Check DNS, Urls + Redirects, Certificates and Content of your Website


Update: 2020-03-04 - now 90 days later. All affected Letsencrypt certificates should be renewed. Time to remove that Info.




I

Content problems - mixed content, missing files etc.

Checked:
17.03.2020 08:27:30


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
mail.grand-tek.com
A
211.72.171.75
Taipei/Taipei City/Taiwan (TW) - Chunghwa Telecom Co., Ltd.
No Hostname found
yes
1
0

AAAA

yes


www.mail.grand-tek.com

Name Error
yes
1
0


2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 33853, Flags 256



1 RRSIG RR to validate DNSKEY RR found



Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.04.2020, 00:00:00, Signature-Inception: 11.03.2020, 00:00:00, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



1 RRSIG RR to validate DS RR found



Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 30.03.2020, 05:00:00, Signature-Inception: 17.03.2020, 04:00:00, KeyTag 33853, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 33853 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 56311, Flags 256



1 RRSIG RR to validate DNSKEY RR found



Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 31.03.2020, 18:24:21, Signature-Inception: 16.03.2020, 18:19:21, KeyTag 30909, Signer-Name: com



Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 31.03.2020, 18:24:21, Signature-Inception: 16.03.2020, 18:19:21, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: grand-tek.com
grand-tek.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "vt2rlr470frv76m6cqf6vk7taot4k8ui" between the hashed NSEC3-owner "vt2rliq9eal09o3ineimspskipas64kr" and the hashed NextOwner "vt2rr7uehimmcq4up86su6cm6iegmup0". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 22.03.2020, 05:17:44, Signature-Inception: 15.03.2020, 04:07:44, KeyTag 56311, Signer-Name: com



0 DNSKEY RR found




Zone: mail.grand-tek.com
mail.grand-tek.com
0 DS RR in the parent zone found



0 DNSKEY RR found




Zone: www.mail.grand-tek.com
www.mail.grand-tek.com
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.mail.grand-tek.com
  ns9.worldnic.com

mail.grand-tek.com
  ns9.worldnic.com / worldnic
207.204.40.105
Ashburn/Virginia/United States (US) - Defense.Net, Inc

grand-tek.com
  ns10.worldnic.com / worldnic


  ns9.worldnic.com / worldnic

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


4. SOA-Entries


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1584430023
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:4


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1584430038
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:9


Domain:grand-tek.com
Zone-Name:
Primary:NS9.WORLDNIC.com
Mail:namehost.WORLDNIC.com
Serial:120021220
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:2


Domain:mail.grand-tek.com
Zone-Name:
Primary:NS9.WORLDNIC.com
Mail:namehost.WORLDNIC.com
Serial:120021220
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:1


Domain:www.mail.grand-tek.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

Startaddress: https://mail.grand-tek.com, address used: https://mail.grand-tek.com/, Screenshot created 2020-03-17 08:30:38 +00:0

Mobil (412px x 732px)

652 milliseconds

Screenshot mobile - https://mail.grand-tek.com/
Mobil + Landscape (732px x 412px)

666 milliseconds

Screenshot mobile landscape - https://mail.grand-tek.com/
Screen (1280px x 1680px)

3181 milliseconds

Screenshot Desktop - https://mail.grand-tek.com/

Mobile- and other Chrome-Checks

widthheight
visual Viewport412732
content Size608748

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

Chrome-Connection: secure. secure connection settings. The connection to this site is encrypted and authenticated using TLS 1.2, ECDHE_RSA with P-256, and AES_128_GCM.

Chrome-Resources : secure. all served securely. All resources on this page are served securely.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://mail.grand-tek.com/
211.72.171.75 GZip used - 721 / 1474 - 51.09 %
200

Html is minified: 174.44 %
0.470
H
small visible content (num chars: 114)
Web Station has been enabled. To finish setting up your website, please see the "Web Service" section of DSM Help.
Server: nginx
Date: Tue, 17 Mar 2020 07:29:10 GMT
Content-Type: text/html
Content-Length: 721
Connection: close
Last-Modified: Mon, 27 Nov 2017 06:21:21 GMT
ETag: "5c2-55ef0e9364c09"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

• https://mail.grand-tek.com/
211.72.171.75 GZip used - 721 / 1474 - 51.09 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 1/610
200

Html is minified: 174.44 %
6.047
I
small visible content (num chars: 114)
Web Station has been enabled. To finish setting up your website, please see the "Web Service" section of DSM Help.
Server: nginx
Date: Tue, 17 Mar 2020 07:29:11 GMT
Content-Type: text/html
Content-Length: 721
Connection: close
Last-Modified: Mon, 27 Nov 2017 06:21:21 GMT
ETag: "5c2-55ef0e9364c09"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip

• http://mail.grand-tek.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
211.72.171.75 GZip used - 8446 / 11939 - 29.26 %
Inline-JavaScript (∑/total): 1/2229 Inline-CSS (∑/total): 1/160
404

Html is minified: 125.83 %
0.546
A
Not Found
Visible Content: © 2019 Synology Inc.
Info: Html-Content with meta and/or script, may be a problem creating a Letsencrypt certificate using http-01 validation
<!DOCTYPE html> <html> <head> <meta charset="utf-8"> <style>body{font-family:Arial,Helvetica,sans-serif;font-size:12px;text-align:center}h1{color:#06C;font-size:25px;line-height:60px;margin-top:56px}img{margin-top:40px} </style> </head> <body> <img src="data:image/jpg;base64,/9j/4AAQSkZJRgABAQEASABIAAD/2wBDAAEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQEBAQECAQEB AQEBAgICAgICAgICAgICAgICAgICAgICAgICAgICAgL/2wBDAQEBAQEBAQICAgICAgICAgICAgIC AgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgICAgL/wAARCAAzAMgDAREA AhEBAxEB/8QAHwAAAgIDAAMBAQAAAAAAAAAAAAkICgEGBwQFCwMC/8QARBAAAAYCAAUCBQIDAwYP AAAAAQIDBAUGBwgACRESExQhChUiMUEWMiNCURckYRhDUnGBkRozNDY5U2JydHZ4sbW2wf/EABgB AQEBAQEAAAAAAAAAAAAAAAADAgQB/8QAKREBAAICAgEDAwMFAAAAAAAAAAECAxESMSETImEyUYFB caEjM2LB0f/aAAwDAQACEQMRAD8Au+532JoOAIVo+tSrqRm5fzhXqpDgkpMy5mwfxl/4xipt2qYi UqrlYwEATAUgKKCBB3SlrvJnRdczzLshKujjA42pcax7xFAk1LzMq7FPr9IKLsgaJ93T79CdAH+v FfQj7szds9N5lsj61BPIWMmgxihilXkqVLrnetSCP1LkhpoO1boH8hXaZh/l6j7CnB8vIuZ5SbvV 8iViKuNOlkJmvzLf1DJ6h3FH6TCmu2coqdDpLJHAU1kVAKomoUSnABDiExMSo2zjwHAHAHAHAHAH AHAY4Ch18VDl7m7as47olpNvBV69rVn7ImQ8XpYg1yxvLYcsNeiEY5WYq7C7ZRfy8vOWE8hDEWJK C2dQMcR4koRGKUQWKcgWeOSEoqtyiuXYqsodVQ+qWJxOoocxzmH9Pk9zGN7j/v4Bp3AHAHAHAHAH AHAHAY4CL0RufrNP31xjaHyzWpGzNZlauLJtXPmYEn0HJGakYo/J1IT+Mokim5U7WSzhVFsi6UcL JpGBTm78tMyeyN+SkhUEINrXYiDbqmN40YkIFGRS8IG/aVVdwsqbp+45xH8B07MP9tK/ZiOsWGtW bHjCtSMFX6ffp9eFYLW15ZEmc7Yms8q2AZVk+jX3cLEE1hOmkkRJNPxgUxRV6+U8Mlr8v+NViJhy 7arSVGSCAsuvtIatZZZ+owtFVjH7CJiVWKqBlms8ybyqySCCiSpfCumgYoKkVIfxdyRzG1jy/d5a v2eswBLXbSqp2pTYGtTsRR7XYYcawpX14q1gys6rFwWWSdNYpyb0xXSLdAxTn+lRRES/vH6vcmsk +3zP+nse2PKbuFtkMa56WsLWirzRXdaTjlpFpOxYxTgzaTFUjZ00IJz+RMDInIcfbsN2gP7g4jal q9tRMS7LPTcfWoSXsUuuDaKgox/MSbgf8ywjWpnbpQA/IgQgiAfn7cZeobRnMAwRMrenjmmQ3CwM X8mchagYBTYxcepKSDlTq4+kqSCRzmEft06ffpxX0bs84bhjrc3CWTZaUioV/PRPyWtyNrlJS0xB YKFYQsWqki7cupBdYxSdBWJ0AQ9/f8+3GbY7xH8PYtEucT/MUwVFSarGLj71aGqJzEGYiYJs1jlu 03TyNAmnLVc5BD3AwolAwfbrxv0L/DPOEjsP5+xlnJi8c0KbO4exYJGloCTaqRc/FpuBEG6zqOX6 9yRxAQKuidVETB2+Tu9uJ2pNWomJfplfPmLMKtUFb7ZkGD94kZaOr7FFWUsckkU3YKzWIZAZQEuv UPOr40O4BL5evtwrS1uiZ0i4TmQ4TM88J6zkpJmKnb64YSGOAE/CpmqcgKn+wAE3+HFPQv8ADznC W+L8yY4zHEqy+PrMzm02okJIsO1VlMxCqhe4qMrEPAIuj1/lMYnjU6D4znAOvE7Vms+XsTEqgvxt aaY6L6jKiQoqk2ycJkU/mKmrh+fMoQB/oYSFEf8Auhxl6f1yPv8AohuXV/6UcT//AF8nAbhuXzYt HtFrTAYzzVlR5MZytxWxqhrth6pWTMWebKD1EzhidpjahoO3bVNwmQ52y8l6Fu4ApvAqp0HgIP1r 4lflplyfD4izupsppjcLB4xhy7ha73TDUS5SXOKbZ48lT+vTYNDiHT10l6Nin/nnKXv0B9cHOQtm homx1uXi7BXp6NZTEHPQcg0lYaaiJJsV5HSsTKMDqIOGzhE5FUF0TnSVTMU5DGKIDwCwtjucdpZr vm//ACXGErlLZTagiK7h/rZqNiqz5/y1AoNU0lnR7WwqpQjYgyRF0lFUJSTZuUklCLKIlSOU4hxX H/xB/Lhm8tSGBc42zK2j2aY5qD1bHW8uJrBrvIi2MBhRWGwTpnEIkCwFEWoryiIPQD+5eoH24CXC XNU5eMvD2uUoe22G8xyFNrEjcpekYHtTXOeUXVchxIaYka5irFHzexS3pEzedynGRrtVBsRVyomV BFVQgQD/AOFBck31fy8duJYJEHPohjh152SCR9aCvgFl6D9J+Xzd/wBHi7fJ3/R293twDn8E5xpW xeNYTLGPGV+YVOwKv0oxDJuLsi4dtpgjnhmKy7uh5UjIiabJKGIJm6rhgkRykJVkBOkYpxBdG4nO v5cWmd7seDtrMvZJwxbVGz2LbuZjXPYs9dsKTiIQcPH2Pr7FVZxCzhGpHqALrxD56m1cHBBcU1gE nAQKwJpDkjYhzBZ5osu8UxVl6+5ykUnd/rtyxpR4jDmTcIs9cmeWMf4PvcbD3aEyezZQaoM2k4xL VHbGdkHhF3AJwEmAN+251GXzWs1vlDdR8bkONjyxr5jJHM2irbFNjGVZILPEym9O8biYxUFzEMmd M/hW7SkTUTrjyce2bV2UbZ8VZgxRImc2KlXanPWinQk+xbSBGn8MegHaWeBMdAS/nqDgP9XHTFqW /WEpiYdIoG4uwFEVRFnfXFtjERTA8NdiFsbRVJP2FAJM4kfJf6yOvb/RH7cZtipL3nYyBjkStbwa 75DqzSNCDyBGxaarmuLLFdjH2dmAydZloh2YCisydOEBRBQSlUT6rN1S9QAykNeldvfKC8tLsgKY 92BqpHpzs466Fc0GcbqiCfhdSZwUiPMJ+nQUpFFFIev7QUP/AI8XyxujFezJN/shfpDBi9ZbLdkr kmWa1lMgCIH+TNh+a2FUOn8oopFbm/8AEgH54hhjd/2Uv0X9rNjsz3FmzGV3bcBbQOKbZSoBRQnU oycvCHfTy6I/gyTYrZER+/RycP68VyT7oj5if5YrHiUf8LY5fZcyTVMbs5FWLTtLg6Mu+T+szeCi 2ppmUW9OIgRYxSN+qKanVP1HiMb9vFL2412zEbk1XJ+huF2OLrGtT2k7FW6vV+TmIyfdT0hJKSb2 LZGeFbTTFwb0x01/GKZvCiiKXf3pdO0CjzxmttThBZutWTS4pyxXr4sooSObQtoRlWpDmKEkyXrT h21jFRD2HveJNezr+xQCm6e3F7051TidS8apQV62ezS0YyEr5rbkCUcv5qbeAZdCFiWaJnz46Dfq H92Yty+Bm1IYhevhS6h3GNwnWOr2N2k0p/y6MKq1o0bHS11ZWUrYARta0yV4Yz8qfsu6gzJlaGRE 3uZFMqRu36SrFH6uOf1rqcI0VlDzl61izO6cIOAQs2PbAvETzZqdQI2ywyCxTPY5UpugqNXzUSrI d4d6Jzoqh0VTAeOjxkqn9Ml4fGnS7OwcvnTKejjCdhN7QtJdic3QDGaSOE5942MYA/PYcOvHFrUr J/YW3fY8uv4YvXbbIzdlI2XHukGJY7GsLIdxmc3la6sWtNxyxeoE+pRqnKPW7t+QnQwxzZ2JTF6d wBDr4RbA6OTMK7M80DOT5fKu2Gyuf7lTXuXLl2zFvZVCrR0fJT6UZJOQEWnziYkHIvitQRTO1jYt oVMjdkkmAPN5x/LjxvzMNG8u4XslZinmVq/VbDd9drsoxRUsFGy/BRR39dLFyXsqmymFEixEw3A3 jcsHRzCQXKDVVEKJvI650mx2s+hnMk1LNYJGUm8G6o5L2A1GkJ7zPX2JbXHzDGl3itMSPO4RYtVp 1taGMcYAbs3kbLj2CR+oUgOQ+Cmp9anMB70bBznSxZwu2wsDT7bd5tQ8tcHtaY0xC7Jesnn4qOTB Iy8xIu3phU7nrpBJZyKqiCRiBvXxpWtdFtekOBdqPlEehlDEGeYnFxLEm2STk5DHOUazLSUhX3rw vQ6yLaViWLpqkfvBudd6ZEE/VOBUCVXwyWq+md05fuou88HqfiCibXR9ZyXjKbzJXIBdrZp1WpW2 WxZI2oiyqx00nszEtiBKrIppis5cPwT8aC4pcAgz4qjQl1ovu3gDmq65VWPg61lLJlasOQGjSOIN cgdqMZyyV5hLG+YJFKkRO2s2Pq3CYF/vMpETLxcwrSHuF+DSfa7Hu8WqmDNrcYLkNU80UGJtRY4H CbpxWLAJRj7hTJJVL29XCyyLyLdfjztDmL9IgPAIL2RhYfmg/EJ6966Lx0faddeUHjVzsZmzzoNJ GGmNlssGj3mMaHI+UqiRzMSNIGX8BgED/LptouUDE6AFprgE55I3wz3Tr3ZqivXcfsDVGzuol+ih FTbpw8aR7z6vGs8e9AM5b9DJnAnQPIUwAIcdMYa6/VLnJslPtlev9WhrbWnyErA2GORfM10zkVKK ThPqo2cEAR7VUx6pLJG+pNQpkzgBgEOOaY1KvaBu+eMsNxmKXt2PCQNayIEtEtKy/h2jaNkbE5cP yBJRb9uzAgOkwaCuudRQhzNxSKcqhQEQPfDa3LSd4jSK/LtVkSZ8lE2fk9Cvjub+cATr4gSRlmIs DK/j/jR6E6/6Rv8AHjef6fyU7c23Bx46xPn+xqxAGYMLM4b5GqjhMPEVq7kHYryBGol/aLaTSVOA B7lIol9gEA41jnlRm3iX97ZZ3Lm6foD9ir3xtex1DKO2iHf40bjYUCyFrblTH+ZAxEGnt9xTHp9+ GOnCPyWnZkcfjT+yjRi1VZdEEZhbE9rsFk9hKc1hsEOrJSCaoD+UO8rUP+ygUOOflyy/mFNaqXlo aUptlqcIh7p125HKP9DDAmJ1/wBwjxfN9DFOzxr7/wAxrp/5TsX/AMOtxyx2pPSsPWod7PrM4qOS FV4tGvHSSRQExjki4dWWcFIUPuPiQP0D88d8+JQSo0ctERWti6mtLuUWrWxQ0/WWLpwYCpElZVBN zFo+Q32FwdD05Oo+6ipCfzcTy/Q3X6j++ONVXE2ls0Xcc95YnYJVJ7HKz4RjJy0EFUX6kHFN4Fdd son1BQqi7c/YcvUDh2iXqAhx3Y41SEJ7Ky+MQhHlb5YOgdfkAUK/hs/VuNekV6+RN20wHNouEj9f yU4CX/ZxxWndpXhqPMco1puPweGmsnW2bp40x5jrTi824jQiqpkasVUagq8WTS+6ST6XYqKiIdqZ QFU3QCdweCYfwZGZIC58tHKmHkHKf6pwps1bHMvH95POlXcm1aKn6zJmRAe4E13TSXRIYegGOzVA P2CPAW8+A+WH8PzqPXNxOcTubQ7FBuZnXpXD+6lXyl8vORBsrSMvTa+KYWMaSBCmIg7UGW9bHqEK YSKRwrpl/gcAxjk9Qe2vJj313nwbgDFWQOaNovEWepU7NWQdQ4hpY7VjLJMQL51T26desLiPYyFv iY9y6YXWsw0i8SaeoYLKSiazZBkqDC+bBjLmHc/ZphXUHBGnGbNMNTKrk2MyrmXYndiGrmNJ+Vlo uGcwEIyp2GoeVkZp4hHtpORXKmYUTScgdqkueHatVHi4WftNNU8Z6P6v4W1TxAk7CgYVpbOqRT2S 8XzafkDuFJazWyb9OBU/XS8o4eSbzxlKkDh2oVIhEgIUA5PzNtIKjzE9Ic9an2krFu+yHUXDnHth ep9wU7K1bN89xxaiKFAVCEbSiKBHnj6GXjlnjQR7HBymCjr8NhzYkuW9W9/dHNynK9Qj8AVfMew1 BrNkfpMJGLynhxkpFZnwZFlciIGkJlRm1cxbNEe0z9nKHIVRV6HAWe/h09drzStMbVuZnVAT7Mcz DK9l3Eys/cpqFeNqzdn67nElZIKwAcrNGKXPLtEB6+l+eqtw/Z2gFgPgF1be6dSmU5c2TsYCwLdD tEG1lrb1crFta02KfhYyDB+p/DQfppAVEwLdqDlIifcokol3K1x5ePiembV2XJH1naTDy7pnCQea qIK6pzOka+zsRYx2oA9DLiMOCzJbr/1he4Tew93HTulvsn7vl+yeItnszTLZ5IVDJ9qkVOjdObvP zNkyZpnH6g+a2oySSSfsAmBL3EA/YYenGeVKQatJueqGsyGAK3IvJp40mMhWsrb9QSDIDDHxbBoJ jsq9EKKgU50kzHOosuYpBcLD17CJppAHPkvzlSsacq5imO289imGyGgVEknj2bRScHMZNI7mvWZZ OMeNimN7nMRz6RYhA6j0Kr0D3HjWGfdr7vL9Fuat42/tSzlR68uj54aLfjbrGUxRMiMPWzle+Bbp +HLr0zboP3BUf6cXyW41/hisbk9fO8TJzuF8pQ0KwdSsvKUSzMY2NYpCs8fPXMUok3atkQ/cc5hA pQ/Ijxx18Wj91Z6Kz0xwxlym5+rM/bca3GtwbaBtSDiWmIg7Riis6iPE2SVXMYehlDfSUPyPHRlt Wa9sVidm/XRs4eU62NGiCjl26rU62atkS96zhwvFqpIIJF/JjmEClD8iPHPHbc9Ef604FzPXs2Yn l7Nie7REFGzpTzEhKwZ0Y9o0PBuWypnxziIAQROBB6gID3dB+/HVlvWaz5hOsTtvGwGid+qc9J2H D8WrcKS9dqyDSvxy5E7TVRUU8/y5q1WMT1jZI3/JVED+qTIBUzpGEgLHzTNEx5JrMOUObjulLxJ8 eulc5u2CiAxysT+l5lKTXaiXwmZOZxNkV6dMS/QbyOh7i+xzCHXjX9H/ABee/wCUktW9HLKnY4fI OaYxKEi4Fy3k6/Q1VUHcjJSTUwLMXtlK2E6SDdA4FVIz7zqqqlL6gE0yCkrjJljqGq1V7fiiWO3X MapuG9YdTOX1u9emmD81XK6X7KEjgifgqFMPoyCc0WBaY6euDGWmWrkHL158yIigzFv6MWyjkXCo NudQ0jlESM7mXluYp5Xu7uh22mH5SA1ssGB8pK5ewvMweFLlSYxieuoOoHKSahkUH76OcoKNmy6b SSbyKDhRqByNkXigV5cMaSc0j4ZvfS55mwVgDJW+GgmTETVa8mw5DPLLb57F6cqMnWHdwqVdQcvI K4VlRQwoSBmClfkE1nzVJ62SlFgjwffmHnVbB7cYZseIuV5y5t8Z/ZTKFbe1GKyJsPhL+wHCevzq yNxiHd2uORLVImj3MhEFWUdMY9ut4HDhAp1HB00xauA99y5OSHfeWrywNocL4cyjW0uYXtBim5nt GwKHr2tdq2TXFKfxGNKvVpZRL1yUNXHL1wolKnQB4tJPH0yLRMvpY9qFQrlsbifEH8ufB1+xfqBq TLbDa8RWcsoIPLPF662vYihr5Sg5JKo5Ge0nLWFnSRZtkZ3GlJ61GRk45RVFT0a4dFSgE+2PxMvx BVPVP/aByva29RRMJnJX+pO3dTVTSKr2nDzmnTlJ0/b3GIYAH7gPAWCOSh8QRU+aZer3rdlzCEnr LtrjmsL3N3RVpN9LVW8VRg/QjpuQrak21ZSUe/jlHbIzyIfoqn9M5I7avXRE3ZWoWPOA+e7ztOTx Qti/iF9P8e4ukGLZPfKKY5c2bpkMRVKTo1axHICyyllFYE+1JsjZ4KMVSYn7gM4szORUV6qPCd4f QNgoSIrMJD1uvxzSHga/Fx8JCRDBEjZhFREU0IwjY1k3T6FIigimRJMgexSFAA9g4D2vAHAY4DPA chzxkCYxViS65Dgo+NlJKqRreTTYSyjhJi4QCSRbvgXVaiBy9qB1DlMA+xih1AQ6hx7WOVnkzqCS M9ba37PsbF12bZQVZrUe+TkfkUCs7dGlpVIgpM3Mi7dj3Kgl3GFFummQveIHN5DlJ2ddcVaSlNpk wnQPB0xQKnOZHt0W4ibFfis2sNHP0Dt5GOp7ATOG6rtsp0Okd+uYVxSOAHBFJsJwAwiUI5b8pbrG jDOItscBngDgMcBngDgMcAcBngDgKv8A8WJtPtLrTy1kozW+NtERBZyyElijO+Xqqk9F7jjF0pBu F3EIaRYB3xhbS5KnDKSZzETBqZ1GFOV1KNTAGx8o/no8n6y6d66YUgM9Yy1NsuJsT0bHMrhTNsq1 xf8AIpqt19vHy60JcrCDaDm0Xzwq7sr5s/O9dnWO4kGzZ4qqkANIyJzdeV3iuvuLNdd/tTWUY3QM 48cPm+iW6adkKQVO2MrNPeP5J4oIAIgk0aLKm+xSDwCzdNRiuYHzIrHzpYfGMvhfUDDWqs9r3rtk DIFRXpORdqjy0+par7sO/gXKZH6FOiY0h4itjIpi6kQWVeJ+DwqskA4xTvjEOUjYrRdIKwI7L0GF rh5L9NXSfxGylITIKLApvTmgo+pS8jKM1Hgl/upJdhHlADk9Wo0N3kIHROSBU8k7tbL7bc8jO1Cm 8fpbQs4jBej9DtzdIlgpWoFCcprBYzFKBik/U79szcmVRP4nDppKPWh14yTZrKBZq4A4A4A4A4Dw 37BjJs3LCSZtZBg7SMi6ZPm6Ttm5RMH1JOGzgDEOUfyUxRAeA1CMxhjWEekkobHlHiZEinkI/jan AsXhFA9wOR02QKcB/wAQHrx7uTUN6D/9H/348GeAOAOAOAOAOAOAOAOAOAOA9JZK1XLlAS9Vt9fh LVV7AwcxU9W7JFMZyAm4t4n4ncbLw8mRVu5QVKIlURWTOmcoiBiiHAUqOdbyaOWTitzWrhjDUyl4 5mbK9OrLkollyRUoJYyzkveDWpwE03impfqHoRqyRIUPYpQAA4CVHJW5NXLEe40i81T+nuNLrkiI lmzuNmsju7jkxgzdIJkXQcpVXIEnJRHeQ/1kOLATEMAGKICAdAteFYMU2IRZGbQkYRn6AkcVuiVg RiVAG5WRWgB4wSBP6AT7ezs+np09uAp44a5MnLCfc5jOVNf6g48kKNUYFvkCu4/kZa9v8eRtneM2 cqusWgPJY8Moz86qgkilmSkUkQ3hSZERAqYBcPj2DGJZMoqLZNI2MjWjePjo1g3RZsI9gyQK3Zsm TNuBU0kkkylImmQpSEIAFKAAABwHm8AcB//Z "/> <h1 id="a"></h1> <hr> <p>&copy; 2019 <a href="http://www.synology.com">Synology Inc.</a></p> </body> <script type ="text/javascript"> /* Copyright (c) 2019 Synology Inc. All rights reserved. */ (function(){var a={en:"Sorry, the page you are looking for is not found.",zh:"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9875\u9762\u4e0d\u5b58\u5728\u3002",it:"La pagina richiesta non \u00e8 stata trovata.","zh-HK":"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9801\u9762\u4e0d\u5b58\u5728\u3002",cs:"Hledan\u00e1 str\u00e1nka nebyla nalezena.",es:"Lo sentimos, no se encuentra la p\u00e1gina que est\u00e1 buscando.",ru:"\u0418\u0437\u0432\u0438\u043d\u0438\u0442\u0435, \u0438\u0441\u043a\u043e\u043c\u0430\u044f \u0432\u0430\u043c\u0438 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0430 \u043d\u0435 \u043d\u0430\u0439\u0434\u0435\u043d\u0430.",nl:"Sorry, de pagina die u zoekt kan niet weergegeven worden.",pt:"Desculpe, a p\u00e1gina que procura n\u00e3o foi encontrada.",no:"Beklager, siden du leter etter finnes ikke.",nb:"Beklager, siden du leter etter finnes ikke.",tr:"\u00dczg\u00fcn\u00fcz, arad\u0131\u011f\u0131n\u0131z sayfa bulunamad\u0131.",pl:"Przepraszamy, nie znaleziono strony, kt\u00f3rej szukasz.",fr:"D\u00e9sol\u00e9, la page que vous recherchez est introuvable.",de:"Es tut uns Leid, die von Ihnen gesuchte Seite konnte nicht gefunden werden.",da:"Desv\u00e6rre, den side, du leder efter, kunne ikke findes.","pt-BR":"Desculpe, a p\u00e1gina que procura n\u00e3o foi encontrada.","zh-MO":"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9801\u9762\u4e0d\u5b58\u5728\u3002",hu:"Eln\u00e9z\u00e9st, a keresett oldal nem tal\u00e1lhat\u00f3.",ja:"\u7533\u3057\u8a33\u3042\u308a\u307e\u305b\u3093\u304c\u3001\u635c\u3057\u3066\u3044\u308b\u30da\u30fc\u30b8\u304c\u898b\u3064\u304b\u308a\u307e\u305b\u3093",nn:"Beklager, siden du leter etter finnes ikke.","zh-TW":"\u62b1\u6b49\uff0c\u60a8\u6240\u6307\u5b9a\u7684\u9801\u9762\u4e0d\u5b58\u5728\u3002",ko:"\uc8c4\uc1a1\ud569\ub2c8\ub2e4. \ucc3e\uace0\uc790 \ud558\ub294 \ud398\uc774\uc9c0\ub97c \ubc1c\uacac\ud558\uc9c0 \ubabb\ud588\uc2b5\ub2c8\ub2e4.",sv:"Sidan du s\u00f6ker hittades inte."};var b=window.navigator.browserLanguage||window.navigator.language;if(-1==["zh-TW","zh-MO","zh-HK","pt-BR"].indexOf(b)){b=b.split("-",1)}document.getElementById("a").innerHTML=a[b]||a.en})(); </script> </html>
Server: nginx
Date: Tue, 17 Mar 2020 07:29:16 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: close
Vary: Accept-Encoding
ETag: W/"5cd4aead-2ea3"
Content-Encoding: gzip

7. Comments


1. General Results, most used to calculate the result

Aname "mail.grand-tek.com" is subdomain, public suffix is "com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
Agood: one preferred version: non-www is preferred
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (3 urls)
http://mail.grand-tek.com/ 211.72.171.75


Url with incomplete Content-Type - header - missing charset
https://mail.grand-tek.com/ 211.72.171.75


Url with incomplete Content-Type - header - missing charset
http://mail.grand-tek.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 211.72.171.75


Url with incomplete Content-Type - header - missing charset
Bhttps://mail.grand-tek.com/ 211.72.171.75
200

Missing HSTS-Header
CError - more then one version with Http-Status 200. After all redirects, all users (and search engines) should see the same https url: Non-www or www, but not both with http status 200.
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Ihttps://mail.grand-tek.com/ 211.72.171.75
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
N211.72.171.75:465


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N211.72.171.75:993


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N211.72.171.75:995


Error - Certificate isn't trusted, RemoteCertificateNameMismatch

2. DNS- and NameServer - Checks

AGood: Nameserver supports TCP connections: 1 good Nameserver
AGood: Nameserver supports Echo Capitalization: 1 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 1 good Nameserver
Nameserver doesn't pass all EDNS-Checks: ns10.worldnic.com: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (worldnic). COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns9.worldnic.com: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (worldnic). COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: ns9.worldnic.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns9.worldnic.com / 207.204.40.105: OP100: ok. FLAGS: ok. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found, no OPT100 expected, no OPT100 found. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: ok. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: ok (worldnic). COOKIE: ok. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 supports GZip.
https://mail.grand-tek.com/ 211.72.171.75
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://mail.grand-tek.com/ 211.72.171.75
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://mail.grand-tek.com/ 211.72.171.75
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
AGood: All CSS / JavaScript files are sent with GZip. That reduces the content of the files. 4 external CSS / JavaScript files found
AGood: All images with internal compression not sent via GZip. Images (.png, .jpg) are already compressed, so an additional GZip isn't helpful. 1 images (type image/png, image/jpg) found without additional GZip. Not required because these images are already compressed
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 4 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 4 complete.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 2 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 2 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 2 img-elements without alt-attribute, 0 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 192334 milliseconds, 192.334 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
mail.grand-tek.com
211.72.171.75
443
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
mail.grand-tek.com
211.72.171.75
443
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
Tls.1.1
Tls.1.0
no http/2 via ALPN
Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


mail.grand-tek.com
mail.grand-tek.com
465
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
error checking OCSP stapling
ok

mail.grand-tek.com
mail.grand-tek.com
465
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


mail.grand-tek.com
mail.grand-tek.com
993
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

mail.grand-tek.com
mail.grand-tek.com
993
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


mail.grand-tek.com
mail.grand-tek.com
995
ok
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

mail.grand-tek.com
mail.grand-tek.com
995
ok
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


211.72.171.75
211.72.171.75
465
name does not match
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
error checking OCSP stapling
ok

211.72.171.75
211.72.171.75
465
name does not match
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


211.72.171.75
211.72.171.75
993
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

211.72.171.75
211.72.171.75
993
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


211.72.171.75
211.72.171.75
995
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok

211.72.171.75
211.72.171.75
995
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
error checking OCSP stapling
ok
 
Tls.1.2
Tls.1.1
Tls.1.0

Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=mail.grand-tek.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


9. Certificates

1.
1.
CN=mail.grand-tek.com
17.03.2020
15.06.2020
expires in 11 days
mail.grand-tek.com - 1 entry
1.
1.
CN=mail.grand-tek.com
17.03.2020

15.06.2020
expires in 11 days
mail.grand-tek.com - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:03FEA5A5FE9C8F7F42A014AF5955D224C94A
Thumbprint:778A0BCBE11FEEFBDF45DDF18FC4BADC581672AA
SHA256 / Certificate:CM0yu1+aEKcBeXEou4GblToopA7783ENYehVTesxVnc=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):d7c4d39dc491d23b506319b874c79f1a419291b46accba41d149a15ca95afc75
SHA256 hex / Subject Public Key Information (SPKI):d9800001cc600d4bf0cb54729658d3c24dd663523fe65b8e3e1f1f2f286e69ae
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.int-x3.letsencrypt.org
OCSP - must staple:no
Certificate Transparency:yes


2.
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
17.03.2016
17.03.2021
expires in 286 days


2.
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
17.03.2016

17.03.2021
expires in 286 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0A0141420000015385736A0B85ECA708
Thumbprint:E6A3B45B062D509B3382282D196EFE97D5956CCB
SHA256 / Certificate:JYR9Zo608E/dQLErawdAxWfafQJDCOtsLJb+QdneIY0=
SHA256 hex / Cert (DANE * 0 1):25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
SHA256 hex / PublicKey (DANE * 1 1):60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18
SHA256 hex / Subject Public Key Information (SPKI):cbb93d32de628874a3ecfb92affadc97f1b795f84cc6f24221a089dee1aa25ad
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://isrg.trustid.ocsp.identrust.com
OCSP - must staple:no
Certificate Transparency:no


3.
CN=DST Root CA X3, O=Digital Signature Trust Co.
30.09.2000
30.09.2021
expires in 483 days


3.
CN=DST Root CA X3, O=Digital Signature Trust Co.
30.09.2000

30.09.2021
expires in 483 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:44AFB080D6A327BA893039862EF8406B
Thumbprint:DAC9024F54D8F6DF94935FB1732638CA6AD77C13
SHA256 / Certificate:BocmAzGnJAPZCfEF5pvPDTLhvSST/8bZIG0RvNZ3Bzk=
SHA256 hex / Cert (DANE * 0 1):0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739
SHA256 hex / PublicKey (DANE * 1 1):563b3caf8cfef34c2335caf560a7a95906e8488462eb75ac59784830df9e5b2b
SHA256 hex / Subject Public Key Information (SPKI):29cc40db5e2de462a311cbbafaa1dc466960002335ecdf3317f2cd05c1d0bedf
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0 /0 new
0
2

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
2252039722
leaf cert
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-12-17 09:13:33
2020-03-16 09:13:33
grand-tek.com, mail.grand-tek.com
2 entries


2007666264
leaf cert
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-10-17 02:33:10
2020-01-15 03:33:10
grand-tek.com, mail.grand-tek.com
2 entries



11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://mail.grand-tek.com/
211.72.171.75
img

1
66,279 Bytes
0
1
0
0
0
0


link
stylesheet
2
3,108 Bytes
2
2
0
0
0
0


meta
other
3

0


0
0
0


script

2
3,108 Bytes
2
2
0
0
0
0


style

1
164,685 Bytes
0
1
0
0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://mail.grand-tek.com/
211.72.171.75
img
src
web_images/icon.png
200

1
ok
no alt-Attributeimage/png

No Cache-Control header
No GZip - 66279 Bytes






link
stylesheet
../help.css
404
Not Found
1
missing file
text/html

1554 Bytes






link
stylesheet
../scrollbar/flexcroll.css
404
Not Found
1
missing file
text/html

1554 Bytes






meta
Content-Type
text/html; charset=UTF-8


2
ok








meta
X-UA-Compatible
IE=edge,chrome=1


1
ok








script
src
../scrollbar/flexcroll.js
404
Not Found
1
missing file
Missing defer / async attribute. text/html

1554 Bytes






script
src
../scrollbar/initFlexcroll.js
404
Not Found
1
missing file
Missing defer / async attribute. text/html

1554 Bytes






style

web_images/bg.png
200

1
ok
image/png

No Cache-Control header
No GZip - 164685 Bytes






12. Nameserver - IP-Adresses (alpha)

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

No NameServer - IP address informations found. The feature is new (2020-05-07), so recheck this domain.


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
mail.grand-tek.com
0

no CAA entry found
1
0
grand-tek.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
grand-tek.com
v=spf1 mx ip4:211.72.171.76 ip4:60.251.151.168 ip4:211.72.171.75 ip4:211.72.171.77 -all
ok
1
0
mail.grand-tek.com

ok
1
0
_acme-challenge.mail.grand-tek.com

Name Error - The domain name does not exist
1
0
_acme-challenge.mail.grand-tek.com.grand-tek.com

Name Error - The domain name does not exist
1
0
_acme-challenge.mail.grand-tek.com.mail.grand-tek.com

Name Error - The domain name does not exist
1
0


15. Portchecks

Domain or IPPortDescriptionResultAnswer
mail.grand-tek.com
21
FTP



mail.grand-tek.com
21
FTP



mail.grand-tek.com
22
SSH



mail.grand-tek.com
22
SSH



mail.grand-tek.com
25
SMTP
open
220 grand-tek.com ESMTP Postfix

mail.grand-tek.com
25
SMTP
open
220 grand-tek.com ESMTP Postfix

mail.grand-tek.com
53
DNS



mail.grand-tek.com
53
DNS



mail.grand-tek.com
110
POP3
open
+OK Dovecot ready.

mail.grand-tek.com
110
POP3
open
+OK Dovecot ready.

mail.grand-tek.com
143
IMAP
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

mail.grand-tek.com
143
IMAP
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

mail.grand-tek.com
465
SMTP (encrypted)
open
220 grand-tek.com ESMTP Postfix
Mail certificate is valid
mail.grand-tek.com
465
SMTP (encrypted)
open
220 grand-tek.com ESMTP Postfix
Mail certificate is valid
mail.grand-tek.com
587
SMTP (encrypted, submission)
open
220 grand-tek.com ESMTP Postfix

mail.grand-tek.com
587
SMTP (encrypted, submission)
open
220 grand-tek.com ESMTP Postfix

mail.grand-tek.com
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
Mail certificate is valid
mail.grand-tek.com
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
Mail certificate is valid
mail.grand-tek.com
995
POP3 (encrypted)
open
+OK Dovecot ready.
Mail certificate is valid
mail.grand-tek.com
995
POP3 (encrypted)
open
+OK Dovecot ready.
Mail certificate is valid
mail.grand-tek.com
1433
MS SQL



mail.grand-tek.com
1433
MS SQL



mail.grand-tek.com
2082
cPanel (http)



mail.grand-tek.com
2082
cPanel (http)



mail.grand-tek.com
2083
cPanel (https)



mail.grand-tek.com
2083
cPanel (https)



mail.grand-tek.com
2086
WHM (http)



mail.grand-tek.com
2086
WHM (http)



mail.grand-tek.com
2087
WHM (https)



mail.grand-tek.com
2087
WHM (https)



mail.grand-tek.com
2089
cPanel Licensing



mail.grand-tek.com
2089
cPanel Licensing



mail.grand-tek.com
2095
cPanel Webmail (http)



mail.grand-tek.com
2095
cPanel Webmail (http)



mail.grand-tek.com
2096
cPanel Webmail (https)



mail.grand-tek.com
2096
cPanel Webmail (https)



mail.grand-tek.com
2222
DirectAdmin (http)



mail.grand-tek.com
2222
DirectAdmin (http)



mail.grand-tek.com
2222
DirectAdmin (https)



mail.grand-tek.com
2222
DirectAdmin (https)



mail.grand-tek.com
3306
mySql



mail.grand-tek.com
3306
mySql



mail.grand-tek.com
5224
Plesk Licensing



mail.grand-tek.com
5224
Plesk Licensing



mail.grand-tek.com
5432
PostgreSQL



mail.grand-tek.com
5432
PostgreSQL



mail.grand-tek.com
8080
Ookla Speedtest (http)



mail.grand-tek.com
8080
Ookla Speedtest (http)



mail.grand-tek.com
8080
Ookla Speedtest (https)



mail.grand-tek.com
8080
Ookla Speedtest (https)



mail.grand-tek.com
8083
VestaCP http



mail.grand-tek.com
8083
VestaCP http



mail.grand-tek.com
8083
VestaCP https



mail.grand-tek.com
8083
VestaCP https



mail.grand-tek.com
8443
Plesk Administration (https)



mail.grand-tek.com
8443
Plesk Administration (https)



mail.grand-tek.com
8447
Plesk Installer + Updates



mail.grand-tek.com
8447
Plesk Installer + Updates



mail.grand-tek.com
8880
Plesk Administration (http)



mail.grand-tek.com
8880
Plesk Administration (http)



mail.grand-tek.com
10000
Webmin (http)



mail.grand-tek.com
10000
Webmin (http)



mail.grand-tek.com
10000
Webmin (https)



mail.grand-tek.com
10000
Webmin (https)



211.72.171.75
21
FTP



211.72.171.75
21
FTP



211.72.171.75
22
SSH



211.72.171.75
22
SSH



211.72.171.75
25
SMTP
open
220 grand-tek.com ESMTP Postfix

211.72.171.75
25
SMTP
open
220 grand-tek.com ESMTP Postfix

211.72.171.75
53
DNS



211.72.171.75
53
DNS



211.72.171.75
110
POP3
open
+OK Dovecot ready.

211.72.171.75
110
POP3
open
+OK Dovecot ready.

211.72.171.75
143
IMAP
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

211.72.171.75
143
IMAP
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE STARTTLS AUTH=PLAIN] Dovecot ready.

211.72.171.75
465
SMTP (encrypted)
open
220 grand-tek.com ESMTP Postfix
Mail certificate is invalid
211.72.171.75
465
SMTP (encrypted)
open
220 grand-tek.com ESMTP Postfix
Mail certificate is invalid
211.72.171.75
587
SMTP (encrypted, submission)
open
220 grand-tek.com ESMTP Postfix

211.72.171.75
587
SMTP (encrypted, submission)
open
220 grand-tek.com ESMTP Postfix

211.72.171.75
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
Mail certificate is invalid
211.72.171.75
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready.
Mail certificate is invalid
211.72.171.75
995
POP3 (encrypted)
open
+OK Dovecot ready.
Mail certificate is invalid
211.72.171.75
995
POP3 (encrypted)
open
+OK Dovecot ready.
Mail certificate is invalid
211.72.171.75
1433
MS SQL



211.72.171.75
1433
MS SQL



211.72.171.75
2082
cPanel (http)



211.72.171.75
2082
cPanel (http)



211.72.171.75
2083
cPanel (https)



211.72.171.75
2083
cPanel (https)



211.72.171.75
2086
WHM (http)



211.72.171.75
2086
WHM (http)



211.72.171.75
2087
WHM (https)



211.72.171.75
2087
WHM (https)



211.72.171.75
2089
cPanel Licensing



211.72.171.75
2089
cPanel Licensing



211.72.171.75
2095
cPanel Webmail (http)



211.72.171.75
2095
cPanel Webmail (http)



211.72.171.75
2096
cPanel Webmail (https)



211.72.171.75
2096
cPanel Webmail (https)



211.72.171.75
2222
DirectAdmin (http)



211.72.171.75
2222
DirectAdmin (http)



211.72.171.75
2222
DirectAdmin (https)



211.72.171.75
2222
DirectAdmin (https)



211.72.171.75
3306
mySql



211.72.171.75
3306
mySql



211.72.171.75
5224
Plesk Licensing



211.72.171.75
5224
Plesk Licensing



211.72.171.75
5432
PostgreSQL



211.72.171.75
5432
PostgreSQL



211.72.171.75
8080
Ookla Speedtest (http)



211.72.171.75
8080
Ookla Speedtest (http)



211.72.171.75
8080
Ookla Speedtest (https)



211.72.171.75
8080
Ookla Speedtest (https)



211.72.171.75
8083
VestaCP http



211.72.171.75
8083
VestaCP http



211.72.171.75
8083
VestaCP https



211.72.171.75
8083
VestaCP https



211.72.171.75
8443
Plesk Administration (https)



211.72.171.75
8443
Plesk Administration (https)



211.72.171.75
8447
Plesk Installer + Updates



211.72.171.75
8447
Plesk Installer + Updates



211.72.171.75
8880
Plesk Administration (http)



211.72.171.75
8880
Plesk Administration (http)



211.72.171.75
10000
Webmin (http)



211.72.171.75
10000
Webmin (http)



211.72.171.75
10000
Webmin (https)



211.72.171.75
10000
Webmin (https)





Permalink: https://check-your-website.server-daten.de/?i=c0f91eba-911d-4e32-88cc-82f5123441f8


Last Result: https://check-your-website.server-daten.de/?q=mail.grand-tek.com - 2020-03-17 08:27:30


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=mail.grand-tek.com" target="_blank">Check this Site: mail.grand-tek.com</a>