Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 0 of max. 8 Checks (08:19:09)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A

 

Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. Html-Parsing | 13. NameServer-IPAddresses | 14. CAA | 15. TXT | 16. DomainServiceEntries | 17. Cipher Suites | 18. Portchecks |

 

X

 

DNS-problem - authoritative Nameserver refused, not defined or timeout

 

Checked:
01.08.2025 15:41:35

 

Older results

No older results found

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
poweria-argocd.duckdns.org


yes
5
5
www.poweria-argocd.duckdns.org


yes
5
5
poweria-argocd.duckdns.org
A
13.60.100.80
Stockholm/Sweden (SE) - Amazon.com, Inc.
No Hostname found
no


www.poweria-argocd.duckdns.org
A
13.60.100.80
Stockholm/Sweden (SE) - Amazon.com, Inc.
No Hostname found
no


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






 Status: Valid because published






4 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 46441, Flags 256






Public Key with Algorithm 8, KeyTag 53148, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 21.08.2025, 00:00:00 +, Signature-Inception: 31.07.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: org

org
1 DS RR in the parent zone found






DS with Algorithm 8, KeyTag 26974, DigestType 2 and Digest T+3ilMU/Q4oVjEHTlInNeKhr6w2KCur/FHRcDRbh3jI=






1 RRSIG RR to validate DS RR found






RRSIG-Owner org., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 14.08.2025, 05:00:00 +, Signature-Inception: 01.08.2025, 04:00:00 +, KeyTag 46441, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46441 used to validate the DS RRSet in the parent zone






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 8958, Flags 256






Public Key with Algorithm 8, KeyTag 26974, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 55098, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner org., Algorithm: 8, 1 Labels, original TTL: 3600 sec, Signature-expiration: 15.08.2025, 15:31:55 +, Signature-Inception: 25.07.2025, 14:31:55 +, KeyTag 26974, Signer-Name: org






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 26974 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 26974, DigestType 2 and Digest "T+3ilMU/Q4oVjEHTlInNeKhr6w2KCur/FHRcDRbh3jI=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: duckdns.org

duckdns.org
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "6fabb6hcuj19tgg44lr37hr00rdj3gvl" between the hashed NSEC3-owner "6faatej6fp6286co1nsqe7oal2qlhff1" and the hashed NextOwner "6faciefkg2ht5kqoau0aehb48j0qfej7". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 6faatej6fp6286co1nsqe7oal2qlhff1.org., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 15.08.2025, 15:31:55 +, Signature-Inception: 25.07.2025, 14:31:55 +, KeyTag 8958, Signer-Name: org






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "gdtpongmpok61u9lvnipqor8lra9l4t0" as Owner. That's the Hash of "org" with the NextHashedOwnerName "gdtrea8kmj2rneqen4m2ogj26kfsukj7". So that domain name is the Closest Encloser of "duckdns.org". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner gdtpongmpok61u9lvnipqor8lra9l4t0.org., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 22.08.2025, 13:39:53 +, Signature-Inception: 01.08.2025, 12:39:53 +, KeyTag 8958, Signer-Name: org






0 DNSKEY RR found









Zone: poweria-argocd.duckdns.org

poweria-argocd.duckdns.org
0 DS RR in the parent zone found



Zone: www.poweria-argocd.duckdns.org

www.poweria-argocd.duckdns.org
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.poweria-argocd.duckdns.org
T  ns1.duckdns.org


T  ns2.duckdns.org


T  ns3.duckdns.org


X  ns4.duckdns.org


X  ns5.duckdns.org


T  ns6.duckdns.org


T  ns7.duckdns.org


T  ns8.duckdns.org


T  ns9.duckdns.org

duckdns.org
  ns1.duckdns.org


  ns2.duckdns.org


  ns3.duckdns.org


  ns4.duckdns.org


T  ns5.duckdns.org


  ns6.duckdns.org


T  ns7.duckdns.org
15.223.21.81
Toronto/Ontario/Canada (CA) - Amazon Technologies Inc.

  ns8.duckdns.org


  ns9.duckdns.org

org
  a0.org.afilias-nst.info / app11.nrt1.hosts.meta.redstone.afilias-nst.info-1615580861


  a2.org.afilias-nst.info / FRA3


  b0.org.afilias-nst.org / app8.lax1.hosts.meta.redstone.afilias-nst.info-1633102198


  b2.org.afilias-nst.org / FRA4


  c0.org.afilias-nst.info / app5.nrt1.hosts.meta.redstone.afilias-nst.info-1615580861


  d0.org.afilias-nst.org / app8.nrt1.hosts.meta.redstone.afilias-nst.info-1615580861

 

4. SOA-Entries


Domain:org
Zone-Name:org
Primary:a0.org.afilias-nst.info
Mail:hostmaster.donuts.email
Serial:1754055229
Refresh:7200
Retry:900
Expire:1209600
TTL:3600
num Entries:6


Domain:duckdns.org
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:9


Domain:www.poweria-argocd.duckdns.org
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:7


Domain:www.poweria-argocd.duckdns.org
Zone-Name:duckdns.org
Primary:ns1.duckdns.org
Mail:hostmaster.duckdns.org
Serial:2024031702
Refresh:6000
Retry:120
Expire:2419200
TTL:600
num Entries:2


5. Screenshots

Startaddress: https://poweria-argocd.duckdns.org/, address used: https://poweria-argocd.duckdns.org/login?return_url=https%3A%2F%2Fpoweria-argocd.duckdns.org%2Fapplications, Screenshot created 2025-08-01 16:02:45 +00:0 url is insecure, certificate invalid

 

Mobil (412px x 732px)

 

1153 milliseconds

 

Screenshot mobile - https://poweria-argocd.duckdns.org/login?return_url=https%3A%2F%2Fpoweria-argocd.duckdns.org%2Fapplications
Mobil + Landscape (732px x 412px)

 

1157 milliseconds

 

Screenshot mobile landscape - https://poweria-argocd.duckdns.org/login?return_url=https%3A%2F%2Fpoweria-argocd.duckdns.org%2Fapplications
Screen (1280px x 1680px)

 

1659 milliseconds

 

Screenshot Desktop - https://poweria-argocd.duckdns.org/login?return_url=https%3A%2F%2Fpoweria-argocd.duckdns.org%2Fapplications

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412732
content Size412732

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://poweria-argocd.duckdns.org/
13.60.100.80
308
https://poweria-argocd.duckdns.org/
Html is minified: 109.33 %
0.057
A
Date: Fri, 01 Aug 2025 14:00:40 GMT
Connection: keep-alive
Location: https://poweria-argocd.duckdns.org/
Content-Type: text/html
Content-Length: 164

• http://www.poweria-argocd.duckdns.org/
13.60.100.80
404

Html is minified: 110.61 %
0.030
M
Not Found
Date: Fri, 01 Aug 2025 14:00:40 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 146

• https://poweria-argocd.duckdns.org/
13.60.100.80 gzip used - 455 / 788 - 42.26 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		200

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0		2.317
N
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Date: Fri, 01 Aug 2025 14:00:40 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Security-Policy: frame-ancestors 'self';
Vary: Accept-Encoding
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html; charset=utf-8
Content-Length: 455
Content-Encoding: gzip

• https://www.poweria-argocd.duckdns.org/
13.60.100.80
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 110.61 %
Other inline scripts (∑/total): 0/0		2.304
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Date: Fri, 01 Aug 2025 14:00:45 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html
Content-Length: 146

• http://poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
13.60.100.80
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		308
https://poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 109.33 %
Other inline scripts (∑/total): 0/0		0.030
A
Visible Content:
Date: Fri, 01 Aug 2025 14:00:50 GMT
Connection: keep-alive
Location: https://poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Type: text/html
Content-Length: 164

• http://www.poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
13.60.100.80
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 110.61 %
Other inline scripts (∑/total): 0/0		0.030
A
Not Found
Visible Content:
Date: Fri, 01 Aug 2025 14:00:51 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 146

• https://poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404
Warning: Control chars (Ascii 8, 31) found in Html-Content
Html is minified: 2150.00 %
Other inline scripts (∑/total): 0/0		2.370
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Visible Content:
Date: Fri, 01 Aug 2025 14:00:57 GMT
Connection: keep-alive
Content-Security-Policy: frame-ancestors 'self';
Vary: Accept-Encoding
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-XSS-Protection: 1
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/plain; charset=utf-8
Content-Length: 43

• https://13.60.100.80/
13.60.100.80
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		404

Html is minified: 110.61 %
Other inline scripts (∑/total): 0/0		2.270
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Date: Fri, 01 Aug 2025 14:00:52 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html
Content-Length: 146

 

7. Comments


1. General Results, most used to calculate the result

Aname "poweria-argocd.duckdns.org" is domain, public suffix is ".duckdns.org", top-level-domain is ".org", top-level-domain-type is "generic", tld-manager is "Public Interest Registry (PIR)", num .org-domains preloaded: 10167 (complete: 271405)
AGood: All ip addresses are public addresses
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
AGood: every https has a Strict Transport Security Header
AGood: HSTS max-age is long enough, 31536000 seconds = 365 days
AGood: HSTS has includeSubdomains - directive
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):2 complete Content-Type - header (6 urls)
http://www.poweria-argocd.duckdns.org/ 13.60.100.80


Url with incomplete Content-Type - header - missing charset
https://www.poweria-argocd.duckdns.org/ 13.60.100.80


Url with incomplete Content-Type - header - missing charset
http://www.poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 13.60.100.80


Url with incomplete Content-Type - header - missing charset
https://13.60.100.80/ 13.60.100.80


Url with incomplete Content-Type - header - missing charset
Ahttp://poweria-argocd.duckdns.org/ 13.60.100.80
308
https://poweria-argocd.duckdns.org/
Correct redirect http - https with the same domain name
Ihttps://poweria-argocd.duckdns.org/ 13.60.100.80
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
Mhttp://www.poweria-argocd.duckdns.org/ 13.60.100.80
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://www.poweria-argocd.duckdns.org/ 13.60.100.80
404

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://13.60.100.80/ 13.60.100.80
404

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://poweria-argocd.duckdns.org/ 13.60.100.80
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://www.poweria-argocd.duckdns.org/ 13.60.100.80
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Nhttps://13.60.100.80/ 13.60.100.80
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
XFatal error: Nameserver doesn't support TCP connection: ns1.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns2.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns3.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns4.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns5.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns6.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns7.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns7.duckdns.org / 15.223.21.81: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns8.duckdns.org: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns9.duckdns.org: Timeout
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.poweria-argocd.duckdns.org

2. Header-Checks

Apoweria-argocd.duckdns.org 13.60.100.80
Content-Security-Policy
Ok: Header without syntax errors found: frame-ancestors 'self';
F

Bad: Missing default-src directive. A default-src directive is used if one of the specialized fetch directives (child-src, connect-src, font-src, frame-src, img-src, manifest-src, media-src, object-src, prefetch-src, script-src, style-src, worker-src) isn't defined. Missing default-src, all sources are allowed, that's bad. A default-src with 'none' or 'self' blocks that.
E

Bad: No form-action directive found. Use one to limit the form - action - destinations. form-action is a navigation-directive, so default-src isn't used.
A

Good: frame-ancestors directive found. That limits pages who are allowed to use this page in a frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E

Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
F

Critical: No object-src and no default-src as fallback defined. So object / embed / applet can load every resource. That's fatal.
F

Critical: No script-src and no default-src as fallback defined. So scripts are unlimited. That's fatal.
A
X-Frame-Options
Ok: Header without syntax errors found: sameorigin
B

Info: Header is deprecated. May not longer work in modern browsers. sameorigin. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A
X-Xss-Protection
Ok: Header without syntax errors found: 1
B

Info: Header is deprecated. May not longer work in modern browsers. 1
Fpoweria-argocd.duckdns.org 13.60.100.80
X-Content-Type-Options
Critical: Missing Header:
Fpoweria-argocd.duckdns.org 13.60.100.80
Referrer-Policy
Critical: Missing Header:
Fpoweria-argocd.duckdns.org 13.60.100.80
Permissions-Policy
Critical: Missing Header:
Bpoweria-argocd.duckdns.org 13.60.100.80
Cross-Origin-Embedder-Policy
Info: Missing Header
Bpoweria-argocd.duckdns.org 13.60.100.80
Cross-Origin-Opener-Policy
Info: Missing Header
Bpoweria-argocd.duckdns.org 13.60.100.80
Cross-Origin-Resource-Policy
Info: Missing Header
Fwww.poweria-argocd.duckdns.org 13.60.100.80
Content-Security-Policy
Critical: Missing Header:
Fwww.poweria-argocd.duckdns.org 13.60.100.80
X-Content-Type-Options
Critical: Missing Header:
Fwww.poweria-argocd.duckdns.org 13.60.100.80
Referrer-Policy
Critical: Missing Header:
Fwww.poweria-argocd.duckdns.org 13.60.100.80
Permissions-Policy
Critical: Missing Header:
Bwww.poweria-argocd.duckdns.org 13.60.100.80
Cross-Origin-Embedder-Policy
Info: Missing Header
Bwww.poweria-argocd.duckdns.org 13.60.100.80
Cross-Origin-Opener-Policy
Info: Missing Header
Bwww.poweria-argocd.duckdns.org 13.60.100.80
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

A
A
AInfo:: 9 different Name Servers found: ns1.duckdns.org, ns2.duckdns.org, ns3.duckdns.org, ns4.duckdns.org, ns5.duckdns.org, ns6.duckdns.org, ns7.duckdns.org, ns8.duckdns.org, ns9.duckdns.org, 9 Name Servers included in Delegation: ns1.duckdns.org, ns2.duckdns.org, ns3.duckdns.org, ns4.duckdns.org, ns5.duckdns.org, ns6.duckdns.org, ns7.duckdns.org, ns8.duckdns.org, ns9.duckdns.org, 0 Name Servers included in 1 Zone definitions: , 0 Name Servers listed in SOA.Primary: .
AGood: All Name Server Domain Names have a Public Suffix.
Error: Name Server Domain Names with Public Suffix and without ip address found.: 8 Name Servers without ipv4 and ipv6: 8

AInfo: Ipv4-Subnet-list: 1 Name Servers, 1 different subnets (first Byte): 15., 1 different subnets (first two Bytes): 15.223., 1 different subnets (first three Bytes): 15.223.21.
XFatal: All Name Server IPv4 addresses from the same subnet. Check https://www.iana.org/help/nameserver-requirements to learn some basics about name server configurations. If you manage these name servers, fix it. If it's your provider, change your provider.:
XNameserver Timeout checking Echo Capitalization: ns1.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns2.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns3.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns5.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns6.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns7.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns7.duckdns.org / 15.223.21.81
XNameserver Timeout checking Echo Capitalization: ns8.duckdns.org
XNameserver Timeout checking Echo Capitalization: ns9.duckdns.org
XNameserver Timeout checking EDNS512: ns1.duckdns.org
XNameserver Timeout checking EDNS512: ns2.duckdns.org
XNameserver Timeout checking EDNS512: ns3.duckdns.org
XNameserver Timeout checking EDNS512: ns5.duckdns.org
XNameserver Timeout checking EDNS512: ns6.duckdns.org
XNameserver Timeout checking EDNS512: ns7.duckdns.org
XNameserver Timeout checking EDNS512: ns7.duckdns.org / 15.223.21.81
XNameserver Timeout checking EDNS512: ns8.duckdns.org
XNameserver Timeout checking EDNS512: ns9.duckdns.org
Nameserver doesn't pass all EDNS-Checks: ns1.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns1.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns2.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns2.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns3.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. V1OP100: fatal timeout. V1FLAGS: SOA NOT expected, but found, BADVER expected, NOERR found, Version 0 expectend and found. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns3.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns4.duckdns.org: OP100: ok. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: ok. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns4.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns5.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns5.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns6.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns6.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns7.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns7.duckdns.org / 15.223.21.81: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns8.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns8.duckdns.org: OP100: fatal timeout. FLAGS: ok. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns9.duckdns.org: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ns9.duckdns.org: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: No https + http status 200 with inline CSS / JavaScript found
AGood: Every https result with status 200 has a minified Html-Content with a quota lower then 110 %.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
AGood: All script Elements (type text/javascript) and src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
AGood: All CSS / JavaScript files are sent compressed (gzip, deflate, br checked). That reduces the content of the files. 2 external CSS / JavaScript files found
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 2 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 0 with Cache-Control max-age too short (minimum 7 days), 1 with Cache-Control long enough, 3 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
https://www.poweria-argocd.duckdns.org/ 13.60.100.80
404
2.304 seconds
Warning: 404 needs more then one second
https://poweria-argocd.duckdns.org/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
2.370 seconds
Warning: 404 needs more then one second
https://13.60.100.80/ 13.60.100.80
404
2.270 seconds
Warning: 404 needs more then one second
ADuration: 1278030 milliseconds, 1278.030 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
poweria-argocd.duckdns.org
13.60.100.80
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
poweria-argocd.duckdns.org
13.60.100.80
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate

1CN=Kubernetes Ingress Controller Fake Certificate, O=Acme Co


www.poweria-argocd.duckdns.org
13.60.100.80
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

www.poweria-argocd.duckdns.org
13.60.100.80
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate

1CN=Kubernetes Ingress Controller Fake Certificate, O=Acme Co


poweria-argocd.duckdns.org
poweria-argocd.duckdns.org
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

poweria-argocd.duckdns.org
poweria-argocd.duckdns.org
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate

1CN=Kubernetes Ingress Controller Fake Certificate, O=Acme Co


13.60.100.80
13.60.100.80
443
Certificate/chain invalid and wrong name
Tls12
ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok

13.60.100.80
13.60.100.80
443
Certificate/chain invalid and wrong name
Tls12

ECDH Ephermal
255
Aes128
128
Sha256
not supported
ok
http/2 via ALPN supported 
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Self signed certificate

1CN=Kubernetes Ingress Controller Fake Certificate, O=Acme Co

 

9. Certificates

1.
1.
CN=Kubernetes Ingress Controller Fake Certificate, O=Acme Co
01.08.2025
01.08.2026
expires in 142 days		ingress.local - 1 entry
1.
1.
CN=Kubernetes Ingress Controller Fake Certificate, O=Acme Co
01.08.2025

01.08.2026
expires in 142 days


ingress.local - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00F2868828A8C5AC3BECDD222DDE258744
Thumbprint:EE24B938D3DA519A8133D31476C7A1B1C3FD6317
SHA256 / Certificate:LGRFOXENL4TEAsYvqk9eZ8LHyYvOs9sXvZaUFMJdyG8=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):04c4249b42bf738d1c3022d9b8e2596918aeb5dd649782b18f5fa99307fa0367
SHA256 hex / Subject Public Key Information (SPKI):04c4249b42bf738d1c3022d9b8e2596918aeb5dd649782b18f5fa99307fa0367 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=R11, O=Let's Encrypt, C=US
0
0
8
CN=R10, O=Let's Encrypt, C=US
0
0
5

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
11324964074
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-31 11:16:50
2025-10-29 11:16:49
poweria-argocd.duckdns.org - 1 entries


11302671817
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-29 15:56:09
2025-10-27 15:56:08
poweria-argocd.duckdns.org - 1 entries


11290818201
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-07-28 16:46:38
2025-10-26 16:46:37
poweria-argocd.duckdns.org - 1 entries


11277732289
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-27 16:12:10
2025-10-25 16:12:09
poweria-argocd.duckdns.org - 1 entries


11259583787
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-26 04:13:45
2025-10-24 04:13:44
poweria-argocd.duckdns.org - 1 entries


11238811477
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-24 14:12:47
2025-10-22 14:12:46
poweria-argocd.duckdns.org - 1 entries


11238614712
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-07-24 13:49:42
2025-10-22 13:49:41
poweria-argocd.duckdns.org - 1 entries


11237958287
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-24 12:31:16
2025-10-22 12:31:15
poweria-argocd.duckdns.org - 1 entries


11191995712
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-20 13:14:47
2025-10-18 13:14:46
poweria-argocd.duckdns.org - 1 entries


11190484980
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-07-20 09:57:07
2025-10-18 09:57:06
poweria-argocd.duckdns.org - 1 entries


11189769185
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-07-20 08:29:03
2025-10-18 08:29:02
poweria-argocd.duckdns.org - 1 entries


11188297718
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-20 05:13:58
2025-10-18 05:13:57
poweria-argocd.duckdns.org - 1 entries


11182279311
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-07-19 15:58:02
2025-10-17 15:58:01
poweria-argocd.duckdns.org - 1 entries


 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=R11, O=Let's Encrypt, C=US
0
0
8
CN=R10, O=Let's Encrypt, C=US
0
0
5

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
20029714746
precert		CN=R11, O=Let's Encrypt, C=US
2025-07-31 09:16:50
2025-10-29 10:16:49
poweria-argocd.duckdns.org
1 entries


19989908097
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-29 13:56:09
2025-10-27 14:56:08
poweria-argocd.duckdns.org
1 entries


19968504315
leaf cert		CN=R10, O=Let's Encrypt, C=US
2025-07-28 14:46:38
2025-10-26 15:46:37
poweria-argocd.duckdns.org
1 entries


19945001258
precert		CN=R11, O=Let's Encrypt, C=US
2025-07-27 14:12:10
2025-10-25 14:12:09
poweria-argocd.duckdns.org
1 entries


19913568251
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-26 02:13:45
2025-10-24 02:13:44
poweria-argocd.duckdns.org
1 entries


19878749257
precert		CN=R11, O=Let's Encrypt, C=US
2025-07-24 12:12:47
2025-10-22 12:12:46
poweria-argocd.duckdns.org
1 entries


19878416020
precert		CN=R10, O=Let's Encrypt, C=US
2025-07-24 11:49:42
2025-10-22 11:49:41
poweria-argocd.duckdns.org
1 entries


19877329928
leaf cert		CN=R11, O=Let's Encrypt, C=US
2025-07-24 10:31:16
2025-10-22 10:31:15
poweria-argocd.duckdns.org
1 entries


19796196447
precert		CN=R11, O=Let's Encrypt, C=US
2025-07-20 11:14:47
2025-10-18 11:14:46
poweria-argocd.duckdns.org
1 entries


19793529814
precert		CN=R10, O=Let's Encrypt, C=US
2025-07-20 07:57:07
2025-10-18 07:57:06
poweria-argocd.duckdns.org
1 entries


19792306306
precert		CN=R10, O=Let's Encrypt, C=US
2025-07-20 06:29:03
2025-10-18 06:29:02
poweria-argocd.duckdns.org
1 entries


19789726622
precert		CN=R11, O=Let's Encrypt, C=US
2025-07-20 03:13:58
2025-10-18 03:13:57
poweria-argocd.duckdns.org
1 entries


19778970389
precert		CN=R10, O=Let's Encrypt, C=US
2025-07-19 13:58:02
2025-10-17 13:58:01
poweria-argocd.duckdns.org
1 entries


 

11. Html-Content - Entries

Summary


Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://poweria-argocd.duckdns.org/
13.60.100.80		a

1

0


0
0
0


link
stylesheet
1
361 Bytes
0
1
0
0
0
0


link
other
2
3,179 Bytes
0
2
0
0
0
0


meta
other
2

0


0
0
0


script

2
630,794 Bytes
1
2
0
0
0
0

 

Details (currently limited to 500 rows - some problems with spam users)

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://poweria-argocd.duckdns.org/
13.60.100.80
a

https://argoproj.github.io/argo-cd/cli_installation/


1
ok















link
icon
assets/favicon/favicon-16x16.png
200

1
ok
image/png
missing X-Content-Type-Options nosniff




No Cache-Control header
Wrong Compression (gzip): 984/956 Bytes








link
icon
assets/favicon/favicon-32x32.png
200

1
ok
image/png
missing X-Content-Type-Options nosniff




No Cache-Control header
Wrong Compression (gzip): 2195/2167 Bytes








link
stylesheet
assets/fonts.css
200

1
ok
text/css; charset=utf-8
missing X-Content-Type-Options nosniff




No Cache-Control - header
Compression (gzip): 361/2209 Bytes






local SRI possible, possible hash-values:

 

sha256-s4v7GHrFsMBOSULeDVdoi800amYYhVR3ZeD2RwAKdvY=
sha384-aHeHkQ2iHEm0b1XN2WtXbfUKZN0wYb02zBcwRkuQCPXDfrBVZeH+Npa1UcvAfeDh
sha512-Kw7jh6+OppCsAcT90iiOgaoWZCVIjCvrk6l9+1wwykuEXcIsYYwOVoRver2K7oBBPG+iaRP+af4DyOpEN/0LQw==

 

<link rel="stylesheet" href="assets/fonts.css" crossorigin="anonymous" integrity="sha256-s4v7GHrFsMBOSULeDVdoi800amYYhVR3ZeD2RwAKdvY=" />



meta
charset
 UTF-8


1
ok















meta
viewport
width=device-width,initial-scale=1


1
ok















script
src
extensions.js
200

1
Problems with Content-Type - Header - see details
defer attribute found application/javascript
missing X-Content-Type-Options nosniff

This Combination of MediaType "application" and MediaSubType "javascript" is obsolete. Don't use it. See https://www.iana.org/assignments/media-types/media-types.xhtml to find a correct Combination. Use "text/javascript" instead.


No Cache-Control - header
23 Bytes






local SRI possible, possible hash-values:

 

sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=
sha384-OLBgp1GsljhM2TJ+sbHjaiH9txEUvgdDTAzHv2P24donTt6/529l+9Ua0vFImLlb
sha512-z4PhNX7vuL3xVChQ1m2AB9Yg5AULVxXcg/SpIdNs6c5H0NE8XYXysP+DGNKHfuwvY7kxvUdBeoGlODJ6+SfaPg==

 

<script src="extensions.js" crossorigin="anonymous" integrity="sha256-47DEQpj8HBSa+/TImW+5JCeuQeRkm5NMpJWZG3hSuFU=" />



script
src
main.3f69895b83faced35d2c.js
200

1
ok
defer attribute found text/javascript; charset=utf-8
missing X-Content-Type-Options nosniff




Cache-Control: public, max-age=31536000, immutable - with long duration found.
Compression (gzip): 630771/2453157 Bytes






local SRI possible, possible hash-values:

 

sha256-U8b16PAq2BtOnC3eCqnIt1P34w3Z5++k5ZdiZCWfjG4=
sha384-DlWWjHKL5bRpnm9p1dGQukdDyt8CxR3aj5JuSqlfnJFQD7L5vXgjRZQdPje1nL9m
sha512-tp63rO7j1aYuXKSVVElEPSk3+tI4mNmGeOfJDheqxckGtKPm80IAFOhxlRFGVF8T7oW/33OPLgnFA8MrS3gwgg==

 

<script src="main.3f69895b83faced35d2c.js" crossorigin="anonymous" integrity="sha256-U8b16PAq2BtOnC3eCqnIt1P34w3Z5++k5ZdiZCWfjG4=" />


 

12. Html-Parsing via https://validator.w3.org/nu/

Url used (first standard-https-result with http status 200): https://poweria-argocd.duckdns.org/

Summary

Good: No non-document-errors
1 errors
0 warnings

TypeMessagenum found
1.errorStray start tag script.1

Details


TypeMessage + Sample
1errorStray start tag script.

From line 1, column 724 to line 1, column 772

pp"></div></body><script defer="defer" src="extensions.js"></scri

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

 

 

No NameServer - IP address - Informations found

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.poweria-argocd.duckdns.org



5
5
duckdns.org



5
4
org
0

no CAA entry found
1
0

 

15. TXT - Entries

No TXT entries found

 

16. DomainService - Entries

No DomainServiceEntries entries found

 

 

17. Cipher Suites

No results

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=bd38e944-0232-4979-ad8e-26badaeccaa6

 

Last Result: https://check-your-website.server-daten.de/?q=poweria-argocd.duckdns.org - 2025-08-01 15:41:35

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=poweria-argocd.duckdns.org" target="_blank">Check this Site: poweria-argocd.duckdns.org</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=poweria-argocd.duckdns.org

 

 

Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • USt-IdNr.: DE221734518

 

Errors, ideas, questions? Use the Contact form • A project using Server-Daten - Web Database solutions