Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 1 of max. 4 Checks (10:55:17)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A


Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. NameServer-IPAddresses | 13. CAA | 14. TXT | 15. DomainServiceEntries | 16. Cipher Suites | 17. Portchecks |


O

old / weak connection

Checked:
27.03.2023 04:40:43


Older results

O - 27.03.2023 00:15:50

O - 26.03.2023 16:39:36

O - 26.03.2023 14:57:10

O - 26.03.2023 14:16:33

O - 26.03.2023 13:58:28

O - 26.03.2023 11:31:26

O - 26.03.2023 04:16:59

O - 25.03.2023 17:23:25

O - 25.03.2023 15:51:53

O - 25.03.2023 14:52:10


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
onelove.al
A
103.224.182.253
San Diego/California/United States (US) - Trellian Pty. Limited
Hostname: lb-182-253.above.com
yes
1
0

AAAA

yes


www.onelove.al
A
103.224.182.253
San Diego/California/United States (US) - Trellian Pty. Limited
Hostname: lb-182-253.above.com
yes
1
0

AAAA

yes


*.onelove.al
A
Name Error
yes



A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



 Status: Valid because published



3 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 951, Flags 256



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 60955, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 12.04.2023, 00:00:00 +, Signature-Inception: 22.03.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: al
al
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "al" and the NextOwner "alfaromeo". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: NS, RRSIG, NSEC



0 DNSKEY RR found




Zone: onelove.al
onelove.al
0 DS RR in the parent zone found



0 DNSKEY RR found




Zone: www.onelove.al
www.onelove.al
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.onelove.al
  ns1.abovedomains.com / pns03-san


  ns2.abovedomains.com / pns04-san

onelove.al
  contact-us-at.edoms.biz / pns01-san
103.224.182.6
San Diego/California/United States (US) - Trellian Pty. Limited

  domain-may-be-for-sale-at.edoms.biz / pns03-san
103.224.182.5
San Diego/California/United States (US) - Trellian Pty. Limited

  ns1.abovedomains.com / pns03-san
103.224.182.5
San Diego/California/United States (US) - Trellian Pty. Limited

  ns2.abovedomains.com / pns01-san
103.224.182.6
San Diego/California/United States (US) - Trellian Pty. Limited
al
  munnari.oz.au


  ns1.nic.al


  nsx.nic.al / ns-2.al.de8.bind


  rip.psg.com


4. SOA-Entries


Domain:al
Zone-Name:al
Primary:ns1.nic.al
Mail:domain.akep.al
Serial:1679473021
Refresh:10600
Retry:3600
Expire:1209600
TTL:7200
num Entries:1


Domain:al
Zone-Name:al
Primary:ns1.nic.al
Mail:domain.akep.al
Serial:1679883421
Refresh:10600
Retry:3600
Expire:1209600
TTL:7200
num Entries:3


Domain:onelove.al
Zone-Name:onelove.al
Primary:ns1.abovedomains.com
Mail:hostmaster.trellian.com
Serial:2023032701
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:4


Domain:www.onelove.al
Zone-Name:www.onelove.al
Primary:ns1.abovedomains.com
Mail:hostmaster.trellian.com
Serial:2023032701
Refresh:10800
Retry:3600
Expire:604800
TTL:3600
num Entries:2


5. Screenshots

Startaddress: https://oneelove.pw/, address used: https://oneelove.pw/, Screenshot created 2022-11-07 15:32:00 +00:0 url is insecure, certificate invalid

Mobil (412px x 732px)

228 milliseconds

Screenshot mobile - https://oneelove.pw/
Mobil + Landscape (732px x 412px)

218 milliseconds

Screenshot mobile landscape - https://oneelove.pw/
Screen (1280px x 1680px)

475 milliseconds

Screenshot Desktop - https://oneelove.pw/

Mobile- and other Chrome-Checks

widthheight
visual Viewport396716
content Size9901271

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://onelove.al/
103.224.182.253
302
http://ww25.onelove.al/?subid1=20230327-1341-54cd-bf89-61bdedbee710
0.414

date: Mon, 27 Mar 2023 02:41:54 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679884914.5584506; expires=Thu, 24-Mar-2033 02:41:54 GMT; Max-Age=315360000
location: http://ww25.onelove.al/?subid1=20230327-1341-54cd-bf89-61bdedbee710
content-length: 0
content-type: text/html; charset=UTF-8
connection: close

• http://www.onelove.al/
103.224.182.253
302
http://ww25.onelove.al/?subid1=20230327-1341-54d7-843c-885d67561449
0.363

date: Mon, 27 Mar 2023 02:41:54 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679884914.2251066; expires=Thu, 24-Mar-2033 02:41:54 GMT; Max-Age=315360000
location: http://ww25.onelove.al/?subid1=20230327-1341-54d7-843c-885d67561449
content-length: 0
content-type: text/html; charset=UTF-8
connection: close

• http://ww25.onelove.al/?subid1=20230327-1341-54cd-bf89-61bdedbee710
GZip used - 718 / 971 - 26.06 %
200

Html is minified: 182.18 %		0.416

Server: openresty
Date: Mon, 27 Mar 2023 02:42:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: parking_session=73f058ed-379e-2e01-3569-2a9d5391f338; expires=Mon, 27-Mar-2023 02:57:16 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_EEKdqc20Mf92OTu1Zk2npd0LAZAP6fD3iGg/gfb3DmiA2jn/Qzi05D8Gwsew2iChnUI9mm2mX8ss462dX0ZoAA==
Cache-Control: no-cache,no-store, must-revalidate,post-check=0, pre-check=0
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

• http://ww25.onelove.al/?subid1=20230327-1341-54d7-843c-885d67561449
GZip used - 720 / 971 - 25.85 %
200

Html is minified: 182.18 %		0.223

Server: openresty
Date: Mon, 27 Mar 2023 02:42:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: parking_session=c2cb9992-9046-a77d-e1cd-aa1cd9589324; expires=Mon, 27-Mar-2023 02:57:16 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_WY7/bNWQhB4s818X7a+B0+ZQfkwq2psdvIBIvZdhGLMgWgVE3+//D98eDP+eclOx6P0KyyT7ykcf5DkeDsbwRw==
Cache-Control: no-cache,no-store, must-revalidate,post-check=0, pre-check=0
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

• http://ww25.onelove.al/?subid1=20230327-1341-5545-940e-f6d13d1ded69
GZip used - 719 / 971 - 25.95 %
200

Html is minified: 182.18 %		0.224

Server: openresty
Date: Mon, 27 Mar 2023 02:42:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: parking_session=20178358-c981-7c56-609e-bbd52062205f; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_xxUmI6x/q+iZCQn9FTUcDDq5X4G/YmAgHQzjvGc1BNIojcp0D4mmN2iUmI8NfFGHoIut+482GS50tX3sIpBAbw==
Cache-Control: no-cache,no-store, must-revalidate,post-check=0, pre-check=0
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

• http://ww25.onelove.al/?subid1=20230327-1342-022f-9429-6b28e1d20329
GZip used - 720 / 971 - 25.85 %
200

Html is minified: 182.18 %		0.227

Server: openresty
Date: Mon, 27 Mar 2023 02:42:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: parking_session=32df1b49-9bd1-d5e5-0253-e6565e697a1c; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_PFFzHqqizu727MGQDWWPzV2Bn8SQfzgZUeRbqGnK/m5pozB3kq9Wx1g+gZIrTq8cDLe9Lg7HBRc8CEkHiieyPQ==
Cache-Control: no-cache,no-store, must-revalidate,post-check=0, pre-check=0
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

• https://onelove.al/
103.224.182.253
302
http://ww25.onelove.al/?subid1=20230327-1341-5545-940e-f6d13d1ded69
5.840
F
date: Mon, 27 Mar 2023 02:41:55 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679884915.5028266; expires=Thu, 24-Mar-2033 02:41:55 GMT; Max-Age=315360000
location: http://ww25.onelove.al/?subid1=20230327-1341-5545-940e-f6d13d1ded69
content-length: 0
content-type: text/html; charset=UTF-8
connection: close

• https://www.onelove.al/
103.224.182.253
302
http://ww25.onelove.al/?subid1=20230327-1342-022f-9429-6b28e1d20329
5.770
F
date: Mon, 27 Mar 2023 02:42:02 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679884922.6119532; expires=Thu, 24-Mar-2033 02:42:02 GMT; Max-Age=315360000
location: http://ww25.onelove.al/?subid1=20230327-1342-022f-9429-6b28e1d20329
content-length: 0
content-type: text/html; charset=UTF-8
connection: close

• http://onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
103.224.182.253
302
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
0.380

Visible Content:
date: Mon, 27 Mar 2023 02:42:08 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679884928.5157509; expires=Thu, 24-Mar-2033 02:42:08 GMT; Max-Age=315360000
location: http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
content-length: 0
content-type: text/html; charset=UTF-8
connection: close

• http://www.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
103.224.182.253
302
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
0.367

Visible Content:
date: Mon, 27 Mar 2023 02:42:08 GMT
server: Apache/2.4.38 (Debian)
set-cookie: __tad=1679884928.4272464; expires=Thu, 24-Mar-2033 02:42:08 GMT; Max-Age=315360000
location: http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
content-length: 0
content-type: text/html; charset=UTF-8
connection: close

• http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
GZip used - 774 / 1003 - 22.83 %
Inline-JavaScript (∑/total): 2/453 Inline-CSS (∑/total): 0/0		200

Html is minified: 188.18 %		0.246

Visible Content:
Info: Html-Content with meta and/or script, may be a problem creating a Letsencrypt certificate using http-01 validation
Server: openresty
Date: Mon, 27 Mar 2023 02:42:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: parking_session=0e144516-9656-f829-994e-6c43251b8a68; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_ddALlUgCGd1w5GM4G5SqPRnRVoZnBxvDSisxNN+K8Rm78ZF3Jzh/zCWM9XZ9ZI3OHxwCUEA9nRBrJW7mabYCWQ==
Cache-Control: no-cache,no-store, must-revalidate,post-check=0, pre-check=0
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

• http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
GZip used - 770 / 1003 - 23.23 %
Inline-JavaScript (∑/total): 2/453 Inline-CSS (∑/total): 0/0		200

Html is minified: 188.18 %		0.230

Visible Content:
Info: Html-Content with meta and/or script, may be a problem creating a Letsencrypt certificate using http-01 validation
Server: openresty
Date: Mon, 27 Mar 2023 02:42:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: close
Set-Cookie: parking_session=09180549-0cfb-6c86-fb33-6134556306ca; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANDrp2lz7AOmADaN8tA50LsWcjLFyQFcb/P2Txc58oYOeILb3vBw7J6f4pamkAQVSQuqYsKx3YzdUHCvbVZvFUsCAwEAAQ==_CxmpSzT6LiMql58LdeIPjfZ/cSH2HdyfvZczAhAHVZH2KN/xIAcNuU+o85qarUi1pG45UDl487nV2mvtkIzXIQ==
Cache-Control: no-cache,no-store, must-revalidate,post-check=0, pre-check=0
Accept-CH: sec-ch-prefers-color-scheme
Critical-CH: sec-ch-prefers-color-scheme
Vary: sec-ch-prefers-color-scheme
Expires: Thu, 01 Jan 1970 00:00:01 GMT
Pragma: no-cache
Content-Encoding: gzip

• https://103.224.182.253/
103.224.182.253 GZip used - 229 / 356 - 35.67 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		200

Html is minified: 100.00 %		5.897
N
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 21)
Click here to enter .
date: Mon, 27 Mar 2023 02:42:09 GMT
server: Apache/2.4.38 (Debian)
vary: Accept-Encoding
content-encoding: gzip
content-length: 229
content-type: text/html; charset=UTF-8
connection: close

7. Comments


1. General Results, most used to calculate the result

Aname "onelove.al" is domain, public suffix is ".al", top-level-domain is ".al", top-level-domain-type is "country-code", Country is Albania, tld-manager is "Electronic and Postal Communications Authority - AKEP", num .al-domains preloaded: 32 (complete: 221801)
AGood: All ip addresses are public addresses
Warning: Only one ip address found: onelove.al has only one ip address.
Warning: Only one ip address found: www.onelove.al has only one ip address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: onelove.al has no ipv6 address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.onelove.al has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Bhttps://onelove.al/ 103.224.182.253
302

Missing HSTS-Header
Bhttps://www.onelove.al/ 103.224.182.253
302

Missing HSTS-Header
http://onelove.al/ 103.224.182.253
302
__tad=1679884914.5584506; expires=Thu, 24-Mar-2033 02:41:54 GMT; Max-Age=315360000
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://ww25.onelove.al/?subid1=20230327-1341-54cd-bf89-61bdedbee710
200
parking_session=73f058ed-379e-2e01-3569-2a9d5391f338; expires=Mon, 27-Mar-2023 02:57:16 GMT; Max-Age=900; path=/; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://ww25.onelove.al/?subid1=20230327-1341-54d7-843c-885d67561449
200
parking_session=c2cb9992-9046-a77d-e1cd-aa1cd9589324; expires=Mon, 27-Mar-2023 02:57:16 GMT; Max-Age=900; path=/; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://ww25.onelove.al/?subid1=20230327-1341-5545-940e-f6d13d1ded69
200
parking_session=20178358-c981-7c56-609e-bbd52062205f; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://ww25.onelove.al/?subid1=20230327-1342-022f-9429-6b28e1d20329
200
parking_session=32df1b49-9bd1-d5e5-0253-e6565e697a1c; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.onelove.al/ 103.224.182.253
302
__tad=1679884914.2251066; expires=Thu, 24-Mar-2033 02:41:54 GMT; Max-Age=315360000
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 103.224.182.253
302
__tad=1679884928.5157509; expires=Thu, 24-Mar-2033 02:42:08 GMT; Max-Age=315360000
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
200
parking_session=0e144516-9656-f829-994e-6c43251b8a68; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
200
parking_session=09180549-0cfb-6c86-fb33-6134556306ca; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
http://www.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 103.224.182.253
302
__tad=1679884928.4272464; expires=Thu, 24-Mar-2033 02:42:08 GMT; Max-Age=315360000
Fatal: Cookie sent via http. Never send Cookies / Session-Cookies via http. If a user uses an insecure WLan and if the same cookie is used to managed the authenticated session, it's possible to hack that user. Same with HttpOnly - without https that's only decorative.
Bhttps://onelove.al/ 103.224.182.253
302
__tad=1679884915.5028266; expires=Thu, 24-Mar-2033 02:41:55 GMT; Max-Age=315360000
Cookie sent via https, but not marked as secure
Bhttps://www.onelove.al/ 103.224.182.253
302
__tad=1679884922.6119532; expires=Thu, 24-Mar-2033 02:42:02 GMT; Max-Age=315360000
Cookie sent via https, but not marked as secure
Bhttp://onelove.al/ 103.224.182.253
302
__tad=1679884914.5584506; expires=Thu, 24-Mar-2033 02:41:54 GMT; Max-Age=315360000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://ww25.onelove.al/?subid1=20230327-1341-54cd-bf89-61bdedbee710
200
parking_session=73f058ed-379e-2e01-3569-2a9d5391f338; expires=Mon, 27-Mar-2023 02:57:16 GMT; Max-Age=900; path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://ww25.onelove.al/?subid1=20230327-1341-54d7-843c-885d67561449
200
parking_session=c2cb9992-9046-a77d-e1cd-aa1cd9589324; expires=Mon, 27-Mar-2023 02:57:16 GMT; Max-Age=900; path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://ww25.onelove.al/?subid1=20230327-1341-5545-940e-f6d13d1ded69
200
parking_session=20178358-c981-7c56-609e-bbd52062205f; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://ww25.onelove.al/?subid1=20230327-1342-022f-9429-6b28e1d20329
200
parking_session=32df1b49-9bd1-d5e5-0253-e6565e697a1c; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.onelove.al/ 103.224.182.253
302
__tad=1679884914.2251066; expires=Thu, 24-Mar-2033 02:41:54 GMT; Max-Age=315360000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://onelove.al/ 103.224.182.253
302
__tad=1679884915.5028266; expires=Thu, 24-Mar-2033 02:41:55 GMT; Max-Age=315360000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://www.onelove.al/ 103.224.182.253
302
__tad=1679884922.6119532; expires=Thu, 24-Mar-2033 02:42:02 GMT; Max-Age=315360000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 103.224.182.253
302
__tad=1679884928.5157509; expires=Thu, 24-Mar-2033 02:42:08 GMT; Max-Age=315360000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
200
parking_session=0e144516-9656-f829-994e-6c43251b8a68; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
200
parking_session=09180549-0cfb-6c86-fb33-6134556306ca; expires=Mon, 27-Mar-2023 02:57:17 GMT; Max-Age=900; path=/; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttp://www.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 103.224.182.253
302
__tad=1679884928.4272464; expires=Thu, 24-Mar-2033 02:42:08 GMT; Max-Age=315360000
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Fhttps://onelove.al/ 103.224.182.253
302
http://ww25.onelove.al/?subid1=20230327-1341-5545-940e-f6d13d1ded69
Wrong redirect https - http - never redirect https to http
Fhttps://www.onelove.al/ 103.224.182.253
302
http://ww25.onelove.al/?subid1=20230327-1342-022f-9429-6b28e1d20329
Wrong redirect https - http - never redirect https to http
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Ihttps://103.224.182.253/ 103.224.182.253
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
Ihttp://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Not used to calculate the result because it's a http - check. But listed so you should fix it.
Ihttp://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Not used to calculate the result because it's a http - check. But listed so you should fix it.
Nhttps://103.224.182.253/ 103.224.182.253
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Oonelove.al / 103.224.182.253 / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 6 Cipher Suites without Forward Secrecy found
Owww.onelove.al / 103.224.182.253 / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 6 Cipher Suites without Forward Secrecy found
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain onelove.al, 1 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain www.onelove.al, 1 ip addresses.
AGood: _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Domainname: _mta-sts.onelove.al
BBad: _mta-sts TXT found, but invalid

2. Header-Checks (alpha, started 2022-10-23, may be buggy / incomplete)

U

No https result with http status 2** or 4** (standard-check) found, no header checked.

3. DNS- and NameServer - Checks

AInfo:: 4 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
AInfo:: 4 Queries complete, 4 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.contact-us-at.edoms.biz (103.224.182.5, 103.224.182.6, 103.224.212.5, 170.178.168.203, 70.32.1.32), ns1.abovedomains.com (103.224.182.5, 103.224.212.5), domain-may-be-for-sale-at.edoms.biz (103.224.182.5, 103.224.182.6, 103.224.212.5, 103.224.212.6, 170.178.168.203, 70.32.1.32), ns2.abovedomains.com (103.224.182.6, 103.224.212.6)
AGood (1 - 3.0):: An average of 1.0 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 2 different Name Servers found: ns1.abovedomains.com, ns2.abovedomains.com, 2 Name Servers included in Delegation: ns1.abovedomains.com, ns2.abovedomains.com, 2 Name Servers included in 1 Zone definitions: ns1.abovedomains.com, ns2.abovedomains.com, 1 Name Servers listed in SOA.Primary: ns1.abovedomains.com.
AGood: Only one SOA.Primary Name Server found.: ns1.abovedomains.com.
AGood: SOA.Primary Name Server included in the delegation set.: ns1.abovedomains.com.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 4 different Name Servers found
Warning: No Name Server IPv6 address found. IPv6 is the future, so your name servers should be visible via IPv6.: 4 different Name Servers found
AGood: Name servers with different Top Level Domains / Public Suffix List entries found: 4 Name Servers, 2 Top Level Domains: com, biz
AGood: Name Servers with different domain names found.: 2 different Domains found
Warning: All Name Servers from the same Country / IP location.: 4 Name Servers, 1 Countries: US
A
AInfo: Nameserver mit different domain names found. May be a problem with DNS-Updates
AGood: Nameserver supports TCP connections: 4 good Nameserver
AGood: Nameserver supports Echo Capitalization: 4 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 4 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 4 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
200

Warning: Not existing ACME-file, but Server sends 200, not 404 or redirect. May be a problem creating a Letsencrypt certificate. Checking /.well-known/acme-challenge/random-filename - a http status 404 - Not Found - is expected. If your server sends content and a http status 200, the validation file (87 bytes, token, dot and the hash of the public part of the account key) may be invisible, so Letsencrypt can't validate your domain. If it is an application that sends this content, perhaps create an exception, so /.well-known/acme-challenge sends raw files. Or create a redirect to another domain and / or port 443, but your Letsencrypt client must support such a solution. Certbot: Use webroot as authenticator - https://certbot.eff.org/docs/using.html Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
200

Warning: Not existing ACME-file, but Server sends 200, not 404 or redirect. May be a problem creating a Letsencrypt certificate. Checking /.well-known/acme-challenge/random-filename - a http status 404 - Not Found - is expected. If your server sends content and a http status 200, the validation file (87 bytes, token, dot and the hash of the public part of the account key) may be invisible, so Letsencrypt can't validate your domain. If it is an application that sends this content, perhaps create an exception, so /.well-known/acme-challenge sends raw files. Or create a redirect to another domain and / or port 443, but your Letsencrypt client must support such a solution. Certbot: Use webroot as authenticator - https://certbot.eff.org/docs/using.html Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: No https + http status 200 with inline CSS / JavaScript found
AGood: Every https result with status 200 has a minified Html-Content with a quota lower then 110 %.
https://103.224.182.253/ 103.224.182.253
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 1 script elements without defer/async.
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 1 script elements without defer/async.
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 2 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 2 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
AInfo: Different Server-Headers found
ADuration: 376840 milliseconds, 376.840 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
onelove.al
103.224.182.253
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
onelove.al
103.224.182.253
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=sweetass.info

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


www.onelove.al
103.224.182.253
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.onelove.al
103.224.182.253
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=sweetass.info

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


103.224.182.253
103.224.182.253
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

103.224.182.253
103.224.182.253
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - too much certificates, don't send root certificates
1CN=leaderstrading.com.au

2CN=R3, O=Let's Encrypt, C=US

3CN=ISRG Root X1, O=Internet Security Research Group, C=US


9. Certificates

1.
1.
CN=sweetass.info
11.02.2023
12.05.2023
expires in 45 days		*.alphalsol.me, *.attitude.za.com, *.augustames.co, *.backyard.za.com, *.baldibasic.com, *.bitswis.biz, *.blackhatworrld.com, *.blackonion.cc, *.bridges.za.com, *.caracruzjeans.com.ar, *.cchmiowa.org, *.cick-bit.co.uk, *.cmstreams.tv, *.compass.sa.com, *.dnmtable.me, *.ease.za.com, *.god.za.com, *.greenhouse.za.com, *.greenway.za.com, *.hdmovie50.ink, *.heiraten-in-daenemark.org, *.hotelsunrisejalandhar.in, *.ialsothink.com, *.ilovepwnage.com, *.knoxvounty.org, *.kosher.za.com, *.leadbeater.net, *.lowcost4dslr.com, *.magroinversiones.com, *.midlandnational.cm, *.msym.com.au, *.newsround.uk, *.nvshens.cc, *.onelove.al, *.orientalspa.in, *.portaluhtv.com, *.pronouces.me, *.qbe.com.ar, *.quiet.za.com, *.reposit.com.au, *.series9.in, *.singularity.za.com, *.super.za.com, *.sweetass.info, *.takingahealthytoday.com, *.vpncompare.us, *.whatdoesgts.me, *.women.za.com, *.wowinblogs.com, *.zoomfings.com, alphalsol.me, attitude.za.com, augustames.co, backyard.za.com, baldibasic.com, bitswis.biz, blackhatworrld.com, blackonion.cc, bridges.za.com, caracruzjeans.com.ar, cchmiowa.org, cick-bit.co.uk, cmstreams.tv, compass.sa.com, dnmtable.me, ease.za.com, god.za.com, greenhouse.za.com, greenway.za.com, hdmovie50.ink, heiraten-in-daenemark.org, hotelsunrisejalandhar.in, ialsothink.com, ilovepwnage.com, knoxvounty.org, kosher.za.com, leadbeater.net, lowcost4dslr.com, magroinversiones.com, midlandnational.cm, msym.com.au, newsround.uk, nvshens.cc, onelove.al, orientalspa.in, portaluhtv.com, pronouces.me, qbe.com.ar, quiet.za.com, reposit.com.au, series9.in, singularity.za.com, super.za.com, sweetass.info, takingahealthytoday.com, vpncompare.us, whatdoesgts.me, women.za.com, wowinblogs.com, zoomfings.com - 100 entries
1.
1.
CN=sweetass.info
11.02.2023

12.05.2023
expires in 45 days
*.alphalsol.me, *.attitude.za.com, *.augustames.co, *.backyard.za.com, *.baldibasic.com, *.bitswis.biz, *.blackhatworrld.com, *.blackonion.cc, *.bridges.za.com, *.caracruzjeans.com.ar, *.cchmiowa.org, *.cick-bit.co.uk, *.cmstreams.tv, *.compass.sa.com, *.dnmtable.me, *.ease.za.com, *.god.za.com, *.greenhouse.za.com, *.greenway.za.com, *.hdmovie50.ink, *.heiraten-in-daenemark.org, *.hotelsunrisejalandhar.in, *.ialsothink.com, *.ilovepwnage.com, *.knoxvounty.org, *.kosher.za.com, *.leadbeater.net, *.lowcost4dslr.com, *.magroinversiones.com, *.midlandnational.cm, *.msym.com.au, *.newsround.uk, *.nvshens.cc, *.onelove.al, *.orientalspa.in, *.portaluhtv.com, *.pronouces.me, *.qbe.com.ar, *.quiet.za.com, *.reposit.com.au, *.series9.in, *.singularity.za.com, *.super.za.com, *.sweetass.info, *.takingahealthytoday.com, *.vpncompare.us, *.whatdoesgts.me, *.women.za.com, *.wowinblogs.com, *.zoomfings.com, alphalsol.me, attitude.za.com, augustames.co, backyard.za.com, baldibasic.com, bitswis.biz, blackhatworrld.com, blackonion.cc, bridges.za.com, caracruzjeans.com.ar, cchmiowa.org, cick-bit.co.uk, cmstreams.tv, compass.sa.com, dnmtable.me, ease.za.com, god.za.com, greenhouse.za.com, greenway.za.com, hdmovie50.ink, heiraten-in-daenemark.org, hotelsunrisejalandhar.in, ialsothink.com, ilovepwnage.com, knoxvounty.org, kosher.za.com, leadbeater.net, lowcost4dslr.com, magroinversiones.com, midlandnational.cm, msym.com.au, newsround.uk, nvshens.cc, onelove.al, orientalspa.in, portaluhtv.com, pronouces.me, qbe.com.ar, quiet.za.com, reposit.com.au, series9.in, singularity.za.com, super.za.com, sweetass.info, takingahealthytoday.com, vpncompare.us, whatdoesgts.me, women.za.com, wowinblogs.com, zoomfings.com - 100 entries

KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04FFC1A9C7FD79ED393304A81C1DC82CF327
Thumbprint:59B370C3999E404A398260B3F6F4FBE44B4062D6
SHA256 / Certificate:+7PjZnBoYhJf88zGNBMAFUQs6Rhdm6kw8YWEhbhKVBk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):3cbef285d07813cdb53d42a63674c98f17ec4646a5e10337455dbaef0268071d
SHA256 hex / Subject Public Key Information (SPKI):3cbef285d07813cdb53d42a63674c98f17ec4646a5e10337455dbaef0268071d (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 902 days

2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 902 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 4451 days

3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 4451 days


KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


2.
1.
CN=leaderstrading.com.au
26.01.2023
26.04.2023
expires in 29 days		*.8p.au, *.8p.com.au, *.allindiaradio.com.au, *.anshulchhabra.com, *.anytimecb.com, *.arvindremedies.com, *.bankrolcoffee.com, *.blo-lin.com, *.botterogrp.com, *.by3399.com, *.cash750.com, *.cerionetya.com, *.cokeapex.com, *.concaveup.co, *.courierpostonline.co, *.d5ms.pl, *.decortication.me, *.dmdy.me, *.dszgroup.pl, *.everydayedeals.co, *.framastrasporti.com, *.gastro-solei.de, *.hairsalonspa.shop, *.harga.shop, *.individueelkeuzebudgethoe.best, *.javastory.me, *.kashyap.live, *.leaderstrading.com.au, *.lulula.me, *.lussomakin.com, *.manatoki.co, *.pinbalmachinesales.com, *.reorx.me, *.restorationwf.com, *.rnsolution1.com, *.sheluv.me, *.thejunior.com.au, *.thepostcit.com, *.tiendacolombia.co, *.tigerwoods.au, *.tigerwoods.com.au, *.ublockd.me, *.veroloves.me, *.vertu.tv, *.vkusnogotovit.com, *.vpnnet.shop, *.wondemachines.com, *.xal.com.au, *.페스.com (*.xn--9t4b132a.com), *.อาทิตย์.com (*.xn--m3cd8a2bzan4o.com), 8p.au, 8p.com.au, allindiaradio.com.au, anshulchhabra.com, anytimecb.com, arvindremedies.com, bankrolcoffee.com, blo-lin.com, botterogrp.com, by3399.com, cash750.com, cerionetya.com, cokeapex.com, concaveup.co, courierpostonline.co, d5ms.pl, decortication.me, dmdy.me, dszgroup.pl, everydayedeals.co, framastrasporti.com, gastro-solei.de, hairsalonspa.shop, harga.shop, individueelkeuzebudgethoe.best, javastory.me, kashyap.live, leaderstrading.com.au, lulula.me, lussomakin.com, manatoki.co, pinbalmachinesales.com, reorx.me, restorationwf.com, rnsolution1.com, sheluv.me, thejunior.com.au, thepostcit.com, tiendacolombia.co, tigerwoods.au, tigerwoods.com.au, ublockd.me, veroloves.me, vertu.tv, vkusnogotovit.com, vpnnet.shop, wondemachines.com, xal.com.au, 페스.com (xn--9t4b132a.com), อาทิตย์.com (xn--m3cd8a2bzan4o.com) - 100 entries
2.
1.
CN=leaderstrading.com.au
26.01.2023

26.04.2023
expires in 29 days
*.8p.au, *.8p.com.au, *.allindiaradio.com.au, *.anshulchhabra.com, *.anytimecb.com, *.arvindremedies.com, *.bankrolcoffee.com, *.blo-lin.com, *.botterogrp.com, *.by3399.com, *.cash750.com, *.cerionetya.com, *.cokeapex.com, *.concaveup.co, *.courierpostonline.co, *.d5ms.pl, *.decortication.me, *.dmdy.me, *.dszgroup.pl, *.everydayedeals.co, *.framastrasporti.com, *.gastro-solei.de, *.hairsalonspa.shop, *.harga.shop, *.individueelkeuzebudgethoe.best, *.javastory.me, *.kashyap.live, *.leaderstrading.com.au, *.lulula.me, *.lussomakin.com, *.manatoki.co, *.pinbalmachinesales.com, *.reorx.me, *.restorationwf.com, *.rnsolution1.com, *.sheluv.me, *.thejunior.com.au, *.thepostcit.com, *.tiendacolombia.co, *.tigerwoods.au, *.tigerwoods.com.au, *.ublockd.me, *.veroloves.me, *.vertu.tv, *.vkusnogotovit.com, *.vpnnet.shop, *.wondemachines.com, *.xal.com.au, *.페스.com (*.xn--9t4b132a.com), *.อาทิตย์.com (*.xn--m3cd8a2bzan4o.com), 8p.au, 8p.com.au, allindiaradio.com.au, anshulchhabra.com, anytimecb.com, arvindremedies.com, bankrolcoffee.com, blo-lin.com, botterogrp.com, by3399.com, cash750.com, cerionetya.com, cokeapex.com, concaveup.co, courierpostonline.co, d5ms.pl, decortication.me, dmdy.me, dszgroup.pl, everydayedeals.co, framastrasporti.com, gastro-solei.de, hairsalonspa.shop, harga.shop, individueelkeuzebudgethoe.best, javastory.me, kashyap.live, leaderstrading.com.au, lulula.me, lussomakin.com, manatoki.co, pinbalmachinesales.com, reorx.me, restorationwf.com, rnsolution1.com, sheluv.me, thejunior.com.au, thepostcit.com, tiendacolombia.co, tigerwoods.au, tigerwoods.com.au, ublockd.me, veroloves.me, vertu.tv, vkusnogotovit.com, vpnnet.shop, wondemachines.com, xal.com.au, 페스.com (xn--9t4b132a.com), อาทิตย์.com (xn--m3cd8a2bzan4o.com) - 100 entries

KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0423B3943CC7EA4119EB878650F9A688B148
Thumbprint:496D9C75E0E4BFD6F1353E7AE2B112DC54F21E5E
SHA256 / Certificate:7/he5IKzJ8bs7K5YsB9a/ThCvxobTaZsISGgIDATVNg=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):ec6f06763205d41fa55a1cc841b8ff082f7781965ae9f15b9bd5baf3296f392d
SHA256 hex / Subject Public Key Information (SPKI):ec6f06763205d41fa55a1cc841b8ff082f7781965ae9f15b9bd5baf3296f392d (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 902 days

2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 902 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 4451 days

3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 4451 days


KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
0
0
12
CN=R3, O=Let's Encrypt, C=US
0
1
3
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
0
0
1

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
4809207901
leaf cert		CN=R3, O=Let's Encrypt, C=US
2023-02-11 10:28:10
2023-05-12 10:28:09
*.alphalsol.me, *.attitude.za.com, *.augustames.co, *.backyard.za.com, *.baldibasic.com, *.bitswis.biz, *.blackhatworrld.com, *.blackonion.cc, *.bridges.za.com, *.caracruzjeans.com.ar, *.cchmiowa.org, *.cick-bit.co.uk, *.cmstreams.tv, *.compass.sa.com, *.dnmtable.me, *.ease.za.com, *.god.za.com, *.greenhouse.za.com, *.greenway.za.com, *.hdmovie50.ink, *.heiraten-in-daenemark.org, *.hotelsunrisejalandhar.in, *.ialsothink.com, *.ilovepwnage.com, *.knoxvounty.org, *.kosher.za.com, *.leadbeater.net, *.lowcost4dslr.com, *.magroinversiones.com, *.midlandnational.cm, *.msym.com.au, *.newsround.uk, *.nvshens.cc, *.onelove.al, *.orientalspa.in, *.portaluhtv.com, *.pronouces.me, *.qbe.com.ar, *.quiet.za.com, *.reposit.com.au, *.series9.in, *.singularity.za.com, *.super.za.com, *.sweetass.info, *.takingahealthytoday.com, *.vpncompare.us, *.whatdoesgts.me, *.women.za.com, *.wowinblogs.com, *.zoomfings.com, alphalsol.me, attitude.za.com, augustames.co, backyard.za.com, baldibasic.com, bitswis.biz, blackhatworrld.com, blackonion.cc, bridges.za.com, caracruzjeans.com.ar, cchmiowa.org, cick-bit.co.uk, cmstreams.tv, compass.sa.com, dnmtable.me, ease.za.com, god.za.com, greenhouse.za.com, greenway.za.com, hdmovie50.ink, heiraten-in-daenemark.org, hotelsunrisejalandhar.in, ialsothink.com, ilovepwnage.com, knoxvounty.org, kosher.za.com, leadbeater.net, lowcost4dslr.com, magroinversiones.com, midlandnational.cm, msym.com.au, newsround.uk, nvshens.cc, onelove.al, orientalspa.in, portaluhtv.com, pronouces.me, qbe.com.ar, quiet.za.com, reposit.com.au, series9.in, singularity.za.com, super.za.com, sweetass.info, takingahealthytoday.com, vpncompare.us, whatdoesgts.me, women.za.com, wowinblogs.com, zoomfings.com - 100 entries


4544368059
leaf cert		CN=R3, O=Let's Encrypt, C=US
2022-12-13 10:26:53
2023-03-13 10:26:52
*.alphalsol.me, *.attitude.za.com, *.backyard.za.com, *.bibliadigital.info, *.blackhatworrld.com, *.bridges.za.com, *.caracruzjeans.com.ar, *.cchmiowa.org, *.cmstreams.tv, *.compass.sa.com, *.dnmtable.me, *.ease.za.com, *.god.za.com, *.greenhouse.za.com, *.greenway.za.com, *.hdmovie50.ink, *.knoxvounty.org, *.kosher.za.com, *.lowcost4dslr.com, *.moldremoval.info, *.newsround.uk, *.onelove.al, *.portaluhtv.com, *.pronouces.me, *.qbe.com.ar, *.quiet.za.com, *.reposit.com.au, *.singularity.za.com, *.super.za.com, *.whatdoesgts.me, *.women.za.com, alphalsol.me, attitude.za.com, backyard.za.com, bibliadigital.info, blackhatworrld.com, bridges.za.com, caracruzjeans.com.ar, cchmiowa.org, cmstreams.tv, compass.sa.com, dnmtable.me, ease.za.com, god.za.com, greenhouse.za.com, greenway.za.com, hdmovie50.ink, knoxvounty.org, kosher.za.com, lowcost4dslr.com, moldremoval.info, newsround.uk, onelove.al, portaluhtv.com, pronouces.me, qbe.com.ar, quiet.za.com, reposit.com.au, singularity.za.com, super.za.com, whatdoesgts.me, women.za.com - 62 entries


4203343125
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-21 00:00:00
2022-12-20 23:59:59
onelove.al, www.onelove.al - 2 entries


4176605238
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-14 00:00:00
2022-12-13 23:59:59
onelove.al, www.onelove.al - 2 entries


4147164067
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-06 00:00:00
2022-12-05 23:59:59
onelove.al, www.onelove.al - 2 entries


4131983730
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-02 00:00:00
2022-12-01 23:59:59
onelove.al, www.onelove.al - 2 entries


4113771720
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-08-28 00:00:00
2022-11-26 23:59:59
onelove.al, www.onelove.al - 2 entries


4092478429
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-08-22 00:00:00
2022-11-20 23:59:59
onelove.al, www.onelove.al - 2 entries


4089488060
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-08-21 00:00:00
2022-11-19 23:59:59
onelove.al, www.onelove.al - 2 entries


3804615936
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-06-04 00:00:00
2022-09-02 23:59:59
onelove.al, www.onelove.al - 2 entries


3804614883
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-06-04 00:00:00
2022-09-02 23:59:59
onelove.al, www.onelove.al - 2 entries


3484917571
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-03-04 00:00:00
2022-06-02 23:59:59
onelove.al, www.onelove.al - 2 entries


3290891642
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-01-06 00:00:00
2022-04-06 23:59:59
onelove.al, www.onelove.al - 2 entries


3274709761
leaf cert		CN=R3, O=Let's Encrypt, C=US
2021-12-31 23:37:14
2022-03-31 23:37:13
onelove.al, www.onelove.al - 2 entries


3047522549
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2021-10-24 00:00:00
2022-01-22 23:59:59
cpanel.onelove.al, cpcalendars.onelove.al, cpcontacts.onelove.al, mail.onelove.al, onelove.al, webdisk.onelove.al, webmail.onelove.al, www.onelove.al - 8 entries


2998907388
precert		CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
2021-10-10 00:00:00
2022-10-09 23:59:59
*.onelove.al, onelove.al, sni.cloudflaressl.com - 3 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
0
0
12
CN=R3, O=Let's Encrypt, C=US
0 /0 new
1
3
CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
0
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
8713096117
leaf cert		CN=R3, O=Let's Encrypt, C=US
2023-02-11 09:28:10
2023-05-12 08:28:09
*.alphalsol.me, *.attitude.za.com, *.augustames.co, *.backyard.za.com, *.baldibasic.com, *.bitswis.biz, *.blackhatworrld.com, *.blackonion.cc, *.bridges.za.com, *.caracruzjeans.com.ar, *.cchmiowa.org, *.cick-bit.co.uk, *.cmstreams.tv, *.compass.sa.com, *.dnmtable.me, *.ease.za.com, *.god.za.com, *.greenhouse.za.com, *.greenway.za.com, *.hdmovie50.ink, *.heiraten-in-daenemark.org, *.hotelsunrisejalandhar.in, *.ialsothink.com, *.ilovepwnage.com, *.knoxvounty.org, *.kosher.za.com, *.leadbeater.net, *.lowcost4dslr.com, *.magroinversiones.com, *.midlandnational.cm, *.msym.com.au, *.newsround.uk, *.nvshens.cc, *.onelove.al, *.orientalspa.in, *.portaluhtv.com, *.pronouces.me, *.qbe.com.ar, *.quiet.za.com, *.reposit.com.au, *.series9.in, *.singularity.za.com, *.super.za.com, *.sweetass.info, *.takingahealthytoday.com, *.vpncompare.us, *.whatdoesgts.me, *.women.za.com, *.wowinblogs.com, *.zoomfings.com, alphalsol.me, attitude.za.com, augustames.co, backyard.za.com, baldibasic.com, bitswis.biz, blackhatworrld.com, blackonion.cc, bridges.za.com, caracruzjeans.com.ar, cchmiowa.org, cick-bit.co.uk, cmstreams.tv, compass.sa.com, dnmtable.me, ease.za.com, god.za.com, greenhouse.za.com, greenway.za.com, hdmovie50.ink, heiraten-in-daenemark.org, hotelsunrisejalandhar.in, ialsothink.com, ilovepwnage.com, knoxvounty.org, kosher.za.com, leadbeater.net, lowcost4dslr.com, magroinversiones.com, midlandnational.cm, msym.com.au, newsround.uk, nvshens.cc, onelove.al, orientalspa.in, portaluhtv.com, pronouces.me, qbe.com.ar, quiet.za.com, reposit.com.au, series9.in, singularity.za.com, super.za.com, sweetass.info, takingahealthytoday.com, vpncompare.us, whatdoesgts.me, women.za.com, wowinblogs.com, zoomfings.com
100 entries


8204205015
leaf cert		CN=R3, O=Let's Encrypt, C=US
2022-12-13 09:26:53
2023-03-13 09:26:52
*.alphalsol.me, *.attitude.za.com, *.backyard.za.com, *.bibliadigital.info, *.blackhatworrld.com, *.bridges.za.com, *.caracruzjeans.com.ar, *.cchmiowa.org, *.cmstreams.tv, *.compass.sa.com, *.dnmtable.me, *.ease.za.com, *.god.za.com, *.greenhouse.za.com, *.greenway.za.com, *.hdmovie50.ink, *.knoxvounty.org, *.kosher.za.com, *.lowcost4dslr.com, *.moldremoval.info, *.newsround.uk, *.onelove.al, *.portaluhtv.com, *.pronouces.me, *.qbe.com.ar, *.quiet.za.com, *.reposit.com.au, *.singularity.za.com, *.super.za.com, *.whatdoesgts.me, *.women.za.com, alphalsol.me, attitude.za.com, backyard.za.com, bibliadigital.info, blackhatworrld.com, bridges.za.com, caracruzjeans.com.ar, cchmiowa.org, cmstreams.tv, compass.sa.com, dnmtable.me, ease.za.com, god.za.com, greenhouse.za.com, greenway.za.com, hdmovie50.ink, knoxvounty.org, kosher.za.com, lowcost4dslr.com, moldremoval.info, newsround.uk, onelove.al, portaluhtv.com, pronouces.me, qbe.com.ar, quiet.za.com, reposit.com.au, singularity.za.com, super.za.com, whatdoesgts.me, women.za.com
62 entries


7585398064
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-20 22:00:00
2022-12-20 22:59:59
onelove.al, www.onelove.al
2 entries


7539130876
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-13 22:00:00
2022-12-13 22:59:59
onelove.al, www.onelove.al
2 entries


7486549889
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-05 22:00:00
2022-12-05 22:59:59
onelove.al, www.onelove.al
2 entries


7459596686
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-09-01 22:00:00
2022-12-01 22:59:59
onelove.al, www.onelove.al
2 entries


7426942888
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-08-27 22:00:00
2022-11-26 22:59:59
onelove.al, www.onelove.al
2 entries


7388666884
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-08-21 22:00:00
2022-11-20 22:59:59
onelove.al, www.onelove.al
2 entries


7382272256
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-08-20 22:00:00
2022-11-19 22:59:59
onelove.al, www.onelove.al
2 entries


6866711400
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-06-03 22:00:00
2022-09-02 21:59:59
onelove.al, www.onelove.al
2 entries


6866714688
precert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-06-03 22:00:00
2022-09-02 21:59:59
onelove.al, www.onelove.al
2 entries


6282119669
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-03-03 23:00:00
2022-06-02 21:59:59
onelove.al, www.onelove.al
2 entries


5926353591
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2022-01-05 23:00:00
2022-04-06 21:59:59
onelove.al, www.onelove.al
2 entries


5896308470
precert		CN=R3, O=Let's Encrypt, C=US
2021-12-31 22:37:14
2022-03-31 21:37:13
onelove.al, www.onelove.al
2 entries


5474913600
leaf cert		CN="cPanel, Inc. Certification Authority", O="cPanel, Inc.", L=Houston, C=US, ST=TX
2021-10-23 22:00:00
2022-01-22 22:59:59
cpanel.onelove.al, cpcalendars.onelove.al, cpcontacts.onelove.al, mail.onelove.al, onelove.al, webdisk.onelove.al, webmail.onelove.al, www.onelove.al
8 entries


5384813120
precert		CN=Cloudflare Inc ECC CA-3, O="Cloudflare, Inc.", C=US
2021-10-09 22:00:00
2022-10-09 21:59:59
*.onelove.al, onelove.al, sni.cloudflaressl.com
3 entries



11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808
link
other
1

0


0
0
0


meta
other
2

0


0
0
0


script

1

1
1
0
0
0
0

http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe
link
other
1

0


0
0
0


meta
other
2

0


0
0
0


script

1

1
1
0
0
0
0

https://103.224.182.253/
103.224.182.253		a

1

0


0
0
0


frame

1

1


0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-0871-a845-d4dff6e83808

link
preconnect
https://www.google.com


1
ok








meta

 utf-8


1
ok








meta
viewport
width=device-width, initial-scale=1


1
ok








script
src
/js/parking.2.104.0.js
-10
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.
1
bad Certificate
Missing defer / async attribute.







http://ww25.onelove.al/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de?subid1=20230327-1342-08d1-ab74-fe41ad415dbe

link
preconnect
https://www.google.com


1
ok








meta

 utf-8


1
ok








meta
viewport
width=device-width, initial-scale=1


1
ok








script
src
/js/parking.2.104.0.js
-10
SecureChannelFailure - The request was aborted: Could not create SSL/TLS secure channel.
1
bad Certificate
Missing defer / async attribute.







https://103.224.182.253/
103.224.182.253
a

http://instantfwding.com/?dn=182.253&pid=7PO2UM885


1
ok








frame
src
http://instantfwding.com/?dn=182.253&pid=7PO2UM885


1
http-link, change to https








12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: contact-us-at.edoms.biz, domain-may-be-for-sale-at.edoms.biz, ns1.abovedomains.com, ns2.abovedomains.com

QNr.DomainTypeNS used
1
biz
NS
k.root-servers.net (2001:7fd::1)

Answer: a.gtld.biz, b.gtld.biz, c.gtld.biz, w.gtld.biz, x.gtld.biz, y.gtld.biz
2
contact-us-at.edoms.biz: 103.224.182.5, 103.224.182.6, 103.224.212.5, 170.178.168.203, 70.32.1.32
NS
a.gtld.biz (2001:502:ad09::30)

Answer: domain-may-be-for-sale-at.edoms.biz
103.224.182.5, 103.224.182.6, 103.224.212.5, 103.224.212.6, 170.178.168.203, 70.32.1.32
3
com
NS
l.root-servers.net (2001:500:9f::42)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
4
ns1.abovedomains.com: 103.224.182.5, 103.224.212.5
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2.abovedomains.com
103.224.182.6, 103.224.212.6


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.onelove.al
0

no CAA entry found
1
0
onelove.al
0

no CAA entry found
1
0
al
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
onelove.al
v=spf1 -all
ok
1
0
www.onelove.al
v=spf1 -all
ok
1
0
_acme-challenge.onelove.al

Name Error - The domain name does not exist
1
0
_acme-challenge.www.onelove.al

Name Error - The domain name does not exist
1
0
_acme-challenge.onelove.al.onelove.al

Name Error - The domain name does not exist
1
0
_acme-challenge.www.onelove.al.onelove.al

Name Error - The domain name does not exist
1
0
_acme-challenge.www.onelove.al.www.onelove.al

Name Error - The domain name does not exist
1
0


15. DomainService - Entries (SSHFP Check is new - 2022-09-24, may be incomplete, alpha, some results are required)

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

onelove.al
10
park-mx.above.com
0
1
ok


A


103.224.212.34
0
1
ok


CNAME



0
0
ok

MX

www.onelove.al
10
park-mx.above.com
0
1
ok


A


103.224.212.34
0
1
ok


CNAME



0
0
ok

_mta-sts
TXT
_mta-sts.onelove.al

v=spf1 -all


2
A MTA-STS TXT Entry (Mail Transfer Agent Strict Transport Security) must start with "'v=STSv1". Do you really want to create a MTA-STS? Or is it the effect of a wildcard * DNS?
_dmarc
TXT
_dmarc.onelove.al

v=spf1 -all
0
1
3
A _dmarc TXT Entry must start with "'v=DMARC1". Do you really want to create a DMARC? Or is it the effect of a wildcard * DNS?



16. Cipher Suites

DomainIPPortCipher (OpenSsl / IANA)
onelove.al
103.224.182.253
443
ECDHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xA8
 FS
20 Ciphers, 135.95 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x30
 FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



DHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xAA
 FS

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
DH
RSA
CHACHA20/POLY1305(256)
AEAD



DHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0x00,0x9F
 FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x2F
 FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD



DHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0x00,0x9E
 FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DH
RSA
AESGCM(128)
AEAD



ECDHE-RSA-AES256-SHA384
 (Weak)
TLSv1.2
0xC0,0x28
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
ECDH
RSA
AES(256)
SHA384



DHE-RSA-AES256-SHA256
 (Weak)
TLSv1.2
0x00,0x6B
 FS

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
DH
RSA
AES(256)
SHA256



AES256-GCM-SHA384
 (Weak)
TLSv1.2
0x00,0x9D
 No FS

TLS_RSA_WITH_AES_256_GCM_SHA384
RSA
RSA
AESGCM(256)
AEAD



AES256-SHA256
 (Weak)
TLSv1.2
0x00,0x3D
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA256
RSA
RSA
AES(256)
SHA256



ECDHE-RSA-AES128-SHA256
 (Weak)
TLSv1.2
0xC0,0x27
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
ECDH
RSA
AES(128)
SHA256



DHE-RSA-AES128-SHA256
 (Weak)
TLSv1.2
0x00,0x67
 FS

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
DH
RSA
AES(128)
SHA256



AES128-GCM-SHA256
 (Weak)
TLSv1.2
0x00,0x9C
 No FS

TLS_RSA_WITH_AES_128_GCM_SHA256
RSA
RSA
AESGCM(128)
AEAD



AES128-SHA256
 (Weak)
TLSv1.2
0x00,0x3C
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA256
RSA
RSA
AES(128)
SHA256



ECDHE-RSA-AES256-SHA
 (Weak)
TLSv1
0xC0,0x14
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
ECDH
RSA
AES(256)
SHA1



ECDHE-RSA-AES128-SHA
 (Weak)
TLSv1
0xC0,0x13
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
ECDH
RSA
AES(128)
SHA1



DHE-RSA-AES256-SHA
 (Weak)
SSLv3
0x00,0x39
 FS

TLS_DHE_RSA_WITH_AES_256_CBC_SHA
DH
RSA
AES(256)
SHA1



AES256-SHA
 (Weak)
SSLv3
0x00,0x35
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA
RSA
RSA
AES(256)
SHA1



DHE-RSA-AES128-SHA
 (Weak)
SSLv3
0x00,0x33
 FS

TLS_DHE_RSA_WITH_AES_128_CBC_SHA
DH
RSA
AES(128)
SHA1



AES128-SHA
 (Weak)
SSLv3
0x00,0x2F
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA
RSA
RSA
AES(128)
SHA1
www.onelove.al
103.224.182.253
443
ECDHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xA8
 FS
20 Ciphers, 136.15 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256
ECDH
RSA
CHACHA20/POLY1305(256)
AEAD



ECDHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x30
 FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
ECDH
RSA
AESGCM(256)
AEAD



DHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xAA
 FS

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256
DH
RSA
CHACHA20/POLY1305(256)
AEAD



DHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0x00,0x9F
 FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
DH
RSA
AESGCM(256)
AEAD



ECDHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x2F
 FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
ECDH
RSA
AESGCM(128)
AEAD



DHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0x00,0x9E
 FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
DH
RSA
AESGCM(128)
AEAD



ECDHE-RSA-AES256-SHA384
 (Weak)
TLSv1.2
0xC0,0x28
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
ECDH
RSA
AES(256)
SHA384



DHE-RSA-AES256-SHA256
 (Weak)
TLSv1.2
0x00,0x6B
 FS

TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
DH
RSA
AES(256)
SHA256



AES256-GCM-SHA384
 (Weak)
TLSv1.2
0x00,0x9D
 No FS

TLS_RSA_WITH_AES_256_GCM_SHA384
RSA
RSA
AESGCM(256)
AEAD



AES256-SHA256
 (Weak)
TLSv1.2
0x00,0x3D
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA256
RSA
RSA
AES(256)
SHA256



ECDHE-RSA-AES128-SHA256
 (Weak)
TLSv1.2
0xC0,0x27
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
ECDH
RSA
AES(128)
SHA256



DHE-RSA-AES128-SHA256
 (Weak)
TLSv1.2
0x00,0x67
 FS

TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
DH
RSA
AES(128)
SHA256



AES128-GCM-SHA256
 (Weak)
TLSv1.2
0x00,0x9C
 No FS

TLS_RSA_WITH_AES_128_GCM_SHA256
RSA
RSA
AESGCM(128)
AEAD



AES128-SHA256
 (Weak)
TLSv1.2
0x00,0x3C
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA256
RSA
RSA
AES(128)
SHA256



ECDHE-RSA-AES256-SHA
 (Weak)
TLSv1
0xC0,0x14
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
ECDH
RSA
AES(256)
SHA1



ECDHE-RSA-AES128-SHA
 (Weak)
TLSv1
0xC0,0x13
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
ECDH
RSA
AES(128)
SHA1



DHE-RSA-AES256-SHA
 (Weak)
SSLv3
0x00,0x39
 FS

TLS_DHE_RSA_WITH_AES_256_CBC_SHA
DH
RSA
AES(256)
SHA1



AES256-SHA
 (Weak)
SSLv3
0x00,0x35
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA
RSA
RSA
AES(256)
SHA1



DHE-RSA-AES128-SHA
 (Weak)
SSLv3
0x00,0x33
 FS

TLS_DHE_RSA_WITH_AES_128_CBC_SHA
DH
RSA
AES(128)
SHA1



AES128-SHA
 (Weak)
SSLv3
0x00,0x2F
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA
RSA
RSA
AES(128)
SHA1


17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=a171528a-e6a7-4bd8-8f54-e2893056fe9e


Last Result: https://check-your-website.server-daten.de/?q=onelove.al - 2023-03-27 04:40:43


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=onelove.al" target="_blank">Check this Site: onelove.al</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro


Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • USt-IdNr.: DE221734518

Errors, ideas, questions? Use the Contact form • A project using Server-Daten - Web Database solutions