Check DNS, Urls + Redirects, Certificates and Content of your Website



N

No trusted Certificate

Checked:
14.12.2019 19:47:59


Older results


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
dramend.com
A
199.38.245.235
Hackensack/New Jersey/United States (US) - WhiteLabel IT Solutions Corp
No Hostname found
yes
2
0

AAAA

yes


www.dramend.com
CNAME
dramend.com
yes
1
0

A
199.38.245.235
Hackensack/New Jersey/United States (US) - WhiteLabel IT Solutions Corp
No Hostname found
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 22545, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 31.12.2019, 00:00:00 +, Signature-Inception: 10.12.2019, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



1 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 27.12.2019, 05:00:00 +, Signature-Inception: 14.12.2019, 04:00:00 +, KeyTag 22545, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 22545 used to validate the DS RRSet in the parent zone



3 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 12163, Flags 256



Public Key with Algorithm 8, KeyTag 17708, Flags 256



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 22.12.2019, 19:24:21 +, Signature-Inception: 07.12.2019, 19:19:21 +, KeyTag 30909, Signer-Name: com



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 22.12.2019, 19:24:21 +, Signature-Inception: 07.12.2019, 19:19:21 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: dramend.com
dramend.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "61s5gjk9a4sujqnpr0ku14tqjotb3a0h" between the hashed NSEC3-owner "61s3caj7b6mhjhhjlbn53f0disb0l7cd" and the hashed NextOwner "61s5v80596n44qik5ubhq6j1gvdfnsiv". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 61s3caj7b6mhjhhjlbn53f0disb0l7cd.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 20.12.2019, 06:55:41 +, Signature-Inception: 13.12.2019, 05:45:41 +, KeyTag 12163, Signer-Name: com



0 DNSKEY RR found




Zone: www.dramend.com
www.dramend.com
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
dramend.com
  ns1.dramend.com
199.38.245.235
Hackensack/New Jersey/United States (US) - WhiteLabel IT Solutions Corp


  ns2.dramend.com
199.38.245.235
Hackensack/New Jersey/United States (US) - WhiteLabel IT Solutions Corp

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


4. SOA-Entries


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1576349262
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:10


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1576349272
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:3


Domain:dramend.com
Zone-Name:
Primary:ns1.dramend.com
Mail:drewamend.gmail.com
Serial:1576343046
Refresh:10800
Retry:3600
Expire:604800
TTL:10800
num Entries:2


5. Screenshots

Startaddress: https://dramend.com, address used: https://dramend.com/, Screenshot created 2020-01-18 02:40:28 +00:0 url is insecure, certificate invalid

Mobil (412px x 732px)

1597 milliseconds

Screenshot mobile - https://dramend.com/
Mobil + Landscape (732px x 412px)

1360 milliseconds

Screenshot mobile landscape - https://dramend.com/
Screen (1280px x 1680px)

2415 milliseconds

Screenshot Desktop - https://dramend.com/

Mobile- and other Chrome-Checks

widthheight
visual Viewport396732
content Size39637323

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

Chrome-Connection: secure. secure connection settings. The connection to this site is encrypted and authenticated using TLS 1.2, ECDHE_RSA with X25519, and CHACHA20_POLY1305.

Chrome-Resources : secure. all served securely. All resources on this page are served securely.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://www.dramend.com/
199.38.245.235
301
http://dramend.com/
Html is minified: 109.46 %
0.220
D
Server: nginx
Date: Sat, 14 Dec 2019 18:48:25 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: http://dramend.com/
X-Powered-By: PleskLin

• http://dramend.com/
199.38.245.235 No GZip used - 38429 / 139640 - 27.52 % possible
200
Warning: Control chars (Ascii 11) found in Html-Content

Html is minified: 125.84 %
1.280
I
Server: nginx
Date: Sat, 14 Dec 2019 18:48:24 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 139640
Connection: close
X-Powered-By: PHP/7.4.0,PleskLin
Link: <http://dramend.com/wp-json/>; rel="https://api.w.org/", <http://dramend.com/>; rel=shortlink
MS-Author-Via: DAV

• https://www.dramend.com/
199.38.245.235
301
https://dramend.com/
Html is minified: 109.46 %
3.513
N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Server: nginx
Date: Sat, 14 Dec 2019 18:48:31 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: https://dramend.com/
X-Powered-By: PleskLin

• https://dramend.com/
199.38.245.235 No GZip used - 38428 / 139691 - 27.51 % possible
Inline-JavaScript (∑/total): 7/5359 Inline-CSS (∑/total): 44/20034
200
Warning: Control chars (Ascii 11) found in Html-Content

Html is minified: 125.84 %
4.390
N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Server: nginx
Date: Sat, 14 Dec 2019 18:48:26 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 139691
Connection: close
X-Powered-By: PHP/7.4.0,PleskLin
Link: <https://dramend.com/wp-json/>; rel="https://api.w.org/", <https://dramend.com/>; rel=shortlink
MS-Author-Via: DAV

• http://www.dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
199.38.245.235
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
http://dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 109.46 %
0.217
D
Visible Content:
Server: nginx
Date: Sat, 14 Dec 2019 18:48:35 GMT
Content-Type: text/html
Content-Length: 162
Connection: close
Location: http://dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
X-Powered-By: PleskLin

• http://dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
199.38.245.235
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
200

Html is minified: 100.00 %
0.220

Visible Content:
Server: nginx
Date: Sat, 14 Dec 2019 18:48:35 GMT
Content-Type: text/plain
Content-Length: 2
Last-Modified: Sat, 14 Dec 2019 18:47:53 GMT
Connection: close
ETag: "5df52e59-2"
X-Powered-By: PleskLin
Accept-Ranges: bytes

7. Comments


1. General Results, most used to calculate the result

Aname "dramend.com" is domain, public suffix is "com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
Agood: one preferred version: non-www is preferred
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):2 complete Content-Type - header (3 urls)
http://dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 199.38.245.235


Url with incomplete Content-Type - header - missing charset
Bhttps://dramend.com/ 199.38.245.235
200

Missing HSTS-Header
Bhttps://www.dramend.com/ 199.38.245.235
301

Missing HSTS-Header
CError - more then one version with Http-Status 200. After all redirects, all users (and search engines) should see the same https url: Non-www or www, but not both with http status 200.
Dhttp://www.dramend.com/ 199.38.245.235
301
http://dramend.com/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Dhttp://www.dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 199.38.245.235
301
http://dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Ihttps://dramend.com/ 199.38.245.235
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
Nhttps://dramend.com/ 199.38.245.235
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://www.dramend.com/ 199.38.245.235
301
https://dramend.com/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Ndramend.com:465


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Ndramend.com:993


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Ndramend.com:995


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Ndramend.com:8443


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nwww.dramend.com:465


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nwww.dramend.com:993


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nwww.dramend.com:995


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nwww.dramend.com:8443


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
N199.38.245.235:465


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
N199.38.245.235:993


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
N199.38.245.235:995


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
N199.38.245.235:8443


Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors

2. DNS- and NameServer - Checks

AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns1.dramend.com,ns2.dramend.com
AGood: Nameserver supports TCP connections: 2 good Nameserver
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 2 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

http://dramend.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 199.38.245.235
200

Warning: Not existing ACME-file, but Server sends 200, not 404 or redirect. May be a problem creating a Letsencrypt certificate. Checking /.well-known/acme-challenge/random-filename - a http status 404 - Not Found - is expected. If your server sends content and a http status 200, the validation file (87 bytes, token, dot and the hash of the public part of the account key) may be invisible, so Letsencrypt can't validate your domain. If it is an application that sends this content, perhaps create an exception, so /.well-known/acme-challenge sends raw files. Or create a redirect to another domain and / or port 443, but your Letsencrypt client must support such a solution. Certbot: Use webroot as authenticator - https://certbot.eff.org/docs/using.html Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
https://dramend.com/ 199.38.245.235
200

Warning: https result with status 200 and size greater then 1024 Bytes without GZip found. Add GZip support so the html content is compressed.
https://dramend.com/ 199.38.245.235
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://dramend.com/ 199.38.245.235
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
Warning: CSS / JavaScript found without GZip support. Send these ressources with GZip. 24 external CSS / JavaScript files without GZip found - 2 with GZip, 26 complete
AGood: All images with internal compression not sent via GZip. Images (.png, .jpg) are already compressed, so an additional GZip isn't helpful. 15 images (type image/png, image/jpg) found without additional GZip. Not required because these images are already compressed
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 24 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 3 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 27 complete.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 78 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 78 complete.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 112114 milliseconds, 112.114 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
dramend.com
199.38.245.235
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
dramend.com
199.38.245.235
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


www.dramend.com
199.38.245.235
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok

www.dramend.com
199.38.245.235
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
error checking OCSP stapling
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


dramend.com
dramend.com
465
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

dramend.com
dramend.com
465
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


dramend.com
dramend.com
993
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

dramend.com
dramend.com
993
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


dramend.com
dramend.com
995
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

dramend.com
dramend.com
995
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


dramend.com
dramend.com
8443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

dramend.com
dramend.com
8443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
Tls.1.1
Tls.1.0
no http/2 via ALPN
Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


199.38.245.235
199.38.245.235
465
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

199.38.245.235
199.38.245.235
465
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


199.38.245.235
199.38.245.235
993
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

199.38.245.235
199.38.245.235
993
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


199.38.245.235
199.38.245.235
995
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

199.38.245.235
199.38.245.235
995
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


199.38.245.235
199.38.245.235
8443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

199.38.245.235
199.38.245.235
8443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
Tls.1.1
Tls.1.0
no http/2 via ALPN
Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


www.dramend.com
www.dramend.com
465
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

www.dramend.com
www.dramend.com
465
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


www.dramend.com
www.dramend.com
993
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

www.dramend.com
www.dramend.com
993
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


www.dramend.com
www.dramend.com
995
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

www.dramend.com
www.dramend.com
995
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


www.dramend.com
www.dramend.com
8443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

www.dramend.com
www.dramend.com
8443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
Tls.1.1
Tls.1.0
no http/2 via ALPN
Tls.1.2
Tls.1.1
Tls.1.0
Self signed certificate
1CN=Plesk, O=Plesk, L=Schaffhausen, C=CH, emailAddress=info@plesk.com


9. Certificates

1.
1.
E=info@plesk.com, CN=Plesk, O=Plesk, L=Schaffhausen, C=CH
06.12.2019
05.12.2020
expires in 71 days

1.
1.
E=info@plesk.com, CN=Plesk, O=Plesk, L=Schaffhausen, C=CH
06.12.2019

05.12.2020
expires in 71 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:5DEADC17
Thumbprint:C8976E9665ED31391B5AED25C057E1AA5E05B6B0
SHA256 / Certificate:CUF7cYcLb/ObiiENuzDXzZVZ4gJF09XsWkexxUEq3fY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f5017194bb7aac81bafbd466118c8e1c0f3e8535177ec30f59e1d2f375cfcc29
SHA256 hex / Subject Public Key Information (SPKI):30666458090ee3ca9b33881ba327f411ea29c381c8d2d530e0aeff6661bd8761
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
//certs.starfieldtech.com/repository/, CN=Starfield Secure Certificate Authority - G2
0
1
1
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0
0
1
CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
0
0
1
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester
0
0
1

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
1370610895
precert
Leaf-1370610895
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2020-01-17 19:02:43
2020-04-16 19:02:43
*.dramend.com, dramend.com - 2 entries


1367894442
leaf cert
CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2020-01-16 00:00:00
2020-04-15 23:59:59
cpanel.dramend.com, dramend.com, mail.dramend.com, webdisk.dramend.com, webmail.dramend.com, www.dramend.com - 6 entries


1307338101
leaf cert
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester
2019-12-15 00:00:00
2020-01-14 23:59:59
dramend.com, www.dramend.com - 2 entries


1293257656
precert
//certs.starfieldtech.com/repository/, CN=Starfield Secure Certificate Authority - G2
2019-12-08 10:20:35
2020-12-12 19:52:04
dramend.com, www.dramend.com - 2 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0 /0 new
0
2
//certs.starfieldtech.com/repository/, CN=Starfield Secure Certificate Authority - G2
0
1
1
CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
0
0
1
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester
0
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
2346079117
precert
Leaf-2346079117
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2020-01-17 20:41:51
2020-04-16 19:41:51
*.dramend.com, dramend.com
2 entries


2345805574
precert
Leaf-2345805574
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2020-01-17 18:02:43
2020-04-16 17:02:43
*.dramend.com, dramend.com
2 entries


2340343376
leaf cert
CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2020-01-15 23:00:00
2020-04-15 21:59:59
cpanel.dramend.com, dramend.com, mail.dramend.com, webdisk.dramend.com, webmail.dramend.com, www.dramend.com
6 entries


2224727352
leaf cert
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester
2019-12-14 23:00:00
2020-01-14 22:59:59
dramend.com, www.dramend.com
2 entries


2205642132
precert
//certs.starfieldtech.com/repository/, CN=Starfield Secure Certificate Authority - G2
2019-12-08 09:20:35
2020-12-12 18:52:04
dramend.com, www.dramend.com
2 entries



11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404


12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

No NameServer - IP address informations found. The feature is new (2020-05-07), so recheck this domain.


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.dramend.com



1
0
dramend.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
dramend.com
v=spf1 +a +mx -all +a:pheromoneadvantage.com
ok
1
0
www.dramend.com
v=spf1 +a +mx -all +a:pheromoneadvantage.com
ok
1
0
_acme-challenge.dramend.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.dramend.com

Name Error - The domain name does not exist
1
0
_acme-challenge.dramend.com.dramend.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.dramend.com.dramend.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.dramend.com.www.dramend.com

Name Error - The domain name does not exist
1
0


15. Portchecks

No Port checks



Permalink: https://check-your-website.server-daten.de/?i=817ec104-d7ae-4b9d-beff-fd3134bead6f


Last Result: https://check-your-website.server-daten.de/?q=dramend.com - 2020-01-18 02:37:22


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=dramend.com" target="_blank">Check this Site: dramend.com</a>