N

No trusted Certificate

Checked:
12.06.2019 11:52:34


Older results


1. IP-Addresses

HostTIP-Addressis auth.∑ Queries∑ Timeout
geniussoft.ddns.net
A
41.226.134.188
Al Madinah/Tunis/TN
yes
1
0

AAAA
2001:5c0:1000:b::213d
yes


www.geniussoft.ddns.net

Name Error
yes
1
0


2. DNSSEC

Zone (*)DNSSEC - Informations (beta)
(root)
1 DS RR published

Status: Valid because published

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)

Public Key with Algorithm 8, KeyTag 25266, Flags 256

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.07.2019, 00:00:00, Signature-Inception: 10.06.2019, 00:00:00, KeyTag 20326, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
net
1 DS RR in the parent zone found

1 RRSIG RR to validate DS RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 25.06.2019, 05:00:00, Signature-Inception: 12.06.2019, 04:00:00, KeyTag 25266, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 25266 used to validate the DS RRSet in the parent zone

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 2129, Flags 256

Public Key with Algorithm 8, KeyTag 35886, Flags 257 (SEP = Secure Entry Point)

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 24.06.2019, 15:38:57, Signature-Inception: 09.06.2019, 15:33:57, KeyTag 35886, Signer-Name: net

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 35886 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest "eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
ddns.net
0 DS RR in the parent zone found

DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.

0 DNSKEY RR found


geniussoft.ddns.net
0 DS RR in the parent zone found

0 DNSKEY RR found


www.geniussoft.ddns.net
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.geniussoft.ddns.net
  nf1.no-ip.com

geniussoft.ddns.net
  nf1.no-ip.com / f2.fra.hv.as29997.net
194.62.182.53
Dearing/Kansas/US


 
2a07:dc00:1820::53
Dearing/Kansas/US

ddns.net
  nf1.no-ip.com / f2.fra.hv.as29997.net


  nf2.no-ip.com / f1.ams.hv.as29997.net


  nf3.no-ip.com / f1.ams.vr.as29997.net


  nf4.no-ip.com / f1.ams.vr.as29997.net

net
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


4. SOA-Entries


Domain:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1560333131
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:5


Domain:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1560333131
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:5


Domain:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1560333146
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:7


Domain:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1560333146
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:7


Domain:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1560333161
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:1


Domain:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1560333161
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:1


Domain:ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535225
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:1


Domain:ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535225
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:1


Domain:ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535306
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:1


Domain:ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535306
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:1


Domain:ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535392
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:2


Domain:ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535392
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:2


Domain:geniussoft.ddns.net
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2251535306
Refresh:10800
Retry:1800
Expire:604800
TTL:1800
num Entries:2


5. Url-Checks


show header:
Domainname Http-StatusredirectSec.G
• http://geniussoft.ddns.net/
41.226.134.188
301
https://geniussoft.ddns.net/
0.173
A
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 12 Jun 2019 09:53:25 GMT
Content-Type: text/html
Content-Length: 194
Connection: close
Location: https://geniussoft.ddns.net/

• http://geniussoft.ddns.net/
2001:5c0:1000:b::213d
-14

10.030
T
Timeout - The operation has timed out

• https://geniussoft.ddns.net/
41.226.134.188
200

1.540
N
Certificate error: RemoteCertificateChainErrors
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 12 Jun 2019 09:53:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Strict-Transport-Security: max-age=31536000

• https://geniussoft.ddns.net/
2001:5c0:1000:b::213d
-14

10.027
T
Timeout - The operation has timed out

• http://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
41.226.134.188
301
https://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.173
A
Visible Content: 301 Moved Permanently nginx/1.14.0 (Ubuntu)
Server: nginx/1.14.0 (Ubuntu)
Date: Wed, 12 Jun 2019 09:53:47 GMT
Content-Type: text/html
Content-Length: 194
Connection: close
Location: https://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

• http://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2001:5c0:1000:b::213d
-14

10.027
T
Timeout - The operation has timed out
Visible Content:

• https://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

-14

10.027
T
Timeout - The operation has timed out
Visible Content:

6. Comments

Aname "geniussoft.ddns.net" is domain, public suffix is "ddns.net", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
Agood: destination is https
Agood - only one version with Http-Status 200
Agood: one preferred version: non-www is preferred
Agood: every https has a Strict Transport Security Header
Agood: HSTS max-age is long enough, 31536000 seconds = 365 days
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (1 urls)
https://geniussoft.ddns.net/ 41.226.134.188


Url with incomplete Content-Type - header - missing charset
Ahttp://geniussoft.ddns.net/ 41.226.134.188
301
https://geniussoft.ddns.net/
correct redirect http - https with the same domain name
Khttp://geniussoft.ddns.net/ 41.226.134.188, Status 301

http://geniussoft.ddns.net/ 2001:5c0:1000:b::213d, Status -14
configuration problem - different ip addresses with different status
Khttps://geniussoft.ddns.net/ 41.226.134.188, Status 200

https://geniussoft.ddns.net/ 2001:5c0:1000:b::213d, Status -14
configuration problem - different ip addresses with different status
Khttp://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 41.226.134.188, Status 301

http://geniussoft.ddns.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2001:5c0:1000:b::213d, Status -14
configuration problem - different ip addresses with different status
Nhttps://geniussoft.ddns.net/ 41.226.134.188
200

Error - Certificate isn't trusted, RemoteCertificateChainErrors
AGood: Nameserver supports TCP connections: 2 good Nameserver
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 2 good Nameserver
Nameserver doesn't pass all EDNS-Checks: nf1.no-ip.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: nf4.no-ip.com: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: fatal timeout. NSID: ok (f1.ams.vr.as29997.net). COOKIE: ok. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate
ADuration: 119400 milliseconds, 119.400 seconds


7. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
geniussoft.ddns.net
41.226.134.188
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
geniussoft.ddns.net
41.226.134.188
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
Self signed certificate
1CN=geniussoft.ddns.net, OU=soft, O=ddns.net, emailAddress=webmaster@soft.ddns.net


8. Certificates

1.
1.
E=webmaster@soft.ddns.net, CN=geniussoft.ddns.net, OU=soft, O=ddns.net
27.05.2019
26.05.2020
expires in 344 days

1.
1.
E=webmaster@soft.ddns.net, CN=geniussoft.ddns.net, OU=soft, O=ddns.net
27.05.2019

26.05.2020
expires in 344 days


KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00DAD1BEF465BF998B
Thumbprint:2DFE0A02156A2B761CEF053FA04A2C41AF099470
SHA256 / Certificate:CmV+KTgUFaEHR19XnvUOsDgN+inZCGgEtL4Kl4w5ekY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f55527f8eae1d47f6e7a5aef03ea20ea1e9eccea586ca78430cc7e5b7d8a915b
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


9. Last Certificates - Certificate Transparency Log Check (BETA)

1. Source CertSpotter - active certificates

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow.

No CRT - CT-Log entries found


10. Html-Content - Entries (BETA - mixed content and other checks)

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://geniussoft.ddns.net/
41.226.134.188
link
stylesheet
1
105,961 Bytes
0
1
0





link
other
1
4,286 Bytes
0
1
0





meta
og
3
3,376 Bytes
0
1
0





meta
other
7

0







script

3
3,365,822 Bytes
0
3
0




Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://geniussoft.ddns.net/
41.226.134.188
link
icon
images/favicon.ico?v=1
200
4286 Bytes

1
ok



link
stylesheet
css/all.css?v=3387
200
105961 Bytes

1
ok

local SRI possible, possible hash-values:

sha256-/9vjV9FzAUbxAuZETGjsdTHwi8a82A+6TPELS926ceE=
sha384-xtIBbipetGqmSEGEthnRu+zdUebpAXuvv3y+4SsQtalJbPB05hj4vaFkYZDo/u2L
sha512-XmX0QYPMKRLVNHxzTdBC0l8kZJV5PBt0BxqszObzS5SLrNZxuWucrhAl58bUwJ1hQmcoen72nijjcjKlLTHqlQ==

<link rel="stylesheet" href="css/all.css?v=3387" crossorigin="anonymous" integrity="sha256-/9vjV9FzAUbxAuZETGjsdTHwi8a82A+6TPELS926ceE=" />



Content loaded via url("...")

../fonts/jitsi.eot?3vw865
1
../fonts/jitsi.eot?3vw865#iefix
1
../fonts/jitsi.svg?3vw865#jitsi
1
../fonts/jitsi.ttf?3vw865
1
../fonts/jitsi.woff?3vw865
1
../images/deep-linking-image.png
1
../images/flags.png
1
../images/flags@2x.png
1
../images/watermark.png
1
font/context-menu-icons.eot?2qmzf
1
font/context-menu-icons.eot?2qmzf#iefix
1
font/context-menu-icons.ttf?2qmzf
1
font/context-menu-icons.woff?2qmzf
1
font/context-menu-icons.woff2?2qmzf
1

meta




1
ok



meta

utf-8


1
ok



meta

images/jitsilogo.png?v=1


1
ok



meta

Jitsi Meet


1
ok



meta

Join a WebRTC video conference powered by the Jitsi Videobridge


1
ok



meta
og:description
Join a WebRTC video conference powered by the Jitsi Videobridge


1
ok



meta
og:image
images/jitsilogo.png?v=1
200
3376 Bytes

1
ok



meta
og:title
Jitsi Meet


1
ok



meta
content-type
text/html;charset=utf-8


1
ok



meta
viewport
width=device-width, initial-scale=1.0


1
ok



script
src
libs/app.bundle.min.js?v=3387
200
2692227 Bytes

1
ok

local SRI possible, possible hash-values:

sha256-yFIYGynCpo8Zax1CIOeKCIU7lJZTvkJrBO3Or4h/8oU=
sha384-WHbAk8Eu3UOO9hHBfeOSXPbW+IIvyfWKT9xjSu0iRiFLXUilsQMcutfZfOz/lH56
sha512-gCz7FdZsuZGG4/UQTr22GN3T7gC9oto7Yv/nm3iPTLeLpVbBr6Md/0l3i4EylLQW3Gue1Ie27Pham2wtmMEGyA==

<script src="libs/app.bundle.min.js?v=3387" crossorigin="anonymous" integrity="sha256-yFIYGynCpo8Zax1CIOeKCIU7lJZTvkJrBO3Or4h/8oU=" />




script
src
libs/do_external_connect.min.js?v=1
200
10792 Bytes

1
ok

local SRI possible, possible hash-values:

sha256-w9Mo5OmFgZc4BovHoIZMQgEEtUoEqU5+0NkqnA6zlQM=
sha384-SFd3I7XvKosnvLakDT2qlgAZC3RYT9t8sg7psErOi0PQ3WIa+FidwsPS0x/d3sKh
sha512-uf145Tju1QNEcUNagrgvH2wL3Y8Eu9OeEv9m/rZ8lsPj/vPHT1cNx73+PjP2nDyty+GnEGjZYB8d4jCt3zLD0Q==

<script src="libs/do_external_connect.min.js?v=1" crossorigin="anonymous" integrity="sha256-w9Mo5OmFgZc4BovHoIZMQgEEtUoEqU5+0NkqnA6zlQM=" />




script
src
libs/lib-jitsi-meet.min.js?v=3387
200
662803 Bytes

1
ok

local SRI possible, possible hash-values:

sha256-GDrXVxrjVU7IAPkJ2fuBhOo07Aq463f3lgpDfwPwCJs=
sha384-0/yhyiPKfwkK8u/BvAa85iFRnb+1R43HMyCe9Q0z+CgkQE9y4yh6nA5Rbhe+XyoB
sha512-M2w1eOuWEAAFWYxUDvus80AKftWwbSzFA0BxEkF2SU/4xMcZf7dpMGYy+8Ui5368BuB4tbE17RGPdQb7QlF47w==

<script src="libs/lib-jitsi-meet.min.js?v=3387" crossorigin="anonymous" integrity="sha256-GDrXVxrjVU7IAPkJ2fuBhOo07Aq463f3lgpDfwPwCJs=" />




11. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
geniussoft.ddns.net
0

no CAA entry found
1
0
ddns.net
0

no CAA entry found
1
0
net
0

no CAA entry found
1
0


12. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
geniussoft.ddns.net

ok
1
0
_acme-challenge.geniussoft.ddns.net

Name Error - The domain name does not exist
1
0
_acme-challenge.geniussoft.ddns.net.geniussoft.ddns.net

Name Error - The domain name does not exist
1
0



Permalink: https://check-your-website.server-daten.de/?i=fb44a273-0506-49dd-87e9-964734b7ffab


Last Result: https://check-your-website.server-daten.de/?q=geniussoft.ddns.net - 2019-06-12 11:52:34