Check DNS, Urls + Redirects, Certificates and Content of your Website




1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
maxwell.bd.com
CNAME
bdunily.trafficmanager.net
yes
1
0

CNAME
peusf03lbip.eastus.cloudapp.azure.com
yes


www.maxwell.bd.com

Name Error
yes
1
0
maxwell.bd.com
A
40.114.87.200
Ashburn/Virginia/United States (US) - Microsoft Corporation
No Hostname found
no


*.bd.com
A

yes



AAAA

yes



CNAME

yes


*.maxwell.bd.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 14631, Flags 256



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 21.06.2021, 00:00:00 +, Signature-Inception: 31.05.2021, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest 4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=



1 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 22.06.2021, 21:00:00 +, Signature-Inception: 09.06.2021, 20:00:00 +, KeyTag 14631, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 14631 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 54714, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 24.06.2021, 18:24:21 +, Signature-Inception: 09.06.2021, 18:19:21 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: bd.com
bd.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "g6nikdkdrt06kfret2318k03ca0a278o" between the hashed NSEC3-owner "g6nihdquerqlb6b8l2lhq57nd2mh0vl1" and the hashed NextOwner "g6nj8b8f42ataq9djtdhhddi0knn98ht". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner g6nihdquerqlb6b8l2lhq57nd2mh0vl1.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.06.2021, 04:28:45 +, Signature-Inception: 06.06.2021, 03:18:45 +, KeyTag 54714, Signer-Name: com



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q1gin43n1arrc9osm6qpqr81h5m9a". So that domain name is the Closest Encloser of "bd.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.06.2021, 04:24:07 +, Signature-Inception: 06.06.2021, 03:14:07 +, KeyTag 54714, Signer-Name: com



0 DNSKEY RR found




Zone: maxwell.bd.com
maxwell.bd.com
0 DS RR in the parent zone found

Zone: www.maxwell.bd.com
www.maxwell.bd.com
0 DS RR in the parent zone found

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 14631, Flags 256



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 21.06.2021, 00:00:00 +, Signature-Inception: 31.05.2021, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: net
net
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=



1 RRSIG RR to validate DS RR found



RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 22.06.2021, 21:00:00 +, Signature-Inception: 09.06.2021, 20:00:00 +, KeyTag 14631, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 14631 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 6203, Flags 256



Public Key with Algorithm 8, KeyTag 35886, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 23.06.2021, 16:28:30 +, Signature-Inception: 08.06.2021, 16:23:30 +, KeyTag 35886, Signer-Name: net



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 35886 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest "eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: trafficmanager.net
trafficmanager.net
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "cs4320kto8kf7vh8q5kagd3lpf228uql" between the hashed NSEC3-owner "cs431ss8cti7m6jhmn592grli9t17ok7" and the hashed NextOwner "cs44pt53hek39l20em566er2dsknsb6j". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner cs431ss8cti7m6jhmn592grli9t17ok7.net., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 16.06.2021, 05:33:53 +, Signature-Inception: 09.06.2021, 04:23:53 +, KeyTag 6203, Signer-Name: net



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1ruuffjkct2q54p78f8ejgj8jbk7i8b". So that domain name is the Closest Encloser of "trafficmanager.net". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.06.2021, 05:34:46 +, Signature-Inception: 06.06.2021, 04:24:46 +, KeyTag 6203, Signer-Name: net



0 DNSKEY RR found




Zone: bdunily.trafficmanager.net
bdunily.trafficmanager.net
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.maxwell.bd.com
  pdns1.cscdns.net

bd.com
  pdns1.cscdns.net
156.154.130.100
New York/United States (US) - NeuStar, Inc.


 
2610:a1:1022::100
New York/United States (US) - NeuStar, Inc.


  pdns2.cscdns.net
156.154.131.100
New York/United States (US) - NeuStar, Inc.


 
2610:a1:1023::100
New York/United States (US) - NeuStar, Inc.

com
  a.gtld-servers.net / nnn1-fra6


  b.gtld-servers.net / nnn1-eltxl2


  c.gtld-servers.net / nnn1-fra6


  d.gtld-servers.net / nnn1-fra6


  e.gtld-servers.net / nnn1-fra6


  f.gtld-servers.net / nnn1-lon6


  g.gtld-servers.net / nnn1-lon6


  h.gtld-servers.net / nnn1-lon6


  i.gtld-servers.net / nnn1-lon6


  j.gtld-servers.net / nnn1-ein2


  k.gtld-servers.net / nnn1-ein1


  l.gtld-servers.net / nnn1-ein1


  m.gtld-servers.net / nnn1-ein3


trafficmanager.net
  tm1.dns-tm.com
204.79.195.41
Newark/New Jersey/United States (US) - Microsoft Corporation


  tm1.edgedns-tm.info
13.107.222.240
Newark/New Jersey/United States (US) - Microsoft Corporation


  tm2.dns-tm.com
65.55.117.41
Newark/New Jersey/United States (US) - Microsoft Corporation


  tm2.edgedns-tm.info
13.107.206.240
Newark/New Jersey/United States (US) - Microsoft Corporation

net
  a.gtld-servers.net / nnn1-fra6


  b.gtld-servers.net / nnn1-eltxl2


  c.gtld-servers.net / nnn1-fra6


  d.gtld-servers.net / nnn1-fra6


  e.gtld-servers.net / nnn1-fra6


  f.gtld-servers.net / nnn1-lon6


  g.gtld-servers.net / nnn1-lon6


  h.gtld-servers.net / nnn1-lon6


  i.gtld-servers.net / nnn1-lon6


  j.gtld-servers.net / nnn1-ein2


  k.gtld-servers.net / nnn1-ein2


  l.gtld-servers.net / nnn1-ein5


  m.gtld-servers.net / nnn1-ein1


4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1623295238
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:8


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1623295253
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:5


Domain:bd.com
Zone-Name:bd.com
Primary:pdns1.cscdns.net
Mail:hostmaster.cscdns.net
Serial:2007023895
Refresh:28800
Retry:7200
Expire:604800
TTL:3600
num Entries:4


Domain:www.maxwell.bd.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1



Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1623295252
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:10


Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1623295267
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:3


Domain:trafficmanager.net
Zone-Name:trafficmanager.net
Primary:tm1.dns-tm.com
Mail:hostmaster.trafficmanager.net
Serial:118221445
Refresh:900
Retry:300
Expire:2419200
TTL:30
num Entries:2


Domain:trafficmanager.net
Zone-Name:trafficmanager.net
Primary:tm1.dns-tm.com
Mail:hostmaster.trafficmanager.net
Serial:2003080800
Refresh:900
Retry:300
Expire:2419200
TTL:30
num Entries:2


5. Screenshots

Startaddress: https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0, address used: https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0, Screenshot created 2021-06-10 05:22:54 +00:0

Mobil (412px x 732px)

625 milliseconds

Screenshot mobile - https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
Mobil + Landscape (732px x 412px)

558 milliseconds

Screenshot mobile landscape - https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
Screen (1280px x 1680px)

448 milliseconds

Screenshot Desktop - https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0

Mobile- and other Chrome-Checks

widthheight
visual Viewport412732
content Size412732

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

Chrome-Connection: secure. secure connection settings. The connection to this site is encrypted and authenticated using TLS 1.2, ECDHE_RSA with P-384, and AES_256_GCM.

Chrome-Resources : secure. all served securely. All resources on this page are served securely.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://maxwell.bd.com/
40.114.87.200
302
https://maxwell.bd.com/
Html is minified: 100.00 %
0.204
A
Content-Type: text/html; charset=UTF-8
Location: https://maxwell.bd.com/
Server:
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-r: 7.2.0+92102
x-s: peusf03s04
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 10 Jun 2021 03:21:59 GMT
Connection: close
Content-Length: 146

• https://maxwell.bd.com/
40.114.87.200
302
https://maxwell.bd.com/login?ReturnUrl=%2F
3.640
B
Cache-Control: private
Location: https://maxwell.bd.com/login?ReturnUrl=%2F
WWW-Authenticate: Bearer
Set-Cookie: UnilyVisitedCms=; expires=Thu, 01-Jan-1970 00:00:00 GMT,UnilyVisitedCms=true; path=/; expires=Tue, 09-Jun-2020 23:22:01 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-r: 7.2.0+92102
x-s: peusf03s01
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 10 Jun 2021 03:22:01 GMT
Connection: close
Content-Length: 0

• https://maxwell.bd.com/login?ReturnUrl=%2F

302
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
3.437
A
Cache-Control: private
Location: https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
x-v: 7.2.0
X-Frame-Options: ALLOW-FROM https://maxwell.bd.com
Content-Security-Policy: frame-ancestors https://maxwell.bd.com
unily-site-id: 1133
unily-current-item-id:
Set-Cookie: OpenIdConnect.nonce.9vPZYtbGju%2BPC5npnQNkkAbmoy1b2OD2ExV3OVZ7XiA%3D=OU9CNjR6ek5GcWhnalgzbW1EN19ra0dlMDRmbE5WMjFsc1JJVG9yaHd0X0l2S2h3NFhuZjgwYVVDTjFLeHR3bmcxX0VaR2gxTDBKMUx2eTVGMm45ZmZNT3d6MVJkVFlzRGZFZkkyOEZmWm52X1VVcVQ3R2d6dDlMcjNreFFIdUxOeFBFTkFrOWF6M2ptVnpCM2pXUkFSQ2JMVlJrdUNoZzhwbXJXT2p3QkpvOC16UVo3MGVybnRmUXpLSTVMTVZkOVQyU3VJbWFoMWxkbDdtTndLMjBMd0luT2xOSV9IdXR6RGRzU0lVOTM1OA%3D%3D; expires=Thu, 10-Jun-2021 03:37:10 GMT; path=/; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-r: 7.2.0+92102
x-s: peusf03s03
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 10 Jun 2021 03:22:10 GMT
Connection: close
Content-Length: 0

• https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
GZip used - 49456 / 193379 - 74.43 %
Inline-JavaScript (∑/total): 7/82312 Inline-CSS (∑/total): 1/108962
200

Html is minified: 13039.72 %
4.067
A
small visible content (num chars: 0)
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Length: 49456
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: 7bbd39c1-1dc9-4d0f-8414-24e0840e1b00
x-ms-ests-server: 2.1.11787.14 - SCUS ProdSlices
x-ms-clitelem: 1,0,0,,
Set-Cookie: buid=0.AQMAfObDlC2eAEimt2Ndl4ghZVL0re-XxB9Dr1mVehd0HMkDAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrDXw96sH9KAFTtbYz1qZODrTStw3sK8UIsUQni3Dx8pACAy8U71ueCXhoFxQl_ZtGOU5oEEmdZL1p1Lw8CdngSMYGsMQowM8DWUSwOQjdIuQgAA; expires=Sat, 10-Jul-2021 03:22:18 GMT; path=/; secure; HttpOnly; SameSite=None,fpc=Akb5CmMC5ytFsVlSgJf7c0bhgSDlAQAAAGp8U9gOAAAA; expires=Sat, 10-Jul-2021 03:22:18 GMT; path=/; secure; HttpOnly; SameSite=None,esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrSvzewg7qzSqQrnkaVI9DXc0gtE6cxY4iBgbykSajadR4-zpUB524-TEbmOqY5lzx88fm78E6DT9RrVzT2G3X8ObRcgW1Lx90HpOuYw4mqYK5uR_bKU_Mplver7KD3mD49m9_WgVCeflG5Dp1MZ97Sr8psMMUzXoY2ABnxC8afkggAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None,x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly,stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 10 Jun 2021 03:22:18 GMT
Connection: close

• http://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
40.114.87.200
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
302
https://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
0.200
A
Visible Content: Object Moved This document may be found here
Content-Type: text/html; charset=UTF-8
Location: https://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Server:
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-r: 7.2.0+92102
x-s: peusf03s04
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 10 Jun 2021 03:22:05 GMT
Connection: close
Content-Length: 215

• https://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

302
https://maxwell.bd.com/login?ReturnUrl=%2Ferror%2Ferror404%3Furl%3D.well-known%252facme-challenge%252fcheck-your-website-dot-server-daten-dot-de
3.416
B
Visible Content:
Cache-Control: private
Location: https://maxwell.bd.com/login?ReturnUrl=%2Ferror%2Ferror404%3Furl%3D.well-known%252facme-challenge%252fcheck-your-website-dot-server-daten-dot-de
WWW-Authenticate: Bearer
Set-Cookie: UnilyVisitedCms=; expires=Thu, 01-Jan-1970 00:00:00 GMT,UnilyVisitedCms=true; path=/; expires=Tue, 09-Jun-2020 23:22:14 GMT
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-r: 7.2.0+92102
x-s: peusf03s05
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 10 Jun 2021 03:22:14 GMT
Connection: close
Content-Length: 0

• https://maxwell.bd.com/login?ReturnUrl=%2Ferror%2Ferror404%3Furl%3D.well-known%252facme-challenge%252fcheck-your-website-dot-server-daten-dot-de

302
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
3.423
A
Visible Content:
Cache-Control: private
Location: https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
x-v: 7.2.0
X-Frame-Options: ALLOW-FROM https://maxwell.bd.com
Content-Security-Policy: frame-ancestors https://maxwell.bd.com
unily-site-id: 1133
unily-current-item-id:
Set-Cookie: OpenIdConnect.nonce.RrJFTXAOpELFwCm4RfArUqJq%2FVXKWkEnavk08zGVmK4%3D=T3JSMGVCR2dxMWt4dHdjeXZZOVhZa1IzTFBIcWw1UTFYNUZwTG5EcnhNSnlYTjByWi03dXZueVNPbzRFNjUyWEo3Q3FQMmh1X29GMjV3LWw4T29ZMnBjU2RZbEs4Q2VjY3VxTUs2YlZXN3YxVk1uRm52aDZ3QjVuclRYeHdVOUlXRVlGanlTMTNrWGZ6bFdHMGhtWWx1Vlp0b1BFSldMZkdpTXBoWm5HenhPS1ZubUcwRVBiNUV2eWh1X3EtR3FSeFRlc29GUHNaa1hTTFdkNUF0X0dDVlF0LWFHR1ZxQTdadER2QkhhSmdJNA%3D%3D; expires=Thu, 10-Jun-2021 03:37:24 GMT; path=/; secure; HttpOnly; SameSite=None
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
x-r: 7.2.0+92102
x-s: peusf03s04
Strict-Transport-Security: max-age=31536000; includeSubDomains
Date: Thu, 10 Jun 2021 03:22:24 GMT
Connection: close
Content-Length: 0

• https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
GZip used - 49806 / 194935 - 74.45 %
Inline-JavaScript (∑/total): 7/83868 Inline-CSS (∑/total): 1/108962
200

Html is minified: 13144.64 %
4.077

Visible Content:
Info: Html-Content with meta and/or script, may be a problem creating a Letsencrypt certificate using http-01 validation
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-Frame-Options: DENY
Link: <https://aadcdn.msauth.net>; rel=preconnect; crossorigin,<https://aadcdn.msauth.net>; rel=dns-prefetch,<https://aadcdn.msftauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: ecacfe42-72f3-44cb-aae6-70a1dcc74e00
x-ms-ests-server: 2.1.11787.14 - WUS2 ProdSlices
x-ms-clitelem: 1,0,0,,
Set-Cookie: buid=0.AQMAfObDlC2eAEimt2Ndl4ghZVL0re-XxB9Dr1mVehd0HMkDAAA.AQABAAEAAAD--DLA3VO7QrddgJg7WevrzY9nT3-7uyf_ut4Q3AHvy32wl8RxaaAyIGZcgTLoBciqQNcvqaQb8uZQXsZYQjH2gaZPRNpMxNP1KeNsALbtScQpc4uPxfAJwrsRgmeUnUAgAA; expires=Sat, 10-Jul-2021 03:22:28 GMT; path=/; secure; HttpOnly; SameSite=None,fpc=AkCeKtJmB7RLupaKLK1vOsDhgSDlAQAAAHR8U9gOAAAA; expires=Sat, 10-Jul-2021 03:22:28 GMT; path=/; secure; HttpOnly; SameSite=None,esctx=AQABAAAAAAD--DLA3VO7QrddgJg7Wevr2x7NBbXOmwDfkOdx5JpiPuJEMYBNA1zvqRqG32JBZjUkuFJ8ozu7x6RYb1kfxyK7dgtN2Dlh0ypi0BR0x3L_Juwbl8yr_T9EZbBbIxw2qrTrGpQt-a6JmVj7E_tvqWGpcAA3pMpTFlErJIEaTWrpDjbSZiv0p7upTaW38rk4zlsgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None,x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly,stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 10 Jun 2021 03:22:27 GMT
Connection: close
Content-Length: 49806

• https://40.114.87.200/
40.114.87.200 GZip used - 369 / 358 - -3.07 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
200

Html is minified: 111.88 %
3.513
N
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 11)
PEUSF03S02!
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server:
X-AspNet-Version: 4.0.30319
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: default-src 'self';
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Xss-Protection: 1; mode=block
Date: Thu, 10 Jun 2021 03:22:05 GMT
Connection: close
Content-Length: 369

7. Comments


1. General Results, most used to calculate the result

Aname "maxwell.bd.com" is subdomain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 57967 (complete: 151507)
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
Ahttps://maxwell.bd.com/login?ReturnUrl=%2F
302
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
correct redirect https to https
Ahttps://maxwell.bd.com/ 40.114.87.200
302
https://maxwell.bd.com/login?ReturnUrl=%2F
correct redirect https to https
Ahttps://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
https://maxwell.bd.com/login?ReturnUrl=%2Ferror%2Ferror404%3Furl%3D.well-known%252facme-challenge%252fcheck-your-website-dot-server-daten-dot-de
correct redirect https to https
Ahttps://maxwell.bd.com/login?ReturnUrl=%2Ferror%2Ferror404%3Furl%3D.well-known%252facme-challenge%252fcheck-your-website-dot-server-daten-dot-de
302
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
correct redirect https to https
Agood: destination is https
Agood - only one version with Http-Status 200
Agood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
Agood: every https has a Strict Transport Security Header
Agood: HSTS max-age is long enough, 31536000 seconds = 365 days
Agood: HSTS has includeSubdomains - directive
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Ahttp://maxwell.bd.com/ 40.114.87.200
302
https://maxwell.bd.com/
correct redirect http - https with the same domain name
Bhttps://maxwell.bd.com/ 40.114.87.200
302
UnilyVisitedCms=; expires=Thu, 01-Jan-1970 00:00:00 GMT
Cookie sent via https, but not marked as secure
Bhttps://maxwell.bd.com/ 40.114.87.200
302
UnilyVisitedCms=true; path=/; expires=Tue, 09-Jun-2020 23:22:01 GMT
Cookie sent via https, but not marked as secure
Bhttps://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
UnilyVisitedCms=; expires=Thu, 01-Jan-1970 00:00:00 GMT
Cookie sent via https, but not marked as secure
Bhttps://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
UnilyVisitedCms=true; path=/; expires=Tue, 09-Jun-2020 23:22:14 GMT
Cookie sent via https, but not marked as secure
Bhttps://maxwell.bd.com/ 40.114.87.200
302
UnilyVisitedCms=; expires=Thu, 01-Jan-1970 00:00:00 GMT
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://maxwell.bd.com/ 40.114.87.200
302
UnilyVisitedCms=true; path=/; expires=Tue, 09-Jun-2020 23:22:01 GMT
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
UnilyVisitedCms=; expires=Thu, 01-Jan-1970 00:00:00 GMT
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://maxwell.bd.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
302
UnilyVisitedCms=true; path=/; expires=Tue, 09-Jun-2020 23:22:14 GMT
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Nhttps://40.114.87.200/ 40.114.87.200
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
XFatal error: Nameserver doesn't support TCP connection: tm1.dns-tm.com / 204.79.195.41: NXDOMAIN
XFatal error: Nameserver doesn't support TCP connection: tm2.dns-tm.com / 65.55.117.41: NXDOMAIN

2. DNS- and NameServer - Checks

AInfo:: 17 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 2 Name Servers.
AInfo:: 17 Queries complete, 17 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Bad (greater 8):: An average of 8.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 2 different Name Servers found: pdns1.cscdns.net, pdns2.cscdns.net, 2 Name Servers included in Delegation: pdns1.cscdns.net, pdns2.cscdns.net, 2 Name Servers included in 1 Zone definitions: pdns1.cscdns.net, pdns2.cscdns.net, 1 Name Servers listed in SOA.Primary: pdns1.cscdns.net.
AGood: Only one SOA.Primary Name Server found.: pdns1.cscdns.net.
AGood: SOA.Primary Name Server included in the delegation set.: pdns1.cscdns.net.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AInfo: Ipv4-Subnet-list: 2 Name Servers, 1 different subnets (first Byte): 156., 1 different subnets (first two Bytes): 156.154., 2 different subnets (first three Bytes): 156.154.130., 156.154.131.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 2 Name Servers with IPv6, 1 different subnets (first block): 2610:, 1 different subnets (first two blocks): 2610:00a1:, 2 different subnets (first three blocks): 2610:00a1:1022:, 2610:00a1:1023:, 2 different subnets (first four blocks): 2610:00a1:1022:0000:, 2610:00a1:1023:0000:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 4 good Nameserver
AGood: Nameserver supports Echo Capitalization: 4 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 4 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 4 good Nameserver
Nameserver doesn't pass all EDNS-Checks: pdns1.cscdns.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: tm2.dns-tm.com / 65.55.117.41: OP100: ok. FLAGS: ok. V1: ok. V1OP100: SOA NOT expected and NOT found, BADVER expected and found, Version 0 expectend and found, NO OPT100 expected, OPT100 echoed. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Not existing ACME-file, but Server sends 200, not 404 or redirect. May be a problem creating a Letsencrypt certificate. Checking /.well-known/acme-challenge/random-filename - a http status 404 - Not Found - is expected. If your server sends content and a http status 200, the validation file (87 bytes, token, dot and the hash of the public part of the account key) may be invisible, so Letsencrypt can't validate your domain. If it is an application that sends this content, perhaps create an exception, so /.well-known/acme-challenge sends raw files. Or create a redirect to another domain and / or port 443, but your Letsencrypt client must support such a solution. Certbot: Use webroot as authenticator - https://certbot.eff.org/docs/using.html Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 supports GZip.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://40.114.87.200/ 40.114.87.200
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://40.114.87.200/ 40.114.87.200
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 1 script elements without defer/async.
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DfpVHsF23hqsMrAuGZIdKI1ZLxK49s3IEAeK5OYfUWwPgCyWNMmcxxvhd7RfOZFdjpb4VvDnVU_8emh4seYq_qUjXw9948uCFL6u5jhRdNqy3b3wN3fKF8CD2KTPgLxsKmFO5VHDk36ThHJvlhwYC4AidToYeWL4N4ak3PW31bkcN6MYURw-07H3s6wpNXnAfOjmnMBiZB-BVVMsM7CecQEGzL6QlOlgsP68yOF_vsX3uQMk-qNUI07BYuhyM8HXuikKUWqM3lK37WmWPCB3iopJTiOZjd8QWYR4dkPN4sraTwatOH0Y8U4gBOuyP-kTB0Ra6_L3Sd-z3rnOkynyhXncLOMYQCR5rqUTA6OfXw15DOq0HqwTSd-fdaRHRCtkN&response_mode=form_post&nonce=637588921443526020.Y2M0NDEzMDYtMTllYS00ZGIzLTkwZTgtMjA0MTE2MjRiYzk0NmFhMmEzOTctNGFjMi00YmFjLWFlODAtOTYwZTNhZTJlM2Yz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 1 script elements without defer/async.
AGood: All CSS / JavaScript files are sent with GZip. That reduces the content of the files. 2 external CSS / JavaScript files found
AGood: All CSS / JavaScript files are sent with a long Cache-Control header (minimum 7 days). So the browser can re-use these files, no download is required. 2 external CSS / JavaScript files with long Cache-Control max-age found
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
http://maxwell.bd.com/ 40.114.87.200
302

Warning: HSTS header sent via http has no effect
ADuration: 122454 milliseconds, 122.454 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
maxwell.bd.com
maxwell.bd.com
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok
maxwell.bd.com
maxwell.bd.com
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=maxwell.bd.com, O=Becton Dickinson & Company, L=Franklin Lakes, C=US, ST=New Jersey

2CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


maxwell.bd.com
40.114.87.200
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok

maxwell.bd.com
40.114.87.200
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=maxwell.bd.com, O=Becton Dickinson & Company, L=Franklin Lakes, C=US, ST=New Jersey

2CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


login.microsoftonline.com
login.microsoftonline.com
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok

login.microsoftonline.com
login.microsoftonline.com
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
Tls.1.1
Tls.1.0
no http/2 via ALPN
Tls.1.2
Tls.1.1
Tls.1.0
Chain (complete)
1CN=stamp2.login.microsoftonline.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US


40.114.87.200
40.114.87.200
443
name does not match
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok

40.114.87.200
40.114.87.200
443
name does not match
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
error checking OCSP stapling
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0


9. Certificates

1.
1.
CN=maxwell.bd.com, O=Becton Dickinson & Company, L=Franklin Lakes, S=New Jersey, C=US
09.11.2020
11.12.2021
expires in 171 days
maxwell.bd.com, maxwell-CMS.bd.com - 2 entries
1.
1.
CN=maxwell.bd.com, O=Becton Dickinson & Company, L=Franklin Lakes, S=New Jersey, C=US
09.11.2020

11.12.2021
expires in 171 days
maxwell.bd.com, maxwell-CMS.bd.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04E8F993EC7A7ED39E2E382F5726957D
Thumbprint:7DF8C0EF616E66291B18BCD7BFD2BF140107DD4D
SHA256 / Certificate:OoauzT8X4W+KCkkusW0JNrIYTfA+CcbhJeFXYFNRFKk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):b0cad99a3c02c4e6f6767891a34b0f0cad5e67d47260d79cc37ecfe2144aa2e1
SHA256 hex / Subject Public Key Information (SPKI):72080e26c464dbd4ef9116c4fce95d2a850ab1a7d390160397e7b951e9531e31
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
24.09.2020
24.09.2030
expires in 3380 days


2.
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
24.09.2020

24.09.2030
expires in 3380 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:085F94C02D857BE8CC14FF53EDA23E2A
Thumbprint:1D7322B41ED99FDD68511BAB786C8E26E0831B3B
SHA256 / Certificate:H4656ajgZsxbODPgazEpdktiJjnVsWP2AOHHkSC/Pu0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):59e738e674221702af1edb87c5200c1a4b75f64fae3d2c3d265124c61bd83c79
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
01.08.2013
15.01.2038
expires in 6050 days


3.
CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
01.08.2013

15.01.2038
expires in 6050 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:033AF1E6A711A9A0BB2864B11D09FAE5
Thumbprint:DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
SHA256 / Certificate:yzzLt2Ax5eATj43TmiP53kf/w15DwRRM6ifUalqxy18=
SHA256 hex / Cert (DANE * 0 1):cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA256 hex / PublicKey (DANE * 1 1):8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):730b033f268fc0605ba1093cda0c0a50c8b826c41fbd1b787e5962e52ea160e3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


2.
1.
CN=*.unily.com, OU=Domain Control Validated
28.05.2021
31.03.2022
expires in 281 days
*.unily.com, unily.com - 2 entries
2.
1.
CN=*.unily.com, OU=Domain Control Validated
28.05.2021

31.03.2022
expires in 281 days
*.unily.com, unily.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:6931EEC702A1C54A
Thumbprint:AA695A483581331676688CC47BAC5688CE6F090F
SHA256 / Certificate:HBJ7Xrz7VxASolteUKRfrribWW27/y+j6KPE+5nMVBs=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):df79543c0d4d69ff313524e45d18fca13aa4fc398b7de5a12c838ca6e9e5cecc
SHA256 hex / Subject Public Key Information (SPKI):4a6d13a2c3da577cec247a7b2db3146c8d8a91ee0e0b194c9c9bd070ab7cad00
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=*.unily.com, OU=Domain Control Validated
28.05.2021
31.03.2022
expires in 281 days
*.unily.com, unily.com - 2 entries

2.
CN=*.unily.com, OU=Domain Control Validated
28.05.2021

31.03.2022
expires in 281 days
*.unily.com, unily.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:6931EEC702A1C54A
Thumbprint:AA695A483581331676688CC47BAC5688CE6F090F
SHA256 / Certificate:HBJ7Xrz7VxASolteUKRfrribWW27/y+j6KPE+5nMVBs=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):df79543c0d4d69ff313524e45d18fca13aa4fc398b7de5a12c838ca6e9e5cecc
SHA256 hex / Subject Public Key Information (SPKI):4a6d13a2c3da577cec247a7b2db3146c8d8a91ee0e0b194c9c9bd070ab7cad00
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=*.unily.com, OU=Domain Control Validated
28.05.2021
31.03.2022
expires in 281 days
*.unily.com, unily.com - 2 entries

3.
CN=*.unily.com, OU=Domain Control Validated
28.05.2021

31.03.2022
expires in 281 days
*.unily.com, unily.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:6931EEC702A1C54A
Thumbprint:AA695A483581331676688CC47BAC5688CE6F090F
SHA256 / Certificate:HBJ7Xrz7VxASolteUKRfrribWW27/y+j6KPE+5nMVBs=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):df79543c0d4d69ff313524e45d18fca13aa4fc398b7de5a12c838ca6e9e5cecc
SHA256 hex / Subject Public Key Information (SPKI):4a6d13a2c3da577cec247a7b2db3146c8d8a91ee0e0b194c9c9bd070ab7cad00
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


4.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 3601 days


4.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 3601 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:07
Thumbprint:27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
SHA256 / Certificate:lzpBJ2/9AeAnoqrUnjTDeEbT6Xb/amILZxLjODIEGqY=
SHA256 hex / Cert (DANE * 0 1):973a41276ffd01e027a2aad49e34c37846d3e976ff6a620b6712e33832041aa6
SHA256 hex / PublicKey (DANE * 1 1):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SHA256 hex / Subject Public Key Information (SPKI):404986e322e4ccf247942658939363261012ce0d0a9c24ddd182d5a0ba48d00d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


5.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 3601 days


5.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 3601 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:07
Thumbprint:27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
SHA256 / Certificate:lzpBJ2/9AeAnoqrUnjTDeEbT6Xb/amILZxLjODIEGqY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


6.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 3601 days


6.
CN=Go Daddy Secure Certificate Authority - G2, OU=http://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 3601 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:07
Thumbprint:27AC9369FAF25207BB2627CEFACCBE4EF9C319B8
SHA256 / Certificate:lzpBJ2/9AeAnoqrUnjTDeEbT6Xb/amILZxLjODIEGqY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):f11c3dd048f74edb7c45192b83e5980d2f67ec84b4ddb9396e33ff5173ed698f
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


7.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.01.2014
30.05.2031
expires in 3628 days


7.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.01.2014

30.05.2031
expires in 3628 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:1BE715
Thumbprint:340B2880F446FCC04E59ED33F52B3D08D6242964
SHA256 / Certificate:Oi++kokeV/4F1XCH9I5zDxflpfU+9APWGOW3TXp+bss=
SHA256 hex / Cert (DANE * 0 1):3a2fbe92891e57fe05d57087f48e730f17e5a5f53ef403d618e5b74d7a7e6ecb
SHA256 hex / PublicKey (DANE * 1 1):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SHA256 hex / Subject Public Key Information (SPKI):c14278b5b5b2e029d9583fbcf38028f1c1281f435f46576a0c4fc6e501bb985a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


8.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.09.2009
01.01.2038
expires in 6036 days


8.
CN=Go Daddy Root Certificate Authority - G2, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
01.09.2009

01.01.2038
expires in 6036 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00
Thumbprint:47BEABC922EAE80E78783462A79F45C254FDE68B
SHA256 / Certificate:RRQLMkfrnMjFtPDXtTCR9zKSCJ5uWmPidJ3TrKkZjto=
SHA256 hex / Cert (DANE * 0 1):45140b3247eb9cc8c5b4f0d7b53091f73292089e6e5a63e2749dd3aca9198eda
SHA256 hex / PublicKey (DANE * 1 1):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SHA256 hex / Subject Public Key Information (SPKI):d84e3eb50cdc8eeadd22f9dcf570ff09954f2be65bc725b04022fb2683224188
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



9.
CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011
03.05.2031
expires in 3601 days


9.
CN=Go Daddy Root Certificate Authority - G2, OU=https://certs.godaddy.com/repository/, O="GoDaddy.com, Inc.", L=Scottsdale, S=Arizona, C=US
03.05.2011

03.05.2031
expires in 3601 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:2003
Thumbprint:841D4A9FC9D3B2F0CA5FAB95525AB2066ACF8322
SHA256 / Certificate:m/WJZ1RZlhlFEtthdxUa/plwauo9o2/u562fizwFB8s=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):2a8f2d8af0eb123898f74c866ac3fa669054e23c17bc7a95bd0234192dc635d0
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.godaddy.com/
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


10.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004
29.06.2034
expires in 4754 days


10.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004

29.06.2034
expires in 4754 days


KeyalgorithmRSA encryption ( bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:00
Thumbprint:2796BAE63F1801E277261BA0D77770028F20EEE4
SHA256 / Certificate:w4Rr8kuek8pkJ0wOxnwezF4CT/ys0tdAGTUOgf5UauQ=
SHA256 hex / Cert (DANE * 0 1):c3846bf24b9e93ca64274c0ec67c1ecc5e024ffcacd2d74019350e81fe546ae4
SHA256 hex / PublicKey (DANE * 1 1):5632d97bfa775bf3c99ddea52fc2553410864016729c52dd6524c8a9c3b4489f
SHA256 hex / Subject Public Key Information (SPKI):1e5d68e37e994a25b975046b3e08a17b0cbabd8625831ad28eff049466c82db4
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



11.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004
29.06.2034
expires in 4754 days


11.
OU=Go Daddy Class 2 Certification Authority, O="The Go Daddy Group, Inc.", C=US
29.06.2004

29.06.2034
expires in 4754 days


KeyalgorithmRSA encryption ( bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:00
Thumbprint:2796BAE63F1801E277261BA0D77770028F20EEE4
SHA256 / Certificate:w4Rr8kuek8pkJ0wOxnwezF4CT/ys0tdAGTUOgf5UauQ=
SHA256 hex / Cert (DANE * 0 1):c3846bf24b9e93ca64274c0ec67c1ecc5e024ffcacd2d74019350e81fe546ae4
SHA256 hex / PublicKey (DANE * 1 1):5632d97bfa775bf3c99ddea52fc2553410864016729c52dd6524c8a9c3b4489f
SHA256 hex / Subject Public Key Information (SPKI):1e5d68e37e994a25b975046b3e08a17b0cbabd8625831ad28eff049466c82db4
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


3.
1.
CN=stamp2.login.microsoftonline.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
04.06.2021
05.06.2022
expires in 347 days
login.microsoftonline-int.com, login.microsoftonline-p.com, login.microsoftonline.com, login2.microsoftonline-int.com, login2.microsoftonline.com, loginex.microsoftonline-int.com, loginex.microsoftonline.com, stamp2.login.microsoftonline-int.com, stamp2.login.microsoftonline.com - 9 entries
3.
1.
CN=stamp2.login.microsoftonline.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
04.06.2021

05.06.2022
expires in 347 days
login.microsoftonline-int.com, login.microsoftonline-p.com, login.microsoftonline.com, login2.microsoftonline-int.com, login2.microsoftonline.com, loginex.microsoftonline-int.com, loginex.microsoftonline.com, stamp2.login.microsoftonline-int.com, stamp2.login.microsoftonline.com - 9 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04E8ECFCA91BD4BBB6ADD3F7475894A4
Thumbprint:A50D47390E20DDC5722A2223FE0F6E7BA6B72FCA
SHA256 / Certificate:s0O0GxD2I2JD8DEM8GBpRpr3fhi/rH+jWzwKERFvLhY=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):60810724f868f23e3989f6de07a79ea8c3f40dbe987ae96b2be05e0027259bd3
SHA256 hex / Subject Public Key Information (SPKI):441a90a02ecbcec93a7717e8d9740327ad16396198d5ac4e405b92745c793bcd
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
23.09.2020
23.09.2030
expires in 3379 days


2.
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
23.09.2020

23.09.2030
expires in 3379 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:02742EAA17CA8E21C717BB1FFCFD0CA0
Thumbprint:626D44E704D1CEABE3BF0D53397464AC8080142C
SHA256 / Certificate:wa13eHltILymXIiaJlUCEVZSi7Yv9fpD4bjlqD49Lqo=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):e6426f344330d0a8eb080bbb7976391d976fc824b5dc16c0d15246d5148ff75c
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 3792 days


3.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 3792 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):3286b9f475e53f685e0a6a41ce072a95e6a359b79f387a1c691caf50a756d5a3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
0
1
1
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
0
0
1

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
2056172172
leaf cert
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2020-11-09 00:00:00
2021-12-10 23:59:59
maxwell.bd.com, maxwell-cms.bd.com - 2 entries


1188671963
leaf cert
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
2019-10-16 00:00:00
2020-12-08 12:00:00
maxwell.bd.com, maxwell-cms.bd.com - 2 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

Issuerlast 7 daysactivenum Certs
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
0
1
1
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
0
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
3732111455
leaf cert
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2020-11-08 23:00:00
2021-12-10 22:59:59
maxwell.bd.com, maxwell-cms.bd.com
2 entries


2098046621
leaf cert
CN=DigiCert SHA2 Secure Server CA, O=DigiCert Inc, C=US
2019-10-15 22:00:00
2020-12-08 11:00:00
maxwell.bd.com, maxwell-cms.bd.com
2 entries



11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0
link
dns-prefetch
2

0


0
0
0


link
other
3
17,174 Bytes
0
0
1
1
0
0
-1

meta
other
13

0


0
0
0


script

1
121,557 Bytes
0
0
1
1
0
0
-1
https://40.114.87.200/
40.114.87.200
form

1

0


0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://login.microsoftonline.com/94c3e67c-9e2d-4800-a6b7-635d97882165/oauth2/authorize?client_id=efadf452-c497-431f-af59-957a17741cc9&redirect_uri=https%3A%2F%2Fmaxwell.bd.com%2F&response_type=code%20id_token&scope=openid%20profile%20email&state=OpenIdConnect.AuthenticationProperties%3DLZZxRmGesDRDupiZYi1M9dU5wh92WGz4sH8ULMTELuGMPmH5PX2YI7CJh62Fr9F0pFIQxZuv96pZCyU9KT4HDTBW4R3jyMaZm-taugE0zurcm4x3qz3XhD3-4R_z5YvLDHHEoQe_-CIx5aAqgRvC2iL_5C55TPIE9JWaKzRtizWh8SfAgsKcV3-Z3WQbG3SCRsT7aMbbXQgGAQwrifBmuPEWengqi-l81hSLb2OwxvJfQvRIkfOj0gp-3kjD8SB1&response_mode=form_post&nonce=637588921307169443.MzY4OTRlMTQtNzU3ZS00Y2U3LWEzYTMtNzFjZDI2ZmRhNzNhMzZiYWM3NDEtODMyOC00NmJhLWE5ZDItMWU1MTdjYjY0NDgz&domain_hint=bd.com&x-client-SKU=ID_NET461&x-client-ver=5.6.0.0

link
dns-prefetch
//aadcdn.msauth.net


1
ok








link
dns-prefetch
//aadcdn.msftauth.net


1
ok








link
preconnect
https://aadcdn.msauth.net


1
ok








link
prefetch
https://login.live.com/Me.htm?v=3


1
ok








link
shortcut icon
https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico
200

1
ok
image/x-icon, missing X-Content-Type-Options nosniff

Cache-Control: public, max-age=31536000 with long duration found.
No GZip - 17174 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-kM2vSHcWGE5ANAAJNcYF0WM5JtNIEW0ZjzVamLjGzSE=
sha384-JWWFZ7PGFBEVpiYZhzQ4+yX4cAUZbcvvETpojsVsd5x4PyBqKRaPHJNDczYVwZW/
sha512-xQMMVahV56niDiL0xwvx4PPFWKm31QHPq2mSrCZWrl5BsFDMrFQe+lX5YD4NNJskfrSRLuFp1EBEJxeJxxnNAQ==

<link rel="shortcut icon" href="https://aadcdn.msauth.net/shared/1.0/content/images/favicon_a_eupayfgghqiai7k9sol6lg2.ico" crossorigin="anonymous" integrity="sha256-kM2vSHcWGE5ANAAJNcYF0WM5JtNIEW0ZjzVamLjGzSE=" />




meta
Content-Type
text/html; charset=UTF-8


1
ok








meta
Expires
-1


1
ok








meta
Pragma
no-cache


1
ok








meta
Refresh
0; URL=https://login.microsoftonline.com/jsdisabled


1
ok








meta
x-dns-prefetch-control
on


1
ok








meta
X-UA-Compatible
IE=edge


1
ok








meta
LocLC
en-US


1
ok








meta
PageID
ConvergedSignIn


1
ok








meta
referrer
origin


1
ok








meta
ReqLC
1033


1
ok








meta
robots
none


1
ok








meta
SiteID



1
ok








meta
viewport
width=device-width, initial-scale=1.0, maximum-scale=2.0, user-scalable=yes


1
ok








script
src
https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQNThSdb0fH-IV4CjytXGA2.js
200

1
ok
Missing defer / async attribute. application/x-javascript, missing X-Content-Type-Options nosniff

Cache-Control: public, max-age=31536000 - with long duration found.
GZip: 121557/445777 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-uhlmUeO9BC8CzPW2ytKUkvO04n1nkJjbwAAmGzzzgR0=
sha384-B5pmqr6gz/BpIktuP23wqXY4FC7Fd5aRSqOR5jiSe4cTKe3bP1MG17494FmUSu4D
sha512-K44RJESYS5BK9XRWfnvWElX8vzHMqeFLJ5EOwn2TziKC08K6AAhqrvDZCxmGWO7efELkm1giJUWoAqn5tEc40w==

<script src="https://aadcdn.msauth.net/shared/1.0/content/js/ConvergedLogin_PCore_DQNThSdb0fH-IV4CjytXGA2.js" crossorigin="anonymous" integrity="sha256-uhlmUeO9BC8CzPW2ytKUkvO04n1nkJjbwAAmGzzzgR0=" />



https://40.114.87.200/
40.114.87.200
form
post
./


1
ok








12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: pdns1.cscdns.net, pdns2.cscdns.net

QNr.DomainTypeNS used
1
net
NS
k.root-servers.net (2001:7fd::1)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
pdns1.cscdns.net
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: udns1.cscdns.net, udns2.cscdns.uk

Answer: udns1.cscdns.net
2001:502:f3ff::201, 204.74.66.1
3
pdns2.cscdns.net
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: udns1.cscdns.net, udns2.cscdns.uk

Answer: udns1.cscdns.net
2001:502:f3ff::201, 204.74.66.1
4
uk
NS
l.root-servers.net (2001:500:9f::42)

Answer: dns1.nic.uk, dns2.nic.uk, dns3.nic.uk, dns4.nic.uk, nsa.nic.uk, nsb.nic.uk, nsc.nic.uk, nsd.nic.uk
5
udns2.cscdns.uk
NS
dns1.nic.uk (2a01:618:400::1)

Answer: dns1.cscdns.net, dns2.cscdns.net
6
dns1.cscdns.net
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: udns1.cscdns.net, udns2.cscdns.uk

Answer: udns1.cscdns.net
2001:502:f3ff::201, 204.74.66.1
7
dns2.cscdns.net
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: udns1.cscdns.net, udns2.cscdns.uk

Answer: udns1.cscdns.net
2001:502:f3ff::201, 204.74.66.1
8
dns1.cscdns.net: 156.154.130.100
A
udns1.cscdns.net (2001:502:f3ff::201)
9
dns1.cscdns.net: 2610:a1:1022::100
AAAA
udns1.cscdns.net (2001:502:f3ff::201)
10
udns2.cscdns.uk: 204.74.111.1
A
dns1.cscdns.net (2610:a1:1022::100)
11
udns2.cscdns.uk: 2001:502:4612::201
AAAA
dns1.cscdns.net (2610:a1:1022::100)
12
dns2.cscdns.net: 156.154.131.100
A
udns1.cscdns.net (2001:502:f3ff::201)
13
dns2.cscdns.net: 2610:a1:1023::100
AAAA
udns1.cscdns.net (2001:502:f3ff::201)
14
pdns1.cscdns.net: 156.154.130.100
A
udns1.cscdns.net (2001:502:f3ff::201)
15
pdns1.cscdns.net: 2610:a1:1022::100
AAAA
udns1.cscdns.net (2001:502:f3ff::201)
16
pdns2.cscdns.net: 156.154.131.100
A
udns1.cscdns.net (2001:502:f3ff::201)
17
pdns2.cscdns.net: 2610:a1:1023::100
AAAA
udns1.cscdns.net (2001:502:f3ff::201)


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
bdunily.trafficmanager.net



1
0
trafficmanager.net
0

no CAA entry found
1
0
maxwell.bd.com



1
0
bd.com
0

no CAA entry found
1
0
net
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
bd.com
adobe-idp-site-verification=5ba86c1e478df5682f73b989899796ee75e06e2d746ee1af879838631fb3491d
ok
1
0
bd.com
atlassian-domain-verification=qNmjBvORiemzV+t8fh1fRqSPG8EIL7A19C4l0qXFNwumf35AZ4IyvGjMZAsme0MQ
ok
1
0
bd.com
docusign=be7ee656-5eda-468c-90fa-af8c15a8c72a
ok
1
0
bd.com
MS=ms45276676
ok
1
0
bd.com
MS=ms68571074
ok
1
0
bd.com
MS=ms80497129
ok
1
0
bd.com
MS=ms86038015
ok
1
0
bd.com
Q3ulJWmewhpCT5Gp9VfKbGklfJCXXbFsVUU1x3U6OAf6l8WSIYRXhVmqTnUm9hO365jPO+K2Fd1XwxkcDd++LA==
ok
1
0
maxwell.bd.com


1
0
_acme-challenge.maxwell.bd.com

Name Error - The domain name does not exist
1
0
_acme-challenge.maxwell.bd.com.bd.com

Name Error - The domain name does not exist
1
0
_acme-challenge.bdunily.trafficmanager.net

Name Error - The domain name does not exist
1
0
_acme-challenge.maxwell.bd.com.maxwell.bd.com

Name Error - The domain name does not exist
1
0
_acme-challenge.bdunily.trafficmanager.net.bdunily.trafficmanager.net

Name Error - The domain name does not exist
1
0


15. Portchecks

No Port checks



Permalink: https://check-your-website.server-daten.de/?i=2fab8ff7-a1df-4246-805e-5f3ed86c06eb


Last Result: https://check-your-website.server-daten.de/?q=maxwell.bd.com - 2021-06-10 05:20:59


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=maxwell.bd.com" target="_blank">Check this Site: maxwell.bd.com</a>