytes

local SRI possible, possible hash-values:

sha256-sABiM46AxlT5HezXFoead8aiNUxMiDC0iL22vs3/UEg=
sha384-knCKRstlmeyOiv7w9Opkesai3bTRdmfwv4QRSiCM5kZrC8Bo7Q20J0xhcH7UfAG9
sha512-8AGSNaUr2ny86NdNumZBZC9RQJOOHyXKb1KsvB585vZrIcqtSkb5aKV67gnwPFg883dWVZVYrw/xrhPHsZJ9SA==

script

src

polyfills-es5.b74026ef007c809a45dc.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 53938 Bytes

local SRI possible, possible hash-values:

sha256-gRdp6qkfuUr4b+18sTeFHY7zk8V5CdXAFC8jJdyz8AQ=
sha384-4AsbnRDk7MlekV5Im6I+rgseLtVEhgHSXGTCBm+I9IEcbKmfpbgA1bccQadS+tu0
sha512-dJPssZ9CZvAijommeOY4Pv9E5zlgaVSTTzg8VfRjJ/WfVhz9GnBXGme3cRISj5S6Jc7Hb4g00l390y+VjnIPKg==

script

src

runtime-es2016.d8dae605c1a825f75428.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 1562 Bytes

local SRI possible, possible hash-values:

sha256-Uf+tTOLcy31WXbGCRjeIEpryfFpmKyc0tqmELIWknUQ=
sha384-p2xw7cEP9FswtX52yjMLv6uXi8waTtUmNeAXWYETVGjkGMeCUt0UnQS8N5f7xSbt
sha512-eggmbSkKdhsoZHfjn05x8En6CB7cMR+gk41etT8YrCXApxLgecC0q18nsra4WLpETjNpBQZ09Agj87Zb9t6R8w==

script

src

runtime-es5.d8dae605c1a825f75428.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 1560 Bytes

local SRI possible, possible hash-values:

sha256-ElXwJHnVw/LSgFu16NMF0Y2vKni3wd4nR7ojeceDw00=
sha384-RkczkWROgexvRxtUL+fKg9s5oefi7WrJqbeORtOPP61568ccJjKawHnN9jJ9LdC1
sha512-t5pxrH303476vKvNa+o0wIz/S8qgk613W7VIY4wbmL5sdXHKx2mOpub5C5x26+Q0vdM1mLjCXPIp5f682dqJgA==

script

src

scripts.a6f095e3d5bfe5af0e77.js

200

Missing defer / async attribute.

application/javascript
X-Content-Type-Options nosniff found

Cache-Control: must-revalidate - max-age missing.

Compression required: 273224 Bytes

local SRI possible, possible hash-values:

sha256-bEeYKnM/tp40alQx4uqY06kqjI8x/cyiobCMMKSYeJc=
sha384-chvDHcyErayOSD9XuGFfvoWRjzRXu/xHPKYp6uax16mgI9KYnUhvOvUDuXSY6CUk
sha512-3yALJh0PYtncDZ2tIK8fuq1Gvp80JJrAJUtX5mFqLFdT1tnALBO11JELPeiKVrIiEavUfqc6SUUIzQsVx7Lz5Q==

https://187.194.143.180/ui/

link

apple-touch-icon

assets/images/apple-icon-114x114.png

link

apple-touch-icon

assets/images/apple-icon-120x120.png

link

apple-touch-icon

assets/images/apple-icon-144x144.png

link

apple-touch-icon

assets/images/apple-icon-152x152.png

link

apple-touch-icon

assets/images/apple-icon-180x180.png

link

apple-touch-icon

assets/images/apple-icon-57x57.png

link

apple-touch-icon

assets/images/apple-icon-60x60.png

link

apple-touch-icon

assets/images/apple-icon-72x72.png

link

apple-touch-icon

assets/images/apple-icon-76x76.png

link

icon

assets/images/android-icon-192x192.png

link

manifest

assets/manifest.json

link

stylesheet

assets/fonts/text-security/text-security.css

link

stylesheet

assets/iconfont/material-icons.css

link

stylesheet

assets/iconfont/mdi/css/materialdesignicons.min.css

link

stylesheet

assets/iconfont/primeicons/primeicons.css

link

stylesheet

styles.278ad6cadcdd3b273dd6.css

meta

charset

utf-8

meta

CACHE-CONTROL

NO-CACHE

meta

Expires

-1

meta

Pragma

no-cache

meta

msapplication-TileColor

#ffffff

meta

msapplication-TileImage

assets/images/ms-icon-144x144.png

meta

theme-color

#ffffff

meta

viewport

width=device-width, initial-scale=1

script

src

assets/scripts/ie-support/ie-polyfills.min.js

Missing defer / async attribute.

script

src

assets/scripts/product.js

Missing defer / async attribute.

script

src

main-es2016.b7ad565b8a1a818620f9.js

Missing defer / async attribute.

script

src

main-es5.b7ad565b8a1a818620f9.js

Missing defer / async attribute.

script

src

polyfills-es2016.1ebe99e93f900ed8d783.js

Missing defer / async attribute.

script

src

polyfills-es5.b74026ef007c809a45dc.js

Missing defer / async attribute.

script

src

runtime-es2016.d8dae605c1a825f75428.js

Missing defer / async attribute.

script

src

runtime-es5.d8dae605c1a825f75428.js

Missing defer / async attribute.

script

src

scripts.a6f095e3d5bfe5af0e77.js

Missing defer / async attribute.

12. Html-Parsing via https://validator.w3.org/nu/

Small Code update, wait one minute

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns-cloud-a1.googledomains.com, ns-cloud-a2.googledomains.com, ns-cloud-a3.googledomains.com, ns-cloud-a4.googledomains.com

QNr.	Domain	Type	NS used
1	com	NS	d.root-servers.net (199.7.91.13)
	Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2	ns-cloud-a1.googledomains.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com
	Answer: ns8.googledomains.com 2001:4860:4802:38::a, 216.239.38.10
	Answer: ns7.googledomains.com 2001:4860:4802:36::a, 216.239.36.10
	Answer: ns6.googledomains.com 2001:4860:4802:34::a, 216.239.34.10
	Answer: ns5.googledomains.com 2001:4860:4802:32::a, 216.239.32.10
3	ns-cloud-a2.googledomains.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com
	Answer: ns8.googledomains.com 2001:4860:4802:38::a, 216.239.38.10
	Answer: ns7.googledomains.com 2001:4860:4802:36::a, 216.239.36.10
	Answer: ns6.googledomains.com 2001:4860:4802:34::a, 216.239.34.10
	Answer: ns5.googledomains.com 2001:4860:4802:32::a, 216.239.32.10
4	ns-cloud-a3.googledomains.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com
	Answer: ns8.googledomains.com 2001:4860:4802:38::a, 216.239.38.10
	Answer: ns7.googledomains.com 2001:4860:4802:36::a, 216.239.36.10
	Answer: ns6.googledomains.com 2001:4860:4802:34::a, 216.239.34.10
	Answer: ns5.googledomains.com 2001:4860:4802:32::a, 216.239.32.10
5	ns-cloud-a4.googledomains.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com
	Answer: ns8.googledomains.com 2001:4860:4802:38::a, 216.239.38.10
	Answer: ns7.googledomains.com 2001:4860:4802:36::a, 216.239.36.10
	Answer: ns6.googledomains.com 2001:4860:4802:34::a, 216.239.34.10
	Answer: ns5.googledomains.com 2001:4860:4802:32::a, 216.239.32.10
6	ns-cloud-a1.googledomains.com: 216.239.32.106	A	ns5.googledomains.com (2001:4860:4802:32::a)
7	ns-cloud-a1.googledomains.com: 2001:4860:4802:32::6a	AAAA	ns5.googledomains.com (2001:4860:4802:32::a)
8	ns-cloud-a2.googledomains.com: 216.239.34.106	A	ns5.googledomains.com (2001:4860:4802:32::a)
9	ns-cloud-a2.googledomains.com: 2001:4860:4802:34::6a	AAAA	ns5.googledomains.com (2001:4860:4802:32::a)
10	ns-cloud-a3.googledomains.com: 216.239.36.106	A	ns5.googledomains.com (2001:4860:4802:32::a)
11	ns-cloud-a3.googledomains.com: 2001:4860:4802:36::6a	AAAA	ns5.googledomains.com (2001:4860:4802:32::a)
12	ns-cloud-a4.googledomains.com: 216.239.38.106	A	ns5.googledomains.com (2001:4860:4802:32::a)
13	ns-cloud-a4.googledomains.com: 2001:4860:4802:38::6a	AAAA	ns5.googledomains.com (2001:4860:4802:32::a)

14. CAA - Entries

Domainname	Value	∑ Queries
truenas.sergiosy.dev	no CAA entry found	1
sergiosy.dev	no CAA entry found	1
dev	no CAA entry found	1

15. TXT - Entries

Domainname	Status	∑ Queries
sergiosy.dev	ok	1
truenas.sergiosy.dev	ok	1
_acme-challenge.truenas.sergiosy.dev	Name Error - The domain name does not exist	1
_acme-challenge.truenas.sergiosy.dev.sergiosy.dev	Name Error - The domain name does not exist	1
_acme-challenge.truenas.sergiosy.dev.truenas.sergiosy.dev	Name Error - The domain name does not exist	1

16. DomainService - Entries

No DomainServiceEntries entries found

17. Cipher Suites

Summary
Domain	IP	Port	num Ciphers	time	Std.Protocol	Forward Secrecy
truenas.sergiosy.dev	187.194.143.180	443	15 Ciphers	126.65 sec		0 without, 15 FS	100.00 %
Complete		1	15 Ciphers 15.00 Ciphers/Check	126.65 sec	126.65 sec/Check	0 without, 15 FS	100.00 %

Details
Domain	IP	Port	Cipher (OpenSsl / IANA)
truenas.sergiosy.dev	187.194.143.180	443	ECDHE-ECDSA-CHACHA20-POLY1305		(Recommended)	TLSv1.2	0xCC,0xA9	FS
15 Ciphers, 126.65 sec			TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		ECDSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-ECDSA-AES256-GCM-SHA384		(Recommended)	TLSv1.2	0xC0,0x2C	FS
			TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
			ECDH		ECDSA	AESGCM(256)	AEAD
			ECDHE-ECDSA-AES128-GCM-SHA256		(Recommended)	TLSv1.2	0xC0,0x2B	FS
			TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256
			ECDH		ECDSA	AESGCM(128)	AEAD
			ECDHE-ECDSA-AES256-CCM8		(Secure)	TLSv1.2	0xC0,0xAF	FS
			TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8
			ECDH		ECDSA	AESCCM8(256)	AEAD
			ECDHE-ECDSA-AES256-CCM		(Secure)	TLSv1.2	0xC0,0xAD	FS
			TLS_ECDHE_ECDSA_WITH_AES_256_CCM
			ECDH		ECDSA	AESCCM(256)	AEAD
			ECDHE-ECDSA-AES128-CCM8		(Secure)	TLSv1.2	0xC0,0xAE	FS
			TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8
			ECDH		ECDSA	AESCCM8(128)	AEAD
			ECDHE-ECDSA-AES128-CCM		(Secure)	TLSv1.2	0xC0,0xAC	FS
			TLS_ECDHE_ECDSA_WITH_AES_128_CCM
			ECDH		ECDSA	AESCCM(128)	AEAD
			ECDHE-ECDSA-CAMELLIA256-SHA384		(Weak)	TLSv1.2	0xC0,0x73	FS
			TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384
			ECDH		ECDSA	Camellia(256)	SHA384
			ECDHE-ECDSA-ARIA256-GCM-SHA384		(Weak)	TLSv1.2	0xC0,0x5D	FS
			TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384
			ECDH		ECDSA	ARIAGCM(256)	AEAD
			ECDHE-ECDSA-AES256-SHA384		(Weak)	TLSv1.2	0xC0,0x24	FS
			TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384
			ECDH		ECDSA	AES(256)	SHA384
			ECDHE-ECDSA-CAMELLIA128-SHA256		(Weak)	TLSv1.2	0xC0,0x72	FS
			TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256
			ECDH		ECDSA	Camellia(128)	SHA256
			ECDHE-ECDSA-ARIA128-GCM-SHA256		(Weak)	TLSv1.2	0xC0,0x5C	FS
			TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256
			ECDH		ECDSA	ARIAGCM(128)	AEAD
			ECDHE-ECDSA-AES128-SHA256		(Weak)	TLSv1.2	0xC0,0x23	FS
			TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256
			ECDH		ECDSA	AES(128)	SHA256
			ECDHE-ECDSA-AES256-SHA		(Weak)	TLSv1	0xC0,0x0A	FS
			TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA
			ECDH		ECDSA	AES(256)	SHA1
			ECDHE-ECDSA-AES128-SHA		(Weak)	TLSv1	0xC0,0x09	FS
			TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA
			ECDH		ECDSA	AES(128)	SHA1

18. Portchecks

Domain	IP	Port	Description	Result	Answer
truenas.sergiosy.dev	187.194.143.180	21	FTP

truenas.sergiosy.dev	187.194.143.180	21	FTP
truenas.sergiosy.dev	187.194.143.180	22	SSH	open
SSH-2.0-OpenSSH_8.8-hpn14v15
truenas.sergiosy.dev	187.194.143.180	22	SSH	open	SSH-2.0-OpenSSH_8.8-hpn14v15	Bad: SSH without DNS SSHFP Record found
					Possible DNS SSHFP Entries: truenas.sergiosy.dev IN SSHFP 3 2 0040ad94a2ec25bf3e972c366d4aff21a963e6a9d5e20615408339af24fbf3fd truenas.sergiosy.dev IN SSHFP 4 2 ae27f69042744a4a97b6ad904b7ab9957ef4c9436c2087d77d06467e82256691
truenas.sergiosy.dev	187.194.143.180	25	SMTP

truenas.sergiosy.dev	187.194.143.180	25	SMTP
truenas.sergiosy.dev	187.194.143.180	53	DNS

truenas.sergiosy.dev	187.194.143.180	53	DNS
truenas.sergiosy.dev	187.194.143.180	110	POP3

truenas.sergiosy.dev	187.194.143.180	110	POP3
truenas.sergiosy.dev	187.194.143.180	143	IMAP

truenas.sergiosy.dev	187.194.143.180	143	IMAP
truenas.sergiosy.dev	187.194.143.180	465	SMTP (encrypted)

truenas.sergiosy.dev	187.194.143.180	465	SMTP (encrypted)
truenas.sergiosy.dev	187.194.143.180	587	SMTP (encrypted, submission)

truenas.sergiosy.dev	187.194.143.180	587	SMTP (encrypted, submission)
truenas.sergiosy.dev	187.194.143.180	993	IMAP (encrypted)

truenas.sergiosy.dev	187.194.143.180	993	IMAP (encrypted)
truenas.sergiosy.dev	187.194.143.180	995	POP3 (encrypted)

truenas.sergiosy.dev	187.194.143.180	995	POP3 (encrypted)
truenas.sergiosy.dev	187.194.143.180	1433	MS SQL

truenas.sergiosy.dev	187.194.143.180	1433	MS SQL
truenas.sergiosy.dev	187.194.143.180	2082	cPanel (http)

truenas.sergiosy.dev	187.194.143.180	2082	cPanel (http)
truenas.sergiosy.dev	187.194.143.180	2083	cPanel (https)

truenas.sergiosy.dev	187.194.143.180	2083	cPanel (https)
truenas.sergiosy.dev	187.194.143.180	2086	WHM (http)

truenas.sergiosy.dev	187.194.143.180	2086	WHM (http)
truenas.sergiosy.dev	187.194.143.180	2087	WHM (https)

truenas.sergiosy.dev	187.194.143.180	2087	WHM (https)
truenas.sergiosy.dev	187.194.143.180	2089	cPanel Licensing

truenas.sergiosy.dev	187.194.143.180	2089	cPanel Licensing
truenas.sergiosy.dev	187.194.143.180	2095	cPanel Webmail (http)

truenas.sergiosy.dev	187.194.143.180	2095	cPanel Webmail (http)
truenas.sergiosy.dev	187.194.143.180	2096	cPanel Webmail (https)

truenas.sergiosy.dev	187.194.143.180	2096	cPanel Webmail (https)
truenas.sergiosy.dev	187.194.143.180	2222	DirectAdmin (http)

truenas.sergiosy.dev	187.194.143.180	2222	DirectAdmin (http)
truenas.sergiosy.dev	187.194.143.180	2222	DirectAdmin (https)

truenas.sergiosy.dev	187.194.143.180	2222	DirectAdmin (https)
truenas.sergiosy.dev	187.194.143.180	3306	mySql

truenas.sergiosy.dev	187.194.143.180	3306	mySql
truenas.sergiosy.dev	187.194.143.180	5224	Plesk Licensing

truenas.sergiosy.dev	187.194.143.180	5224	Plesk Licensing
truenas.sergiosy.dev	187.194.143.180	5432	PostgreSQL

truenas.sergiosy.dev	187.194.143.180	5432	PostgreSQL
truenas.sergiosy.dev	187.194.143.180	8080	Ookla Speedtest (http)

truenas.sergiosy.dev	187.194.143.180	8080	Ookla Speedtest (http)
truenas.sergiosy.dev	187.194.143.180	8080	Ookla Speedtest (https)

truenas.sergiosy.dev	187.194.143.180	8080	Ookla Speedtest (https)
truenas.sergiosy.dev	187.194.143.180	8083	VestaCP http

truenas.sergiosy.dev	187.194.143.180	8083	VestaCP http
truenas.sergiosy.dev	187.194.143.180	8083	VestaCP https

truenas.sergiosy.dev	187.194.143.180	8083	VestaCP https
truenas.sergiosy.dev	187.194.143.180	8443	Plesk Administration (https)

truenas.sergiosy.dev	187.194.143.180	8443	Plesk Administration (https)
truenas.sergiosy.dev	187.194.143.180	8447	Plesk Installer + Updates

truenas.sergiosy.dev	187.194.143.180	8447	Plesk Installer + Updates
truenas.sergiosy.dev	187.194.143.180	8880	Plesk Administration (http)

truenas.sergiosy.dev	187.194.143.180	8880	Plesk Administration (http)
truenas.sergiosy.dev	187.194.143.180	10000	Webmin (http)

truenas.sergiosy.dev	187.194.143.180	10000	Webmin (http)
truenas.sergiosy.dev	187.194.143.180	10000	Webmin (https)

truenas.sergiosy.dev	187.194.143.180	10000	Webmin (https)

Permalink: https://check-your-website.server-daten.de/?i=b93b8042-a2ec-4c2b-94d7-7e7860ce25c1

Last Result: https://check-your-website.server-daten.de/?q=truenas.sergiosy.dev - 2023-02-13 10:46:03

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=truenas.sergiosy.dev" target="_blank">Check this Site: truenas.sergiosy.dev</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=truenas.sergiosy.dev

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

Mobile- and other Chrome-Checks

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

Summary

Details (currently limited to 500 rows - some problems with spam users)

12. Html-Parsing via https://validator.w3.org/nu/

13. Nameserver - IP-Adresses

14. CAA - Entries

15. TXT - Entries

16. DomainService - Entries

17. Cipher Suites

18. Portchecks