Check DNS, Urls + Redirects, Certificates and Content of your Website

Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A


Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. NameServer-IPAddresses | 13. CAA | 14. TXT | 15. Portchecks |


X

DNS-problem - authoritative Nameserver refused, not defined or timeout

Checked:
23.02.2021 15:42:27


Older results

X - 23.02.2021 04:16:38


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
giersmp.zapto.org
A
24.15.123.27
Lockport/Illinois/United States (US) - Comcast Cable Communications, LLC
Hostname: c-24-15-123-27.hsd1.il.comcast.net
yes
1
0

AAAA

yes


www.giersmp.zapto.org

Name Error
yes
1
0
*.giersmp.zapto.org
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



 Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 42351, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 13.03.2021, 00:00:00 +, Signature-Inception: 20.02.2021, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: org
org
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 26974, DigestType 2 and Digest T+3ilMU/Q4oVjEHTlInNeKhr6w2KCur/FHRcDRbh3jI=



1 RRSIG RR to validate DS RR found



RRSIG-Owner org., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 08.03.2021, 05:00:00 +, Signature-Inception: 23.02.2021, 04:00:00 +, KeyTag 42351, Signer-Name: (root)



 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 42351 used to validate the DS RRSet in the parent zone



3 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 26974, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 27558, Flags 256



Public Key with Algorithm 8, KeyTag 34266, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner org., Algorithm: 8, 1 Labels, original TTL: 900 sec, Signature-expiration: 10.03.2021, 15:29:59 +, Signature-Inception: 17.02.2021, 14:29:59 +, KeyTag 26974, Signer-Name: org



 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 26974 used to validate the DNSKEY RRSet



 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 26974, DigestType 2 and Digest "T+3ilMU/Q4oVjEHTlInNeKhr6w2KCur/FHRcDRbh3jI=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: zapto.org
zapto.org
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "cev5fl2lcqvs8fuj2lve8rk6kkrs52mm" between the hashed NSEC3-owner "ceuv8pkr9df0de0ar8p5lp5173eg067i" and the hashed NextOwner "cev7tgg4h9r5t62v5f0o2e2fvrqcufpo". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner ceuv8pkr9df0de0ar8p5lp5173eg067i.org., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 10.03.2021, 15:29:59 +, Signature-Inception: 17.02.2021, 14:29:59 +, KeyTag 34266, Signer-Name: org



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "d6n22mffurrkkhup4jscmntse266m0lq" as Owner. That's the Hash of "org" with the NextHashedOwnerName "d6n6gr81bv9d3ce1vsg6fn5bau7ub671". So that domain name is the Closest Encloser of "zapto.org". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner d6n22mffurrkkhup4jscmntse266m0lq.org., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 16.03.2021, 14:44:43 +, Signature-Inception: 23.02.2021, 13:44:43 +, KeyTag 34266, Signer-Name: org



0 DNSKEY RR found




Zone: giersmp.zapto.org
giersmp.zapto.org
0 DS RR in the parent zone found



0 DNSKEY RR found




Zone: www.giersmp.zapto.org
www.giersmp.zapto.org
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.giersmp.zapto.org
  nf1.no-ip.com

giersmp.zapto.org
  nf1.no-ip.com / f0202.fra.hv.as29997.net
194.62.182.53
Reno/Nevada/United States (US) - Vitalwerks Internet Solutions, LLC

 
2a07:dc00:1820::53
Amsterdam/North Holland/Netherlands (NL) - Vitalwerks Internet Solutions, LLC
zapto.org
  nf1.no-ip.com / f0202.fra.hv.as29997.net
194.62.182.53
Reno/Nevada/United States (US) - Vitalwerks Internet Solutions, LLC

 
2a07:dc00:1820::53
Amsterdam/North Holland/Netherlands (NL) - Vitalwerks Internet Solutions, LLC

  nf2.no-ip.com / f0201.fra.hv.as29997.net
45.54.64.53
Reno/Nevada/United States (US) - Vitalwerks Internet Solutions, LLC

 
2607:f740:e626::53
Reno/Nevada/United States (US) - Vitalwerks Internet Solutions, LLC

  nf3.no-ip.com / f0201.fra.vr.as29997.net
204.16.253.53
Chicago/Illinois/United States (US) - Vitalwerks Internet Solutions, LLC

 
2620:0:2e61::53
Piscataway/New Jersey/United States (US) - Vitalwerks Internet Solutions, LLC

  nf4.no-ip.com / localhost
194.62.183.53
Amsterdam/North Holland/Netherlands (NL) - Vitalwerks Internet Solutions, LLC

 
2a07:dc00:1830::53
Amsterdam/North Holland/Netherlands (NL) - Vitalwerks Internet Solutions, LLC

  nf5.no-ip.com / f0201.fra.vr.as29997.net
204.16.253.53
Chicago/Illinois/United States (US) - Vitalwerks Internet Solutions, LLC

 
2620:0:2e61::53
Piscataway/New Jersey/United States (US) - Vitalwerks Internet Solutions, LLC
org
T  a0.org.afilias-nst.info / ns000b.app22.ams2.afilias-nst.info


  a2.org.afilias-nst.info / FRA3


T  b0.org.afilias-nst.org / ns000a.app31.ams2.afilias-nst.info


  b2.org.afilias-nst.org / FRA4


  c0.org.afilias-nst.info / app23.iad1.hosts.meta.redstone.afilias-nst.info-2020121101


T  d0.org.afilias-nst.org / ns000b.app20.ams2.afilias-nst.info


4. SOA-Entries


Domain:org
Zone-Name:org
Primary:a0.org.afilias-nst.info
Mail:noc.afilias-nst.info
Serial:2014264077
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:5


Domain:org
Zone-Name:org
Primary:a0.org.afilias-nst.info
Mail:noc.afilias-nst.info
Serial:2014264078
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:1


Domain:zapto.org
Zone-Name:zapto.org
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2081324253
Refresh:90
Retry:120
Expire:604800
TTL:60
num Entries:8


Domain:zapto.org
Zone-Name:zapto.org
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2081324254
Refresh:90
Retry:120
Expire:604800
TTL:60
num Entries:2


Domain:giersmp.zapto.org
Zone-Name:zapto.org
Primary:nf1.no-ip.com
Mail:hostmaster.no-ip.com
Serial:2081324254
Refresh:90
Retry:120
Expire:604800
TTL:60
num Entries:2


Domain:www.giersmp.zapto.org
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

No Screenshot listed, because no url-check with https + http status 200-299, 400-599 + not-ACME-check found.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://giersmp.zapto.org/
24.15.123.27
302
http://giersmp.zapto.org/server/TheGierSMP
0.363
D
X-robots-tag: noindex, nofollow
Date: Tue, 23 Feb 2021 14:45:50 GMT
Access-control-allow-methods: GET, OPTIONS
Transfer-encoding: chunked
Access-control-allow-origin: *
Access-control-allow-credentials: true
Accept-ranges: bytes
Location: server/TheGierSMP

• http://giersmp.zapto.org/server/TheGierSMP

200

Html is minified: 196.28 %		1.274
H
X-robots-tag: noindex, nofollow
Date: Tue, 23 Feb 2021 14:46:11 GMT
Access-control-allow-methods: GET, OPTIONS
Content-type: text/html; charset=utf-8
Access-control-allow-origin: *
Access-control-allow-credentials: true
Content-length: 98968
Accept-ranges: bytes

• https://giersmp.zapto.org/
24.15.123.27
-14

10.067
T
Timeout - The operation has timed out

• http://giersmp.zapto.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
24.15.123.27
Inline-JavaScript (∑/total): 5/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 134.02 %		0.437
A
Not Found
Visible Content: to main page Logout Update: 5.2 build 1068 404 Make sure you're accessing a link given by a command, Examples: /player/PlayerName /server/ServerName Make sure you're accessing a link given by a command, Examples: /player/PlayerName /server/ServerName Theme Select × Night Mode OK Information about the plugin × Player Analytics is developed and licensed under Lesser General Public License v3.0 Plan Wiki, Tutorials & Documentation Report Issues General Support on Discord Player Analytics is developed by AuroraLS3. In addition following awesome people have contributed: aidn5 Antonok Argetan Aurelien BrainStone Catalina Combustible Creeperface01 CyanTech DarkPyves DaveDevil developStorm Elguerrero enterih Eyremba f0rb1d (佛壁灯) FluxCapacitor2 Fur_xia fuzzlemann galexrt Guinness_Akihiko hallo1142 itaquito jvmuller jyhsu2000 Karlatemp Malachiel Mastory_Md5 Miclebrick Morsmorse MrFriggo Nogapra qsefthuopq QuakyCZ Saph1s Shadowhackercz shaokeyibb skmedix TDJisvan Vankka yukieji & Bug reporters! code contributor translator Extra special thanks to those who have monetarily supported the development. bStats Metrics Bukkit BungeeCord Sponge Velocity OK Version 5.2 build 1068 is Available! × You have version 5.2 build 1063. A new version has been released and is now available for download. View Changelog Download Plan-5.2 build 1068.jar OK
X-robots-tag: noindex, nofollow
Date: Tue, 23 Feb 2021 14:46:01 GMT
Access-control-allow-methods: GET, OPTIONS
Content-type: text/html; charset=utf-8
Access-control-allow-origin: *
Access-control-allow-credentials: true
Content-length: 16763
Accept-ranges: bytes

• https://24.15.123.27/
24.15.123.27
-14

10.046
T
Timeout - The operation has timed out

7. Comments


1. General Results, most used to calculate the result

Aname "giersmp.zapto.org" is domain, public suffix is ".zapto.org", top-level-domain is ".org", top-level-domain-type is "generic", tld-manager is "Public Interest Registry (PIR)", num .org-domains preloaded: 5035 (complete: 142558)
Agood: All ip addresses are public addresses
Warning: Only one ip address found: giersmp.zapto.org has only one ip address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: giersmp.zapto.org has no ipv6 address.
Agood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
Agood - only one version with Http-Status 200
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Dhttp://giersmp.zapto.org/ 24.15.123.27
302
http://giersmp.zapto.org/server/TheGierSMP
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Hfatal error: No https - result with http-status 200, no encryption
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Ihttp://giersmp.zapto.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 24.15.123.27
404

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Not used to calculate the result because it's a http - check. But listed so you should fix it.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain giersmp.zapto.org, 1 ip addresses.

2. DNS- and NameServer - Checks

AInfo:: 16 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 5 Name Servers.
AInfo:: 16 Queries complete, 16 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 3.2 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 5 different Name Servers found: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com, 4 Name Servers included in Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, 5 Name Servers included in 1 Zone definitions: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com, 1 Name Servers listed in SOA.Primary: nf1.no-ip.com.
AGood: Only one SOA.Primary Name Server found.: nf1.no-ip.com.
AGood: SOA.Primary Name Server included in the delegation set.: nf1.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf1.no-ip.com (194.62.182.53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf1.no-ip.com (2a07:dc00:1820::53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf2.no-ip.com (45.54.64.53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf2.no-ip.com (2607:f740:e626::53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf3.no-ip.com (204.16.253.53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf3.no-ip.com (2620:0:2e61::53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf4.no-ip.com (194.62.183.53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf4.no-ip.com (2a07:dc00:1830::53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf5.no-ip.com (204.16.253.53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: nf5.no-ip.com (2620:0:2e61::53): Delegation: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, Zone: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com. Name Servers defined in Zone, missing in Delegation: nf5.no-ip.com.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 5 different Name Servers found
AGood: All name servers have ipv4- and ipv6-addresses.: 5 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 5 Name Servers, 1 Top Level Domain: com
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: no-ip.com
AGood: Name servers with different Country locations found: 5 Name Servers, 2 Countries: NL, US
AInfo: Ipv4-Subnet-list: 5 Name Servers, 3 different subnets (first Byte): 194., 204., 45., 3 different subnets (first two Bytes): 194.62., 204.16., 45.54., 4 different subnets (first three Bytes): 194.62.182., 194.62.183., 204.16.253., 45.54.64.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 5 Name Servers with IPv6, 3 different subnets (first block): 2607:, 2620:, 2a07:, 3 different subnets (first two blocks): 2607:f740:, 2620:0000:, 2a07:dc00:, 4 different subnets (first three blocks): 2607:f740:e626:, 2620:0000:2e61:, 2a07:dc00:1820:, 2a07:dc00:1830:, 4 different subnets (first four blocks): 2607:f740:e626:0000:, 2620:0000:2e61:0000:, 2a07:dc00:1820:0000:, 2a07:dc00:1830:0000:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 2 good Nameserver
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
XNameserver Timeout checking Echo Capitalization: a0.org.afilias-nst.info
XNameserver Timeout checking Echo Capitalization: b0.org.afilias-nst.org
XNameserver Timeout checking Echo Capitalization: d0.org.afilias-nst.org
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
XNameserver Timeout checking EDNS512: b0.org.afilias-nst.org
XNameserver Timeout checking EDNS512: d0.org.afilias-nst.org
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 2 good Nameserver
Nameserver doesn't pass all EDNS-Checks: a0.org.afilias-nst.info: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok (ns000b.app22.ams2.afilias-nst.info). COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: b0.org.afilias-nst.org: OP100: ok. FLAGS: ok. V1: ok. V1OP100: fatal timeout. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok (ns000a.app31.ams2.afilias-nst.info). COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: d0.org.afilias-nst.org: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok (ns000b.app20.ams2.afilias-nst.info). COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: nf1.no-ip.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://giersmp.zapto.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 24.15.123.27
404

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 4 script elements without defer/async.
AGood: All CSS / JavaScript files are sent with GZip. That reduces the content of the files. 1 external CSS / JavaScript files found
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 8 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 1 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 9 complete.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 1 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 1 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AGood: All img-elements have a valid alt-attribute.: 1 img-elements found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 332010 milliseconds, 332.010 seconds


8. Connections

No connection informations found. Perhaps only http - connections.


9. Certificates

No certificate informations found. Perhaps only http - connections.


10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

No CRT - CT-Log entries found


11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
http://giersmp.zapto.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
24.15.123.27		a

13

0


0
0
0


img

1

1
1
0
0
0
0


link
stylesheet
5

4
4
1
1
0
0
-1

meta
other
6

0


0
0
0


script

4

4
4
0
0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
http://giersmp.zapto.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
24.15.123.27
a




1
ok








a

/


1
ok








a

auth/logout


1
ok








a

https://bstats.org/plugin/bukkit/Plan


1
ok








a

https://bstats.org/plugin/bungeecord/Plan


1
ok








a

https://bstats.org/plugin/sponge/plan


1
ok








a

https://bstats.org/plugin/velocity/Plan/10326


1
ok








a

https://discord.gg/yXKmjzT


1
ok








a

https://github.com/plan-player-analytics/Plan/issues


1
ok








a

https://github.com/plan-player-analytics/Plan/releases


1
ok








a

https://github.com/plan-player-analytics/Plan/releases/download/5.2.1068/Plan-5.2-build-1068.jar


1
ok








a

https://github.com/plan-player-analytics/Plan/wiki


1
ok








a

https://opensource.org/licenses/LGPL-3.0


1
ok








img
src
img/Flaticon_circle.png
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out
alt: logo








link
stylesheet
./css/noauth.css
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out








link
stylesheet
css/sb-admin-2.css
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out








link
stylesheet
css/style.css
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out








link
stylesheet
https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800,900
200

1
ok
text/css; charset=utf-8, X-Content-Type-Options nosniff found

GZip: 231/1088 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-uWb+GhnBZF1ap6rXjQBZqB0Xtw8chPOLgI5o/BhWomY=
sha384-TmkncIY6weJ1iCTEEj98k4aZDi9oFgELyA0+9Zy2Jwt4SISWqjp1Z7Yd2ufpzRHb
sha512-VH+fi5ViyrlD1e1DV2Gh/EcEUx7REd8LjRV9ZUYZwQCvAx094eyN0bYWPN2NPFTxOUmMrZ2ssiSNE8BK1kZHgw==

<link rel="stylesheet" href="https://fonts.googleapis.com/css?family=Nunito:300,400,600,700,800,900" crossorigin="anonymous" integrity="sha256-uWb+GhnBZF1ap6rXjQBZqB0Xtw8chPOLgI5o/BhWomY=" />



Content loaded via url("...")

https://fonts.gstatic.com/s/nunito/v16/XRXV3I6Li01BKofINeaE.ttf1
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofA6sKUYevN.ttf1
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAjsOUYevN.ttf1
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAksCUYevN.ttf1
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAnsSUYevN.ttf1
https://fonts.gstatic.com/s/nunito/v16/XRXW3I6Li01BKofAtsGUYevN.ttf1

link
stylesheet
vendor/fontawesome-free/css/all.min.css
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out








meta

 utf-8


1
ok








meta
X-UA-Compatible
IE=edge


1
ok








meta
author
AuroraLS3


1
ok








meta
description
Player Analytics, generic error/debug page


1
ok








meta
robots
noindex, nofollow


1
ok








meta
viewport
width=device-width, initial-scale=1, maximum-scale=1


1
ok








script
src
js/color-selector.js
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out
Missing defer / async attribute.








script
src
js/sb-admin-2.js
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out
Missing defer / async attribute.








script
src
vendor/bootstrap/js/bootstrap.bundle.min.js
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out
Missing defer / async attribute.








script
src
vendor/jquery/jquery.min.js
-14
Timeout - The operation has timed out
1
Timeout - The operation has timed out
Missing defer / async attribute.








12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: nf1.no-ip.com, nf2.no-ip.com, nf3.no-ip.com, nf4.no-ip.com, nf5.no-ip.com

QNr.DomainTypeNS used
1
com
NS
h.root-servers.net (2001:500:1::53)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
nf1.no-ip.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1.no-ip.com, ns2.no-ip.com, ns3.no-ip.com, ns4.no-ip.com

Answer: ns1.no-ip.com
194.62.181.53, 2a07:dc00:1810::53

Answer: ns2.no-ip.com
194.62.180.53, 2a07:dc00:180::53

Answer: ns3.no-ip.com
204.16.255.53, 2a07:dc00:2550::53

Answer: ns4.no-ip.com
204.16.254.53, 2620:0:2e64::53
3
nf2.no-ip.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1.no-ip.com, ns2.no-ip.com, ns3.no-ip.com, ns4.no-ip.com

Answer: ns1.no-ip.com
194.62.181.53, 2a07:dc00:1810::53

Answer: ns2.no-ip.com
194.62.180.53, 2a07:dc00:180::53

Answer: ns3.no-ip.com
204.16.255.53, 2a07:dc00:2550::53

Answer: ns4.no-ip.com
204.16.254.53, 2620:0:2e64::53
4
nf3.no-ip.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1.no-ip.com, ns2.no-ip.com, ns3.no-ip.com, ns4.no-ip.com

Answer: ns1.no-ip.com
194.62.181.53, 2a07:dc00:1810::53

Answer: ns2.no-ip.com
194.62.180.53, 2a07:dc00:180::53

Answer: ns3.no-ip.com
204.16.255.53, 2a07:dc00:2550::53

Answer: ns4.no-ip.com
204.16.254.53, 2620:0:2e64::53
5
nf4.no-ip.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1.no-ip.com, ns2.no-ip.com, ns3.no-ip.com, ns4.no-ip.com

Answer: ns1.no-ip.com
194.62.181.53, 2a07:dc00:1810::53

Answer: ns2.no-ip.com
194.62.180.53, 2a07:dc00:180::53

Answer: ns3.no-ip.com
204.16.255.53, 2a07:dc00:2550::53

Answer: ns4.no-ip.com
204.16.254.53, 2620:0:2e64::53
6
nf5.no-ip.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1.no-ip.com, ns2.no-ip.com, ns3.no-ip.com, ns4.no-ip.com

Answer: ns1.no-ip.com
194.62.181.53, 2a07:dc00:1810::53

Answer: ns2.no-ip.com
194.62.180.53, 2a07:dc00:180::53

Answer: ns3.no-ip.com
204.16.255.53, 2a07:dc00:2550::53

Answer: ns4.no-ip.com
204.16.254.53, 2620:0:2e64::53
7
nf1.no-ip.com: 194.62.182.53
A
ns1.no-ip.com (2a07:dc00:1810::53)
8
nf1.no-ip.com: 2a07:dc00:1820::53
AAAA
ns1.no-ip.com (2a07:dc00:1810::53)
9
nf2.no-ip.com: 45.54.64.53
A
ns1.no-ip.com (2a07:dc00:1810::53)
10
nf2.no-ip.com: 2607:f740:e626::53
AAAA
ns1.no-ip.com (2a07:dc00:1810::53)
11
nf3.no-ip.com: 204.16.253.53
A
ns1.no-ip.com (2a07:dc00:1810::53)
12
nf3.no-ip.com: 2620:0:2e61::53
AAAA
ns1.no-ip.com (2a07:dc00:1810::53)
13
nf4.no-ip.com: 194.62.183.53
A
ns1.no-ip.com (2a07:dc00:1810::53)
14
nf4.no-ip.com: 2a07:dc00:1830::53
AAAA
ns1.no-ip.com (2a07:dc00:1810::53)
15
nf5.no-ip.com: 204.16.253.53
A
ns1.no-ip.com (2a07:dc00:1810::53)
16
nf5.no-ip.com: 2620:0:2e61::53
AAAA
ns1.no-ip.com (2a07:dc00:1810::53)


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
giersmp.zapto.org
0

no CAA entry found
1
0
zapto.org
0

no CAA entry found
1
0
org
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
giersmp.zapto.org

ok
1
0
_acme-challenge.giersmp.zapto.org

Name Error - The domain name does not exist
1
0
_acme-challenge.giersmp.zapto.org.giersmp.zapto.org

Name Error - The domain name does not exist
1
0


15. Portchecks

No Port checks



Permalink: https://check-your-website.server-daten.de/?i=70dcd2a8-644d-41c5-afe9-71b3a9831c64


Last Result: https://check-your-website.server-daten.de/?q=giersmp.zapto.org - 2021-02-23 15:42:27


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=giersmp.zapto.org" target="_blank">Check this Site: giersmp.zapto.org</a>


Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • USt-IdNr.: DE221734518

Errors, ideas, questions? Use the Contact form • A project using Server-Daten - Web Database solutions