Shortcuts: 1. Basic DNS | 2. Url-Checks | 3. Comments | 4. Connections | 5. Certificates | 6. CT-Logs | 7. Html-Content | 8. CAA | 9. TXT |


X

DNS-problem - authoritative Nameserver refused, not defined or timeout

Checked:
15.05.2019 07:02:59


Older results

1. Basic DNS and Nameserver Checks

HostTIP-Addressis auth.∑ Queries∑ Timeout
gun-ice.co.uk
A
94.175.67.29
yes
1
0

AAAA

yes


www.gun-ice.co.uk
A
94.175.67.29
yes
1
0

AAAA

yes



Zone (*)DNSSEC - Informations (beta)
(root)
1 DS RR published

Status: Valid because published

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)

Public Key with Algorithm 8, KeyTag 25266, Flags 256

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.06.2019, 00:00:00, Signature-Inception: 11.05.2019, 00:00:00, KeyTag 20326, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
uk
1 DS RR in the parent zone found

1 RRSIG RR to validate DS RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 27.05.2019, 22:00:00, Signature-Inception: 14.05.2019, 21:00:00, KeyTag 25266, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 25266 used to validate the DS RRSet in the parent zone

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 43056, Flags 256

Public Key with Algorithm 8, KeyTag 43876, Flags 257 (SEP = Secure Entry Point)

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 28.05.2019, 07:25:32, Signature-Inception: 14.05.2019, 07:02:05, KeyTag 43876, Signer-Name: uk

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 43876 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 43876, DigestType 2 and Digest "oQftKsG9FNkkFzvH6CehFTWCByOU+Scro34jU7xllgM=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
co.uk
1 DS RR in the parent zone found

1 RRSIG RR to validate DS RR found

Algorithm: 8, 2 Labels, original TTL: 300 sec, Signature-expiration: 28.05.2019, 12:07:04, Signature-Inception: 14.05.2019, 11:58:13, KeyTag 43056, Signer-Name: uk

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 43056 used to validate the DS RRSet in the parent zone

1 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 33621, Flags 256

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 2 Labels, original TTL: 300 sec, Signature-expiration: 16.06.2019, 12:10:36, Signature-Inception: 12.05.2019, 11:59:55, KeyTag 33621, Signer-Name: co.uk

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 33621 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 33621, DigestType 2 and Digest "uRmdi3/KcQfXjEGNHRvJ6f6dm5sYe9E8ltxLZYJCXNg=" validates local Key with the same values
gun-ice.co.uk
0 DS RR in the parent zone found

DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.

0 DNSKEY RR found


www.gun-ice.co.uk
0 DS RR in the parent zone found


DomainNameserverNS-IP
www.gun-ice.co.uk
  ns.microlite1.com

gun-ice.co.uk
  ns.microlite1.com
109.75.167.7

U  ns2.microlite1.com
109.75.167.11
co.uk
  dns1.nic.uk


  dns2.nic.uk


  dns3.nic.uk


  dns4.nic.uk


  nsa.nic.uk


  nsb.nic.uk


  nsc.nic.uk


  nsd.nic.uk

uk
  dns1.nic.uk


  dns2.nic.uk


  dns3.nic.uk


  dns4.nic.uk


  nsa.nic.uk


  nsb.nic.uk


  nsc.nic.uk


  nsd.nic.uk



SOA - records (beta)

Domain:uk
Primary:dns1.nic.uk
Mail:hostmaster.nic.uk
Serial:1404163692
Refresh:7200
Retry:900
Expire:2419200
TTL:10800
num Entries:8


Domain:co.uk
Primary:dns1.nic.uk
Mail:hostmaster.nominet.org.uk
Serial:1307916464
Refresh:900
Retry:300
Expire:2419200
TTL:10800
num Entries:2


Domain:co.uk
Primary:dns1.nic.uk
Mail:hostmaster.nominet.org.uk
Serial:1307916465
Refresh:900
Retry:300
Expire:2419200
TTL:10800
num Entries:6


Domain:gun-ice.co.uk
Primary:ns.microlite1.com
Mail:root.microlite1.com
Serial:1085240522
Refresh:10800
Retry:3600
Expire:604800
TTL:3840
num Entries:1


Domain:www.gun-ice.co.uk
Primary:ns.microlite1.com
Mail:root.microlite1.com
Serial:1085240522
Refresh:10800
Retry:3600
Expire:604800
TTL:3840
num Entries:1


2. Url-Checks


show header:
Domainname Http-StatusredirectSec.G
• http://gun-ice.co.uk/
94.175.67.29
200

1.190
H
Server: nginx/1.4.6 (Ubuntu)
Date: Wed, 15 May 2019 05:02:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Link: <http://gun-ice.co.uk/index.php?rest_route=/>; rel="https://api.w.org/",<http://gun-ice.co.uk/>; rel=shortlink
Vary: Accept-Encoding

• http://www.gun-ice.co.uk/
94.175.67.29
404

0.120
M
Not Found
Server: nginx/1.4.6 (Ubuntu)
Date: Wed, 15 May 2019 05:02:55 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 281
Connection: close

• https://gun-ice.co.uk/
94.175.67.29
404

0.530
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 15 May 2019 05:04:33 GMT
Connection: close
Content-Length: 315

• https://www.gun-ice.co.uk/
94.175.67.29
404

0.520
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Wed, 15 May 2019 05:04:33 GMT
Connection: close
Content-Length: 315

• http://gun-ice.co.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
94.175.67.29
404

0.113
A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.4.18 (Ubuntu) Server at gun-ice.co.uk Port 80
Server: nginx/1.4.6 (Ubuntu)
Date: Wed, 15 May 2019 05:02:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 346
Connection: close

• http://www.gun-ice.co.uk/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
94.175.67.29
404

0.110
A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server. Apache/2.4.18 (Ubuntu) Server at www.gun-ice.co.uk Port 80
Server: nginx/1.4.6 (Ubuntu)
Date: Wed, 15 May 2019 05:02:57 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 350
Connection: close

3. Comments

Aname "gun-ice.co.uk" is domain, public suffix is "co.uk", top-level-domain-type is "country-code", Country is United Kingdom of Great Britain and Northern Ireland, tld-manager is "Nominet UK"
Agood: All ip addresses are public addresses
Agood - only one version with Http-Status 200
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Hfatal error: No https - result with http-status 200, no encryption
Hfatal error: http result with http-status 200, no encryption
Mhttp://www.gun-ice.co.uk/ 94.175.67.29
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://gun-ice.co.uk/ 94.175.67.29
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://www.gun-ice.co.uk/ 94.175.67.29
404

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://gun-ice.co.uk/ 94.175.67.29
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://www.gun-ice.co.uk/ 94.175.67.29
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
XFatal error: Nameserver isn't defined or has timeout
XFatal error: Nameserver doesn't support TCP connection: ns2.microlite1.com / 109.75.167.11: Fatal error - no NameServer IP-Address or connection. Details: One or more errors occurred. - No connection could be made because the target machine actively refused it 109.75.167.11:53
XNameserver Timeout checking Echo Capitalization: ns2.microlite1.com / 109.75.167.11
XNameserver Timeout checking EDNS512: ns2.microlite1.com / 109.75.167.11
Nameserver doesn't pass all EDNS-Checks: dns1.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns1.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns2.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns2.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns3.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns3.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns4.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns4.nic.uk: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. V1DNSSEC: ok. NSID: ok. COOKIE: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns2.microlite1.com / 109.75.167.11: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate
AInfo: Different Server-Headers found
ADuration: 95734 milliseconds, 95.734 seconds


4. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
gun-ice.co.uk
94.175.67.29
443
Certificate/chain invalid and wrong name
Tls12
DiffieHellman
2048
Aes256
256
Sha384
error checking OCSP stapling
ok
Self signed certificate
1CN=Windows Media Player Network Sharing Service (DESKTOP-RN8L830)
www.gun-ice.co.uk
94.175.67.29
443
Certificate/chain invalid and wrong name
Tls12
DiffieHellman
2048
Aes256
256
Sha384
error checking OCSP stapling
ok
Self signed certificate
1CN=Windows Media Player Network Sharing Service (DESKTOP-RN8L830)


5. Certificates

1.
1.
CN=Windows Media Player Network Sharing Service (DESKTOP-RN8L830)
16.01.2019
16.01.2119
expires in 36394 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:2656D6DFD22B51BB4104343BEDBEA230
Thumbprint:CA65D45F1F4E97611F696AEAA2E31CFB5EEDAC8C
SHA256 / Certificate:M6C+lQaOkua/8Y77dwFN9DRaDazQqpJHK3UngYpW9y8=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):234369243c79134aad4e1c96a7ff332dcda8a8d0bfe6c7c14b92e168e19292a4
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


6. Last Certificates - Certificate Transparency Log Check (BETA)

1. Source CertSpotter - active certificates

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0
1
1

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
911733850
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-05-14 15:45:16
2019-08-12 15:45:16
gun-ice.co.uk
1 entries



2. Source crt.sh - old and new certificates, sometimes very slow.

No CRT - CT-Log entries found


7. Html-Content - Entries (BETA - mixed content and other checks)

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://gun-ice.co.uk/
94.175.67.29
meta
other
1

0






https://www.gun-ice.co.uk/
94.175.67.29
meta
other
1

0






Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://gun-ice.co.uk/
94.175.67.29
meta
Content-Type
text/html; charset=us-ascii


1
ok


https://www.gun-ice.co.uk/
94.175.67.29
meta
Content-Type
text/html; charset=us-ascii


1
ok



8. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.gun-ice.co.uk
0

no CAA entry found
1
0
gun-ice.co.uk
0

no CAA entry found
1
0
co.uk
0

no CAA entry found
1
0
uk
0

no CAA entry found
1
0


9. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
gun-ice.co.uk
94.175.67.29
ok
1
0
www.gun-ice.co.uk

ok
1
0
_acme-challenge.gun-ice.co.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.www.gun-ice.co.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.gun-ice.co.uk.gun-ice.co.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.www.gun-ice.co.uk.gun-ice.co.uk

Name Error - The domain name does not exist
1
0
_acme-challenge.www.gun-ice.co.uk.www.gun-ice.co.uk

Name Error - The domain name does not exist
1
0



Permalink: https://check-your-website.server-daten.de/?i=dec6d89f-de58-4ca8-999d-212274b387a4


Last Result: https://check-your-website.server-daten.de/?q=gun-ice.co.uk - 2019-05-15 07:02:59