Check DNS, Urls + Redirects, Certificates and Content of your Website




1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
kicktone.com
A
104.21.42.241
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes
1
0

A
172.67.213.108
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes
1
0

AAAA
2606:4700:3033::6815:2af1
Montreal/Quebec/Canada (CA) - Cloudflare, Inc.

yes



AAAA
2606:4700:3034::ac43:d56c
Montreal/Quebec/Canada (CA) - Cloudflare, Inc.

yes


www.kicktone.com
A
104.21.42.241
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes
1
0

A
172.67.213.108
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.
No Hostname found
yes
1
0

AAAA
2606:4700:3033::6815:2af1
Montreal/Quebec/Canada (CA) - Cloudflare, Inc.

yes



AAAA
2606:4700:3034::ac43:d56c
Montreal/Quebec/Canada (CA) - Cloudflare, Inc.

yes


kicktone.com
A
188.114.96.3
Amsterdam/North Holland/Netherlands (NL) - Cloudflare, Inc.
No Hostname found
no



A
188.114.97.3
Amsterdam/North Holland/Netherlands (NL) - Cloudflare, Inc.
No Hostname found
no


www.kicktone.com
A
188.114.96.3
Amsterdam/North Holland/Netherlands (NL) - Cloudflare, Inc.
No Hostname found
no



A
188.114.97.3
Amsterdam/North Holland/Netherlands (NL) - Cloudflare, Inc.
No Hostname found
no


*.kicktone.com
A

yes



AAAA

yes



CNAME
kt-apollo-a.cloudapp.net
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 20826, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 30.09.2022, 00:00:00 +, Signature-Inception: 09.09.2022, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest 4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=



1 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 25.09.2022, 21:00:00 +, Signature-Inception: 12.09.2022, 20:00:00 +, KeyTag 20826, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20826 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 32298, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 27.09.2022, 18:24:21 +, Signature-Inception: 12.09.2022, 18:19:21 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: kicktone.com
kicktone.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "aa59gd5j5psee7s65cc5sk2dbbcgq2hm" between the hashed NSEC3-owner "aa59b7acf9leo2e3jdbbtn8njc000n93" and the hashed NextOwner "aa59hnrdmterv4fut9c92bke3hiecs4v". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner aa59b7acf9leo2e3jdbbtn8njc000n93.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 16.09.2022, 05:48:35 +, Signature-Inception: 09.09.2022, 04:38:35 +, KeyTag 32298, Signer-Name: com



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q2d6ni4i7eqh8na30ns61o48ul8g5". So that domain name is the Closest Encloser of "kicktone.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 16.09.2022, 04:24:29 +, Signature-Inception: 09.09.2022, 03:14:29 +, KeyTag 32298, Signer-Name: com



0 DNSKEY RR found




Zone: www.kicktone.com
www.kicktone.com
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.kicktone.com
  donna.ns.cloudflare.com / 67m63

kicktone.com
  donna.ns.cloudflare.com / 67m40
108.162.192.151
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


 
172.64.32.151
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


 
173.245.58.151
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


 
2606:4700:50::adf5:3a97
Montreal/Quebec/Canada (CA) - Cloudflare, Inc.


 
2803:f800:50::6ca2:c097
San José/Provincia de San Jose/Costa Rica (CR) - Cloudflare, Inc.


 
2a06:98c1:50::ac40:2097
London/England/United Kingdom (GB) - CloudFLARENET-EU


  justin.ns.cloudflare.com / 67m59
108.162.193.187
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


 
172.64.33.187
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


 
173.245.59.187
Toronto/Ontario/Canada (CA) - Cloudflare, Inc.


 
2606:4700:58::adf5:3bbb
Montreal/Quebec/Canada (CA) - Cloudflare, Inc.


 
2803:f800:50::6ca2:c1bb
San José/Provincia de San Jose/Costa Rica (CR) - Cloudflare, Inc.


 
2a06:98c1:50::ac40:21bb
London/England/United Kingdom (GB) - CloudFLARENET-EU

com
  a.gtld-servers.net / nnn1-par6


  b.gtld-servers.net / nnn1-eltxl2


  c.gtld-servers.net / nnn1-par6


  d.gtld-servers.net / nnn1-par6


  e.gtld-servers.net / nnn1-par6


  f.gtld-servers.net / nnn1-fra5


  g.gtld-servers.net / nnn1-fra5


  h.gtld-servers.net / nnn1-fra5


  i.gtld-servers.net / nnn1-fra5


  j.gtld-servers.net / nnn1-lon5


  k.gtld-servers.net / nnn1-lon5


  l.gtld-servers.net / nnn1-lon5


  m.gtld-servers.net / nnn1-lon5


4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1663035762
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:2


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1663035777
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:11


Domain:kicktone.com
Zone-Name:kicktone.com
Primary:donna.ns.cloudflare.com
Mail:dns.cloudflare.com
Serial:2277753900
Refresh:10000
Retry:2400
Expire:604800
TTL:3600
num Entries:12


Domain:www.kicktone.com
Zone-Name:kicktone.com
Primary:donna.ns.cloudflare.com
Mail:dns.cloudflare.com
Serial:2277753900
Refresh:10000
Retry:2400
Expire:604800
TTL:3600
num Entries:1


5. Screenshots

No Screenshot listed, because no url-check with https + http status 200-299, 400-599 + not-ACME-check found.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://kicktone.com/
104.21.42.241
301
https://kicktone.com/
0.063
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mB1DP596EAfE5mbR6ZG9oLRVuffiM9a22Mb6MMqJ%2Bk%2BsHUDsceQyaVLnGpKPKrU1%2B%2B8pnTow82laGSbdh8u9jEQXJUruTK6enwNepa3EKDWfkm6Zyt8TS5NS8Mr5d0s%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c92cc5292a1-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://kicktone.com/
172.67.213.108
301
https://kicktone.com/
0.063
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nTufOXosLuoJURCedNc7ybtFsW%2FsDm2OmrI1Tm0yDgexLARmWmgucG0pLgGbx8QBKiPN0TP5f11utMcGd8mNzUL6xU67oTxnWz5hz%2BeTIuU%2FJwrfWH2fQHnj4vcWBPc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c934e28d722-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://kicktone.com/
188.114.96.3
301
https://kicktone.com/
0.053
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V%2BobOQzYu438Bn98FXccqz%2FXjHzWzmi5utrg0RyERDZ0TPTqNsviXcdc3J3f2ZPL9Q9nDWhMMtgrRgz3TarW0hU2VstWBnuRMs5%2BjMd6Qg6xxlXhFQ3jDx9Qt1kqWi0%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c93a8759bd7-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://kicktone.com/
188.114.97.3
301
https://kicktone.com/
0.057
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ml2pcDAqtNhgAAkqHLgfgtQ2GgI11XA%2F2Ktro2my2KmbD3vlrx6czCOwZmSJPFw6R6cWWyL3ZirQaVN0odBuwtPpq2AemJcMVcY87Szz5iEZV4%2FMgYoD2npftC54fuo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c941ffcb846-AMS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://kicktone.com/
2606:4700:3033::6815:2af1
301
https://kicktone.com/
0.050
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LGXW%2FOrV4gF%2FA2SFUtjzYuqs27cpaGM%2FbUj0t7aJVZRsGiQlsNP9q0IAOFaSip3QzsnLnVvHcr%2FCVruMg%2FOYqOA6NLIt2BrOcJCmFlVtZXpjMgE3PCGgM7OBWAaLifgUQJl88eDE7kIHL6Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c948f03927f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://kicktone.com/
2606:4700:3034::ac43:d56c
301
https://kicktone.com/
0.060
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8OFHLiBsAeCU7i9B%2BrBCCGM3wTAcBsTd%2Bp%2FBrvT%2FnS3%2BYm3eYR9Mc3YZpRVWUh2be2NpacRg7eY98CpQ%2FpnhVW9jJP16LPoRfJp%2FNAIOhxISbiRdfioWszO3ujUJk%2FSsPd0M8AQEqTmR%2Bxw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c94ec119036-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://www.kicktone.com/
104.21.42.241
301
https://www.kicktone.com/
0.046
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://www.kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zK3yAkcORCUlGZUqSFQYC6t7F%2BERA6Xsf2Vgrtwlc2Udl2iArm5%2B2oygv37LvAIzOqsSi7k0h0jzYEl1D6yAnpEjfDvS0xOLKTX8MlSz9XoGJ9%2Fsww6aPJsB5PmqvQmZAF1P"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c95586790b2-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://www.kicktone.com/
172.67.213.108
301
https://www.kicktone.com/
0.070
A
Date: Tue, 13 Sep 2022 02:24:00 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://www.kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9k6ON%2BhOg7uCuJp7y3SoW3nk1PakrN%2Blb10Q3pscd5wNp8IKcMPuigpqqVAFIYTQTcLxSzYwlU108w6eIKGTdb3Q3%2Bq8IxbR3YmnnzarkkU1L3C%2Foc54GaAAYhODcn7B%2BGaD"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c95cb84d5b8-CDG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://www.kicktone.com/
188.114.96.3
301
https://www.kicktone.com/
0.046
A
Date: Tue, 13 Sep 2022 02:24:01 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:01 GMT
Location: https://www.kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kfkDOr1ZoyjTBr08%2FNp662qhIOYQjFsTQDgQF4lUocaKkRYOCQ5x4gHtZDBTeO59Krr%2F8lIa0%2BA0BYGlGYq9FEbdxLooDwFHX%2Ff2GOQjBy3h4kBMQcYpp94CP8CSVP7TK%2BzL"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c970d80693f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://www.kicktone.com/
188.114.97.3
301
https://www.kicktone.com/
0.063
A
Date: Tue, 13 Sep 2022 02:24:01 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:01 GMT
Location: https://www.kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBM5Mh1g9HoUyMLJcWFyKMnSuZliAzC7n0Fm5AYCcM0fpG9DjnIvTR5UteBX%2B6LOLFJ6dtElSjpUSYvRlM9SeI70HytI4Eim1tKsZzKFklcRFsuuetuPKvLjsP5vi1KjKMeC"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c977f2a9158-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://www.kicktone.com/
2606:4700:3033::6815:2af1
301
https://www.kicktone.com/
0.050
A
Date: Tue, 13 Sep 2022 02:24:01 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:00 GMT
Location: https://www.kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iWAGoTRTmZ4znaw2dz8uhErt8fn8AO2G5uDrclEY80ujFMIiISV4eKjFB2shr6DblIlqapiY9m8XyNYSBg99JFGTBbKSFMOhkBqQg6IGhysHgpmgXT0uAssTsTj405MMD20UGoMWXJ%2BaVsI55ksM"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c9639079b9a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• http://www.kicktone.com/
2606:4700:3034::ac43:d56c
301
https://www.kicktone.com/
0.050
A
Date: Tue, 13 Sep 2022 02:24:01 GMT
Transfer-Encoding: chunked
Connection: close
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 03:24:01 GMT
Location: https://www.kicktone.com/
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rDBY%2Fmg1N%2BU%2BD9iHtwAx0Y9md%2BWO8V9DP87N%2BZikdGmOLkTjVab04IER%2Fr5mIb%2BtkuZy%2BNB%2BbSzwBhQHDPlfEy3kcfg0lp3dDXqjmGscNx7ukzFObxVthtJgq18Ntvr3J3Vo5ISUIp56TD5cqdaS"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749d6c96a8e4920e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

• https://kicktone.com/
104.21.42.241
-14

12.073
T
Timeout - The operation has timed out

• https://kicktone.com/
172.67.213.108
-14

12.446
T
Timeout - The operation has timed out

• https://kicktone.com/
188.114.96.3
-14

12.067
T
Timeout - The operation has timed out

• https://kicktone.com/
188.114.97.3
-14

12.070
T
Timeout - The operation has timed out

• https://kicktone.com/
2606:4700:3033::6815:2af1
-14

12.080
T
Timeout - The operation has timed out

• https://kicktone.com/
2606:4700:3034::ac43:d56c
-14

12.030
T
Timeout - The operation has timed out

• https://www.kicktone.com/
104.21.42.241
-14

12.160
T
Timeout - The operation has timed out

• https://www.kicktone.com/
172.67.213.108
-14

12.210
T
Timeout - The operation has timed out

• https://www.kicktone.com/
188.114.96.3
-14

12.017
T
Timeout - The operation has timed out

• https://www.kicktone.com/
188.114.97.3
-14

12.063
T
Timeout - The operation has timed out

• https://www.kicktone.com/
2606:4700:3033::6815:2af1
-14

12.076
T
Timeout - The operation has timed out

• https://www.kicktone.com/
2606:4700:3034::ac43:d56c
-14

12.057
T
Timeout - The operation has timed out

• http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
104.21.42.241
-14

10.047
T
Timeout - The operation has timed out
Visible Content:

• http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
172.67.213.108
-14

10.033
T
Timeout - The operation has timed out
Visible Content:

• http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
188.114.96.3
-14

10.026
T
Timeout - The operation has timed out
Visible Content:

• http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
188.114.97.3
-14

10.034
T
Timeout - The operation has timed out
Visible Content:

• http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2606:4700:3033::6815:2af1
-14

10.027
T
Timeout - The operation has timed out
Visible Content:

• http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2606:4700:3034::ac43:d56c
-14

10.027
T
Timeout - The operation has timed out
Visible Content:

• http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
104.21.42.241
-14

10.037
T
Timeout - The operation has timed out
Visible Content:

• http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
172.67.213.108
-14

10.023
T
Timeout - The operation has timed out
Visible Content:

• http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
188.114.96.3
-14

10.030
T
Timeout - The operation has timed out
Visible Content:

• http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
188.114.97.3
-14

10.026
T
Timeout - The operation has timed out
Visible Content:

• http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2606:4700:3033::6815:2af1
-14

10.040
T
Timeout - The operation has timed out
Visible Content:

• http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2606:4700:3034::ac43:d56c
-14

10.047
T
Timeout - The request was aborted: The operation has timed out.
Visible Content:

• https://188.114.96.3/
188.114.96.3
-10

0.043
P
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

• https://188.114.97.3/
188.114.97.3
-10

0.040
P
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

• https://104.21.42.241/
104.21.42.241
-10

0.040
P
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

• https://172.67.213.108/
172.67.213.108
-10

0.067
P
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

• https://[2606:4700:3033:0000:0000:0000:6815:2af1]/
2606:4700:3033::6815:2af1
-10

0.044
P
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

• https://[2606:4700:3034:0000:0000:0000:ac43:d56c]/
2606:4700:3034::ac43:d56c
-10

0.040
P
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.

7. Comments


1. General Results, most used to calculate the result

Aname "kicktone.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 75637 (complete: 199047)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: kicktone.com has 4 different ip addresses (authoritative).
AGood: Minimal 2 ip addresses per domain name found: www.kicktone.com has 4 different ip addresses (authoritative).
AGood: Ipv4 and Ipv6 addresses per domain name found: kicktone.com has 2 ipv4, 2 ipv6 addresses
AGood: Ipv4 and Ipv6 addresses per domain name found: www.kicktone.com has 2 ipv4, 2 ipv6 addresses
AGood: No asked Authoritative Name Server had a timeout
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
CError - no version with Http-Status 200
HFatal error: No https - result with http-status 200, no encryption
Phttps://104.21.42.241/ 104.21.42.241
-10

Error creating a TLS-Connection: No more details available.
Phttps://172.67.213.108/ 172.67.213.108
-10

Error creating a TLS-Connection: No more details available.
Phttps://188.114.96.3/ 188.114.96.3
-10

Error creating a TLS-Connection: No more details available.
Phttps://188.114.97.3/ 188.114.97.3
-10

Error creating a TLS-Connection: No more details available.
Phttps://[2606:4700:3033:0000:0000:0000:6815:2af1]/ 2606:4700:3033::6815:2af1
-10

Error creating a TLS-Connection: No more details available.
Phttps://[2606:4700:3034:0000:0000:0000:ac43:d56c]/ 2606:4700:3034::ac43:d56c
-10

Error creating a TLS-Connection: No more details available.
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain kicktone.com, 4 ip addresses.
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain www.kicktone.com, 4 ip addresses.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain kicktone.com, 4 ip addresses.
Info: Checking the ip addresses of that domain name not exact one certificate found. So it's impossible to check if that domain requires Server Name Indication (SNI).: Domain www.kicktone.com, 4 ip addresses.

2. DNS- and NameServer - Checks

AInfo:: 7 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 2 Name Servers.
AInfo:: 7 Queries complete, 7 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 3.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 2 different Name Servers found: donna.ns.cloudflare.com, justin.ns.cloudflare.com, 2 Name Servers included in Delegation: donna.ns.cloudflare.com, justin.ns.cloudflare.com, 2 Name Servers included in 1 Zone definitions: donna.ns.cloudflare.com, justin.ns.cloudflare.com, 1 Name Servers listed in SOA.Primary: donna.ns.cloudflare.com.
AGood: Only one SOA.Primary Name Server found.: donna.ns.cloudflare.com.
AGood: SOA.Primary Name Server included in the delegation set.: donna.ns.cloudflare.com.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: donna.ns.cloudflare.com, justin.ns.cloudflare.com
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 2 different Name Servers found
Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 2 Name Servers, 1 Top Level Domain: com
Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: cloudflare.com
AGood: Name servers with different Country locations found: 2 Name Servers, 3 Countries: CA, CR, GB
AInfo: Ipv4-Subnet-list: 6 Name Servers, 3 different subnets (first Byte): 108., 172., 173., 3 different subnets (first two Bytes): 108.162., 172.64., 173.245., 6 different subnets (first three Bytes): 108.162.192., 108.162.193., 172.64.32., 172.64.33., 173.245.58., 173.245.59.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 6 Name Servers with IPv6, 3 different subnets (first block): 2606:, 2803:, 2a06:, 3 different subnets (first two blocks): 2606:4700:, 2803:f800:, 2a06:98c1:, 4 different subnets (first three blocks): 2606:4700:0050:, 2606:4700:0058:, 2803:f800:0050:, 2a06:98c1:0050:, 4 different subnets (first four blocks): 2606:4700:0050:0000:, 2606:4700:0058:0000:, 2803:f800:0050:0000:, 2a06:98c1:0050:0000:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 12 good Nameserver
AGood: Nameserver supports Echo Capitalization: 12 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 12 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 12 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.21.42.241
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.67.213.108
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 188.114.96.3
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 188.114.97.3
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2606:4700:3033::6815:2af1
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2606:4700:3034::ac43:d56c
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 104.21.42.241
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 172.67.213.108
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 188.114.96.3
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 188.114.97.3
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2606:4700:3033::6815:2af1
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.kicktone.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2606:4700:3034::ac43:d56c
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 341426 milliseconds, 341.426 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
kicktone.com
104.21.42.241
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
kicktone.com
104.21.42.241
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


kicktone.com
172.67.213.108
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

kicktone.com
172.67.213.108
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


kicktone.com
188.114.96.3
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

kicktone.com
188.114.96.3
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


kicktone.com
188.114.97.3
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

kicktone.com
188.114.97.3
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


kicktone.com
2606:4700:3033::6815:2af1
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

kicktone.com
2606:4700:3033::6815:2af1
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


kicktone.com
2606:4700:3034::ac43:d56c
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

kicktone.com
2606:4700:3034::ac43:d56c
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


www.kicktone.com
104.21.42.241
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.kicktone.com
104.21.42.241
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


www.kicktone.com
172.67.213.108
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.kicktone.com
172.67.213.108
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


www.kicktone.com
188.114.96.3
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.kicktone.com
188.114.96.3
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


www.kicktone.com
188.114.97.3
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.kicktone.com
188.114.97.3
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


www.kicktone.com
2606:4700:3033::6815:2af1
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.kicktone.com
2606:4700:3033::6815:2af1
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


www.kicktone.com
2606:4700:3034::ac43:d56c
443
ok
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
supported
ok

www.kicktone.com
2606:4700:3034::ac43:d56c
443
ok
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, C=US, ST=California

2CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US


9. Certificates

1.
1.
CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, S=California, C=US
11.05.2022
11.05.2023
expires in 221 days
*.kicktone.com, kicktone.com, sni.cloudflaressl.com - 3 entries
1.
1.
CN=sni.cloudflaressl.com, O="Cloudflare, Inc.", L=San Francisco, S=California, C=US
11.05.2022

11.05.2023
expires in 221 days
*.kicktone.com, kicktone.com, sni.cloudflaressl.com - 3 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA256
Serial Number:04302CB47E8EF8EFCD166753B87BB9DC
Thumbprint:5F8F780C26B0CBD5052E9880E06349867CE71E7C
SHA256 / Certificate:cw4pQkQvEjnVW1x0bUi0nN+vQo5lUacCfnTTQIxuG0A=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):00f145caa15d915bdcf6bdde5d026896db0e09431d54c627ed9e676f92e52839
SHA256 hex / Subject Public Key Information (SPKI):00f145caa15d915bdcf6bdde5d026896db0e09431d54c627ed9e676f92e52839 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
27.01.2020
01.01.2025
expires in 822 days


2.
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
27.01.2020

01.01.2025
expires in 822 days


KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0A3787645E5FB48C224EFD1BED140C3C
Thumbprint:B3DD7606D2B5A8B4A13771DBECC9EE1CECAFA38A
SHA256 / Certificate:OrvmPa91bFAWtrhfUgFf2Oisvid8UIexJ6YFY6hB7Yo=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):144cd5394a78745de02346553d126115b48955747eb9098c1fae7186cd60947e
SHA256 hex / Subject Public Key Information (SPKI):144cd5394a78745de02346553d126115b48955747eb9098c1fae7186cd60947e
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000
13.05.2025
expires in 954 days


3.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000

13.05.2025
expires in 954 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:020000B9
Thumbprint:D4DE20D05E66FC53FE1A50882C78DB2852CAE474
SHA256 / Certificate:Fq9XqfZ2sKsSYJWqXrre8iqzERnWRKyVzUuT2/Pyaus=
SHA256 hex / Cert (DANE * 0 1):16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
SHA256 hex / PublicKey (DANE * 1 1):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SHA256 hex / Subject Public Key Information (SPKI):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
0
1
2

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
3716646616
precert
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
2022-05-11 00:00:00
2023-05-10 23:59:59
*.kicktone.com, kicktone.com, sni.cloudflaressl.com - 3 entries


2622099641
precert
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
2021-06-11 00:00:00
2022-06-10 23:59:59
*.kicktone.com, kicktone.com, sni.cloudflaressl.com - 3 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
0
1
2

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
6707771739
precert
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
2022-05-10 22:00:00
2023-05-10 21:59:59
*.kicktone.com, kicktone.com, sni.cloudflaressl.com
3 entries


4685276439
precert
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
2021-06-10 22:00:00
2022-06-10 21:59:59
*.kicktone.com, kicktone.com, sni.cloudflaressl.com
3 entries



11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404


12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: donna.ns.cloudflare.com, justin.ns.cloudflare.com

QNr.DomainTypeNS used
1
com
NS
m.root-servers.net (2001:dc3::35)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
donna.ns.cloudflare.com
NS
l.gtld-servers.net (2001:500:d937::30)

Answer: ns3.cloudflare.com, ns4.cloudflare.com, ns5.cloudflare.com, ns6.cloudflare.com, ns7.cloudflare.com

Answer: ns3.cloudflare.com
162.159.0.33, 162.159.7.226, 2400:cb00:2049:1::a29f:21, 2400:cb00:2049:1::a29f:7e2

Answer: ns4.cloudflare.com
162.159.1.33, 162.159.8.55, 2400:cb00:2049:1::a29f:121, 2400:cb00:2049:1::a29f:837

Answer: ns5.cloudflare.com
162.159.2.9, 162.159.9.55, 2400:cb00:2049:1::a29f:209, 2400:cb00:2049:1::a29f:937

Answer: ns6.cloudflare.com
162.159.3.11, 162.159.5.6, 2400:cb00:2049:1::a29f:30b, 2400:cb00:2049:1::a29f:506

Answer: ns7.cloudflare.com
162.159.4.8
3
justin.ns.cloudflare.com
NS
l.gtld-servers.net (2001:500:d937::30)

Answer: ns3.cloudflare.com, ns4.cloudflare.com, ns5.cloudflare.com, ns6.cloudflare.com, ns7.cloudflare.com

Answer: ns3.cloudflare.com
162.159.0.33, 162.159.7.226, 2400:cb00:2049:1::a29f:21, 2400:cb00:2049:1::a29f:7e2

Answer: ns4.cloudflare.com
162.159.1.33, 162.159.8.55, 2400:cb00:2049:1::a29f:121, 2400:cb00:2049:1::a29f:837

Answer: ns5.cloudflare.com
162.159.2.9, 162.159.9.55, 2400:cb00:2049:1::a29f:209, 2400:cb00:2049:1::a29f:937

Answer: ns6.cloudflare.com
162.159.3.11, 162.159.5.6, 2400:cb00:2049:1::a29f:30b, 2400:cb00:2049:1::a29f:506

Answer: ns7.cloudflare.com
162.159.4.8
4
donna.ns.cloudflare.com: 108.162.192.151, 172.64.32.151, 173.245.58.151
A
ns3.cloudflare.com (2400:cb00:2049:1::a29f:21)
5
donna.ns.cloudflare.com: 2606:4700:50::adf5:3a97, 2803:f800:50::6ca2:c097, 2a06:98c1:50::ac40:2097
AAAA
ns3.cloudflare.com (2400:cb00:2049:1::a29f:21)
6
justin.ns.cloudflare.com: 108.162.193.187, 172.64.33.187, 173.245.59.187
A
ns3.cloudflare.com (2400:cb00:2049:1::a29f:21)
7
justin.ns.cloudflare.com: 2606:4700:58::adf5:3bbb, 2803:f800:50::6ca2:c1bb, 2a06:98c1:50::ac40:21bb
AAAA
ns3.cloudflare.com (2400:cb00:2049:1::a29f:21)


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.kicktone.com
0

no CAA entry found
1
0
kicktone.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
kicktone.com
ALIAS for kt-apollo-a.cloudapp.net
ok
1
0
kicktone.com
google-site-verification=GS4ihZ64FXOgTqCL_JvSc5ZckmRLu4oyvtXJTohPgf4
ok
1
0
kicktone.com
v=spf1 a include:_spf.google.com include:sendgrid.net include:spf.mail.intercom.io ~all
ok
1
0
www.kicktone.com

ok
1
0
_acme-challenge.kicktone.com
DS40u6MenSo5if_-R9LqCxe0FA-Fu5YYA6XY0wifkG8
looks good, correct length, correct characters
1
0
_acme-challenge.www.kicktone.com
oUJHyaLZqzvUtzFNr6fxzJ33R4DmDaKZy9COoqIvMVU
looks good, correct length, correct characters
1
0
_acme-challenge.kicktone.com.kicktone.com


1
0
_acme-challenge.www.kicktone.com.kicktone.com


1
0
_acme-challenge.www.kicktone.com.www.kicktone.com

Name Error - The domain name does not exist
1
0


15. DomainService - Entries (SSHFP Check is new - 2022-09-24, may be incomplete, alpha, some results are required)

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

kicktone.com
1
aspmx.l.google.com
0
5
ok


A


142.250.27.26
0
1
ok


AAAA


2a00:1450:4025:402::1a
0
1
ok


CNAME



0
0
ok

MX

kicktone.com
5
alt1.aspmx.l.google.com
0
5
ok


A


142.251.9.27
0
1
ok


AAAA


2a00:1450:4025:c03::1b
0
1
ok


CNAME



0
0
ok

MX

kicktone.com
5
alt2.aspmx.l.google.com
0
5
ok


A


142.250.150.27
0
1
ok


AAAA


2a00:1450:4010:c1c::1a
0
1
ok


CNAME



0
0
ok

MX

kicktone.com
10
aspmx2.googlemail.com
0
5
ok


A


142.251.9.27
0
1
ok


AAAA


2a00:1450:4025:c03::1b
0
1
ok


CNAME



0
0
ok

MX

kicktone.com
10
aspmx3.googlemail.com
0
5
ok


A


142.250.150.27
0
1
ok


AAAA


2a00:1450:4010:c1c::1a
0
1
ok


CNAME



0
0
ok



16. Cipher Suites

DomainIPPortCipher (OpenSsl / IANA)



Skipped, CDN used or too many ip addresses






17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=1dd4d4ed-e18f-43d0-840c-1e56157def87


Last Result: https://check-your-website.server-daten.de/?q=kicktone.com - 2022-09-13 04:23:08


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=kicktone.com" target="_blank">Check this Site: kicktone.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro