Shortcuts: Top | Url-Checks | Comments | Connections | Certificates | CT-Logs | Html-Content | CAA | TXT |


N

No trusted Certificate

last check:
15.04.2019 12:19:14


Older results

No older results found
HostTIP-Addressis auth.∑ Queries∑ Timeout
nubeahorro.es
A
81.0.24.103
yes
1
0

AAAA

yes


www.nubeahorro.es
A
213.186.33.5
yes
1
0

AAAA

yes



Zone (*)DNSSEC - Informations (beta)
(root)
1 DS RR published

Status: Valid because published

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)

Public Key with Algorithm 8, KeyTag 25266, Flags 256

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 02.05.2019, 00:00:00, Signature-Inception: 11.04.2019, 00:00:00, KeyTag 20326, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
es
2 DS RR in the parent zone found

1 RRSIG RR to validate DS RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 28.04.2019, 05:00:00, Signature-Inception: 15.04.2019, 04:00:00, KeyTag 25266, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 25266 used to validate the DS RRSet in the parent zone

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 489, Flags 256

Public Key with Algorithm 8, KeyTag 29450, Flags 257 (SEP = Secure Entry Point)

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 25.04.2019, 18:10:25, Signature-Inception: 11.04.2019, 23:57:31, KeyTag 29450, Signer-Name: es

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 29450 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 29450, DigestType 1 and Digest "QXvq+0ar80MLdcXCmu94XUdrYOE=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 29450, DigestType 2 and Digest "i+wyosnP5C45O6+B/+cbUh0+lAYSpFkLR2OtxTnktWM=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
nubeahorro.es
0 DS RR in the parent zone found

DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.

0 DNSKEY RR found


www.nubeahorro.es
0 DS RR in the parent zone found


DomainNameserverNS-IP
www.nubeahorro.es
  dns17.ovh.net

nubeahorro.es
  dns17.ovh.net
213.251.188.137

 
2001:41d0:1:4a89::1

  ns17.ovh.net
213.251.128.137

 
2001:41d0:1:1989::1
es
  a.nic.es


  f.nic.es


  g.nic.es / 2.ber.pch


  ns1.cesca.es


  ns-es.nic.fr / dns.fra.nic.fr


  ns-ext.nic.cl / ns-ext.nic.cl 1


  sns-pb.isc.org / pb-ams-ns2.sns.isc.org



SOA - records (beta)

Domain:es
Primary:ns1.nic.es
Mail:hostmaster.nic.es
Serial:2019041502
Refresh:7200
Retry:7200
Expire:2592000
TTL:86400
num Entries:1


Domain:es
Primary:ns1.nic.es
Mail:hostmaster.nic.es
Serial:2019041503
Refresh:7200
Retry:7200
Expire:2592000
TTL:86400
num Entries:6


Domain:nubeahorro.es
Primary:dns17.ovh.net
Mail:tech.ovh.net
Serial:2019041502
Refresh:86400
Retry:3600
Expire:3600000
TTL:300
num Entries:4


Domain:www.nubeahorro.es
Primary:dns17.ovh.net
Mail:tech.ovh.net
Serial:2019041502
Refresh:86400
Retry:3600
Expire:3600000
TTL:300
num Entries:1



show header:
Domainname Http-StatusredirectSec.G
• http://www.nubeahorro.es/
213.186.33.5
301
https://nubeahorro.es
0.063
E
Set-Cookie: rd=R3047010670; Path=/; Domain=www.nubeahorro.es; Expires=2019-04-18 00:28:05
Server: nginx
Date: Mon, 15 Apr 2019 10:19:47 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://nubeahorro.es

• http://nubeahorro.es/
81.0.24.103
-14

10.027
T
Timeout - The operation has timed out

• https://www.nubeahorro.es/
213.186.33.5
301
https://nubeahorro.es
1.196
N
Certificate error: RemoteCertificateNameMismatch
Set-Cookie: rd=R3047009581; Path=/; Domain=www.nubeahorro.es; Expires=2019-04-18 00:19:50
Server: nginx
Date: Mon, 15 Apr 2019 10:19:59 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://nubeahorro.es

• https://nubeahorro.es

-14

10.023
T
Timeout - The operation has timed out

• https://nubeahorro.es/
81.0.24.103
-14

10.030
T
Timeout - The operation has timed out

• http://www.nubeahorro.es/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
213.186.33.5
301
https://nubeahorro.es/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.057
E
Visible Content: 301 Moved Permanently nginx
Set-Cookie: rd=R3047006314; Path=/; Domain=www.nubeahorro.es; Expires=2019-04-18 00:19:50
Server: nginx
Date: Mon, 15 Apr 2019 10:20:09 GMT
Content-Type: text/html
Content-Length: 178
Connection: close
Location: https://nubeahorro.es/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

• http://nubeahorro.es/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
81.0.24.103
-14

10.030
T
Timeout - The operation has timed out
Visible Content:

• https://nubeahorro.es/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

-14

10.027
T
Timeout - The operation has timed out
Visible Content:

Comments

Aname "nubeahorro.es" is domain, public suffix is "es", top-level-domain-type is "country-code", Country is Spain, tld-manager is "Red.es"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
Bhttps://www.nubeahorro.es/ 213.186.33.5
301

Missing HSTS-Header
CError - no version with Http-Status 200
Ehttp://www.nubeahorro.es/ 213.186.33.5
301
https://nubeahorro.es
wrong redirect one version http to other version https - first redirect to https without new dns query
Hfatal error: No https - result with http-status 200, no encryption
Nhttps://www.nubeahorro.es/ 213.186.33.5
301
https://nubeahorro.es
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
OOld connection: Tls.1.0 is deprecated, Tls.1.2 should be supported
OOld connection: RSA Key Exchange is unsecure. Use Diffie-Hellman or Elliptic Curve Diffi-Hellmann Key Exchange to support Forward Secrecy
OOld connection: SHA1 as Hash Algorithm is deprecated. Switch to SHA256 or SHA384. If your certificate has SHA256, check if there is an old Firewall or something else, that supports only SHA1. Update that component.
AGood: Nameserver supports TCP connections: 4 good Nameserver
AGood: Nameserver supports Echo Capitalization: 4 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 4 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 4 good Nameserver
Nameserver doesn't pass all EDNS-Checks: ns-es.nic.fr: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (dns.fra.nic.fr). COOKIE: SOA expected, but NOT found, NOERR expected, BADVER found, Version 0 expectend and found. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: sns-pb.isc.org: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (pb-ams-ns2.sns.isc.org). COOKIE: fatal timeout. CLIENTSUBNET: ok.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate
ADuration: 75757 milliseconds, 75.757 seconds


Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
www.nubeahorro.es
213.186.33.5
443
name does not match
Tls
RsaKeyX
2048
Aes256
256
Sha1
error checking OCSP stapling
weak
Chain (complete)
1CN=mailconfig.ovh.net, OU=PositiveSSL

2CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, C=GB, ST=Greater Manchester

3CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, C=US, ST=New Jersey


Certificates

1.
1.
CN=mailconfig.ovh.net, OU=PositiveSSL, OU=Domain Control Validated
18.01.2019
18.01.2021
expires in 638 days
mailconfig.ovh.net, www.mailconfig.ovh.net - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:3C243AC126E2568F6735DAAE0B0DFDD2
Thumbprint:94E3ADAD7741CE44BBABA0D440A39ADAEF359066
SHA256 / Certificate:2odpV6+JQ/s5iq1Ly9Ug6rXeIH1bGUyeN8o/zGy1OPU=
SHA256 hex / Cert (DANE * 0 1):da876957af8943fb398aad4bcbd520eab5de207d5b194c9e37ca3fcc6cb538f5
SHA256 hex / PublicKey (DANE * 1 1):362a2178558af19620ceda0c84e72c537d7afc6b4b53dc94e09af50b1b3030f6
OCSP - Url:http://ocsp.sectigo.com
OCSP - must staple:no
Certificate Transparency:yes


2.
CN=Sectigo RSA Domain Validation Secure Server CA, O=Sectigo Limited, L=Salford, S=Greater Manchester, C=GB
02.11.2018
01.01.2031
expires in 4273 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA384 With RSA Encryption
Serial Number:7D5B5126B476BA11DB74160BBC530DA7
Thumbprint:33E4E80807204C2B6182A3A14B591ACD25B5F0DB
SHA256 / Certificate:f6T/aOwEqZ11KNUIX5SQf00d0cU4G6zcgy7VyWAhRnY=
SHA256 hex / Cert (DANE * 0 1):7fa4ff68ec04a99d7528d5085f94907f4d1dd1c5381bacdc832ed5c960214676
SHA256 hex / PublicKey (DANE * 1 1):e1ae9c3de848ece1ba72e0d991ae4d0d9ec547c6bad1dddab9d6beb0a7e0e0d8
OCSP - Url:http://ocsp.usertrust.com
OCSP - must staple:no
Certificate Transparency:no


3.
CN=USERTrust RSA Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
30.05.2000
30.05.2020
expires in 405 days


KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA384 With RSA Encryption
Serial Number:13EA28705BF4ECED0C36630980614336
Thumbprint:EAB040689A0D805B5D6FD654FC168CFF00B78BE3
SHA256 / Certificate:GlF0mAopSlKKEQcm1YVWUCZsSNmIO+ppK2e21ybamMU=
SHA256 hex / Cert (DANE * 0 1):1a5174980a294a528a110726d5855650266c48d9883bea692b67b6d726da98c5
SHA256 hex / PublicKey (DANE * 1 1):c784333d20bcd742b9fdc3236f4e509b8937070e73067e254dd3bf9c45bf4dde
OCSP - Url:http://ocsp.usertrust.com
OCSP - must staple:no
Certificate Transparency:no


4.
CN=AddTrust External CA Root, OU=AddTrust External TTP Network, O=AddTrust AB, C=SE
30.05.2000
30.05.2020
expires in 405 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:01
Thumbprint:02FAF3E291435468607857694DF5E45B68851868
SHA256 / Certificate:aH+kUTgieP/wyLEfjUPVdmccbrK86rQT+4PZZdBtL/I=
SHA256 hex / Cert (DANE * 0 1):687fa451382278fff0c8b11f8d43d576671c6eb2bceab413fb83d965d06d2ff2
SHA256 hex / PublicKey (DANE * 1 1):942a6916a6e4ae527711c5450247a2a74fb8e156a8254ca66e739a11493bb445
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no



Last Certificates - Certificate Transparency Log Check (BETA)

No CRT-Log entries found


Html-Content - Entries (BETA - mixed content and other checks)

No Html-Content entries found. Only checked if https + status 200/401/403/404


CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.nubeahorro.es
0

no CAA entry found
1
0
nubeahorro.es
0

no CAA entry found
1
0
es
0

no CAA entry found
1
0


TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
nubeahorro.es
1|www.nubeahorro.es
ok
1
0
nubeahorro.es
v=spf1 include:mx.ovh.com ~all
ok
1
0
www.nubeahorro.es
4|https://nubeahorro.es
ok
1
0
_acme-challenge.nubeahorro.es

Name Error - The domain name does not exist
1
0
_acme-challenge.www.nubeahorro.es

Name Error - The domain name does not exist
1
0
_acme-challenge.nubeahorro.es.nubeahorro.es

Name Error - The domain name does not exist
1
0
_acme-challenge.www.nubeahorro.es.www.nubeahorro.es

Name Error - The domain name does not exist
1
0



Permalink: https://check-your-website.server-daten.de/?i=d3e4442a-eee0-42e7-ad93-8306a7e30310


Last Result: https://check-your-website.server-daten.de/?q=nubeahorro.es