Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

DNS-problem - authoritative Nameserver refused, not defined or timeout

Checked:
10.06.2025 15:45:44

Older results

No older results found

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
bitwarden.gpfqtt.top	A	222.65.31.106 Shanghai/China (CN) - CHINANET-SH No Hostname found	yes	1	0
	AAAA		yes
www.bitwarden.gpfqtt.top	A	222.65.31.106 Shanghai/China (CN) - CHINANET-SH No Hostname found	yes	1	0
	AAAA		yes
*.gpfqtt.top	A	Refused	yes
	AAAA	Refused	yes
	CNAME	Refused	yes
*.bitwarden.gpfqtt.top	A	Refused	yes
	AAAA	Refused	yes
	CNAME	Refused	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	3 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 53148, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.07.2025, 00:00:00 +, Signature-Inception: 10.06.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: top
top	1 DS RR in the parent zone found


	DS with Algorithm 8, KeyTag 26780, DigestType 2 and Digest XW54ae6OO1NqYX3olILd0dy52527GsM9btNR4soJWxs=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner top., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 23.06.2025, 05:00:00 +, Signature-Inception: 10.06.2025, 04:00:00 +, KeyTag 53148, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 53148 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 15030, Flags 256


	Public Key with Algorithm 8, KeyTag 26780, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner top., Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 19.06.2025, 02:39:50 +, Signature-Inception: 05.06.2025, 01:09:50 +, KeyTag 26780, Signer-Name: top


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 26780 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 26780, DigestType 2 and Digest "XW54ae6OO1NqYX3olILd0dy52527GsM9btNR4soJWxs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: gpfqtt.top
gpfqtt.top	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "goe280qfet1vdts67llov1l3k2o8e7q7" between the hashed NSEC3-owner "goe280qfet1vdts67llov1l3k2o8e7q7" and the hashed NextOwner "goe293l7s0mjv1mvl12ln777c0keqpn5". So the parent zone confirmes the not-existence of a DS RR. Bitmap: No Bitmap? Validated: RRSIG-Owner goe280qfet1vdts67llov1l3k2o8e7q7.top., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 18.06.2025, 00:39:20 +, Signature-Inception: 03.06.2025, 23:09:20 +, KeyTag 15030, Signer-Name: top


	0 DNSKEY RR found




Zone: bitwarden.gpfqtt.top
bitwarden.gpfqtt.top	0 DS RR in the parent zone found


	0 DNSKEY RR found




Zone: www.bitwarden.gpfqtt.top
www.bitwarden.gpfqtt.top	0 DS RR in the parent zone found

3. Name Servers

Domain	Nameserver	NS-IP
www.bitwarden.gpfqtt.top	• ns1.huaweicloud-dns.org
bitwarden.gpfqtt.top	• ns1.huaweicloud-dns.org
gpfqtt.top	• ns1.alidns.com	120.76.107.45 Shenzhen/Guangdong/China (CN) - Hangzhou Alibaba Advertising Co
	•	120.76.107.55 Shenzhen/Guangdong/China (CN) - Hangzhou Alibaba Advertising Co
	•	139.224.142.115 Shanghai/China (CN) - Addresses CNNIC
	•	139.224.142.125 Shanghai/China (CN) - Addresses CNNIC
	•	39.96.153.45 Beijing/China (CN) - Hangzhou Alibaba Advertising Co
	•	39.96.153.55 Beijing/China (CN) - Hangzhou Alibaba Advertising Co
	T	47.118.199.205 Hangzhou/Zhejiang/China (CN) - Addresses CNNIC
	•	47.118.199.215 Hangzhou/Zhejiang/China (CN) - Addresses CNNIC
	•	2408:4009:501::1 Hangzhou/Zhejiang/China (CN) - Hangzhou Alibaba Advertising Co., Ltd.
	• ns1.huaweicloud-dns.cn	116.205.223.129 Guangzhou/Guangdong/China (CN) - Huawei Cloud Service data center	•
	•	116.205.5.32 Beijing/China (CN) - Huawei Cloud Service data center	•
	•	122.112.208.254 Shanghai/China (CN) - Huawei Cloud Service data center	•
	•	139.9.224.17 Guiyang/Guizhou/China (CN) - China Unicom IP network	•
	T	2407:c080:20:ffff:ffff:fffe:0:1 Guangzhou/Guangdong/China (CN) - Huawei Cloud Service data center	•
	• ns1.huaweicloud-dns.com	116.205.223.128 Guangzhou/Guangdong/China (CN) - Huawei Cloud Service data center	•
	•	116.205.5.31 Beijing/China (CN) - Huawei Cloud Service data center	•
	T	122.112.208.253 Shanghai/China (CN) - Huawei Cloud Service data center	•
	•	139.9.224.17 Guiyang/Guizhou/China (CN) - China Unicom IP network	•
	•	2407:c080:20:ffff:ffff:fffe:0:1 Guangzhou/Guangdong/China (CN) - Huawei Cloud Service data center
	• ns1.huaweicloud-dns.net / lasouth2a-i-dns-gslb02	159.138.112.111 Santiago/Santiago Metropolitan/Chile (CL) - Huawei International Pte. Ltd.	•
	•	159.138.160.107 Johannesburg/Gauteng/South Africa (ZA) - Huawei International Pte. LTD	•
	•	159.138.17.112 Hong Kong/Central and Western District/Hong Kong (HK) - Huawei International Pte. Ltd.	•
	•	159.138.208.3 São Paulo/Brazil (BR) - Huawei International Pte. LTD	•
	•	190.92.196.2 Singapore/North West/Singapore (SG) - Huawei International Pte. LTD	•
	•	2407:c080:20:ffff:ffff:fffe:0:1 Guangzhou/Guangdong/China (CN) - Huawei Cloud Service data center	•
	• ns1.huaweicloud-dns.org / lasouth2a-i-dns-gslb02	159.138.112.111 Santiago/Santiago Metropolitan/Chile (CL) - Huawei International Pte. Ltd.	•
	•	159.138.160.107 Johannesburg/Gauteng/South Africa (ZA) - Huawei International Pte. LTD	•
	•	159.138.17.187 Hong Kong/Central and Western District/Hong Kong (HK) - Huawei International Pte. Ltd.	•
	•	159.138.208.3 São Paulo/Brazil (BR) - Huawei International Pte. LTD	•
	•	190.92.196.2 Singapore/North West/Singapore (SG) - Huawei International Pte. LTD	•
	•	2407:c080:20:ffff:ffff:fffe:0:1 Guangzhou/Guangdong/China (CN) - Huawei Cloud Service data center	•
	• ns2.alidns.com	120.76.107.46 Shenzhen/Guangdong/China (CN) - Hangzhou Alibaba Advertising Co
	•	120.76.107.56 Shenzhen/Guangdong/China (CN) - Hangzhou Alibaba Advertising Co
	•	139.224.142.116 Shanghai/China (CN) - Addresses CNNIC
	•	139.224.142.126 Shanghai/China (CN) - Addresses CNNIC
	T	39.96.153.46 Beijing/China (CN) - Hangzhou Alibaba Advertising Co
	•	39.96.153.56 Beijing/China (CN) - Hangzhou Alibaba Advertising Co
	•	47.118.199.206 Hangzhou/Zhejiang/China (CN) - Addresses CNNIC
	•	47.118.199.216 Hangzhou/Zhejiang/China (CN) - Addresses CNNIC
	•	2408:4009:501::2 Hangzhou/Zhejiang/China (CN) - Hangzhou Alibaba Advertising Co., Ltd.
top	• a.zdnscloud.cn		•
	• a.zdnscloud.com
	• b.zdnscloud.cn		•
	• c.zdnscloud.com		•
	• d.zdnscloud.com		•
	• f.zdnscloud.cn		•
	• g.zdnscloud.com		•
	• i.zdnscloud.cn		•
	• j.zdnscloud.com		•

4. SOA-Entries

Domain:	top
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	1

Domain:	top
Zone-Name:	top
Primary:	a.zdnscloud.com
Mail:	td_dns_gtld.knet.cn
Serial:	1392780131
Refresh:	600
Retry:	3600
Expire:	1209600
TTL:	3600
num Entries:	8

Domain:	gpfqtt.top
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	21

Domain:	gpfqtt.top
Zone-Name:	gpfqtt.top
Primary:	ns1.huaweicloud-dns.org
Mail:	hwclouds.cs.huawei.com
Serial:	1
Refresh:	7200
Retry:	900
Expire:	1209600
TTL:	300
num Entries:	19

Domain:	bitwarden.gpfqtt.top
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	1

Domain:	www.bitwarden.gpfqtt.top
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:	1

5. Screenshots

Startaddress: https://bitwarden.gpfqtt.top:2468/, address used: https://bitwarden.gpfqtt.top:2468/#/login, Screenshot created 2025-06-10 16:03:02 +00:0

Mobil (412px x 732px)

1063 milliseconds

Screenshot mobile - https://bitwarden.gpfqtt.top:2468/#/login

Mobil + Landscape (732px x 412px)

1081 milliseconds

Screenshot mobile landscape - https://bitwarden.gpfqtt.top:2468/#/login

Screen (1280px x 1680px)

3130 milliseconds

Screenshot Desktop - https://bitwarden.gpfqtt.top:2468/#/login

Mobile- and other Chrome-Checks

	width	height
visual Viewport	412	716
content Size	1010	716

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://bitwarden.gpfqtt.top:2468/ 222.65.31.106	-100		0.420
Unknown (0, 0x80131620). An error occurred while sending the request. Unable to read data from the transport connection

• http://www.bitwarden.gpfqtt.top:2468/ 222.65.31.106	-100		0.454
Unknown (0, 0x80131620). An error occurred while sending the request. Unable to read data from the transport connection

• https://www.bitwarden.gpfqtt.top:2468/ 222.65.31.106	307	https://www.bitwarden.gpfqtt.top/ Html is minified: 102.99 %	16.684	N
Certificate error: RemoteCertificateNameMismatch
Location: https://www.bitwarden.gpfqtt.top/
Date: Tue, 10 Jun 2025 13:54:55 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 69

• https://bitwarden.gpfqtt.top:2468/ 222.65.31.106 No Compression used - 780 / 1241 - 62.85 % possible Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	200	Html is minified: 100.00 % Other inline scripts (∑/total): 0/0	8.283	I
Cache-Control: public, max-age=600
Content-Security-Policy: default-src 'self'; base-uri 'self'; form-action 'self'; object-src 'self' blob:; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; child-src 'self' https://.duosecurity.com https://.duofederal.com; frame-src 'self' https://.duosecurity.com https://.duofederal.com; frame-ancestors 'self' chrome-extension://nngceckbapebfimnlniiiahkandclblb chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh moz-extension://* ; img-src 'self' data: https://haveibeenpwned.com ; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory https://app.simplelogin.io/api/ https://app.addy.io/api/ https://api.fastmail.com/ https://api.forwardemail.net ;
Date: Tue, 10 Jun 2025 13:54:43 GMT
Permissions-Policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
Referrer-Policy: same-origin
Server: Rocket
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 0
Content-Length: 1241
Content-Type: text/html; charset=utf-8
Expires: Tue, 10 Jun 2025 14:04:43 GMT

• https://www.bitwarden.gpfqtt.top/	-14		10.030	T
Timeout - The operation has timed out.

• https://bitwarden.gpfqtt.top:80/ 222.65.31.106	-14		10.027	A
Timeout - The operation has timed out.
Visible Content:

• https://www.bitwarden.gpfqtt.top:80/ 222.65.31.106	-14		10.047	A
Timeout - The operation has timed out.
Visible Content:

• http://bitwarden.gpfqtt.top:2468/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 222.65.31.106	-100		0.420
Unknown (0, 0x80131620). An error occurred while sending the request. Unable to read data from the transport connection
Visible Content:

• http://www.bitwarden.gpfqtt.top:2468/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 222.65.31.106	-100		0.437
Unknown (0, 0x80131620). An error occurred while sending the request. Unable to read data from the transport connection
Visible Content:

• https://222.65.31.106:2468/ 222.65.31.106	307	https://222.65.31.106:2468/ Html is minified: 103.33 %	11.640	L
Certificate error: RemoteCertificateNameMismatch
Location: https://222.65.31.106:2468/
Date: Tue, 10 Jun 2025 13:55:35 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 62

7. Comments

	1. General Results, most used to calculate the result
A	name "bitwarden.gpfqtt.top" is subdomain, public suffix is ".top", top-level-domain is ".top", top-level-domain-type is "generic", tld-manager is "Jiangsu Bangning Science & Technology Co.,Ltd.", num .top-domains preloaded: 550 (complete: 271405)
A	Good: All ip addresses are public addresses
	Warning: Only one ip address found: bitwarden.gpfqtt.top has only one ip address.
	Warning: Only one ip address found: www.bitwarden.gpfqtt.top has only one ip address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: bitwarden.gpfqtt.top has no ipv6 address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.bitwarden.gpfqtt.top has no ipv6 address.
A	Good: destination is https
A	Good - only one version with Http-Status 200
A	Good: one preferred version: non-www is preferred
	HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
A	Good: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
B	https://bitwarden.gpfqtt.top:2468/ 222.65.31.106	200		Missing HSTS-Header
B	https://www.bitwarden.gpfqtt.top:2468/ 222.65.31.106	307		Missing HSTS-Header
I	https://bitwarden.gpfqtt.top:2468/ 222.65.31.106	200		Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
L	https://222.65.31.106:2468/ 222.65.31.106	307	https://222.65.31.106:2468/	Error direct loop
N	https://www.bitwarden.gpfqtt.top:2468/ 222.65.31.106	307	https://www.bitwarden.gpfqtt.top/	Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	https://222.65.31.106:2468/ 222.65.31.106	307	https://222.65.31.106:2468/	Error - Certificate isn't trusted, RemoteCertificateNameMismatch
O	bitwarden.gpfqtt.top / 222.65.31.106 / 2468			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 4 Cipher Suites without Forward Secrecy found
O	www.bitwarden.gpfqtt.top / 222.65.31.106 / 2468			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 3 Cipher Suites without Forward Secrecy found
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 120.76.107.45: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 120.76.107.55: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 139.224.142.115: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 139.224.142.125: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 39.96.153.45: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 39.96.153.55: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 47.118.199.205: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 47.118.199.215: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.alidns.com / 2408:4009:501::1: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns1.huaweicloud-dns.com / 2407:c080:20:ffff:ffff:fffe:0:1: Timeout
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 120.76.107.46: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 120.76.107.56: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 139.224.142.116: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 139.224.142.126: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 39.96.153.46: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 39.96.153.56: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 47.118.199.206: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 47.118.199.216: Refused
X	Fatal error: Nameserver doesn't support TCP connection: ns2.alidns.com / 2408:4009:501::2: Refused
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain www.bitwarden.gpfqtt.top, 1 ip addresses, 1 different http results.
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain bitwarden.gpfqtt.top, 1 ip addresses.
B	No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.bitwarden.gpfqtt.top
	2. Header-Checks
A	bitwarden.gpfqtt.top 222.65.31.106	Content-Security-Policy		Ok: Header without syntax errors found: default-src 'self'; base-uri 'self'; form-action 'self'; object-src 'self' blob:; script-src 'self' 'wasm-unsafe-eval'; style-src 'self' 'unsafe-inline'; child-src 'self' https://.duosecurity.com https://.duofederal.com; frame-src 'self' https://.duosecurity.com https://.duofederal.com; frame-ancestors 'self' chrome-extension://nngceckbapebfimnlniiiahkandclblb chrome-extension://jbkfoedolllekgbhcbcoahefnbanhhlh moz-extension://* ; img-src 'self' data: https://haveibeenpwned.com ; connect-src 'self' https://api.pwnedpasswords.com https://api.2fa.directory https://app.simplelogin.io/api/ https://app.addy.io/api/ https://api.fastmail.com/ https://api.forwardemail.net ;
A				Good: default-src directive only with 'none' or 'self', additional sources are blocked.
A				Good: default-src without 'unsafe-inline' or 'unsave-eval'.
A				Good: form-action directive found. That reduces the risk sending data to unwanted domains. form-action is a navigation-directive, so default-src isn't used.
A				Good: frame-ancestors directive found. That limits pages who are allowed to use this page in a frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
A				Good: base-uri directive found. That limits the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
F				Critical: object-src with a scheme definition found. That's too global, don't use such a definition. Use a list of urls instead if you really want to use object / embed / applet.
A				Good: script-src without 'unsafe-inline' and 'unsafe-eval' found. That's the recommended configuration.
A				Good: script-src without * and a scheme found.
A				Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A				Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
A		X-Content-Type-Options		Ok: Header without syntax errors found: nosniff
A		Referrer-Policy		Ok: Header without syntax errors found: same-origin
A		Permissions-Policy		Ok: Header without syntax errors found: accelerometer=(), ambient-light-sensor=(), autoplay=(), battery=(), camera=(), display-capture=(), document-domain=(), encrypted-media=(), execution-while-not-rendered=(), execution-while-out-of-viewport=(), fullscreen=(), geolocation=(), gyroscope=(), keyboard-map=(), magnetometer=(), microphone=(), midi=(), payment=(), picture-in-picture=(), screen-wake-lock=(), sync-xhr=(), usb=(), web-share=(), xr-spatial-tracking=()
A		X-Frame-Options		Ok: Header without syntax errors found: SAMEORIGIN
B				Info: Header is deprecated. May not longer work in modern browsers. SAMEORIGIN. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A		X-Xss-Protection		Ok: Header without syntax errors found: 0
B				Info: Header is deprecated. May not longer work in modern browsers. 0
B	bitwarden.gpfqtt.top 222.65.31.106	Cross-Origin-Embedder-Policy		Info: Missing Header
B	bitwarden.gpfqtt.top 222.65.31.106	Cross-Origin-Opener-Policy		Info: Missing Header
B	bitwarden.gpfqtt.top 222.65.31.106	Cross-Origin-Resource-Policy		Info: Missing Header
	3. DNS- and NameServer - Checks
A	Info:: 21 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 6 Name Servers.
A	Info:: 21 Queries complete, 21 with IPv6, 0 with IPv4.
A	Good: All DNS Queries done via IPv6.
	Ok (4 - 8):: An average of 3.5 queries per domain name server required to find all ip addresses of all name servers.
A	Info:: 6 different Name Servers found: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com, 2 Name Servers included in Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, 6 Name Servers included in 2 Zone definitions: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com, 1 Name Servers listed in SOA.Primary: ns1.huaweicloud-dns.org.
A	Good: Only one SOA.Primary Name Server found.: ns1.huaweicloud-dns.org.
	Error: SOA.Primary Name Server not included in the delegation set.: ns1.huaweicloud-dns.org.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.cn (116.205.223.129): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.cn (116.205.5.32): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.cn (122.112.208.254): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.cn (139.9.224.17): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.cn (2407:c080:20:ffff:ffff:fffe:0:1): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.com (116.205.223.128): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.com (116.205.5.31): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.com (122.112.208.253): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.com (139.9.224.17): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.com (2407:c080:20:ffff:ffff:fffe:0:1): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.net (159.138.112.111): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.net (159.138.160.107): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.net (159.138.17.112): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.net (159.138.208.3): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.net (190.92.196.2): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.net (2407:c080:20:ffff:ffff:fffe:0:1): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.org (159.138.112.111): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.org (159.138.160.107): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.org (159.138.17.187): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.org (159.138.208.3): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.org (190.92.196.2): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
X	Fatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Read https://www.iana.org/help/nameserver-requirements and send it to your Name Server Hoster.: ns1.huaweicloud-dns.org (2407:c080:20:ffff:ffff:fffe:0:1): Delegation: ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, Zone: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com. Name Servers defined in Zone, missing in Delegation: ns1.alidns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com.
A	Good: All Name Server Domain Names have a Public Suffix.
A	Good: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
A	Good: All Name Server ip addresses are public.
A	Info: Ipv4-Subnet-list: 34 Name Servers, 8 different subnets (first Byte): 116., 120., 122., 139., 159., 190., 39., 47., 9 different subnets (first two Bytes): 116.205., 120.76., 122.112., 139.224., 139.9., 159.138., 190.92., 39.96., 47.118., 13 different subnets (first three Bytes): 116.205.223., 116.205.5., 120.76.107., 122.112.208., 139.224.142., 139.9.224., 159.138.112., 159.138.160., 159.138.17., 159.138.208., 190.92.196., 39.96.153., 47.118.199.
A	Good: Name Server IPv4-addresses from different subnet found:
A	Info: IPv6-Subnet-list: 6 Name Servers with IPv6, 2 different subnets (first block): 2407:, 2408:, 2 different subnets (first two blocks): 2407:c080:, 2408:4009:, 2 different subnets (first three blocks): 2407:c080:0020:, 2408:4009:0501:, 2 different subnets (first four blocks): 2407:c080:0020:ffff:, 2408:4009:0501:0000:
A	Good: Name Server IPv6 addresses from different subnets found.
X	Nameserver Timeout checking Echo Capitalization: ns1.alidns.com / 47.118.199.205
X	Nameserver Timeout checking Echo Capitalization: ns1.huaweicloud-dns.com / 122.112.208.253
X	Nameserver Timeout checking Echo Capitalization: ns2.alidns.com / 39.96.153.46
X	Nameserver Timeout checking EDNS512: ns1.huaweicloud-dns.cn / 2407:c080:20:ffff:ffff:fffe:0:1
	Nameserver doesn't pass all EDNS-Checks: a.zdnscloud.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 39.96.153.45: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: fatal timeout. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 39.96.153.55: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: fatal timeout. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 47.118.199.205: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: ok. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 47.118.199.215: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: ok. V1FLAGS: fatal timeout. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: fatal timeout. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 120.76.107.45: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 120.76.107.55: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: ok. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 139.224.142.115: OP100: fatal timeout. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: fatal timeout. V1DNSSEC: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 139.224.142.125: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: ok. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: fatal timeout. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: fatal timeout.
	Nameserver doesn't pass all EDNS-Checks: ns1.alidns.com / 2408:4009:501::1: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.cn / 116.205.5.32: OP100: ok. FLAGS: ok. V1: fatal timeout. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.cn / 116.205.223.129: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.cn / 122.112.208.254: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.cn / 139.9.224.17: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (CN-Southwest-1a-DNS-GSLB-01). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.cn / 2407:c080:20:ffff:ffff:fffe:0:1: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: fatal timeout. DNSSEC: ok. V1DNSSEC: no result. NSID: fatal timeout. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.com / 116.205.5.31: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: fatal timeout. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.com / 116.205.223.128: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.com / 122.112.208.253: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.com / 139.9.224.17: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (CN-Southwest-1a-DNS-GSLB-02). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.com / 2407:c080:20:ffff:ffff:fffe:0:1: OP100: ok. FLAGS: fatal timeout. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.net / 159.138.17.112: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (AP-Southeast-1b-DNS-GSLB02). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.net / 159.138.112.111: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (lasouth2a-i-dns-gslb02). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.net / 159.138.160.107: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (afsouth1a-i-dns-gslb01). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.net / 159.138.208.3: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (sabrazil1a-i-dns-gslb02). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.net / 190.92.196.2: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (AP-Southeast-3a-DNS-GSLB-01). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.net / 2407:c080:20:ffff:ffff:fffe:0:1: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org / 159.138.17.187: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (AP-Southeast-1a-DNS-GSLB02). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org / 159.138.112.111: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (lasouth2a-i-dns-gslb02). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org / 159.138.160.107: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (afsouth1a-i-dns-gslb03). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org / 159.138.208.3: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (sabrazil1a-i-dns-gslb01). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org / 190.92.196.2: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: no result. NSID: ok (AP-Southeast-3a-DNS-GSLB-01). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.huaweicloud-dns.org / 2407:c080:20:ffff:ffff:fffe:0:1: OP100: ok. FLAGS: ok. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: ok. V1DNSSEC: fatal timeout. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 39.96.153.46: OP100: fatal timeout. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: fatal timeout. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 39.96.153.56: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 47.118.199.206: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: fatal timeout. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: fatal timeout. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: fatal timeout.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 47.118.199.216: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: fatal timeout. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: fatal timeout. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 120.76.107.46: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 120.76.107.56: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: fatal timeout. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: fatal timeout. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 139.224.142.116: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 139.224.142.126: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns2.alidns.com / 2408:4009:501::2: OP100: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. FLAGS: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: fatal timeout. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: SOA NOT expected and NOT found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: fatal timeout.
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	4. Content- and Performance-critical Checks
	https://bitwarden.gpfqtt.top:2468/ 222.65.31.106	200		Warning: https result with status 200 and size greater then 1024 Bytes without Compression found. Add Compression support (gzip, deflate, br - these are checked) so the html content is compressed.
A	Good: No https + http status 200 with inline CSS / JavaScript found
A	Good: Every https result with status 200 has a minified Html-Content with a quota lower then 110 %.
A	Good: Every https connection via port 443 supports the http/2 protocol via ALPN.
A	Good: All script Elements (type text/javascript) and src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
	Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 5 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 5 complete.
A	Good: All checked attribute values are enclosed in quotation marks (" or ').
A	Good: All img-elements have a valid alt-attribute.: 1 img-elements found.
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
A	Duration: 1045270 milliseconds, 1045.270 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

222.65.31.106

2468

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

not supported

222.65.31.106

2468

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

not supported

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
Cert sent without SNI

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain (complete)	1	CN=gpfqtt.top
	2	CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US
	3	CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

bitwarden.gpfqtt.top

222.65.31.106

2468

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

not supported

bitwarden.gpfqtt.top

222.65.31.106

2468

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

not supported

http/2 via ALPN supported
SNI required

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported
SNI required

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain (complete)	1	CN=bitwarden.gpfqtt.top
	2	CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US
	3	CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

www.bitwarden.gpfqtt.top

222.65.31.106

2468

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

not supported

www.bitwarden.gpfqtt.top

222.65.31.106

2468

name does not match

Tls12

ECDH Ephermal

255

Aes128

128

Sha256

not supported

http/2 via ALPN supported

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

http/2 via ALPN supported

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain (complete)	1	CN=gpfqtt.top
	2	CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US
	3	CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

9. Certificates

CN=bitwarden.gpfqtt.top

19.03.2025

17.06.2025
5 days expired

bitwarden.gpfqtt.top - 1 entry

CN=bitwarden.gpfqtt.top

19.03.2025

17.06.2025
5 days expired

bitwarden.gpfqtt.top - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	07AECCBB83767A78612B8149902C7E80
Thumbprint:	E085E37CD9122F9D7668A36E9F11D0E415A7E92E
SHA256 / Certificate:	fLJOUrgrT3Sm4CmFTyl5xBotk87WGUqR/cHv5FHS/JA=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	0d04fe73308d13201463f3fae7ba5ef9bb9cc0776d54c5371d255de413bde222
SHA256 hex / Subject Public Key Information (SPKI):	0d04fe73308d13201463f3fae7ba5ef9bb9cc0776d54c5371d255de413bde222 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=bitwarden.gpfqtt.top

19.03.2025

17.06.2025
5 days expired

bitwarden.gpfqtt.top - 1 entry

CN=bitwarden.gpfqtt.top

19.03.2025

17.06.2025
5 days expired

bitwarden.gpfqtt.top - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	07AECCBB83767A78612B8149902C7E80
Thumbprint:	E085E37CD9122F9D7668A36E9F11D0E415A7E92E
SHA256 / Certificate:	fLJOUrgrT3Sm4CmFTyl5xBotk87WGUqR/cHv5FHS/JA=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	0d04fe73308d13201463f3fae7ba5ef9bb9cc0776d54c5371d255de413bde222
SHA256 hex / Subject Public Key Information (SPKI):	0d04fe73308d13201463f3fae7ba5ef9bb9cc0776d54c5371d255de413bde222 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0DE0FFB5EE62CB61109F608C9CED5ED3
Thumbprint:	ED6302684A3259AA04F10FE9A97A8FD30B965D26
SHA256 / Certificate:	sayM+xgbnJNU4Xdfy9/P54mMXMmhfXYxW1fBEu7lUjQ=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	83178a145699d8714922c4dd4e3125ea7568ddc913097faacd132a6fd5e86b5c
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0DE0FFB5EE62CB61109F608C9CED5ED3
Thumbprint:	ED6302684A3259AA04F10FE9A97A8FD30B965D26
SHA256 / Certificate:	sayM+xgbnJNU4Xdfy9/P54mMXMmhfXYxW1fBEu7lUjQ=
SHA256 hex / Cert (DANE * 0 1):	b1ac8cfb181b9c9354e1775fcbdfcfe7898c5cc9a17d76315b57c112eee55234
SHA256 hex / PublicKey (DANE * 1 1):	83178a145699d8714922c4dd4e3125ea7568ddc913097faacd132a6fd5e86b5c
SHA256 hex / Subject Public Key Information (SPKI):	83178a145699d8714922c4dd4e3125ea7568ddc913097faacd132a6fd5e86b5c
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

18.01.2024

10.11.2031
expires in 2332 days

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

18.01.2024

10.11.2031
expires in 2332 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0FE032AB844D033106C50C8E13C8B068
Thumbprint:	8BF7F178A745A11BAC6AE5B586FC1838EADCB2CF
SHA256 / Certificate:	edV7Fd+mXChw6v4Rtjd2WQnP6Te0nBXOfxlAMMqzla0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.digicert.cn
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

01.08.2013

15.01.2038
expires in 4590 days

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

01.08.2013

15.01.2038
expires in 4590 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	033AF1E6A711A9A0BB2864B11D09FAE5
Thumbprint:	DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
SHA256 / Certificate:	yzzLt2Ax5eATj43TmiP53kf/w15DwRRM6ifUalqxy18=
SHA256 hex / Cert (DANE * 0 1):	cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA256 hex / PublicKey (DANE * 1 1):	8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):	8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

10.11.2006

10.11.2031
expires in 2332 days

CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

10.11.2006

10.11.2031
expires in 2332 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA-1 with RSA Encryption
Serial Number:	083BE056904246B1A1756AC95991C74A
Thumbprint:	A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:	Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):	4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):	aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):	aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=gpfqtt.top

19.03.2025

17.06.2025
5 days expired

gpfqtt.top, www.gpfqtt.top - 2 entries

CN=gpfqtt.top

19.03.2025

17.06.2025
5 days expired

gpfqtt.top, www.gpfqtt.top - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0CBA799C656BBED35CFE4B38490CFE6F
Thumbprint:	E0CE2BF396E7855E395D24904AD99FB2A62CEB0F
SHA256 / Certificate:	cFrisoaJR0QedYwmEZJ5pNxpYNX8XecVuAJmyiRPPJ4=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	619441648897d2f248bd5e2aaf43e1f4d4efabc1058700a5f48091c4f1ba4b9e
SHA256 hex / Subject Public Key Information (SPKI):	619441648897d2f248bd5e2aaf43e1f4d4efabc1058700a5f48091c4f1ba4b9e (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=gpfqtt.top

19.03.2025

17.06.2025
5 days expired

gpfqtt.top, www.gpfqtt.top - 2 entries

CN=gpfqtt.top

19.03.2025

17.06.2025
5 days expired

gpfqtt.top, www.gpfqtt.top - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0CBA799C656BBED35CFE4B38490CFE6F
Thumbprint:	E0CE2BF396E7855E395D24904AD99FB2A62CEB0F
SHA256 / Certificate:	cFrisoaJR0QedYwmEZJ5pNxpYNX8XecVuAJmyiRPPJ4=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	619441648897d2f248bd5e2aaf43e1f4d4efabc1058700a5f48091c4f1ba4b9e
SHA256 hex / Subject Public Key Information (SPKI):	619441648897d2f248bd5e2aaf43e1f4d4efabc1058700a5f48091c4f1ba4b9e (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0DE0FFB5EE62CB61109F608C9CED5ED3
Thumbprint:	ED6302684A3259AA04F10FE9A97A8FD30B965D26
SHA256 / Certificate:	sayM+xgbnJNU4Xdfy9/P54mMXMmhfXYxW1fBEu7lUjQ=
SHA256 hex / Cert (DANE * 0 1):	b1ac8cfb181b9c9354e1775fcbdfcfe7898c5cc9a17d76315b57c112eee55234
SHA256 hex / PublicKey (DANE * 1 1):	83178a145699d8714922c4dd4e3125ea7568ddc913097faacd132a6fd5e86b5c
SHA256 hex / Subject Public Key Information (SPKI):	83178a145699d8714922c4dd4e3125ea7568ddc913097faacd132a6fd5e86b5c
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US

27.11.2017

27.11.2027
expires in 888 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0DE0FFB5EE62CB61109F608C9CED5ED3
Thumbprint:	ED6302684A3259AA04F10FE9A97A8FD30B965D26
SHA256 / Certificate:	sayM+xgbnJNU4Xdfy9/P54mMXMmhfXYxW1fBEu7lUjQ=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	83178a145699d8714922c4dd4e3125ea7568ddc913097faacd132a6fd5e86b5c
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.digicert.com
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

01.08.2013

15.01.2038
expires in 4590 days

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

01.08.2013

15.01.2038
expires in 4590 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	033AF1E6A711A9A0BB2864B11D09FAE5
Thumbprint:	DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
SHA256 / Certificate:	yzzLt2Ax5eATj43TmiP53kf/w15DwRRM6ifUalqxy18=
SHA256 hex / Cert (DANE * 0 1):	cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA256 hex / PublicKey (DANE * 1 1):	8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):	8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

18.01.2024

10.11.2031
expires in 2332 days

CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US

18.01.2024

10.11.2031
expires in 2332 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0FE032AB844D033106C50C8E13C8B068
Thumbprint:	8BF7F178A745A11BAC6AE5B586FC1838EADCB2CF
SHA256 / Certificate:	edV7Fd+mXChw6v4Rtjd2WQnP6Te0nBXOfxlAMMqzla0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.digicert.cn
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

10.11.2006

10.11.2031
expires in 2332 days

CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US

10.11.2006

10.11.2031
expires in 2332 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA-1 with RSA Encryption
Serial Number:	083BE056904246B1A1756AC95991C74A
Thumbprint:	A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:	Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):	4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):	aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):	aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuer				last 7 days	active	num Certs
CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US				0	0	1

CertSpotter-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
9841370881 precert	CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US	2025-03-19 00:00:00	2025-06-16 23:59:59	bitwarden.gpfqtt.top - 1 entries

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuer				last 7 days	active	num Certs
CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US				0	0	1

CRT-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
17309777456 precert	CN=Encryption Everywhere DV TLS CA - G2, OU=www.digicert.com, O=DigiCert Inc, C=US	2025-03-18 23:00:00	2025-06-16 21:59:59	bitwarden.gpfqtt.top 1 entries

11. Html-Content - Entries

Summary

							Subresource Integrity (SRI)
Domainname	HtmlElement	rel/property	∑	∑ size	∑ problems	∑ int.	∑ ext.	∑ Origin poss.	∑ SRI ParseErrors	∑ SRI valid	∑ SRI missing
https://bitwarden.gpfqtt.top:2468/ 222.65.31.106	img		1		0			0	0	0
	link	stylesheet	1		1	1	0	0	0	0
	link	other	5		4	4	0	0	0	0
	meta	other	3		0			0	0	0
	script		4		4	4	0	0	0	0

Details (currently limited to 500 rows - some problems with spam users)

Domainname	Html-Element	name/equiv/ property/rel	href/src/content	∑
https://bitwarden.gpfqtt.top:2468/ 222.65.31.106	img				1	ok
	alt: Vaultwarden logo					ok


	link	apple-touch-icon	images/apple-touch-icon.png	0	1	unspecific error - perhaps missing error message (1)
						unspecific error - perhaps missing error message (1)


	link	icon	images/favicon-16x16.png	0	1	unspecific error - perhaps missing error message (1)
						unspecific error - perhaps missing error message (1)


	link	icon	images/favicon-32x32.png	0	1	unspecific error - perhaps missing error message (1)
						unspecific error - perhaps missing error message (1)


	link	manifest	cca56971e438d22818d6.json		1	ok
						ok


	link	mask-icon	images/safari-pinned-tab.svg	0	1	unspecific error - perhaps missing error message (1)
						unspecific error - perhaps missing error message (1)


	link	stylesheet	app/main.a5d3a3a9125fcf07f286.css	0	1	unspecific error - perhaps missing error message (1)
						unspecific error - perhaps missing error message (1)


	meta	charset	utf-8		1	ok
						ok


	meta	theme-color	#175DDC		1	ok
						ok


	meta	viewport	width=1010		1	ok
						ok


	script	src	app/main.b193f247301cc37bf60b.js	0	1	unspecific error - perhaps missing error message (1)
	defer attribute found					unspecific error - perhaps missing error message (1)


	script	src	app/polyfills.4275a7f2798b637a6613.js	0	1	unspecific error - perhaps missing error message (1)
	defer attribute found					unspecific error - perhaps missing error message (1)


	script	src	app/vendor.351bf938ddfd5e202e99.js	0	1	unspecific error - perhaps missing error message (1)
	defer attribute found					unspecific error - perhaps missing error message (1)


	script	src	theme_head.1df11f603fda400762b7.js	0	1	unspecific error - perhaps missing error message (1)
	defer attribute found					unspecific error - perhaps missing error message (1)

12. Html-Parsing via https://validator.w3.org/nu/

	Type	Message	num found
Url used (first standard-https-result with http status 200): https://bitwarden.gpfqtt.top:2468/

Summary
	Good: No non-document-errors
	2 errors
	1 warnings
1.	error	Attribute `page-title` not allowed on element `title` at this point.	1
2.	error	Element `img` is missing required attribute `src`.	1
3.	warning	Consider adding a `lang` attribute to the `html` start tag to declare the language of this document.	1
Details
	Type	Message + Sample
1	error	Attribute `page-title` not allowed on element `title` at this point.
		From line 1, column 159 to line 1, column 176
		#175DDC"/><title page-title>Vaultw
2	error	Element `img` is missing required attribute `src`.
		From line 1, column 809 to line 1, column 867
		ter"><div><img class="mb-4 logo logo-themed" alt="Vaultwarden logo"/><p cla
3	warning	Consider adding a `lang` attribute to the `html` start tag to declare the language of this document.
		From line 1, column 16 to line 1, column 41
		type html><html class="theme_light"><head>

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1.alidns.com, ns1.huaweicloud-dns.cn, ns1.huaweicloud-dns.com, ns1.huaweicloud-dns.net, ns1.huaweicloud-dns.org, ns2.alidns.com

QNr.	Domain	Type	NS used
1	com	NS	h.root-servers.net (2001:500:1::53)
	Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2	ns1.alidns.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns3.aliyun.com, ns4.aliyun.com, ns5.aliyun.com
	Answer: ns3.aliyun.com 106.11.35.29, 106.11.35.30, 106.11.41.153, 106.11.41.154, 2401:b180:4100::11
	Answer: ns4.aliyun.com 140.205.122.133, 140.205.122.143, 2401:b180:4100::12
	Answer: ns5.aliyun.com 140.205.122.153, 2401:b180:4100::13, 47.241.207.14, 47.88.74.34
3	cn	NS	m.root-servers.net (2001:dc3::35)
	Answer: a.dns.cn, b.dns.cn, c.dns.cn, d.dns.cn, e.dns.cn, ns.cernet.net
4	ns1.huaweicloud-dns.cn	NS	a.dns.cn (2001:dc7::1)
	Answer: ns1.hwclouds-dns.com, ns1.hwclouds-dns.net
5	ns1.huaweicloud-dns.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns1.hwclouds-dns.com, ns1.hwclouds-dns.net
	Answer: ns1.hwclouds-dns.com 116.205.223.130, 116.205.5.33, 122.112.208.253, 139.9.224.17, 2407:c080:20:ffff:ffff:fffe:0:1
6	net	NS	l.root-servers.net (2001:500:9f::42)
	Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
7	ns1.huaweicloud-dns.net	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns1.hwclouds-dns.com, ns1.hwclouds-dns.net
	Answer: ns1.hwclouds-dns.net 159.138.160.107, 159.138.17.187, 2407:c080:20:ffff:ffff:fffe:0:1
8	org	NS	a.root-servers.net (2001:503:ba3e::2:30)
	Answer: a0.org.afilias-nst.info, a2.org.afilias-nst.info, b0.org.afilias-nst.org, b2.org.afilias-nst.org, c0.org.afilias-nst.info, d0.org.afilias-nst.org
9	ns1.huaweicloud-dns.org	NS	a0.org.afilias-nst.info (2001:500:e::1)
	Answer: ns1.hwclouds-dns.com, ns1.hwclouds-dns.net
10	ns2.alidns.com	NS	a.gtld-servers.net (2001:503:a83e::2:30)
	Answer: ns3.aliyun.com, ns4.aliyun.com, ns5.aliyun.com
	Answer: ns3.aliyun.com 106.11.35.29, 106.11.35.30, 106.11.41.153, 106.11.41.154, 2401:b180:4100::11
	Answer: ns4.aliyun.com 140.205.122.133, 140.205.122.143, 2401:b180:4100::12
	Answer: ns5.aliyun.com 140.205.122.153, 2401:b180:4100::13, 47.241.207.14, 47.88.74.34
11	ns1.alidns.com: 120.76.107.45, 120.76.107.55, 139.224.142.115, 139.224.142.125, 39.96.153.45, 39.96.153.55, 47.118.199.205, 47.118.199.215	A	ns3.aliyun.com (2401:b180:4100::11)
12	ns1.alidns.com: 2408:4009:501::1	AAAA	ns3.aliyun.com (2401:b180:4100::11)
13	ns1.huaweicloud-dns.cn: 116.205.223.129, 116.205.5.32, 122.112.208.254, 139.9.224.17	A	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
14	ns1.huaweicloud-dns.cn: 2407:c080:20:ffff:ffff:fffe:0:1	AAAA	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
15	ns1.huaweicloud-dns.com: 116.205.223.128, 116.205.5.31, 122.112.208.253, 139.9.224.17	A	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
16	ns1.huaweicloud-dns.com: 2407:c080:20:ffff:ffff:fffe:0:1	AAAA	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
17	ns1.huaweicloud-dns.net: 159.138.112.111, 159.138.160.107, 159.138.17.112, 159.138.208.3, 190.92.196.2	A	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
18	ns1.huaweicloud-dns.net: 2407:c080:20:ffff:ffff:fffe:0:1	AAAA	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
19	ns1.huaweicloud-dns.org: 159.138.112.111, 159.138.160.107, 159.138.17.187, 159.138.208.3, 190.92.196.2	A	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
20	ns1.huaweicloud-dns.org: 2407:c080:20:ffff:ffff:fffe:0:1	AAAA	ns1.hwclouds-dns.com (2407:c080:20:ffff:ffff:fffe:0:1)
21	ns2.alidns.com: 120.76.107.46, 120.76.107.56, 139.224.142.116, 139.224.142.126, 39.96.153.46, 39.96.153.56, 47.118.199.206, 47.118.199.216	A	ns3.aliyun.com (2401:b180:4100::11)

14. CAA - Entries

Domainname	flag	Value	∑ Queries	∑ Timeout
www.bitwarden.gpfqtt.top	0	no CAA entry found	1	0
bitwarden.gpfqtt.top			2	2
gpfqtt.top	0	no CAA entry found	1	0
top	0	no CAA entry found	1	0

15. TXT - Entries

Domainname	Status	∑ Queries
gpfqtt.top	ok	1
bitwarden.gpfqtt.top	ok	1
www.bitwarden.gpfqtt.top	ok	1
_acme-challenge.bitwarden.gpfqtt.top	missing entry or wrong length	1
_acme-challenge.www.bitwarden.gpfqtt.top	missing entry or wrong length	1
_acme-challenge.bitwarden.gpfqtt.top.gpfqtt.top	perhaps wrong	1
_acme-challenge.bitwarden.gpfqtt.top.bitwarden.gpfqtt.top	perhaps wrong	1
_acme-challenge.www.bitwarden.gpfqtt.top.bitwarden.gpfqtt.top	perhaps wrong	1
_acme-challenge.www.bitwarden.gpfqtt.top.www.bitwarden.gpfqtt.top	perhaps wrong	1

16. DomainService - Entries

No DomainServiceEntries entries found

17. Cipher Suites

Summary
Domain	IP	Port	num Ciphers	time	Std.Protocol	Forward Secrecy
bitwarden.gpfqtt.top	222.65.31.106	2468	9 Ciphers	203.61 sec		4 without, 5 FS	55.56 %
www.bitwarden.gpfqtt.top	222.65.31.106	2468	8 Ciphers	201.91 sec		3 without, 5 FS	62.50 %
Complete		2	17 Ciphers 8.50 Ciphers/Check	405.52 sec	202.76 sec/Check	7 without, 10 FS	58.82 %

Details
Domain	IP	Port	Cipher (OpenSsl / IANA)
bitwarden.gpfqtt.top	222.65.31.106	2468	ECDHE-RSA-CHACHA20-POLY1305		(Secure)	TLSv1.2	0xCC,0xA8	FS
9 Ciphers, 203.61 sec			TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		RSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-RSA-AES256-GCM-SHA384		(Secure)	TLSv1.2	0xC0,0x30	FS
			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH		RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256		(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH		RSA	AESGCM(128)	AEAD
			AES256-GCM-SHA384		(Weak)	TLSv1.2	0x00,0x9D	No FS
			TLS_RSA_WITH_AES_256_GCM_SHA384
			RSA		RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES256-SHA		(Weak)	TLSv1	0xC0,0x14	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
			ECDH		RSA	AES(256)	SHA1
			AES256-SHA		(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA		RSA	AES(256)	SHA1
			ECDHE-RSA-DES-CBC3-SHA		(Weak)	SSLv3	0xC0,0x12	FS
			TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
			ECDH		RSA	3DES(168)	SHA1
			DES-CBC3-SHA		(Weak)	SSLv3	0x00,0x0A	No FS
			TLS_RSA_WITH_3DES_EDE_CBC_SHA
			RSA		RSA	3DES(168)	SHA1
			AES128-SHA		(Weak)	SSLv3	0x00,0x2F	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA
			RSA		RSA	AES(128)	SHA1
www.bitwarden.gpfqtt.top	222.65.31.106	2468	ECDHE-RSA-CHACHA20-POLY1305		(Secure)	TLSv1.2	0xCC,0xA8	FS
8 Ciphers, 201.91 sec			TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
			ECDH		RSA	CHACHA20/POLY1305(256)	AEAD
			ECDHE-RSA-AES256-GCM-SHA384		(Secure)	TLSv1.2	0xC0,0x30	FS
			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH		RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256		(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH		RSA	AESGCM(128)	AEAD
			AES128-GCM-SHA256		(Weak)	TLSv1.2	0x00,0x9C	No FS
			TLS_RSA_WITH_AES_128_GCM_SHA256
			RSA		RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES256-SHA		(Weak)	TLSv1	0xC0,0x14	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
			ECDH		RSA	AES(256)	SHA1
			AES256-SHA		(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA		RSA	AES(256)	SHA1
			ECDHE-RSA-DES-CBC3-SHA		(Weak)	SSLv3	0xC0,0x12	FS
			TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
			ECDH		RSA	3DES(168)	SHA1
			DES-CBC3-SHA		(Weak)	SSLv3	0x00,0x0A	No FS
			TLS_RSA_WITH_3DES_EDE_CBC_SHA
			RSA		RSA	3DES(168)	SHA1

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

Permalink: https://check-your-website.server-daten.de/?i=d5134f51-30a9-40bb-bcc1-994eb929f922

Last Result: https://check-your-website.server-daten.de/?q=bitwarden.gpfqtt.top%3A2468 - 2025-06-10 15:45:44

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=bitwarden.gpfqtt.top%3A2468" target="_blank">Check this Site: bitwarden.gpfqtt.top%3A2468</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=bitwarden.gpfqtt.top:2468

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

Mobile- and other Chrome-Checks

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

Summary

Details (currently limited to 500 rows - some problems with spam users)

12. Html-Parsing via https://validator.w3.org/nu/

Summary

Details

13. Nameserver - IP-Adresses

14. CAA - Entries

15. TXT - Entries

16. DomainService - Entries

17. Cipher Suites

18. Portchecks