Check DNS, Urls + Redirects, Certificates and Content of your Website


Update: 2020-03-04 - now 90 days later. All affected Letsencrypt certificates should be renewed. Time to remove that Info.




W

wrong Web-Response

Checked:
07.04.2020 01:25:22


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
filer.synleg.no
A
79.160.64.25
Rubbestadneset/Vestland/Norway (NO) - Altibox
Hostname: 25.79-160-64.customer.lyse.net
yes
1
0

AAAA

yes


www.filer.synleg.no

Name Error
yes
1
0


2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



Status: Valid because published



3 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 33853, Flags 256



Public Key with Algorithm 8, KeyTag 48903, Flags 256



1 RRSIG RR to validate DNSKEY RR found



Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 22.04.2020, 00:00:00 +, Signature-Inception: 01.04.2020, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: no
no
1 DS RR in the parent zone found



1 RRSIG RR to validate DS RR found



Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 19.04.2020, 17:00:00 +, Signature-Inception: 06.04.2020, 16:00:00 +, KeyTag 48903, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 48903 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 29471, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 46921, Flags 256



1 RRSIG RR to validate DNSKEY RR found



Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 17.04.2020, 09:32:34 +, Signature-Inception: 04.04.2020, 09:02:50 +, KeyTag 29471, Signer-Name: no



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 29471 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 29471, DigestType 2 and Digest "kV7eRupTJP+GsRye1OnIFK6MRiwWXlOAo5mdkEGIQdo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: synleg.no
synleg.no
2 DS RR in the parent zone found



1 RRSIG RR to validate DS RR found



Algorithm: 8, 2 Labels, original TTL: 7200 sec, Signature-expiration: 17.04.2020, 00:03:13 +, Signature-Inception: 03.04.2020, 19:02:51 +, KeyTag 46921, Signer-Name: no



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46921 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 13, KeyTag 17017, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 13, KeyTag 20572, Flags 256



2 RRSIG RR to validate DNSKEY RR found



Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 06.05.2020, 21:03:08 +, Signature-Inception: 06.04.2020, 21:03:08 +, KeyTag 17017, Signer-Name: synleg.no



Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 06.05.2020, 21:03:08 +, Signature-Inception: 06.04.2020, 21:03:08 +, KeyTag 20572, Signer-Name: synleg.no



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 17017 used to validate the DNSKEY RRSet



Status: Good - Algorithmus 13 and DNSKEY with KeyTag 20572 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 17017, DigestType 2 and Digest "Qt4nz9qKsqY1mtU3WdfP6kqES3MJfec+c7CmPsf9ErU=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 17017, DigestType 4 and Digest "M7mZ7DCwTg5Oypok3hW/b0Ha2yVYnIW+ZLbzMKAwTpkyzKQvSZO2D40bJztZE9vX" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: filer.synleg.no
filer.synleg.no
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.Bitmap: A, RRSIG



0 DNSKEY RR found







RRSIG Type 1, expiration 2020-05-06 21:03:08 + validates the A - Result: 79.160.64.25



RRSIG Type 50, expiration 2020-05-06 21:03:08 + validates the NSEC3 RR that proves the not-existence of the CNAME RR. Bitmap: A, RRSIG



RRSIG Type 50, expiration 2020-05-06 21:03:08 + validates the NSEC3 RR that proves the not-existence of the TXT RR. Bitmap: A, RRSIG



RRSIG Type 50, expiration 2020-05-06 21:03:08 + validates the NSEC3 RR that proves the not-existence of the AAAA RR. Bitmap: A, RRSIG



RRSIG Type 50, expiration 2020-05-06 21:03:08 + validates the NSEC3 RR that proves the not-existence of the TLSA RR. Bitmap: TXT, RRSIG



RRSIG Type 50, expiration 2020-05-06 21:03:08 + validates the NSEC3 RR that proves the not-existence of the TLSA RR. Bitmap: A, RRSIG



RRSIG Type 50, expiration 2020-05-06 21:03:08 + validates the NSEC3 RR that proves the not-existence of the CAA RR. Bitmap: A, RRSIG

Zone: www.filer.synleg.no
www.filer.synleg.no
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.Bitmap: CNAME, RRSIG


3. Name Servers

DomainNameserverNS-IP
www.filer.synleg.no
  ns1.hyp.net

filer.synleg.no
  ns1.hyp.net / lon.uk
151.249.124.1
Oslo/Oslo County/Norway (NO) - Domeneshop


 
2a01:5b40:ac1::1
Oslo/Oslo County/Norway (NO) - Domeneshop AS

synleg.no
  ns1.hyp.net / lon.uk


  ns2.hyp.net / ams.nl


  ns3.hyp.net / fra.de

no
  i.nic.no / s2.amx


  njet.norid.no


  not.norid.no


  x.nic.no


  y.nic.no


  z.nic.no


4. SOA-Entries


Domain:no
Zone-Name:
Primary:charm.norid.no
Mail:hostmaster.norid.no
Serial:2020040680
Refresh:7200
Retry:1800
Expire:2419200
TTL:7200
num Entries:6


Domain:synleg.no
Zone-Name:
Primary:ns1.hyp.net
Mail:hostmaster.domeneshop.no
Serial:1586210587
Refresh:14400
Retry:3600
Expire:777600
TTL:3600
num Entries:3


Domain:filer.synleg.no
Zone-Name:
Primary:ns1.hyp.net
Mail:hostmaster.domeneshop.no
Serial:1586210587
Refresh:14400
Retry:3600
Expire:777600
TTL:3600
num Entries:2


Domain:www.filer.synleg.no
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

No Screenshot listed, because no url-check with https + http status 200-299, 400-599 + not-ACME-check found.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://filer.synleg.no:80/
79.160.64.25
302
http://filer.synleg.no:6655/
Html is minified: 111.29 %
0.104
D
Server: nginx
Date: Mon, 06 Apr 2020 23:26:00 GMT
Content-Type: text/html
Content-Length: 138
Connection: close
Location: http://filer.synleg.no:6655/

• http://filer.synleg.no:6655/

-14

10.043
T
Timeout - The operation has timed out

• https://filer.synleg.no:80/
79.160.64.25
-4

0.156
W
SendFailure - The underlying connection was closed: An unexpected error occurred on a send.

• http://filer.synleg.no:80/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
79.160.64.25 GZip used - 8446 / 11939 - 29.26 %
Inline-JavaScript (∑/total): 1/2229 Inline-CSS (∑/total): 1/160
404

Html is minified: 125.83 %
0.100
A
Not Found
Visible Content: © 2019 Synology Inc.
Info: Html-Content with meta and/or script, may be a problem creating a Letsencrypt certificate using http-01 validation
<!DOCTYPE html> <html> <head> <meta charset="utf-8"> <style>body{font-family:Arial,Helvetica,sans-serif;font-size:12px;text-align:center}h1{color:#06C;font-size:25px;line-height:60px;margin-top:56px}img{margin-top:40px} </style> </head> <body> <img src="data:image/jpg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQECAQEB AQEBAgICAgICAgICAgICAgICAgICAgICAgICAgICAgL/2wBDAQEBAQEBAQICAgICAgICAgICAgIC AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgL/wAARCAAzAMgDAREA AhEBAxEB/8QAHwAAAgIDAAMBAQAAAAAAAAAAAAkICgEGBwQFCwMC/8QARBAAAAYCAAUCBQIDAwYP AAAAAQIDBAUGBwgACRESExQhChUiMUEWMiNCURckYRhDUnGBkRozNDY5U2JydHZ4sbW2wf/EABgB AQEBAQEAAAAAAAAAAAAAAAADAgQB/8QAKREBAAICAgEDAwMFAAAAAAAAAAECAxESMSETImEyUYFB caEjM2LB0f/aAAwDAQACEQMRAD8Au+532JoOAIVo+tSrqRm5fzhXqpDgkpMy5mwfxl/4xipt2qYi UqrlYwEATAUgKKCBB3SlrvJnRdczzLshKujjA42pcax7xFAk1LzMq7FPr9IKLsgaJ93T79CdAH+v FfQj7szds9N5lsj61BPIWMmgxihilXkqVLrnetSCP1LkhpoO1boH8hXaZh/l6j7CnB8vIuZ5SbvV 8iViKuNOlkJmvzLf1DJ6h3FH6TCmu2coqdDpLJHAU1kVAKomoUSnABDiExMSo2zjwHAHAHAHAHAH AHAY4Ch18VDl7m7as47olpNvBV69rVn7ImQ8XpYg1yxvLYcsNeiEY5WYq7C7ZRfy8vOWE8hDEWJK C2dQMcR4koRGKUQWKcgWeOSEoqtyiuXYqsodVQ+qWJxOoocxzmH9Pk9zGN7j/v4Bp3AHAHAHAHAH AHAHAY4CL0RufrNP31xjaHyzWpGzNZlauLJtXPmYEn0HJGakYo/J1IT+Mokim5U7WSzhVFsi6UcL JpGBTm78tMyeyN+SkhUEINrXYiDbqmN40YkIFGRS8IG/aVVdwsqbp+45xH8B07MP9tK/ZiOsWGtW bHjCtSMFX6ffp9eFYLW15ZEmc7Yms8q2AZVk+jX3cLEE1hOmkkRJNPxgUxRV6+U8Mlr8v+NViJhy 7arSVGSCAsuvtIatZZZ+owtFVjH7CJiVWKqBlms8ybyqySCCiSpfCumgYoKkVIfxdyRzG1jy/d5a v2eswBLXbSqp2pTYGtTsRR7XYYcawpX14q1gys6rFwWWSdNYpyb0xXSLdAxTn+lRRES/vH6vcmsk +3zP+nse2PKbuFtkMa56WsLWirzRXdaTjlpFpOxYxTgzaTFUjZ00IJz+RMDInIcfbsN2gP7g4jal q9tRMS7LPTcfWoSXsUuuDaKgox/MSbgf8ywjWpnbpQA/IgQgiAfn7cZeobRnMAwRMrenjmmQ3CwM X8mchagYBTYxcepKSDlTq4+kqSCRzmEft06ffpxX0bs84bhjrc3CWTZaUioV/PRPyWtyNrlJS0xB YKFYQsWqki7cupBdYxSdBWJ0AQ9/f8+3GbY7xH8PYtEucT/MUwVFSarGLj71aGqJzEGYiYJs1jlu 03TyNAmnLVc5BD3AwolAwfbrxv0L/DPOEjsP5+xlnJi8c0KbO4exYJGloCTaqRc/FpuBEG6zqOX6 9yRxAQKuidVETB2+Tu9uJ2pNWomJfplfPmLMKtUFb7ZkGD94kZaOr7FFWUsckkU3YKzWIZAZQEuv UPOr40O4BL5evtwrS1uiZ0i4TmQ4TM88J6zkpJmKnb64YSGOAE/CpmqcgKn+wAE3+HFPQv8ADznC W+L8yY4zHEqy+PrMzm02okJIsO1VlMxCqhe4qMrEPAIuj1/lMYnjU6D4znAOvE7Vms+XsTEqgvxt aaY6L6jKiQoqk2ycJkU/mKmrh+fMoQB/oYSFEf8Auhxl6f1yPv8AohuXV/6UcT//AF8nAbhuXzYt HtFrTAYzzVlR5MZytxWxqhrth6pWTMWebKD1EzhidpjahoO3bVNwmQ52y8l6Fu4ApvAqp0HgIP1r 4lflplyfD4izupsppjcLB4xhy7ha73TDUS5SXOKbZ48lT+vTYNDiHT10l6Nin/nnKXv0B9cHOQtm homx1uXi7BXp6NZTEHPQcg0lYaaiJJsV5HSsTKMDqIOGzhE5FUF0TnSVTMU5DGKIDwCwtjucdpZr vm//ACXGErlLZTagiK7h/rZqNiqz5/y1AoNU0lnR7WwqpQjYgyRF0lFUJSTZuUklCLKIlSOU4hxX H/xB/Lhm8tSGBc42zK2j2aY5qD1bHW8uJrBrvIi2MBhRWGwTpnEIkCwFEWoryiIPQD+5eoH24CXC XNU5eMvD2uUoe22G8xyFNrEjcpekYHtTXOeUXVchxIaYka5irFHzexS3pEzedynGRrtVBsRVyomV BFVQgQD/AOFBck31fy8duJYJEHPohjh152SCR9aCvgFl6D9J+Xzd/wBHi7fJ3/R293twDn8E5xpW xeNYTLGPGV+YVOwKv0oxDJuLsi4dtpgjnhmKy7uh5UjIiabJKGIJm6rhgkRykJVkBOkYpxBdG4nO v5cWmd7seDtrMvZJwxbVGz2LbuZjXPYs9dsKTiIQcPH2Pr7FVZxCzhGpHqALrxD56m1cHBBcU1gE nAQKwJpDkjYhzBZ5osu8UxVl6+5ykUnd/rtyxpR4jDmTcIs9cmeWMf4PvcbD3aEyezZQaoM2k4xL VHbGdkHhF3AJwEmAN+251GXzWs1vlDdR8bkONjyxr5jJHM2irbFNjGVZILPEym9O8biYxUFzEMmd M/hW7SkTUTrjyce2bV2UbZ8VZgxRImc2KlXanPWinQk+xbSBGn8MegHaWeBMdAS/nqDgP9XHTFqW /WEpiYdIoG4uwFEVRFnfXFtjERTA8NdiFsbRVJP2FAJM4kfJf6yOvb/RH7cZtipL3nYyBjkStbwa 75DqzSNCDyBGxaarmuLLFdjH2dmAydZloh2YCisydOEBRBQSlUT6rN1S9QAykNeldvfKC8tLsgKY 92BqpHpzs466Fc0GcbqiCfhdSZwUiPMJ+nQUpFFFIev7QUP/AI8XyxujFezJN/shfpDBi9ZbLdkr kmWa1lMgCIH+TNh+a2FUOn8oopFbm/8AEgH54hhjd/2Uv0X9rNjsz3FmzGV3bcBbQOKbZSoBRQnU oycvCHfTy6I/gyTYrZER+/RycP68VyT7oj5if5YrHiUf8LY5fZcyTVMbs5FWLTtLg6Mu+T+szeCi 2ppmUW9OIgRYxSN+qKanVP1HiMb9vFL2412zEbk1XJ+huF2OLrGtT2k7FW6vV+TmIyfdT0hJKSb2 LZGeFbTTFwb0x01/GKZvCiiKXf3pdO0CjzxmttThBZutWTS4pyxXr4sooSObQtoRlWpDmKEkyXrT h21jFRD2HveJNezr+xQCm6e3F7051TidS8apQV62ezS0YyEr5rbkCUcv5qbeAZdCFiWaJnz46Dfq H92Yty+Bm1IYhevhS6h3GNwnWOr2N2k0p/y6MKq1o0bHS11ZWUrYARta0yV4Yz8qfsu6gzJlaGRE 3uZFMqRu36SrFH6uOf1rqcI0VlDzl61izO6cIOAQs2PbAvETzZqdQI2ywyCxTPY5UpugqNXzUSrI d4d6Jzoqh0VTAeOjxkqn9Ml4fGnS7OwcvnTKejjCdhN7QtJdic3QDGaSOE5942MYA/PYcOvHFrUr J/YW3fY8uv4YvXbbIzdlI2XHukGJY7GsLIdxmc3la6sWtNxyxeoE+pRqnKPW7t+QnQwxzZ2JTF6d wBDr4RbA6OTMK7M80DOT5fKu2Gyuf7lTXuXLl2zFvZVCrR0fJT6UZJOQEWnziYkHIvitQRTO1jYt oVMjdkkmAPN5x/LjxvzMNG8u4XslZinmVq/VbDd9drsoxRUsFGy/BRR39dLFyXsqmymFEixEw3A3 jcsHRzCQXKDVVEKJvI650mx2s+hnMk1LNYJGUm8G6o5L2A1GkJ7zPX2JbXHzDGl3itMSPO4RYtVp 1taGMcYAbs3kbLj2CR+oUgOQ+Cmp9anMB70bBznSxZwu2wsDT7bd5tQ8tcHtaY0xC7Jesnn4qOTB Iy8xIu3phU7nrpBJZyKqiCRiBvXxpWtdFtekOBdqPlEehlDEGeYnFxLEm2STk5DHOUazLSUhX3rw vQ6yLaViWLpqkfvBudd6ZEE/VOBUCVXwyWq+md05fuou88HqfiCibXR9ZyXjKbzJXIBdrZp1WpW2 WxZI2oiyqx00nszEtiBKrIppis5cPwT8aC4pcAgz4qjQl1ovu3gDmq65VWPg61lLJlasOQGjSOIN cgdqMZyyV5hLG+YJFKkRO2s2Pq3CYF/vMpETLxcwrSHuF+DSfa7Hu8WqmDNrcYLkNU80UGJtRY4H CbpxWLAJRj7hTJJVL29XCyyLyLdfjztDmL9IgPAIL2RhYfmg/EJ6966Lx0faddeUHjVzsZmzzoNJ GGmNlssGj3mMaHI+UqiRzMSNIGX8BgED/LptouUDE6AFprgE55I3wz3Tr3ZqivXcfsDVGzuol+ih FTbpw8aR7z6vGs8e9AM5b9DJnAnQPIUwAIcdMYa6/VLnJslPtlev9WhrbWnyErA2GORfM10zkVKK ThPqo2cEAR7VUx6pLJG+pNQpkzgBgEOOaY1KvaBu+eMsNxmKXt2PCQNayIEtEtKy/h2jaNkbE5cP yBJRb9uzAgOkwaCuudRQhzNxSKcqhQEQPfDa3LSd4jSK/LtVkSZ8lE2fk9Cvjub+cATr4gSRlmIs DK/j/jR6E6/6Rv8AHjef6fyU7c23Bx46xPn+xqxAGYMLM4b5GqjhMPEVq7kHYryBGol/aLaTSVOA B7lIol9gEA41jnlRm3iX97ZZ3Lm6foD9ir3xtex1DKO2iHf40bjYUCyFrblTH+ZAxEGnt9xTHp9+ GOnCPyWnZkcfjT+yjRi1VZdEEZhbE9rsFk9hKc1hsEOrJSCaoD+UO8rUP+ygUOOflyy/mFNaqXlo aUptlqcIh7p125HKP9DDAmJ1/wBwjxfN9DFOzxr7/wAxrp/5TsX/AMOtxyx2pPSsPWod7PrM4qOS FV4tGvHSSRQExjki4dWWcFIUPuPiQP0D88d8+JQSo0ctERWti6mtLuUWrWxQ0/WWLpwYCpElZVBN zFo+Q32FwdD05Oo+6ipCfzcTy/Q3X6j++ONVXE2ls0Xcc95YnYJVJ7HKz4RjJy0EFUX6kHFN4Fdd son1BQqi7c/YcvUDh2iXqAhx3Y41SEJ7Ky+MQhHlb5YOgdfkAUK/hs/VuNekV6+RN20wHNouEj9f yU4CX/ZxxWndpXhqPMco1puPweGmsnW2bp40x5jrTi824jQiqpkasVUagq8WTS+6ST6XYqKiIdqZ QFU3QCdweCYfwZGZIC58tHKmHkHKf6pwps1bHMvH95POlXcm1aKn6zJmRAe4E13TSXRIYegGOzVA P2CPAW8+A+WH8PzqPXNxOcTubQ7FBuZnXpXD+6lXyl8vORBsrSMvTa+KYWMaSBCmIg7UGW9bHqEK YSKRwrpl/gcAxjk9Qe2vJj313nwbgDFWQOaNovEWepU7NWQdQ4hpY7VjLJMQL51T26desLiPYyFv iY9y6YXWsw0i8SaeoYLKSiazZBkqDC+bBjLmHc/ZphXUHBGnGbNMNTKrk2MyrmXYndiGrmNJ+Vlo uGcwEIyp2GoeVkZp4hHtpORXKmYUTScgdqkueHatVHi4WftNNU8Z6P6v4W1TxAk7CgYVpbOqRT2S 8XzafkDuFJazWyb9OBU/XS8o4eSbzxlKkDh2oVIhEgIUA5PzNtIKjzE9Ic9an2krFu+yHUXDnHth ep9wU7K1bN89xxaiKFAVCEbSiKBHnj6GXjlnjQR7HBymCjr8NhzYkuW9W9/dHNynK9Qj8AVfMew1 BrNkfpMJGLynhxkpFZnwZFlciIGkJlRm1cxbNEe0z9nKHIVRV6HAWe/h09drzStMbVuZnVAT7Mcz DK9l3Eys/cpqFeNqzdn67nElZIKwAcrNGKXPLtEB6+l+eqtw/Z2gFgPgF1be6dSmU5c2TsYCwLdD tEG1lrb1crFta02KfhYyDB+p/DQfppAVEwLdqDlIifcokol3K1x5ePiembV2XJH1naTDy7pnCQea qIK6pzOka+zsRYx2oA9DLiMOCzJbr/1he4Tew93HTulvsn7vl+yeItnszTLZ5IVDJ9qkVOjdObvP zNkyZpnH6g+a2oySSSfsAmBL3EA/YYenGeVKQatJueqGsyGAK3IvJp40mMhWsrb9QSDIDDHxbBoJ jsq9EKKgU50kzHOosuYpBcLD17CJppAHPkvzlSsacq5imO289imGyGgVEknj2bRScHMZNI7mvWZZ OMeNimN7nMRz6RYhA6j0Kr0D3HjWGfdr7vL9Fuat42/tSzlR68uj54aLfjbrGUxRMiMPWzle+Bbp +HLr0zboP3BUf6cXyW41/hisbk9fO8TJzuF8pQ0KwdSsvKUSzMY2NYpCs8fPXMUok3atkQ/cc5hA pQ/Ijxx18Wj91Z6Kz0xwxlym5+rM/bca3GtwbaBtSDiWmIg7Riis6iPE2SVXMYehlDfSUPyPHRlt Wa9sVidm/XRs4eU62NGiCjl26rU62atkS96zhwvFqpIIJF/JjmEClD8iPHPHbc9Ef604FzPXs2Yn l7Nie7REFGzpTzEhKwZ0Y9o0PBuWypnxziIAQROBB6gID3dB+/HVlvWaz5hOsTtvGwGid+qc9J2H D8WrcKS9dqyDSvxy5E7TVRUU8/y5q1WMT1jZI3/JVED+qTIBUzpGEgLHzTNEx5JrMOUObjulLxJ8 eulc5u2CiAxysT+l5lKTXaiXwmZOZxNkV6dMS/QbyOh7i+xzCHXjX9H/ABee/wCUktW9HLKnY4fI OaYxKEi4Fy3k6/Q1VUHcjJSTUwLMXtlK2E6SDdA4FVIz7zqqqlL6gE0yCkrjJljqGq1V7fiiWO3X MapuG9YdTOX1u9emmD81XK6X7KEjgifgqFMPoyCc0WBaY6euDGWmWrkHL158yIigzFv6MWyjkXCo NudQ0jlESM7mXluYp5Xu7uh22mH5SA1ssGB8pK5ewvMweFLlSYxieuoOoHKSahkUH76OcoKNmy6b SSbyKDhRqByNkXigV5cMaSc0j4ZvfS55mwVgDJW+GgmTETVa8mw5DPLLb57F6cqMnWHdwqVdQcvI K4VlRQwoSBmClfkE1nzVJ62SlFgjwffmHnVbB7cYZseIuV5y5t8Z/ZTKFbe1GKyJsPhL+wHCevzq yNxiHd2uORLVImj3MhEFWUdMY9ut4HDhAp1HB00xauA99y5OSHfeWrywNocL4cyjW0uYXtBim5nt GwKHr2tdq2TXFKfxGNKvVpZRL1yUNXHL1wolKnQB4tJPH0yLRMvpY9qFQrlsbifEH8ufB1+xfqBq TLbDa8RWcsoIPLPF662vYihr5Sg5JKo5Ge0nLWFnSRZtkZ3GlJ61GRk45RVFT0a4dFSgE+2PxMvx BVPVP/aByva29RRMJnJX+pO3dTVTSKr2nDzmnTlJ0/b3GIYAH7gPAWCOSh8QRU+aZer3rdlzCEnr LtrjmsL3N3RVpN9LVW8VRg/QjpuQrak21ZSUe/jlHbIzyIfoqn9M5I7avXRE3ZWoWPOA+e7ztOTx Qti/iF9P8e4ukGLZPfKKY5c2bpkMRVKTo1axHICyyllFYE+1JsjZ4KMVSYn7gM4szORUV6qPCd4f QNgoSIrMJD1uvxzSHga/Fx8JCRDBEjZhFREU0IwjY1k3T6FIigimRJMgexSFAA9g4D2vAHAY4DPA chzxkCYxViS65Dgo+NlJKqRreTTYSyjhJi4QCSRbvgXVaiBy9qB1DlMA+xih1AQ6hx7WOVnkzqCS M9ba37PsbF12bZQVZrUe+TkfkUCs7dGlpVIgpM3Mi7dj3Kgl3GFFummQveIHN5DlJ2ddcVaSlNpk wnQPB0xQKnOZHt0W4ibFfis2sNHP0Dt5GOp7ATOG6rtsp0Okd+uYVxSOAHBFJsJwAwiUI5b8pbrG jDOItscBngDgMcBngDgMcAcBngDgKv8A8WJtPtLrTy1kozW+NtERBZyyElijO+Xqqk9F7jjF0pBu F3EIaRYB3xhbS5KnDKSZzETBqZ1GFOV1KNTAGx8o/no8n6y6d66YUgM9Yy1NsuJsT0bHMrhTNsq1 xf8AIpqt19vHy60JcrCDaDm0Xzwq7sr5s/O9dnWO4kGzZ4qqkANIyJzdeV3iuvuLNdd/tTWUY3QM 48cPm+iW6adkKQVO2MrNPeP5J4oIAIgk0aLKm+xSDwCzdNRiuYHzIrHzpYfGMvhfUDDWqs9r3rtk DIFRXpORdqjy0+par7sO/gXKZH6FOiY0h4itjIpi6kQWVeJ+DwqskA4xTvjEOUjYrRdIKwI7L0GF rh5L9NXSfxGylITIKLApvTmgo+pS8jKM1Hgl/upJdhHlADk9Wo0N3kIHROSBU8k7tbL7bc8jO1Cm 8fpbQs4jBej9DtzdIlgpWoFCcprBYzFKBik/U79szcmVRP4nDppKPWh14yTZrKBZq4A4A4A4A4Dw 37BjJs3LCSZtZBg7SMi6ZPm6Ttm5RMH1JOGzgDEOUfyUxRAeA1CMxhjWEekkobHlHiZEinkI/jan AsXhFA9wOR02QKcB/wAQHrx7uTUN6D/9H/348GeAOAOAOAOAOAOAOAOAOAOA9JZK1XLlAS9Vt9fh LVV7AwcxU9W7JFMZyAm4t4n4ncbLw8mRVu5QVKIlURWTOmcoiBiiHAUqOdbyaOWTitzWrhjDUyl4 5mbK9OrLkollyRUoJYyzkveDWpwE03impfqHoRqyRIUPYpQAA4CVHJW5NXLEe40i81T+nuNLrkiI lmzuNmsju7jkxgzdIJkXQcpVXIEnJRHeQ/1kOLATEMAGKICAdAteFYMU2IRZGbQkYRn6AkcVuiVg RiVAG5WRWgB4wSBP6AT7ezs+np09uAp44a5MnLCfc5jOVNf6g48kKNUYFvkCu4/kZa9v8eRtneM2 cqusWgPJY8Moz86qgkilmSkUkQ3hSZERAqYBcPj2DGJZMoqLZNI2MjWjePjo1g3RZsI9gyQK3Zsm TNuBU0kkkylImmQpSEIAFKAAABwHm8AcB//Z "/> <h1 id="a"></h1> <hr> <p>&copy; 2019 <a href="http://www.synology.com">Synology Inc.</a></p> </body> <script type ="text/javascript"> /* Copyright (c) 2019 Synology Inc. All rights reserved. */ (function(){var a={en:"Sorry, the page you are looking for is not found.",zh:"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9875\u9762\u4e0d\u5b58\u5728\u3002",it:"La pagina richiesta non \u00e8 stata trovata.","zh-HK":"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9801\u9762\u4e0d\u5b58\u5728\u3002",cs:"Hledan\u00e1 str\u00e1nka nebyla nalezena.",es:"Lo sentimos, no se encuentra la p\u00e1gina que est\u00e1 buscando.",ru:"\u0418\u0437\u0432\u0438\u043d\u0438\u0442\u0435, \u0438\u0441\u043a\u043e\u043c\u0430\u044f \u0432\u0430\u043c\u0438 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430 \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u0430.",nl:"Sorry, de pagina die u zoekt kan niet weergegeven worden.",pt:"Desculpe, a p\u00e1gina que procura n\u00e3o foi encontrada.",no:"Beklager, siden du leter etter finnes ikke.",nb:"Beklager, siden du leter etter finnes ikke.",tr:"\u00dczg\u00fcn\u00fcz, arad\u0131\u011f\u0131n\u0131z sayfa bulunamad\u0131.",pl:"Przepraszamy, nie znaleziono strony, kt\u00f3rej szukasz.",fr:"D\u00e9sol\u00e9, la page que vous recherchez est introuvable.",de:"Es tut uns Leid, die von Ihnen gesuchte Seite konnte nicht gefunden werden.",da:"Desv\u00e6rre, den side, du leder efter, kunne ikke findes.","pt-BR":"Desculpe, a p\u00e1gina que procura n\u00e3o foi encontrada.","zh-MO":"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9801\u9762\u4e0d\u5b58\u5728\u3002",hu:"Eln\u00e9z\u00e9st, a keresett oldal nem tal\u00e1lhat\u00f3.",ja:"\u7533\u3057\u8a33\u3042\u308a\u307e\u305b\u3093\u304c\u3001\u635c\u3057\u3066\u3044\u308b\u30da\u30fc\u30b8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093",nn:"Beklager, siden du leter etter finnes ikke.","zh-TW":"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9801\u9762\u4e0d\u5b58\u5728\u3002",ko:"\uc8c4\uc1a1\ud569\ub2c8\ub2e4. \ucc3e\uace0\uc790 \ud558\ub294 \ud398\uc774\uc9c0\ub97c \ubc1c\uacac\ud558\uc9c0 \ubabb\ud588\uc2b5\ub2c8\ub2e4.",sv:"Sidan du s\u00f6ker hittades inte."};var b=window.navigator.browserLanguage||window.navigator.language;if(-1==["zh-TW","zh-MO","zh-HK","pt-BR"].indexOf(b)){b=b.split("-",1)}document.getElementById("a").innerHTML=a[b]||a.en})(); </script> </html>
Server: nginx
Date: Mon, 06 Apr 2020 23:26:00 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"5cd4a5a5-2ea3"
Content-Encoding: gzip

7. Comments


1. General Results, most used to calculate the result

Aname "filer.synleg.no" is subdomain, public suffix is "no", top-level-domain-type is "country-code", Country is Norway, tld-manager is "UNINETT Norid A/S"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (1 urls)
http://filer.synleg.no:80/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 79.160.64.25


Url with incomplete Content-Type - header - missing charset
CError - no version with Http-Status 200
Dhttp://filer.synleg.no:80/ 79.160.64.25
302
http://filer.synleg.no:6655/
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Hfatal error: No https - result with http-status 200, no encryption

2. DNS- and NameServer - Checks

AGood: Nameserver supports TCP connections: 2 good Nameserver
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 1 good Nameserver
Nameserver doesn't pass all EDNS-Checks: ns1.hyp.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns1.hyp.net: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (lon.uk). COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns1.hyp.net / 151.249.124.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (lon.uk). COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns2.hyp.net: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (ams.nl). COOKIE: fatal timeout. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns3.hyp.net: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (fra.de). COOKIE: fatal timeout. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 1 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 1 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 1 img-elements without alt-attribute, 0 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 64510 milliseconds, 64.510 seconds


8. Connections

No connection informations found. Perhaps only http - connections.


9. Certificates

No certificate informations found. Perhaps only http - connections.


10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0
1
1

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
1478964514
leaf cert
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2020-03-06 07:27:14
2020-06-04 07:27:14
filer.synleg.no - 1 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0 /0 new
1
3
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester
0
1
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
2674901285
precert
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester
2020-04-05 22:00:00
2021-04-06 21:59:59
*.synleg.no, synleg.no
2 entries


2560576285
leaf cert
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2020-03-06 06:27:14
2020-06-04 05:27:14
filer.synleg.no
1 entries


2291817367
leaf cert
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-12-26 14:00:41
2020-03-25 14:00:41
filer.synleg.no
1 entries


2030075749
leaf cert
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-10-23 09:16:47
2020-01-21 10:16:47
filer.synleg.no
1 entries



11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404


12. Nameserver - IP-Adresses (alpha)

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

No NameServer - IP address informations found. The feature is new (2020-05-07), so recheck this domain.


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
filer.synleg.no
0

no CAA entry found
1
0
synleg.no
0

no CAA entry found
1
0
no
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
synleg.no
MS=ms74272745
ok
1
0
synleg.no
v=spf1 include:spf.protection.outlook.com -all
ok
1
0
filer.synleg.no

ok
1
0
_acme-challenge.filer.synleg.no

Name Error - The domain name does not exist
1
0
_acme-challenge.filer.synleg.no.synleg.no

Name Error - The domain name does not exist
1
0
_acme-challenge.filer.synleg.no.filer.synleg.no

Name Error - The domain name does not exist
1
0


15. Portchecks

No Port checks



Permalink: https://check-your-website.server-daten.de/?i=b7ac31b6-2506-4ddd-a516-39d9b0743c7f


Last Result: https://check-your-website.server-daten.de/?q=filer.synleg.no%3a80 - 2020-04-07 01:25:22


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=filer.synleg.no%3a80" target="_blank">Check this Site: filer.synleg.no:80</a>