Check DNS, Urls + Redirects, Certificates and Content of your Website

hide

skip EDNS-Check

skip Content-Check

check links

No trusted Certificate

Checked:
13.08.2019 22:07:14

Older results

No older results found

1. IP-Addresses

Host	T	IP-Address	is auth.	∑ Queries	∑ Timeout
kstaw.esesja.pl	A	178.212.120.22 Krasnystaw/Lublin/Poland (PL) - Akasha.net Sp. z o.o. No Hostname found	yes	1	0
	AAAA		yes
www.kstaw.esesja.pl		Name Error	yes	1	0

2. DNSSEC

Zone (*)	DNSSEC - Informations (beta)

Zone: (root)
(root)	1 DS RR published


	• Status: Valid because published


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 59944, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	• Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 31.08.2019, 00:00:00, Signature-Inception: 10.08.2019, 00:00:00, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: pl
pl	1 DS RR in the parent zone found


	1 RRSIG RR to validate DS RR found


	Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 26.08.2019, 17:00:00, Signature-Inception: 13.08.2019, 16:00:00, KeyTag 59944, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 59944 used to validate the DS RRSet in the parent zone


	4 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 24243, Flags 256


	Public Key with Algorithm 8, KeyTag 25412, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 39175, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 44893, Flags 256


	2 RRSIG RR to validate DNSKEY RR found


	• Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 11.09.2019, 12:00:00, Signature-Inception: 12.08.2019, 12:00:00, KeyTag 39175, Signer-Name: pl


	• Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 11.09.2019, 12:00:00, Signature-Inception: 12.08.2019, 12:00:00, KeyTag 44893, Signer-Name: pl


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 39175 used to validate the DNSKEY RRSet


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 44893 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 39175, DigestType 2 and Digest "B5M1Z3oGofQ1SbgcRAoeqMynU4ygz/ez8sQ+rtvFD8s=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: esesja.pl
esesja.pl	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.


	0 DNSKEY RR found




Zone: kstaw.esesja.pl
kstaw.esesja.pl	0 DS RR in the parent zone found


	0 DNSKEY RR found




Zone: www.kstaw.esesja.pl
www.kstaw.esesja.pl	0 DS RR in the parent zone found

3. Name Servers

Domain	Nameserver	NS-IP
www.kstaw.esesja.pl	• ns10.az.pl
kstaw.esesja.pl	• ns10.az.pl / ns10.az.pl	46.242.144.100 Szczecin/West Pomerania/Poland (PL) - home.pl network	•
esesja.pl	• ns10.az.pl / ns10.az.pl		•
	• ns11.az.pl / ns11.az.pl		•
pl	• a-dns.pl / Polish ccTLD infrustructure		•
	• b-dns.pl / b-decix		•
	• c-dns.pl		•
	• d-dns.pl / Polish ccTLD infrustructure		•
	• e-dns.pl / Polish ccTLD infrastructure		•
	• f-dns.pl		•
	• g-dns.pl		•
	T h-dns.pl		•
	• i-dns.pl		•

4. SOA-Entries

Domain:	pl
Primary:	a-dns.pl
Mail:	dnsmaster.nask.pl
Serial:	1565704840
Refresh:	900
Retry:	300
Expire:	2592000
TTL:	3600
num Entries:	8

Domain:	esesja.pl
Primary:	ns10.az.pl
Mail:	admin.az.pl
Serial:	2011050604
Refresh:	10800
Retry:	3600
Expire:	604800
TTL:	3600
num Entries:	2

Domain:	kstaw.esesja.pl
Primary:	ns10.az.pl
Mail:	admin.az.pl
Serial:	2011050604
Refresh:	10800
Retry:	3600
Expire:	604800
TTL:	3600
num Entries:	1

5. Url-Checks

show header:

Domainname	Http-Status	Sec.	G
• http://kstaw.esesja.pl/ 178.212.120.22	-14	10.027	T
Timeout - The operation has timed out

• https://kstaw.esesja.pl/ 178.212.120.22	404	2.433	N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Tue, 13 Aug 2019 20:08:22 GMT
Connection: close
Content-Length: 315

• http://kstaw.esesja.pl/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 178.212.120.22	-14	10.014	T
Timeout - The operation has timed out
Visible Content:

6. Comments (GZip / Html minfied / Cache-Control is beta)

A	name "kstaw.esesja.pl" is subdomain, public suffix is "pl", top-level-domain-type is "country-code", Country is Poland, tld-manager is "Research and Academic Computer Network"
A	good: All ip addresses are public addresses
A	good: No asked Authoritative Name Server had a timeout
A	DNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
A	Good: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
C	Error - no version with Http-Status 200
H	fatal error: No https - result with http-status 200, no encryption
M	https://kstaw.esesja.pl/ 178.212.120.22	404		Misconfiguration - main pages should never send http status 400 - 499
N	https://kstaw.esesja.pl/ 178.212.120.22	404		Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
A	Good: Nameserver supports TCP connections: 1 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 1 good Nameserver
X	Nameserver Timeout checking Echo Capitalization: h-dns.pl
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 1 good Nameserver
X	Nameserver Timeout checking EDNS512: h-dns.pl
	Nameserver doesn't pass all EDNS-Checks: h-dns.pl: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
	Nameserver doesn't pass all EDNS-Checks: ns10.az.pl: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (ns10.az.pl). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns10.az.pl: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
	Nameserver doesn't pass all EDNS-Checks: ns10.az.pl / 46.242.144.100: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (ns10.az.pl). COOKIE: ok. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns11.az.pl: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (ns11.az.pl). COOKIE: ok. CLIENTSUBNET: ok.
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	http://kstaw.esesja.pl/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 178.212.120.22	-14		Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
	https://kstaw.esesja.pl/ 178.212.120.22	404	2.433 seconds	Warning: 404 needs more then one second
A	Duration: 85796 milliseconds, 85.796 seconds

7. Connections (http/2- and additional Tls.1.0/1.1/1.2 checks are BETA)

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

kstaw.esesja.pl

178.212.120.22

443

Certificate/chain invalid and wrong name

Tls12

DiffieHellman

2048

Aes256

256

Sha384

error checking OCSP stapling

kstaw.esesja.pl

178.212.120.22

443

Certificate/chain invalid and wrong name

Tls12

DiffieHellman

2048

Aes256

256

Sha384

error checking OCSP stapling

no Tls.1.2
no Tls.1.1
no Tls.1.0

Self signed certificate

CN=SVR1

8. Certificates

CN=SVR1

27.07.2019

24.07.2029
expires in 3513 days

SVR1 - 1 entry

CN=SVR1

27.07.2019

24.07.2029
expires in 3513 days

SVR1 - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00FCADDD59C0E6CCAF
Thumbprint:	A86CD3E47D91B4DC7FD2FE35C132A4522B937F62
SHA256 / Certificate:	+HGwLloXCi3kfAbRelTsl/miCcG2bqdTZNOvZSo7ZJE=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	52ce5c7c7201ea508d3d04562d93f8be2be539ff598b146d34d497e2d146bf7b
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

9. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates

No CertSpotter - CT-Log entries found

2. Source crt.sh - old and new certificates, sometimes very slow (currently no newer certificates - read Crt.sh has stopped - Letsencrypt-forum - may work next week again - 2019-12-02 - but I must check the code).

No CRT - CT-Log entries found

10. Html-Content - Entries

Summary

							Subresource Integrity (SRI)
Domainname	HtmlElement	rel/property	∑	∑ size	∑ problems	∑ int.	∑ ext.	∑ Origin poss.	∑ SRI ParseErrors	∑ SRI valid	∑ SRI missing
https://kstaw.esesja.pl/ 178.212.120.22	meta	other	1		0

Details (GZip part is BETA, may be wrong / incomplete)

Domainname	Html-Element	name/equiv/ property/rel	href/src/content	∑	Status
https://kstaw.esesja.pl/ 178.212.120.22	meta	Content-Type	text/html; charset=us-ascii	1	ok

11. CAA - Entries

Domainname	Value	∑ Queries
kstaw.esesja.pl	no CAA entry found	1
esesja.pl	no CAA entry found	1
pl	no CAA entry found	1

12. TXT - Entries

Domainname	TXT Entry	Status	∑ Queries
esesja.pl	v=spf1 mx a ~all include:_spf.emaillabs.net.pl	ok	1
kstaw.esesja.pl	_acme-challenge.kstaw.esesja.pl=yKw3MspKKnvyCZboMMSSrfJqysb6bnb9pS3b0leCQDo	warning: _acme-challenge as TXTValue, not part of the domain name. Compare it with the output of https://check-your-website.server-daten.de/?q=server-daten.de#txt to see a correct TXT value.	1
_acme-challenge.kstaw.esesja.pl		Name Error - The domain name does not exist	1
_acme-challenge.kstaw.esesja.pl.esesja.pl		perhaps wrong	1
_acme-challenge.kstaw.esesja.pl.kstaw.esesja.pl		Name Error - The domain name does not exist	1

13. Portchecks (BETA)

Domain or IP	Port	Description
kstaw.esesja.pl	21	FTP

kstaw.esesja.pl	21	FTP
kstaw.esesja.pl	22	SSH

kstaw.esesja.pl	22	SSH
kstaw.esesja.pl	25	SMTP

kstaw.esesja.pl	25	SMTP
kstaw.esesja.pl	53	DNS

kstaw.esesja.pl	53	DNS
kstaw.esesja.pl	110	POP3

kstaw.esesja.pl	110	POP3
kstaw.esesja.pl	143	IMAP

kstaw.esesja.pl	143	IMAP
kstaw.esesja.pl	465	SMTP (encrypted)

kstaw.esesja.pl	465	SMTP (encrypted)
kstaw.esesja.pl	587	SMTP (encrypted, submission)

kstaw.esesja.pl	587	SMTP (encrypted, submission)
kstaw.esesja.pl	993	IMAP (encrypted)

kstaw.esesja.pl	993	IMAP (encrypted)
kstaw.esesja.pl	995	POP3 (encrypted)

kstaw.esesja.pl	995	POP3 (encrypted)
kstaw.esesja.pl	1433	MS SQL

kstaw.esesja.pl	1433	MS SQL
kstaw.esesja.pl	2082	cPanel (http)

kstaw.esesja.pl	2082	cPanel (http)
kstaw.esesja.pl	2083	cPanel (https)

kstaw.esesja.pl	2083	cPanel (https)
kstaw.esesja.pl	2086	WHM (http)

kstaw.esesja.pl	2086	WHM (http)
kstaw.esesja.pl	2087	WHM (https)

kstaw.esesja.pl	2087	WHM (https)
kstaw.esesja.pl	2089	cPanel Licensing

kstaw.esesja.pl	2089	cPanel Licensing
kstaw.esesja.pl	2095	cPanel Webmail (http)

kstaw.esesja.pl	2095	cPanel Webmail (http)
kstaw.esesja.pl	2096	cPanel Webmail (https)

kstaw.esesja.pl	2096	cPanel Webmail (https)
kstaw.esesja.pl	3306	mySql

kstaw.esesja.pl	3306	mySql
kstaw.esesja.pl	5224	Plesk Licensing

kstaw.esesja.pl	5224	Plesk Licensing
kstaw.esesja.pl	5432	PostgreSQL

kstaw.esesja.pl	5432	PostgreSQL
kstaw.esesja.pl	8080	Ookla Speedtest (http)

kstaw.esesja.pl	8080	Ookla Speedtest (http)
kstaw.esesja.pl	8080	Ookla Speedtest (https)

kstaw.esesja.pl	8080	Ookla Speedtest (https)
kstaw.esesja.pl	8083	VestaCP http

kstaw.esesja.pl	8083	VestaCP http
kstaw.esesja.pl	8083	VestaCP https

kstaw.esesja.pl	8083	VestaCP https
kstaw.esesja.pl	8443	Plesk Administration (https)

kstaw.esesja.pl	8443	Plesk Administration (https)
kstaw.esesja.pl	8447	Plesk Installer + Updates

kstaw.esesja.pl	8447	Plesk Installer + Updates
kstaw.esesja.pl	8880	Plesk Administration (http)

kstaw.esesja.pl	8880	Plesk Administration (http)
kstaw.esesja.pl	10000	Webmin (http)

kstaw.esesja.pl	10000	Webmin (http)
kstaw.esesja.pl	10000	Webmin (https)

kstaw.esesja.pl	10000	Webmin (https)
178.212.120.22	21	FTP

178.212.120.22	21	FTP
178.212.120.22	22	SSH

178.212.120.22	22	SSH
178.212.120.22	25	SMTP

178.212.120.22	25	SMTP
178.212.120.22	53	DNS

178.212.120.22	53	DNS
178.212.120.22	110	POP3

178.212.120.22	110	POP3
178.212.120.22	143	IMAP

178.212.120.22	143	IMAP
178.212.120.22	465	SMTP (encrypted)

178.212.120.22	465	SMTP (encrypted)
178.212.120.22	587	SMTP (encrypted, submission)

178.212.120.22	587	SMTP (encrypted, submission)
178.212.120.22	993	IMAP (encrypted)

178.212.120.22	993	IMAP (encrypted)
178.212.120.22	995	POP3 (encrypted)

178.212.120.22	995	POP3 (encrypted)
178.212.120.22	1433	MS SQL

178.212.120.22	1433	MS SQL
178.212.120.22	2082	cPanel (http)

178.212.120.22	2082	cPanel (http)
178.212.120.22	2083	cPanel (https)

178.212.120.22	2083	cPanel (https)
178.212.120.22	2086	WHM (http)

178.212.120.22	2086	WHM (http)
178.212.120.22	2087	WHM (https)

178.212.120.22	2087	WHM (https)
178.212.120.22	2089	cPanel Licensing

178.212.120.22	2089	cPanel Licensing
178.212.120.22	2095	cPanel Webmail (http)

178.212.120.22	2095	cPanel Webmail (http)
178.212.120.22	2096	cPanel Webmail (https)

178.212.120.22	2096	cPanel Webmail (https)
178.212.120.22	3306	mySql

178.212.120.22	3306	mySql
178.212.120.22	5224	Plesk Licensing

178.212.120.22	5224	Plesk Licensing
178.212.120.22	5432	PostgreSQL

178.212.120.22	5432	PostgreSQL
178.212.120.22	8080	Ookla Speedtest (http)

178.212.120.22	8080	Ookla Speedtest (http)
178.212.120.22	8080	Ookla Speedtest (https)

178.212.120.22	8080	Ookla Speedtest (https)
178.212.120.22	8083	VestaCP http

178.212.120.22	8083	VestaCP http
178.212.120.22	8083	VestaCP https

178.212.120.22	8083	VestaCP https
178.212.120.22	8443	Plesk Administration (https)

178.212.120.22	8443	Plesk Administration (https)
178.212.120.22	8447	Plesk Installer + Updates

178.212.120.22	8447	Plesk Installer + Updates
178.212.120.22	8880	Plesk Administration (http)

178.212.120.22	8880	Plesk Administration (http)
178.212.120.22	10000	Webmin (http)

178.212.120.22	10000	Webmin (http)
178.212.120.22	10000	Webmin (https)

178.212.120.22	10000	Webmin (https)

Permalink: https://check-your-website.server-daten.de/?i=c396e62f-e51f-4a38-b0e2-611e63f9dc7d

Last Result: https://check-your-website.server-daten.de/?q=kstaw.esesja.pl - 2019-08-13 22:07:14

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=kstaw.esesja.pl" target="_blank">Check this Site: kstaw.esesja.pl</a>