Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

A+

 

Top configuration, no warnings +Preload

 

Checked:
23.05.2024 17:28:49

 

Older results

 

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
privacydesign.ch
A
212.51.149.69
Basel/Basel-City/Switzerland (CH) - Init7 (Switzerland) Ltd.
Hostname: 212-51-149-69.fiber7.init7.net
yes
1
0

AAAA

yes


www.privacydesign.ch
A
212.51.149.69
Basel/Basel-City/Switzerland (CH) - Init7 (Switzerland) Ltd.
Hostname: 212-51-149-69.fiber7.init7.net
yes
1
0

AAAA

yes


*.privacydesign.ch
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


mta-sts.privacydesign.ch
A
212.51.149.69
No Hostname found
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 5613, Flags 256






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 11.06.2024, 00:00:00 +, Signature-Inception: 21.05.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: ch

ch
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 450, DigestType 2 and Digest SZSRPZ/08N+V8IrN8dZhSdhzNo/2wYNsZL36zmJzT6I=






1 RRSIG RR to validate DS RR found






RRSIG-Owner ch., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 05.06.2024, 05:00:00 +, Signature-Inception: 23.05.2024, 04:00:00 +, KeyTag 5613, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 5613 used to validate the DS RRSet in the parent zone






3 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 450, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 1126, Flags 256






Public Key with Algorithm 13, KeyTag 8233, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner ch., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 08.07.2024, 10:09:09 +, Signature-Inception: 23.05.2024, 09:09:09 +, KeyTag 450, Signer-Name: ch






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 450 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 450, DigestType 2 and Digest "SZSRPZ/08N+V8IrN8dZhSdhzNo/2wYNsZL36zmJzT6I=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: privacydesign.ch

privacydesign.ch
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC RR as result with the domain name between the NSEC-Owner "privacydesign.ch" and the NextOwner "privacydesk.ch". So the parent zone confirmes the non-existence of a DS RR.
Bitmap: NS, RRSIG, NSEC






0 DNSKEY RR found









Zone: www.privacydesign.ch

www.privacydesign.ch
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.privacydesign.ch
  ns-865.awsdns-44.net / c6dd72bf5ec62d5e10f587e53eadeb8e -

privacydesign.ch
  ns-104.awsdns-13.com / 758989b8a91eaa6347c0e27feb0a1605 -
205.251.192.104
Ashburn/Virginia/United States (US) - Amazon.com


 
2600:9000:5300:6800::1
Seattle/Washington/United States (US) - Crown Castle Fiber LLC


  ns-1194.awsdns-21.org / e9fac45c500939371cbcfffbdc249869 -
205.251.196.170
Herndon/Virginia/United States (US) - Amazon.com


 
2600:9000:5304:aa00::1
Herndon/Virginia/United States (US) - Crown Castle Fiber LLC


  ns-1576.awsdns-05.co.uk / 8880a8a769e885e63ce167efc2227366 -
205.251.198.40
London/England/United Kingdom (GB) - Amazon.com


 
2600:9000:5306:2800::1
Seattle/Washington/United States (US) - Crown Castle Fiber LLC


  ns-865.awsdns-44.net / c6dd72bf5ec62d5e10f587e53eadeb8e -
205.251.195.97
Sterling/Virginia/United States (US) - Amazon.com


 
2600:9000:5303:6100::1
Seattle/Washington/United States (US) - Crown Castle Fiber LLC

ch
  a.nic.ch / mario.switch.ch


  b.nic.ch / luigi.switch.ch


  d.nic.ch / tld-all-ffm1@53039


  e.nic.ch / 2.ams.pch


  f.nic.ch / s2.amx

 

4. SOA-Entries


Domain:ch
Zone-Name:ch
Primary:a.nic.ch
Mail:dns-operation.switch.ch
Serial:2024052318
Refresh:900
Retry:600
Expire:1209600
TTL:900
num Entries:5


Domain:privacydesign.ch
Zone-Name:privacydesign.ch
Primary:ns-865.awsdns-44.net
Mail:awsdns-hostmaster.amazon.com
Serial:1
Refresh:7200
Retry:900
Expire:1209600
TTL:86400
num Entries:8


Domain:www.privacydesign.ch
Zone-Name:privacydesign.ch
Primary:ns-865.awsdns-44.net
Mail:awsdns-hostmaster.amazon.com
Serial:1
Refresh:7200
Retry:900
Expire:1209600
TTL:86400
num Entries:1


5. Screenshots

Startaddress: https://www.privacydesign.ch/, address used: https://www.privacydesign.ch/, Screenshot created 2024-05-23 17:38:54 +00:0

 

Mobil (412px x 732px)

 

1132 milliseconds

 

Screenshot mobile - https://www.privacydesign.ch/
Mobil + Landscape (732px x 412px)

 

1140 milliseconds

 

Screenshot mobile landscape - https://www.privacydesign.ch/
Screen (1280px x 1680px)

 

1810 milliseconds

 

Screenshot Desktop - https://www.privacydesign.ch/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport396732
content Size3963065

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://privacydesign.ch/
212.51.149.69
301
https://privacydesign.ch/
Html is minified: 100.00 %
0.067
A
Date: Thu, 23 May 2024 15:29:26 GMT
Server: Apache
Location: https://privacydesign.ch/
Connection: close
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1

• http://www.privacydesign.ch/
212.51.149.69
301
https://www.privacydesign.ch/
Html is minified: 100.00 %
0.063
A
Date: Thu, 23 May 2024 15:29:26 GMT
Server: Apache
Location: https://www.privacydesign.ch/
Connection: close
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1

• https://privacydesign.ch/
212.51.149.69
301
https://www.privacydesign.ch/

3.640
A
Date: Thu, 23 May 2024 15:29:26 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: public, max-age=36000
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
X-Redirect-By: WordPress
Location: https://www.privacydesign.ch/
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://www.privacydesign.ch/
212.51.149.69
Inline-JavaScript (∑/total): 5/3811 Inline-CSS (∑/total): 4/1327
200

Html is minified: 111.47 %
Other inline scripts (∑/total): 3/3811
3.880
A
Date: Thu, 23 May 2024 15:29:31 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: public, max-age=36000
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
Link: <https://www.privacydesign.ch/wp-json/>; rel="https://api.w.org/", <https://www.privacydesign.ch/wp-json/wp/v2/pages/8>; rel="alternate"; type="application/json", <https://www.privacydesign.ch/>; rel=shortlink
Content-Security-Policy-Report-Only:
Vary: Accept-Encoding
Connection: close
Content-Encoding: gzip
Content-Length: 21436
Content-Type: text/html; charset=UTF-8

• https://mta-sts.privacydesign.ch/.well-known/mta-sts.txt
212.51.149.69
200



A
Date: Thu, 23 May 2024 15:31:49 GMT
Server: Apache
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; connect-src 'self' wss://www.pdks.ch; child-src 'self' ;
ETag: "49-6093a18e960e1-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Connection: close
Last-Modified: Fri, 03 Nov 2023 07:03:10 GMT
Content-Encoding: gzip
Content-Length: 92
Content-Type: text/plain

• http://privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
212.51.149.69
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
https://privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0
0.063
A
Visible Content:
Date: Thu, 23 May 2024 15:29:37 GMT
Server: Apache
Location: https://privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Connection: close
Content-Length: 302
Content-Type: text/html; charset=iso-8859-1

• http://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
212.51.149.69
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0
0.050
A
Visible Content:
Date: Thu, 23 May 2024 15:29:37 GMT
Server: Apache
Location: https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Connection: close
Content-Length: 306
Content-Type: text/html; charset=iso-8859-1

• https://privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

301
https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

3.617
A
Visible Content:
Date: Thu, 23 May 2024 15:29:42 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: public, must-revalidate, no-cache, max-age=0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
X-Redirect-By: WordPress
Location: https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Connection: close
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

Inline-JavaScript (∑/total): 5/3811 Inline-CSS (∑/total): 3/449
404

Html is minified: 109.30 %
Other inline scripts (∑/total): 3/3811
3.736
A
Not Found
Visible Content:
Date: Thu, 23 May 2024 15:29:47 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: public, must-revalidate, no-cache, max-age=0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
Link: <https://www.privacydesign.ch/wp-json/>; rel="https://api.w.org/"
Content-Security-Policy-Report-Only:
Connection: close
Transfer-Encoding: chunked
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Type: text/html; charset=UTF-8

• https://212.51.149.69/
212.51.149.69
302
https://privacydesign.ch/doku.php?id=start

3.377
N
Certificate error: RemoteCertificateNameMismatch
Date: Thu, 23 May 2024 15:29:38 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: no-store, public, must-revalidate, no-cache, max-age=36000
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Vary: Cookie
Set-Cookie: DokuWiki=i6mdrerprkf4aa77krba0nucea; path=/; secure; HttpOnly; SameSite=Lax, DW7fa065a06cb74b536c124cfbe56ac6d3=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; secure; HttpOnly; SameSite=Lax
Pragma: no-cache
Location: /doku.php?id=start
Connection: close
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://privacydesign.ch/doku.php?id=start

301
https://www.privacydesign.ch/doku.php?id=start

3.637
A
Date: Thu, 23 May 2024 15:29:53 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: public, must-revalidate, no-cache, max-age=0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
X-Redirect-By: WordPress
Location: https://www.privacydesign.ch/doku.php?id=start
Connection: close
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• https://www.privacydesign.ch/doku.php?id=start

Inline-JavaScript (∑/total): 5/3811 Inline-CSS (∑/total): 3/449
404

Html is minified: 109.30 %
Other inline scripts (∑/total): 3/3811
3.813
M
Not Found
Date: Thu, 23 May 2024 15:29:57 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
X-Frame-Options: deny
X-Content-Type-Options: nosniff
Referrer-Policy: no-referrer
Feature-Policy: geolocation 'self'
Cache-Control: public, must-revalidate, no-cache, max-age=0
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Permissions-Policy: interest-cohort=()
Content-Security-Policy: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
Link: <https://www.privacydesign.ch/wp-json/>; rel="https://api.w.org/"
Content-Security-Policy-Report-Only:
Connection: close
Transfer-Encoding: chunked
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Content-Type: text/html; charset=UTF-8

 

7. Comments


1. General Results, most used to calculate the result

Aname "privacydesign.ch" is domain, public suffix is ".ch", top-level-domain is ".ch", top-level-domain-type is "country-code", Country is Switzerland, tld-manager is "SWITCH The Swiss Education & Research Network", num .ch-domains preloaded: 2127 (complete: 244198)
AGood: All ip addresses are public addresses
Warning: Only one ip address found: privacydesign.ch has only one ip address.
Warning: Only one ip address found: www.privacydesign.ch has only one ip address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: privacydesign.ch has no ipv6 address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.privacydesign.ch has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
Ahttps://212.51.149.69/ 212.51.149.69
302
https://privacydesign.ch/doku.php?id=start
Correct redirect https to https
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: www is preferred
AGood: No cookie sent via http.
AGood: every cookie sent via https is marked as secure
AGood: Every cookie has a SameSite Attribute with a correct value Strict/Lax/None
AGood: every https has a Strict Transport Security Header
AGood: HSTS max-age is long enough, 31536000 seconds = 365 days
AGood: HSTS has includeSubdomains - directive
AGood: HSTS has preload directive
AExcellent: Domain is in the Google-Preload-List
AExcellent: Domain is in the Mozilla/Firefox-Preload-List
AHSTS-Preload-Status: Preloaded. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):3 complete Content-Type - header (4 urls)
https://mta-sts.privacydesign.ch/.well-known/mta-sts.txt 212.51.149.69


Url with incomplete Content-Type - header - missing charset
Ahttp://privacydesign.ch/ 212.51.149.69
301
https://privacydesign.ch/
Correct redirect http - https with the same domain name
Ahttp://www.privacydesign.ch/ 212.51.149.69
301
https://www.privacydesign.ch/
Correct redirect http - https with the same domain name
Mhttps://www.privacydesign.ch/doku.php?id=start
404

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://212.51.149.69/ 212.51.149.69
302
https://privacydesign.ch/doku.php?id=start
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nwww.privacydesign.ch:25


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nprivacydesign.ch:25


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nwww.privacydesign.ch:465


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nprivacydesign.ch:465


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nwww.privacydesign.ch:993


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nprivacydesign.ch:993


Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain privacydesign.ch, 1 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are different. So that domain requires Server Name Indication (SNI), so the server is able to select the correct certificate.: Domain www.privacydesign.ch, 1 ip addresses.
AGood: _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Domainname: _mta-sts.privacydesign.ch
AGood: _mta-sts TXT record is valid.
AGood: Subdomain mta-sts found: Subdomain-name: mta-sts.privacydesign.ch, ip : 212.51.149.69
AGood: Certificate of subdomain is valid. mta-sts.privacydesign.ch, ip : 212.51.149.69
AGood: /.well-known/mta-sts.txt with http status 200 found. Complete path: https://mta-sts.privacydesign.ch/.well-known/mta-sts.txt - ip : 212.51.149.69
AGood: mta-sts.txt has the required names "version", "mode", "max_age". mta-sts.privacydesign.ch, ip : 212.51.149.69
AGood: Minimal one mx definition found. mta-sts.privacydesign.ch, ip : 212.51.149.69
AExcellent: Complete and valid MTA-STS found!

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

Awww.privacydesign.ch 212.51.149.69
Content-Security-Policy
Ok: Header without syntax errors found: default-src 'self'; img-src 'self'; font-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; connect-src 'self'; child-src 'self' ;
A

Good: default-src directive only with 'none' or 'self', additional sources are blocked. child-src, connect-src, font-src, img-src, script-src, style-src
A

Good: default-src without 'unsafe-inline' or 'unsave-eval'. child-src, connect-src, font-src, img-src, script-src, style-src
E

Bad: No form-action directive found. Use one to limit the form - action - destinations. form-action is a navigation-directive, so default-src isn't used.
E

Bad: No frame-ancestors directive found. Use one to limit the pages allowed to use this page in frame / iframe / object / embed / applet. frame-ancestors is a navigation-directive, so default-src isn't used.
E

Bad: No base-uri directive found. Use one to limit the URLs which can be used in a document's <base> element. Because it's a document directive, default-src isn't used, so an own directive is required.
A

Good: object-src only with 'none' or 'self' found, no scheme, no other urls. That blocks object / embed / applet - elements.
A

Good: script-src without 'unsafe-inline' and 'unsafe-eval' found. That's the recommended configuration.
A

Good: script-src without * and a scheme found.
A

Good: script-src without data: schema found. Why is this important? The data: schema allows hidden code injection. Insert <script src='data:application/javascript;base64,YWxlcnQoJ1hTUycpOw=='></script> in your page and see what happens.
A

Good: frame-src without data: defined or frame-src missing and the default-src used as fallback not allows the data: schema. That blocks hidden code injection. Insert <iframe src="data:text/html;charset=utf-8;base64,PCFET0NUWVBFIGh0bWw+PGh0bWw+PGJvZHk+PHA+YmVmb3JlPHNjcmlwdCB0eXBlPSJ0ZXh0L2phdmFzY3JpcHQiPmFsZXJ0KCdYU1MnKTwvc2NyaXB0PjxwPmFmdGVyPC9ib2R5PjwvaHRtbD4="></iframe> in your page and see what happens.
C

Info: default-src and some other fetch directives have the same list of values. Remove the other fetch directive, default-src is used as fallback. Directives to remove: child-src, connect-src, font-src, img-src, script-src, style-src
A
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
A
Referrer-Policy
Ok: Header without syntax errors found: no-referrer
A
Permissions-Policy
Ok: Header without syntax errors found: interest-cohort=()
A
X-Frame-Options
Ok: Header without syntax errors found: deny
B

Info: Header is deprecated. May not longer work in modern browsers. deny. Better solution: Use a Content-Security-Policy Header with a frame-ancestors directive. DENY - use 'none', SAMEORIGIN - use 'self'. If you want to allow some domains to frame your page, add these urls.
A
Feature-Policy
Ok: Header without syntax errors found: geolocation 'self'
B

Info: Header is deprecated. May not longer work in modern browsers. geolocation 'self'
A
X-Xss-Protection
Ok: Header without syntax errors found: 1; mode=block
B

Info: Header is deprecated. May not longer work in modern browsers. 1; mode=block

3. DNS- and NameServer - Checks

AInfo:: 16 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
AInfo:: 16 Queries complete, 16 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 4.0 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 4 different Name Servers found: ns-104.awsdns-13.com, ns-1194.awsdns-21.org, ns-1576.awsdns-05.co.uk, ns-865.awsdns-44.net, 4 Name Servers included in Delegation: ns-104.awsdns-13.com, ns-1194.awsdns-21.org, ns-1576.awsdns-05.co.uk, ns-865.awsdns-44.net, 4 Name Servers included in 1 Zone definitions: ns-104.awsdns-13.com, ns-1194.awsdns-21.org, ns-1576.awsdns-05.co.uk, ns-865.awsdns-44.net, 1 Name Servers listed in SOA.Primary: ns-865.awsdns-44.net.
AGood: Only one SOA.Primary Name Server found.: ns-865.awsdns-44.net.
AGood: SOA.Primary Name Server included in the delegation set.: ns-865.awsdns-44.net.
AGood: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns-104.awsdns-13.com, ns-1194.awsdns-21.org, ns-1576.awsdns-05.co.uk, ns-865.awsdns-44.net
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 4 different Name Servers found
AGood: All name servers have ipv4- and ipv6-addresses.: 4 different Name Servers found
AGood: Name servers with different Top Level Domains / Public Suffix List entries found: 4 Name Servers, 4 Top Level Domains: org, net, com, co.uk
AGood: Name Servers with different domain names found.: 4 different Domains found
AGood: Name servers with different Country locations found: 4 Name Servers, 2 Countries: GB, US
AInfo: Ipv4-Subnet-list: 4 Name Servers, 1 different subnets (first Byte): 205., 1 different subnets (first two Bytes): 205.251., 4 different subnets (first three Bytes): 205.251.192., 205.251.195., 205.251.196., 205.251.198.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 4 Name Servers with IPv6, 1 different subnets (first block): 2600:, 1 different subnets (first two blocks): 2600:9000:, 4 different subnets (first three blocks): 2600:9000:5300:, 2600:9000:5303:, 2600:9000:5304:, 2600:9000:5306:, 4 different subnets (first four blocks): 2600:9000:5300:6800:, 2600:9000:5303:6100:, 2600:9000:5304:aa00:, 2600:9000:5306:2800:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 8 good Nameserver
AGood: Nameserver supports Echo Capitalization: 8 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 8 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 8 good Nameserver
AGood: All SOA have the same Serial Number
AGood: CAA entries found, creating certificate is limited: letsencrypt.org is allowed to create certificates

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 and greater 1024 Bytes is compressed (gzip, deflate, br checked).
https://www.privacydesign.ch/ 212.51.149.69
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://www.privacydesign.ch/ 212.51.149.69
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://www.privacydesign.ch/ 212.51.149.69
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://mta-sts.privacydesign.ch/.well-known/mta-sts.txt 212.51.149.69
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
AGood: Some script Elements (type text/javascript) with a src-Attribute have a defer / async - Attribute. So loading and executing these JavaScripts doesn't block parsing and rendering the Html-Output.
https://www.privacydesign.ch/ 212.51.149.69
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 2 script elements without defer/async.
https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 2 script elements without defer/async.
https://www.privacydesign.ch/doku.php?id=start
404

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 2 script elements without defer/async.
AGood: All CSS / JavaScript files are sent compressed (gzip, deflate, br checked). That reduces the content of the files. 18 external CSS / JavaScript files found
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 9 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 16 with Cache-Control max-age too short (minimum 7 days), 2 with Cache-Control long enough, 27 complete.
Warning: Images with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 8 image files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 10 with Cache-Control max-age too short (minimum 7 days), 0 with Cache-Control long enough, 18 complete.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 3 img-elements without alt-attribute, 0 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
https://www.privacydesign.ch/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
404
3.736 seconds
Warning: 404 needs more then one second
https://www.privacydesign.ch/doku.php?id=start
404
3.813 seconds
Warning: 404 needs more then one second
ADuration: 620704 milliseconds, 620.704 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
privacydesign.ch
212.51.149.69
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
privacydesign.ch
212.51.149.69
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


www.privacydesign.ch
212.51.149.69
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

www.privacydesign.ch
212.51.149.69
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


privacydesign.ch
privacydesign.ch
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

privacydesign.ch
privacydesign.ch
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


www.privacydesign.ch
www.privacydesign.ch
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

www.privacydesign.ch
www.privacydesign.ch
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


mta-sts.privacydesign.ch
212.51.149.69
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

mta-sts.privacydesign.ch
212.51.149.69
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
SNI required
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=mta-sts.privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


212.51.149.69
212.51.149.69
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

212.51.149.69
212.51.149.69
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacymonks.org


2CN=R3, O=Let's Encrypt, C=US


privacydesign.ch
privacydesign.ch
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

privacydesign.ch
privacydesign.ch
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


www.privacydesign.ch
www.privacydesign.ch
443
ok
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
supported
ok

www.privacydesign.ch
www.privacydesign.ch
443
ok
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=privacydesign.ch


2CN=R3, O=Let's Encrypt, C=US


privacydesign.ch
212.51.149.69
25
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok

privacydesign.ch
212.51.149.69
25
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok
 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


privacydesign.ch
212.51.149.69
465
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

privacydesign.ch
212.51.149.69
465
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.privacymonks.org


2CN=R3, O=Let's Encrypt, C=US


privacydesign.ch
212.51.149.69
993
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

privacydesign.ch
212.51.149.69
993
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.privacymonks.org


2CN=R3, O=Let's Encrypt, C=US


www.privacydesign.ch
212.51.149.69
25
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok

www.privacydesign.ch
212.51.149.69
25
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
error checking OCSP stapling
ok
 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


www.privacydesign.ch
212.51.149.69
465
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.privacydesign.ch
212.51.149.69
465
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.privacymonks.org


2CN=R3, O=Let's Encrypt, C=US


www.privacydesign.ch
212.51.149.69
993
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.privacydesign.ch
212.51.149.69
993
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.privacymonks.org


2CN=R3, O=Let's Encrypt, C=US

 

9. Certificates

1.
1.
CN=privacydesign.ch
03.05.2024
01.08.2024
125 days expired
privacydesign.ch, www.privacydesign.ch - 2 entries
1.
1.
CN=privacydesign.ch
03.05.2024

01.08.2024
125 days expired


privacydesign.ch, www.privacydesign.ch - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04FD86DCA3511B487CB4BE4FC3B091E62DA4
Thumbprint:CA28FAA98DF3775438DE8D479D44554575009120
SHA256 / Certificate:G5tYopkFmncUhpOCwM9ZgmQrqbSRjnqg6ryaK5FuL4A=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):d37c5ec4d77d0dc9c6f2b55a7f4987341f4b29973db0b4fe65cfb40c44b62429
SHA256 hex / Subject Public Key Information (SPKI):d37c5ec4d77d0dc9c6f2b55a7f4987341f4b29973db0b4fe65cfb40c44b62429 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:yes
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 285 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 285 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3834 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3834 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




2.
1.
CN=privacymonks.org
03.05.2024
01.08.2024
125 days expired
privacymonks.org - 1 entry
2.
1.
CN=privacymonks.org
03.05.2024

01.08.2024
125 days expired


privacymonks.org - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:04B783425EE5963F825F0A36274323F230B4
Thumbprint:52B9E1ABA5FB2079FB51168578F2BA129B43B86C
SHA256 / Certificate:F/IbpXL6t8BAMuqeF8D9bcFpO9h+Y3dW0UR5kLpaO00=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):3f44f220e6632726f43775f145b6150ce09477f9f0ec5e745be7c1ff24e58977
SHA256 hex / Subject Public Key Information (SPKI):3f44f220e6632726f43775f145b6150ce09477f9f0ec5e745be7c1ff24e58977 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 285 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 285 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3834 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3834 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




3.
1.
CN=mta-sts.privacydesign.ch
03.05.2024
01.08.2024
125 days expired
mta-sts.privacydesign.ch - 1 entry
3.
1.
CN=mta-sts.privacydesign.ch
03.05.2024

01.08.2024
125 days expired


mta-sts.privacydesign.ch - 1 entry

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:04F03CA8129EC083D93441E0EB0169DA22FA
Thumbprint:0D48B17238359E93897B15735BA7DF222C5736E5
SHA256 / Certificate:EJ0h1JkNMUovlafE0DI05Y3ZCJRAtOL+2EVZg+PHMMk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):e05bb36770f9d72683f9fe50c58738bb3b23c2f0d63d3e9dd28e3965c6dcb49e
SHA256 hex / Subject Public Key Information (SPKI):e05bb36770f9d72683f9fe50c58738bb3b23c2f0d63d3e9dd28e3965c6dcb49e (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:yes
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 285 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 285 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3834 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3834 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




4.
1.
CN=www.privacymonks.org
03.05.2024
01.08.2024
125 days expired
www.privacymonks.org - 1 entry
4.
1.
CN=www.privacymonks.org
03.05.2024

01.08.2024
125 days expired


www.privacymonks.org - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0398500E3BD2397C9D175E5010E9B73232AE
Thumbprint:181C92BC30F751A7F8504C22CA42807E77266ACF
SHA256 / Certificate:F69foNKVP0Nt2Zh2uGhWMZZxsXdzJv0qAerB4K8J7dk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):1b94373ea65d78ed6a22f39606142629905fc68324c5e905b9a5f85e00f80c3a
SHA256 hex / Subject Public Key Information (SPKI):1b94373ea65d78ed6a22f39606142629905fc68324c5e905b9a5f85e00f80c3a (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 285 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 285 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3834 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3834 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




5.
1.
CN=www.privacymonks.org
04.03.2024
02.06.2024
185 days expired
www.privacymonks.org - 1 entry
5.
1.
CN=www.privacymonks.org
04.03.2024

02.06.2024
185 days expired


www.privacymonks.org - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0344A431CF438A55A376DB2071BE668F5F01
Thumbprint:BD7BEC10A6DD13EFCCD3D342FA7ECD57517D80C7
SHA256 / Certificate:JZ4W+/skG+YqhcFF/sPMhw2yP8ZKd/x15d3HMPtayEs=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):980bd5b7fd72c2e2b939b0d240f2a41c995f80a07d62e082bb964eb49945dbff
SHA256 hex / Subject Public Key Information (SPKI):980bd5b7fd72c2e2b939b0d240f2a41c995f80a07d62e082bb964eb49945dbff (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://r3.o.lencr.org
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020
15.09.2025
expires in 285 days


2.
CN=R3, O=Let's Encrypt, C=US
04.09.2020

15.09.2025
expires in 285 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3834 days


3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3834 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=R3, O=Let's Encrypt, C=US
0
0
14

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
7250555009
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-05-03 18:33:30
2024-08-01 18:33:29
www.privacydesign.ch - 1 entries


7250550295
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-05-03 18:32:43
2024-08-01 18:32:42
privacydesign.ch, www.privacydesign.ch - 2 entries


6866923449
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-03-04 04:52:46
2024-06-02 04:52:45
www.privacydesign.ch - 1 entries


6866922453
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-03-04 04:52:22
2024-06-02 04:52:21
privacydesign.ch, www.privacydesign.ch - 2 entries


6127806877
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 16:10:46
2024-02-02 16:10:45
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 16 entries


6127625699
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 15:25:43
2024-02-02 15:25:42
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 16 entries


6127496871
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 14:57:23
2024-02-02 14:57:22
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 13 entries


6127493978
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 14:56:32
2024-02-02 14:56:31
www.privacydesign.ch - 1 entries


6127485266
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 14:55:36
2024-02-02 14:55:35
privacydesign.ch, www.privacydesign.ch - 2 entries


6127486588
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 14:54:48
2024-02-02 14:54:47
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 16 entries


6035419844
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-10-19 09:48:06
2024-01-17 09:48:05
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 16 entries


6035416398
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-10-19 09:47:44
2024-01-17 09:47:43
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 13 entries


5715374808
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-08-20 08:35:15
2023-11-18 08:35:14
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 16 entries


5715374586
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-08-20 08:34:59
2023-11-18 08:34:58
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu - 13 entries


 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=R3, O=Let's Encrypt, C=US
0 /0 new
0
16

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
12942345626
precert
CN=R3, O=Let's Encrypt, C=US
2024-05-03 16:33:30
2024-08-01 16:33:29
www.privacydesign.ch
1 entries


12942338742
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-05-03 16:32:43
2024-08-01 16:32:42
privacydesign.ch, www.privacydesign.ch
2 entries


12267737322
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-03-04 03:52:46
2024-06-02 02:52:45
www.privacydesign.ch
1 entries


12267736743
precert
CN=R3, O=Let's Encrypt, C=US
2024-03-04 03:52:22
2024-06-02 02:52:21
privacydesign.ch, www.privacydesign.ch
2 entries


11633053763
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-01-03 13:40:11
2024-04-02 12:40:10
www.privacydesign.ch
1 entries


11633052650
leaf cert
CN=R3, O=Let's Encrypt, C=US
2024-01-03 13:39:47
2024-04-02 12:39:46
privacydesign.ch, www.privacydesign.ch
2 entries


10997068416
precert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 15:10:46
2024-02-02 15:10:45
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
16 entries


10996744884
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 14:25:43
2024-02-02 14:25:42
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
16 entries


10996507225
precert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 13:57:23
2024-02-02 13:57:22
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
13 entries


10996490006
precert
CN=R3, O=Let's Encrypt, C=US
2023-11-04 13:54:48
2024-02-02 13:54:47
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
16 entries


10831347591
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-10-19 07:48:06
2024-01-17 08:48:05
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
16 entries


10831346420
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-10-19 07:47:44
2024-01-17 08:47:43
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
13 entries


10227192583
precert
CN=R3, O=Let's Encrypt, C=US
2023-08-20 06:35:15
2023-11-18 07:35:14
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
16 entries


10323154709
precert
CN=R3, O=Let's Encrypt, C=US
2023-08-20 06:34:59
2023-11-18 07:34:58
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
13 entries


9734222382
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-06-21 05:29:43
2023-09-19 05:29:42
browserpgp.pdsk.ch, chat.privacymonks.org, lists.privacymonks.org, pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
16 entries


9734221037
leaf cert
CN=R3, O=Let's Encrypt, C=US
2023-06-21 05:29:26
2023-09-19 05:29:25
pdsk.ch, privacydesign.ch, privacymonks.org, reader.privacymonks.org, staging.tadpf.eu, staging.tdpf.eu, www.openprivacydesign.org, www.pdsk.ch, www.privacyarchitecture.org, www.privacydesign.ch, www.privacymonks.org, www.tadpf.eu, www.tdpf.eu
13 entries


 

11. Html-Content - Entries

Summary


Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://www.privacydesign.ch/
212.51.149.69
a

28

0


0
0
0


form

1
21,428 Bytes
0
1
0
0
0
0


img

1
294,123 Bytes
0
5
0
0
0
0


link
alternate
5

0


0
0
0


link
dns-prefetch
1

0


0
0
0


link
stylesheet
4
24,420 Bytes
0
3
1
1
0
0
-1

link
other
8
15,203 Bytes
0
3
0
0
0
0


meta
other
22
11,690 Bytes
0
1
0
0
0
0


script

5
17,227 Bytes
0
5
0
0
0
0


style-attribute

4

0


0
0
0

https://www.privacydesign.ch/doku.php?id=start
a

18

0


0
0
0


form

2

0


0
0
0


img

1

0


0
0
0


link
alternate
2

0


0
0
0


link
dns-prefetch
1

0


0
0
0


link
stylesheet
4

0


0
0
0


link
other
6

0


0
0
0


meta
other
20

0


0
0
0


script

5

0


0
0
0

 

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://www.privacydesign.ch/
212.51.149.69
a

#content


2
ok















a

/category/bestpractices/


1
ok















a

/category/dpaactions/


1
ok















a

/category/guidance/


1
ok















a

/category/incidents/


1
ok















a

/category/legalnews/


1
ok















a

/category/news/


1
ok















a

/category/risks/


1
ok















a

/category/seals/


1
ok















a

/category/tools/


1
ok















a

https://wordpress.org/


1
ok















a

https://www.linkedin.com/in/stefankeller/


1
ok















a

https://www.privacydesign.ch/


1
ok















a

https://www.privacydesign.ch/about-page/


1
ok















a

https://www.privacydesign.ch/category/bestpractices/


1
ok















a

https://www.privacydesign.ch/category/dpaactions/


1
ok















a

https://www.privacydesign.ch/category/guidance/


1
ok















a

https://www.privacydesign.ch/category/incidents/


1
ok















a

https://www.privacydesign.ch/category/legalnews/


1
ok















a

https://www.privacydesign.ch/category/news/


1
ok















a

https://www.privacydesign.ch/category/risks/


1
ok















a

https://www.privacydesign.ch/category/seals/


1
ok















a

https://www.privacydesign.ch/category/tools/


1
ok















a

https://www.privacydesign.ch/impressum/


1
ok















a

https://www.privacydesign.ch/privacy-notice/


2
ok















a

mailto:info@privacydesign.ch


1
ok















form
get
https://www.privacydesign.ch/
200

1
ok
text/html; charset=UTF-8
X-Content-Type-Options nosniff found





21428 Bytes








img
src
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846.jpg
200

1
ok
no alt-Attributeimage/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 294123 Bytes







srcset
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846.jpg 2000w, https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846-300x180.jpg 300w, https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846-768x461.jpg 768w, https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846-1024x614.jpg 1024w


1
ok







https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846-300x180.jpg 300w
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 12403 Bytes







https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846-768x461.jpg 768w
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 64963 Bytes







https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846-1024x614.jpg 1024w
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 107220 Bytes







https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-pexels-photo-157231-compressed-e1519081891846.jpg 2000w
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 294123 Bytes






link
alternate
https://www.privacydesign.ch/comments/feed/


1
ok















link
alternate
https://www.privacydesign.ch/feed/


1
ok















link
alternate
https://www.privacydesign.ch/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.privacydesign.ch%2F


1
ok















link
alternate
https://www.privacydesign.ch/wp-json/oembed/1.0/embed?url=https%3A%2F%2Fwww.privacydesign.ch%2F&format=xml


1
ok















link
alternate
https://www.privacydesign.ch/wp-json/wp/v2/pages/8


1
ok















link
apple-touch-icon
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-180x180.jpg
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 6858 Bytes








link
canonical
https://www.privacydesign.ch/


1
ok















link
dns-prefetch
//ajax.googleapis.com


1
ok















link
EditURI
https://www.privacydesign.ch/xmlrpc.php?rsd


1
ok















link
https://api.w.org/
https://www.privacydesign.ch/wp-json/


1
ok















link
icon
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-192x192.jpg
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 7316 Bytes








link
icon
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-32x32.jpg
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 1029 Bytes








link
profile
https://gmpg.org/xfn/11


1
ok















link
shortlink
https://www.privacydesign.ch/


1
ok















link
stylesheet
//ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/themes/base/jquery-ui.css?ver=6.5.3
200

1
ok
text/css; charset=UTF-8
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000 - with long duration found.
Compression required: 5774 Bytes






Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

 

sha256-wXYlVH4g+R6DHaBlzBJ6xzsX3yHqV4o6h99rqr9Y1H4=
sha384-n90/NJ00/kA/NonVec9oGeiZoTx4dLu6nGQra4tqATx3har6t52ayLp2gEQXFnZg
sha512-BUkE6VdecFl5faJ5TbHesZeoUtQ0dkGgxaO2s5ibzCn8UUD/dXlE6ryZEsTQFsRkJGVgIWCdE3BNt0lGhhiAWQ==

 

<link rel="stylesheet" href="//ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/themes/base/jquery-ui.css?ver=6.5.3" crossorigin="anonymous" integrity="sha256-wXYlVH4g+R6DHaBlzBJ6xzsX3yHqV4o6h99rqr9Y1H4=" />


Content loaded via url("...")

 

images/ui-anim_basic_16x16.gif1
images/ui-bg_flat_0_aaaaaa_40x100.png2
images/ui-bg_flat_75_ffffff_40x100.png1
images/ui-bg_glass_55_fbf9ee_1x400.png1
images/ui-bg_glass_65_ffffff_1x400.png1
images/ui-bg_glass_75_dadada_1x400.png1
images/ui-bg_glass_75_e6e6e6_1x400.png1
images/ui-bg_glass_95_fef1ec_1x400.png1
images/ui-bg_highlight-soft_75_cccccc_1x100.png1
images/ui-icons_222222_256x240.png3
images/ui-icons_2e83ff_256x240.png1
images/ui-icons_454545_256x240.png2
images/ui-icons_888888_256x240.png1
images/ui-icons_cd0a0a_256x240.png1

link
stylesheet
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220912
200

1
ok
text/css
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 1949 Bytes






local SRI possible, possible hash-values:

 

sha256-N/pXbUwaXnCZOiEUYfq+XoRzrwMVc7V9z9eHS+2znWo=
sha384-6AOncTT5yIDnm3tefqbPDIWexYroKTpvfCiMBNKZ0H9M3NsqlZja3Nzf0b6Z2l6V
sha512-RN/z8CaioDu/bWVgG3rrVPSdfRKnNLc6r/GiJXbRUcMU75Hw8W4TJeEsTrFTaEFKMs53gt7Xe6HQbM6h6g0YLw==

 

<link rel="stylesheet" href="https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220912" crossorigin="anonymous" integrity="sha256-N/pXbUwaXnCZOiEUYfq+XoRzrwMVc7V9z9eHS+2znWo=" />



link
stylesheet
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328
200

1
ok
text/css
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 755 Bytes






local SRI possible, possible hash-values:

 

sha256-AhhPzMW1IB0uUYiTWRBE9ljnip2wuyDgw4ZWgVSMuC4=
sha384-L2N9rc2HYoa4aR8GMRgrBnxDcMtB7K/gn/CtwVn2/8T5ib6i/CfZT3rNsmtXWQj3
sha512-NKjCdZ1DlkoX/CxQhvxEMRpqGAqJFS1pyhsSNB4ENUhU6D48Bo0z0SB60kEIcW1hn21duCYRmIM4M2ObH3v6yg==

 

<link rel="stylesheet" href="https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328" crossorigin="anonymous" integrity="sha256-AhhPzMW1IB0uUYiTWRBE9ljnip2wuyDgw4ZWgVSMuC4=" />


Content loaded via url("...")

 

./libre-franklin/libre-franklin-all-300-italic.woff?ver=133
./libre-franklin/libre-franklin-all-300-normal.woff?ver=133
./libre-franklin/libre-franklin-all-400-italic.woff?ver=133
./libre-franklin/libre-franklin-all-400-normal.woff?ver=133
./libre-franklin/libre-franklin-all-600-italic.woff?ver=133
./libre-franklin/libre-franklin-all-600-normal.woff?ver=133
./libre-franklin/libre-franklin-all-800-italic.woff?ver=133
./libre-franklin/libre-franklin-all-800-normal.woff?ver=133
./libre-franklin/libre-franklin-latin-300-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-300-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-400-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-400-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-600-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-600-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-800-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-800-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-300-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-300-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-400-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-400-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-600-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-600-normal.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-800-italic.woff2?ver=131
./libre-franklin/libre-franklin-latin-ext-800-normal.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-300-italic.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-300-normal.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-400-italic.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-400-normal.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-600-italic.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-600-normal.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-800-italic.woff2?ver=131
./libre-franklin/libre-franklin-vietnamese-800-normal.woff2?ver=131

link
stylesheet
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/style.css?ver=20240402
200

1
ok
text/css
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 15942 Bytes






local SRI possible, possible hash-values:

 

sha256-miWu3vd+kEp2aldCmA/XjwYjTFNMYJG90ax4cxgXuSU=
sha384-yhwUIcnaOH4L4Da0kDjre8SKBAtYKg4Aqg9ELt6S6SGssycAikol4rpqkHQapjIs
sha512-itz+Qap/opIiL5qb07rYzwb9tak7zEPL5V47TfZQwEqLzjcUy+qNXsFYldKmwR9yi2brFaBr2NlxLM16t96VUA==

 

<link rel="stylesheet" href="https://www.privacydesign.ch/wp-content/themes/twentyseventeen/style.css?ver=20240402" crossorigin="anonymous" integrity="sha256-miWu3vd+kEp2aldCmA/XjwYjTFNMYJG90ax4cxgXuSU=" />



meta
charset
utf-8


2
ok















meta
abstract
protecting people by good design, solid security, efficient processes and trusted services


1
ok















meta
author
stefan


1
ok















meta
classification
A29WP, ai, AI, anonymisation, artificial intelligence, audit, Balancing Test, Best Practices, big data, California, cloud, Code of Conduct, COE, contract gaps, Contract Template, cookies, cookies (ePR), data breach, de-identification, de-identification, devices, DPA actions, DPIA helpers, DSAR, EDPB, EDPB-Art60-summaries, EDPS, ePR, Ethics, Guidance, HIPAA, Identification, Incidents, iot, Legal News, Legal overview, Legal texts, missing contractual controls, missing transparency, mobile app, mobile apps, News, Opinion, passwords, PET, policy gaps, policy gaps, Presentation, privacy notice, Privacy Risks, Privacy Seals, pseudonymisation, re-identification, Research, risk management gaps, scanner, security testing gaps, settlements, social media button, social media monitoring, Solution Development Lifecylce, Subject Access Requests, TOM, Tools, tracking, Uncategorized, unencrypted email, unsecured FTP server, USA, web site, Whitepaper


1
ok















meta
copyright
Copyright Privacy Design® - All rights Reserved.


1
ok















meta
description
protecting people by good design, solid security, efficient processes and trusted services


1
ok















meta
designer
the WordPress team


1
ok















meta
distribution
Global


1
ok















meta
example
custom: 2020-05-23


1
ok















meta
generator
WordPress 6.5.3


1
ok















meta
language
en-US


1
ok















meta
msapplication-TileImage
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-270x270.jpg
200

1
ok
image/jpeg
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
No Compression - 11690 Bytes








meta
publisher
Privacy Design®


1
ok















meta
rating
General


1
ok















meta
resource-type
Document


1
ok















meta
revisit-after
3


1
ok















meta
robots
index,follow


1
ok















meta
robots
max-image-preview:large


1
ok















meta
subject
A29WP, ai, AI, anonymisation, artificial intelligence, audit, Balancing Test, Best Practices, big data, California, cloud, Code of Conduct, COE, contract gaps, Contract Template, cookies, cookies (ePR), data breach, de-identification, de-identification, devices, DPA actions, DPIA helpers, DSAR, EDPB, EDPB-Art60-summaries, EDPS, ePR, Ethics, Guidance, HIPAA, Identification, Incidents, iot, Legal News, Legal overview, Legal texts, missing contractual controls, missing transparency, mobile app, mobile apps, News, Opinion, passwords, PET, policy gaps, policy gaps, Presentation, privacy notice, Privacy Risks, Privacy Seals, pseudonymisation, re-identification, Research, risk management gaps, scanner, security testing gaps, settlements, social media button, social media monitoring, Solution Development Lifecylce, Subject Access Requests, TOM, Tools, tracking, Uncategorized, unencrypted email, unsecured FTP server, USA, web site, Whitepaper


1
ok















meta
template
Twenty Seventeen


1
ok















meta
viewport
width=device-width, initial-scale=1


1
ok















script
src
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20211130
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 2638 Bytes






local SRI possible, possible hash-values:

 

sha256-ddf9EGbGff4Hiwzx/jhj0riDB2y29OQZiHCBeffhhIg=
sha384-nPvH6y7Xj6YC/zZWtJjGFmFLAlxl4pQ51he9PipG44chBaPzL5X09gGq4gUx/+zy
sha512-yDYG41rSUyPSr4OKqVwB5zitczc3BWBFmHtMxDpallIdM6RE8u62vASzvB03nlIUvwQi1lDlhsoFu7asEkHDtw==

 

<script src="https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20211130" crossorigin="anonymous" integrity="sha256-ddf9EGbGff4Hiwzx/jhj0riDB2y29OQZiHCBeffhhIg=" />



script
src
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.3
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 2414 Bytes






local SRI possible, possible hash-values:

 

sha256-dLiOPHRZfCVjkP8M8Zt7ycVCfKKwZRlZwWSyklOWWHE=
sha384-DCU3NeKEHruYxWYBFsyMCkGYVLK58QLNIYwpoiG9Ksu00T5B2qmkxiyC70spTaOF
sha512-v+KjxEiXYp/CasWB//3WpOGZigLXwLxsCfGjrcNMsZWkNXwR3VwBWy6uGklOdFYoxeUP/G5Xk17GpCB2dZiU6w==

 

<script src="https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.3" crossorigin="anonymous" integrity="sha256-dLiOPHRZfCVjkP8M8Zt7ycVCfKKwZRlZwWSyklOWWHE=" />



script
src
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20210122
200

1
ok
defer attribute found application/javascript
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 1161 Bytes






local SRI possible, possible hash-values:

 

sha256-HJio2IE6xOjR155bWYHEHszoC/235VtwQw5ClpCg2/4=
sha384-t1DbDdbgeX3lpzy/Q+N4to7pl6aOvFGgVTrrjQ5XsIQzZQrSYc1DoCQ024j4S3M1
sha512-PiRfUxXvDj1qdVew25IijVufHZAY5TdHBhyKd/VXuNp7hAOt0iGMnuOwnk5F6Y5M7j9i2IhqtaeN/zCWaMhKqA==

 

<script src="https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20210122" crossorigin="anonymous" integrity="sha256-HJio2IE6xOjR155bWYHEHszoC/235VtwQw5ClpCg2/4=" />



script
src
https://www.privacydesign.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
200

1
ok
Missing defer / async attribute. application/javascript
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 7099 Bytes






local SRI possible, possible hash-values:

 

sha256-yn3OI5GEXorsfaE18z+r0Q907tKKUyrGb9Afdh/PtC8=
sha384-sY8GPAzcEPgf3dJ2ZpGPr3/kgZ3lf6Cjr86NqObtCEh+gpi5jHwgp+Yazdz0yVD/
sha512-6HHyWPYlpcjo7DhIJCNS/XXcsPC1gDM/zgdiWmovU+g/IuTddJLy0SqIBwnVQN4LzdmzNdhT/pzM/A78z3GLzg==

 

<script src="https://www.privacydesign.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2" crossorigin="anonymous" integrity="sha256-yn3OI5GEXorsfaE18z+r0Q907tKKUyrGb9Afdh/PtC8=" />



script
src
https://www.privacydesign.ch/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
200

1
ok
Missing defer / async attribute. application/javascript
X-Content-Type-Options nosniff found





Cache-Control: public, max-age=36000 - max-age too short.
Compression required: 3915 Bytes






local SRI possible, possible hash-values:

 

sha256-ag1T9o4BPaxCpSpSZMXSihKga2vHzB1jvC04VVi9Ldc=
sha384-A8VrsnX1aZQAfAjqmzT+JXT3xHq0Ior1khlrXTkF5wlGzXNcmGOsy6eaOoCG5BMT
sha512-4osXNEYu1OTG1exL4XSaN+mBuyZ79SWTNAqhwO4c3QEiB0rqIwftqgMfkT6iLCis4oJJwh+jl3AJTQkQPdm3EA==

 

<script src="https://www.privacydesign.ch/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2" crossorigin="anonymous" integrity="sha256-ag1T9o4BPaxCpSpSZMXSihKga2vHzB1jvC04VVi9Ldc=" />



style-attribute

https://www.privacydesign.ch/wp-content/uploads/2018/02/pexels-photo-371044-1-compressed-2000x1200.jpg


1
ok















style-attribute

https://www.privacydesign.ch/wp-content/uploads/2018/02/pexels-photo-541522-compressed-2000x1200.jpg


1
ok















style-attribute

https://www.privacydesign.ch/wp-content/uploads/2018/02/pexels-photo-567633-compressed-2000x1200.jpg


1
ok















style-attribute

https://www.privacydesign.ch/wp-content/uploads/2018/02/pexels-photo-794212-compressed-2000x1200.jpg


1
ok














https://www.privacydesign.ch/doku.php?id=start

a

#content


1
ok















a

https://wordpress.org/


1
ok















a

https://www.linkedin.com/in/stefankeller/


1
ok















a

https://www.privacydesign.ch/


1
ok















a

https://www.privacydesign.ch/about-page/


1
ok















a

https://www.privacydesign.ch/category/bestpractices/


1
ok















a

https://www.privacydesign.ch/category/dpaactions/


1
ok















a

https://www.privacydesign.ch/category/guidance/


1
ok















a

https://www.privacydesign.ch/category/incidents/


1
ok















a

https://www.privacydesign.ch/category/legalnews/


1
ok















a

https://www.privacydesign.ch/category/news/


1
ok















a

https://www.privacydesign.ch/category/risks/


1
ok















a

https://www.privacydesign.ch/category/seals/


1
ok















a

https://www.privacydesign.ch/category/tools/


1
ok















a

https://www.privacydesign.ch/impressum/


1
ok















a

https://www.privacydesign.ch/privacy-notice/


2
ok















a

mailto:info@privacydesign.ch


1
ok















form
get
https://www.privacydesign.ch/


2
ok















img
src
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269.jpg


2
ok














srcset
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269.jpg 2000w, https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269-300x180.jpg 300w, https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269-768x461.jpg 768w, https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269-1024x614.jpg 1024w


1
ok







https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269-768x461.jpg 768w


1
ok














https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269-1024x614.jpg 1024w


1
ok














https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-2016-10-22-018-e1519081995269.jpg 2000w


1
ok













link
alternate
https://www.privacydesign.ch/comments/feed/


1
ok















link
alternate
https://www.privacydesign.ch/feed/


1
ok















link
apple-touch-icon
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-180x180.jpg


1
ok















link
dns-prefetch
//ajax.googleapis.com


1
ok















link
EditURI
https://www.privacydesign.ch/xmlrpc.php?rsd


1
ok















link
https://api.w.org/
https://www.privacydesign.ch/wp-json/


1
ok















link
icon
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-192x192.jpg


1
ok















link
icon
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-32x32.jpg


1
ok















link
profile
https://gmpg.org/xfn/11


1
ok















link
stylesheet
//ajax.googleapis.com/ajax/libs/jqueryui/1.8.1/themes/base/jquery-ui.css?ver=6.5.3


1
ok















link
stylesheet
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/css/blocks.css?ver=20220912


1
ok















link
stylesheet
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/fonts/font-libre-franklin.css?ver=20230328


1
ok















link
stylesheet
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/style.css?ver=20240402


1
ok















meta
charset
UTF-8


2
ok















meta
abstract
protecting people by good design, solid security, efficient processes and trusted services


1
ok















meta
author
stefan


1
ok















meta
classification
A29WP, ai, AI, anonymisation, artificial intelligence, audit, Balancing Test, Best Practices, big data, California, cloud, Code of Conduct, COE, contract gaps, Contract Template, cookies, cookies (ePR), data breach, de-identification, de-identification, devices, DPA actions, DPIA helpers, DSAR, EDPB, EDPB-Art60-summaries, EDPS, ePR, Ethics, Guidance, HIPAA, Identification, Incidents, iot, Legal News, Legal overview, Legal texts, missing contractual controls, missing transparency, mobile app, mobile apps, News, Opinion, passwords, PET, policy gaps, policy gaps, Presentation, privacy notice, Privacy Risks, Privacy Seals, pseudonymisation, re-identification, Research, risk management gaps, scanner, security testing gaps, settlements, social media button, social media monitoring, Solution Development Lifecylce, Subject Access Requests, TOM, Tools, tracking, Uncategorized, unencrypted email, unsecured FTP server, USA, web site, Whitepaper


1
ok















meta
copyright
Copyright Privacy Design® - All rights Reserved.


1
ok















meta
designer
the WordPress team


1
ok















meta
distribution
Global


1
ok















meta
generator
WordPress 6.5.3


1
ok















meta
language
en-US


1
ok















meta
msapplication-TileImage
https://www.privacydesign.ch/wp-content/uploads/2018/02/cropped-favicon-270x270.jpg


1
ok















meta
publisher
Privacy Design®


1
ok















meta
rating
General


1
ok















meta
resource-type
Document


1
ok















meta
revisit-after
3


1
ok















meta
robots
index,follow


1
ok















meta
robots
max-image-preview:large


1
ok















meta
subject
A29WP, ai, AI, anonymisation, artificial intelligence, audit, Balancing Test, Best Practices, big data, California, cloud, Code of Conduct, COE, contract gaps, Contract Template, cookies, cookies (ePR), data breach, de-identification, de-identification, devices, DPA actions, DPIA helpers, DSAR, EDPB, EDPB-Art60-summaries, EDPS, ePR, Ethics, Guidance, HIPAA, Identification, Incidents, iot, Legal News, Legal overview, Legal texts, missing contractual controls, missing transparency, mobile app, mobile apps, News, Opinion, passwords, PET, policy gaps, policy gaps, Presentation, privacy notice, Privacy Risks, Privacy Seals, pseudonymisation, re-identification, Research, risk management gaps, scanner, security testing gaps, settlements, social media button, social media monitoring, Solution Development Lifecylce, Subject Access Requests, TOM, Tools, tracking, Uncategorized, unencrypted email, unsecured FTP server, USA, web site, Whitepaper


1
ok















meta
template
Twenty Seventeen


1
ok















meta
viewport
width=device-width, initial-scale=1


1
ok















script
src
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/global.js?ver=20211130


1
ok
defer attribute found














script
src
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/jquery.scrollTo.js?ver=2.1.3


1
ok
defer attribute found














script
src
https://www.privacydesign.ch/wp-content/themes/twentyseventeen/assets/js/navigation.js?ver=20210122


1
ok
defer attribute found














script
src
https://www.privacydesign.ch/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2


1
ok
Missing defer / async attribute.














script
src
https://www.privacydesign.ch/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2


1
ok
Missing defer / async attribute.













 

12. Html-Parsing via https://validator.nu/ / https://validator.w3.org/nu/ (started 2024-09-28, 09:00, alpha)

  Unfortunately, there are differences between the first used validator.nu and validator.w3.org/nu/ - switched to validator.w3.org/nu/. Looks like some error messages (link - fetchpriority attribute) of validator.nu are obsolete, not seen in the w3.org-version and not found in the current specification: link may have a fetchpriority attribute.

Small Code update, wait one minute

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns-104.awsdns-13.com, ns-1194.awsdns-21.org, ns-1576.awsdns-05.co.uk, ns-865.awsdns-44.net

 

QNr.DomainTypeNS used
1
com
NS
b.root-servers.net (2001:500:200::b)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ns-104.awsdns-13.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: g-ns-1165.awsdns-13.com, g-ns-14.awsdns-13.com, g-ns-1741.awsdns-13.com, g-ns-589.awsdns-13.com

Answer: g-ns-1165.awsdns-13.com
205.251.196.141, 2600:9000:5304:8d00::1

Answer: g-ns-14.awsdns-13.com
205.251.192.14, 2600:9000:5300:e00::1

Answer: g-ns-1741.awsdns-13.com
205.251.198.205, 2600:9000:5306:cd00::1

Answer: g-ns-589.awsdns-13.com
205.251.194.77, 2600:9000:5302:4d00::1
3
org
NS
f.root-servers.net (2001:500:2f::f)

Answer: a0.org.afilias-nst.info, a2.org.afilias-nst.info, b0.org.afilias-nst.org, b2.org.afilias-nst.org, c0.org.afilias-nst.info, d0.org.afilias-nst.org
4
ns-1194.awsdns-21.org
NS
a0.org.afilias-nst.info (2001:500:e::1)

Answer: g-ns-1048.awsdns-21.org, g-ns-149.awsdns-21.org, g-ns-1621.awsdns-21.org, g-ns-727.awsdns-21.org

Answer: g-ns-1048.awsdns-21.org
205.251.196.24, 2600:9000:5304:1800::1

Answer: g-ns-149.awsdns-21.org
205.251.192.149, 2600:9000:5300:9500::1

Answer: g-ns-1621.awsdns-21.org
205.251.198.85, 2600:9000:5306:5500::1

Answer: g-ns-727.awsdns-21.org
205.251.194.215, 2600:9000:5302:d700::1
5
uk
NS
d.root-servers.net (2001:500:2d::d)

Answer: dns1.nic.uk, dns2.nic.uk, dns3.nic.uk, dns4.nic.uk, nsa.nic.uk, nsb.nic.uk, nsc.nic.uk, nsd.nic.uk
6
ns-1576.awsdns-05.co.uk
NS
dns1.nic.uk (2a01:618:400::1)

Answer: g-ns-1480.awsdns-05.co.uk, g-ns-1801.awsdns-05.co.uk, g-ns-325.awsdns-05.co.uk, g-ns-901.awsdns-05.co.uk

Answer: g-ns-1480.awsdns-05.co.uk
205.251.197.200, 2600:9000:5305:c800::1

Answer: g-ns-1801.awsdns-05.co.uk
205.251.199.9, 2600:9000:5307:900::1

Answer: g-ns-325.awsdns-05.co.uk
205.251.193.69, 2600:9000:5301:4500::1

Answer: g-ns-901.awsdns-05.co.uk
205.251.195.133, 2600:9000:5303:8500::1
7
net
NS
e.root-servers.net (2001:500:a8::e)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
8
ns-865.awsdns-44.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: g-ns-1388.awsdns-44.net, g-ns-1964.awsdns-44.net, g-ns-493.awsdns-44.net, g-ns-814.awsdns-44.net

Answer: g-ns-1388.awsdns-44.net
205.251.197.108, 2600:9000:5305:6c00::1

Answer: g-ns-1964.awsdns-44.net
205.251.199.172, 2600:9000:5307:ac00::1

Answer: g-ns-493.awsdns-44.net
205.251.193.237, 2600:9000:5301:ed00::1

Answer: g-ns-814.awsdns-44.net
205.251.195.46, 2600:9000:5303:2e00::1
9
ns-104.awsdns-13.com: 205.251.192.104
A
g-ns-1165.awsdns-13.com (2600:9000:5304:8d00::1)
10
ns-104.awsdns-13.com: 2600:9000:5300:6800::1
AAAA
g-ns-1165.awsdns-13.com (2600:9000:5304:8d00::1)
11
ns-1194.awsdns-21.org: 205.251.196.170
A
g-ns-1048.awsdns-21.org (2600:9000:5304:1800::1)
12
ns-1194.awsdns-21.org: 2600:9000:5304:aa00::1
AAAA
g-ns-1048.awsdns-21.org (2600:9000:5304:1800::1)
13
ns-1576.awsdns-05.co.uk: 205.251.198.40
A
g-ns-1480.awsdns-05.co.uk (2600:9000:5305:c800::1)
14
ns-1576.awsdns-05.co.uk: 2600:9000:5306:2800::1
AAAA
g-ns-1480.awsdns-05.co.uk (2600:9000:5305:c800::1)
15
ns-865.awsdns-44.net: 205.251.195.97
A
g-ns-1388.awsdns-44.net (2600:9000:5305:6c00::1)
16
ns-865.awsdns-44.net: 2600:9000:5303:6100::1
AAAA
g-ns-1388.awsdns-44.net (2600:9000:5305:6c00::1)

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.privacydesign.ch
5
issue
letsencrypt.org
1
0
privacydesign.ch
0

no CAA entry found
1
0
ch
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
privacydesign.ch
v=spf1 mx ~all
ok
1
0
www.privacydesign.ch

ok
1
0
_acme-challenge.privacydesign.ch

Name Error - The domain name does not exist
1
0
_acme-challenge.www.privacydesign.ch

Name Error - The domain name does not exist
1
0
_acme-challenge.privacydesign.ch.privacydesign.ch

Name Error - The domain name does not exist
1
0
_acme-challenge.www.privacydesign.ch.privacydesign.ch

Name Error - The domain name does not exist
1
0
_acme-challenge.www.privacydesign.ch.www.privacydesign.ch

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

privacydesign.ch
10
www.privacymonks.org
01ok

A


212.51.149.69
01ok

CNAME


00ok
_mta-sts
TXT
_mta-sts.privacydesign.ch

v=STSv1;  id=20231103011001
ok

A
mta-sts.privacydesign.ch

212.51.149.69
ok




version: STSv1
ok




mode: enforce
ok




mx: www.privacymonks.org
ok




max_age: 10368000
ok
_dmarc
TXT
_dmarc.privacydesign.ch

v=DMARC1; p=reject; pct=100;fo=1; rua=mailto:john@privacydesign.ch
ok

 

 

17. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
privacydesign.ch
212.51.149.69
25
6 Ciphers57.49 secSMTP
0 without, 6 FS
100.00 %
privacydesign.ch
212.51.149.69
443
3 Ciphers33.35 sec
0 without, 3 FS
100.00 %
privacydesign.ch
212.51.149.69
465
6 Ciphers44.06 secSMTP (encrypted)
0 without, 6 FS
100.00 %
privacydesign.ch
212.51.149.69
993
3 Ciphers38.30 secIMAP (encrypted)
0 without, 3 FS
100.00 %
www.privacydesign.ch
212.51.149.69
25
6 Ciphers57.34 secSMTP
0 without, 6 FS
100.00 %
www.privacydesign.ch
212.51.149.69
443
3 Ciphers33.31 sec
0 without, 3 FS
100.00 %
www.privacydesign.ch
212.51.149.69
465
6 Ciphers44.28 secSMTP (encrypted)
0 without, 6 FS
100.00 %
www.privacydesign.ch
212.51.149.69
993
3 Ciphers39.14 secIMAP (encrypted)
0 without, 3 FS
100.00 %
Complete

8
36 Ciphers
4.50 Ciphers/Check
347.27 sec43.41 sec/Check
0 without, 36 FS
100.00 %

Details
DomainIPPortCipher (OpenSsl / IANA)
privacydesign.ch
212.51.149.69
25
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 57.49 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




DHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xAA
FS

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

DH
RSA
CHACHA20/POLY1305(256)
AEAD




DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

DH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

DH
RSA
AESGCM(128)
AEAD



443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
3 Ciphers, 33.35 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD



465
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 44.06 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




DHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xAA
FS

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

DH
RSA
CHACHA20/POLY1305(256)
AEAD




DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

DH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

DH
RSA
AESGCM(128)
AEAD



993
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
3 Ciphers, 38.30 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD

www.privacydesign.ch
212.51.149.69
25
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 57.34 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




DHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xAA
FS

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

DH
RSA
CHACHA20/POLY1305(256)
AEAD




DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

DH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

DH
RSA
AESGCM(128)
AEAD



443
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
3 Ciphers, 33.31 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD



465
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
6 Ciphers, 44.28 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




DHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xAA
FS

TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256

DH
RSA
CHACHA20/POLY1305(256)
AEAD




DHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0x00,0x9F
FS

TLS_DHE_RSA_WITH_AES_256_GCM_SHA384

DH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




DHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0x00,0x9E
FS

TLS_DHE_RSA_WITH_AES_128_GCM_SHA256

DH
RSA
AESGCM(128)
AEAD



993
ECDHE-RSA-CHACHA20-POLY1305
(Secure)
TLSv1.2
0xCC,0xA8
FS
3 Ciphers, 39.14 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
(Secure)
TLSv1.2
0xC0,0x30
FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
(Secure)
TLSv1.2
0xC0,0x2F
FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD

 

18. Portchecks

DomainIPPortDescriptionResultAnswer
privacydesign.ch
212.51.149.69
21
FTP



privacydesign.ch
212.51.149.69
21
FTP



privacydesign.ch
212.51.149.69
22
SSH
open
SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u3

privacydesign.ch
212.51.149.69
22
SSH
open
SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u3
Bad: SSH without DNS SSHFP Record found

Possible DNS SSHFP Entries:
privacydesign.ch IN SSHFP 1 2 07cc57b3f692a7b6452b231e258af0d2aca2d417bbf75db56a768d99073c4a65
privacydesign.ch IN SSHFP 3 2 49abb3e8205f8d9f1fcb8a960d3c67f9b7820f90e2e3f3982b4d92c927c75f09
privacydesign.ch IN SSHFP 4 2 dcaf98dee5d45625e64a1f74020435b04a95f22dc4b4841c379c9b520f6f3e0f
privacydesign.ch
212.51.149.69
25
SMTP
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)

 

Answer EHLO: 250-www.privacymonks.org 250-PIPELINING 250-SIZE 104857600 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING

 

Answer AUTH LOGIN: (no AUTH option found)
Mail certificate is invalid
privacydesign.ch
212.51.149.69
25
SMTP
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)
Mail certificate is invalid

Answer EHLO: 250-www.privacymonks.org 250-PIPELINING 250-SIZE 104857600 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING Good: STARTTLS found


Excellent: No unencrypted login possible
privacydesign.ch
212.51.149.69
53
DNS



privacydesign.ch
212.51.149.69
53
DNS



privacydesign.ch
212.51.149.69
110
POP3



privacydesign.ch
212.51.149.69
110
POP3



privacydesign.ch
212.51.149.69
143
IMAP



privacydesign.ch
212.51.149.69
143
IMAP



privacydesign.ch
212.51.149.69
465
SMTP (encrypted)
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)
Mail certificate is invalid
privacydesign.ch
212.51.149.69
465
SMTP (encrypted)
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)
Mail certificate is invalid
privacydesign.ch
212.51.149.69
587
SMTP (encrypted, submission)



privacydesign.ch
212.51.149.69
587
SMTP (encrypted, submission)



privacydesign.ch
212.51.149.69
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Raspbian) ready.
Mail certificate is invalid
privacydesign.ch
212.51.149.69
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Raspbian) ready.
Mail certificate is invalid
privacydesign.ch
212.51.149.69
995
POP3 (encrypted)



privacydesign.ch
212.51.149.69
995
POP3 (encrypted)



privacydesign.ch
212.51.149.69
1433
MS SQL



privacydesign.ch
212.51.149.69
1433
MS SQL



privacydesign.ch
212.51.149.69
2082
cPanel (http)



privacydesign.ch
212.51.149.69
2082
cPanel (http)



privacydesign.ch
212.51.149.69
2083
cPanel (https)



privacydesign.ch
212.51.149.69
2083
cPanel (https)



privacydesign.ch
212.51.149.69
2086
WHM (http)



privacydesign.ch
212.51.149.69
2086
WHM (http)



privacydesign.ch
212.51.149.69
2087
WHM (https)



privacydesign.ch
212.51.149.69
2087
WHM (https)



privacydesign.ch
212.51.149.69
2089
cPanel Licensing



privacydesign.ch
212.51.149.69
2089
cPanel Licensing



privacydesign.ch
212.51.149.69
2095
cPanel Webmail (http)



privacydesign.ch
212.51.149.69
2095
cPanel Webmail (http)



privacydesign.ch
212.51.149.69
2096
cPanel Webmail (https)



privacydesign.ch
212.51.149.69
2096
cPanel Webmail (https)



privacydesign.ch
212.51.149.69
2222
DirectAdmin (http)



privacydesign.ch
212.51.149.69
2222
DirectAdmin (http)



privacydesign.ch
212.51.149.69
2222
DirectAdmin (https)



privacydesign.ch
212.51.149.69
2222
DirectAdmin (https)



privacydesign.ch
212.51.149.69
3306
mySql



privacydesign.ch
212.51.149.69
3306
mySql



privacydesign.ch
212.51.149.69
5224
Plesk Licensing



privacydesign.ch
212.51.149.69
5224
Plesk Licensing



privacydesign.ch
212.51.149.69
5432
PostgreSQL



privacydesign.ch
212.51.149.69
5432
PostgreSQL



privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (http)



privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (http)



privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (https)



privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (https)



privacydesign.ch
212.51.149.69
8083
VestaCP http



privacydesign.ch
212.51.149.69
8083
VestaCP http



privacydesign.ch
212.51.149.69
8083
VestaCP https



privacydesign.ch
212.51.149.69
8083
VestaCP https



privacydesign.ch
212.51.149.69
8443
Plesk Administration (https)



privacydesign.ch
212.51.149.69
8443
Plesk Administration (https)



privacydesign.ch
212.51.149.69
8447
Plesk Installer + Updates



privacydesign.ch
212.51.149.69
8447
Plesk Installer + Updates



privacydesign.ch
212.51.149.69
8880
Plesk Administration (http)



privacydesign.ch
212.51.149.69
8880
Plesk Administration (http)



privacydesign.ch
212.51.149.69
10000
Webmin (http)



privacydesign.ch
212.51.149.69
10000
Webmin (http)



privacydesign.ch
212.51.149.69
10000
Webmin (https)



privacydesign.ch
212.51.149.69
10000
Webmin (https)



www.privacydesign.ch
212.51.149.69
21
FTP



www.privacydesign.ch
212.51.149.69
21
FTP



www.privacydesign.ch
212.51.149.69
22
SSH
open
SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u3

www.privacydesign.ch
212.51.149.69
22
SSH
open
SSH-2.0-OpenSSH_8.4p1 Raspbian-5+deb11u3
Bad: SSH without DNS SSHFP Record found

Possible DNS SSHFP Entries:
www.privacydesign.ch IN SSHFP 1 2 07cc57b3f692a7b6452b231e258af0d2aca2d417bbf75db56a768d99073c4a65
www.privacydesign.ch IN SSHFP 3 2 49abb3e8205f8d9f1fcb8a960d3c67f9b7820f90e2e3f3982b4d92c927c75f09
www.privacydesign.ch IN SSHFP 4 2 dcaf98dee5d45625e64a1f74020435b04a95f22dc4b4841c379c9b520f6f3e0f
www.privacydesign.ch
212.51.149.69
25
SMTP
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)

 

Answer EHLO: 250-www.privacymonks.org 250-PIPELINING 250-SIZE 104857600 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING

 

Answer AUTH LOGIN: (no AUTH option found)
Mail certificate is invalid
www.privacydesign.ch
212.51.149.69
25
SMTP
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)
Mail certificate is invalid

Answer EHLO: 250-www.privacymonks.org 250-PIPELINING 250-SIZE 104857600 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250-DSN 250 CHUNKING Good: STARTTLS found


Excellent: No unencrypted login possible
www.privacydesign.ch
212.51.149.69
53
DNS



www.privacydesign.ch
212.51.149.69
53
DNS



www.privacydesign.ch
212.51.149.69
110
POP3



www.privacydesign.ch
212.51.149.69
110
POP3



www.privacydesign.ch
212.51.149.69
143
IMAP



www.privacydesign.ch
212.51.149.69
143
IMAP



www.privacydesign.ch
212.51.149.69
465
SMTP (encrypted)
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)
Mail certificate is invalid
www.privacydesign.ch
212.51.149.69
465
SMTP (encrypted)
open
220 www.privacymonks.org ESMTP fairydust (thanks for the fish)
Mail certificate is invalid
www.privacydesign.ch
212.51.149.69
587
SMTP (encrypted, submission)



www.privacydesign.ch
212.51.149.69
587
SMTP (encrypted, submission)



www.privacydesign.ch
212.51.149.69
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Raspbian) ready.
Mail certificate is invalid
www.privacydesign.ch
212.51.149.69
993
IMAP (encrypted)
open
* OK [CAPABILITY IMAP4rev1 SASL-IR LOGIN-REFERRALS ID ENABLE IDLE LITERAL+ AUTH=PLAIN AUTH=LOGIN] Dovecot (Raspbian) ready.
Mail certificate is invalid
www.privacydesign.ch
212.51.149.69
995
POP3 (encrypted)



www.privacydesign.ch
212.51.149.69
995
POP3 (encrypted)



www.privacydesign.ch
212.51.149.69
1433
MS SQL



www.privacydesign.ch
212.51.149.69
1433
MS SQL



www.privacydesign.ch
212.51.149.69
2082
cPanel (http)



www.privacydesign.ch
212.51.149.69
2082
cPanel (http)



www.privacydesign.ch
212.51.149.69
2083
cPanel (https)



www.privacydesign.ch
212.51.149.69
2083
cPanel (https)



www.privacydesign.ch
212.51.149.69
2086
WHM (http)



www.privacydesign.ch
212.51.149.69
2086
WHM (http)



www.privacydesign.ch
212.51.149.69
2087
WHM (https)



www.privacydesign.ch
212.51.149.69
2087
WHM (https)



www.privacydesign.ch
212.51.149.69
2089
cPanel Licensing



www.privacydesign.ch
212.51.149.69
2089
cPanel Licensing



www.privacydesign.ch
212.51.149.69
2095
cPanel Webmail (http)



www.privacydesign.ch
212.51.149.69
2095
cPanel Webmail (http)



www.privacydesign.ch
212.51.149.69
2096
cPanel Webmail (https)



www.privacydesign.ch
212.51.149.69
2096
cPanel Webmail (https)



www.privacydesign.ch
212.51.149.69
2222
DirectAdmin (http)



www.privacydesign.ch
212.51.149.69
2222
DirectAdmin (http)



www.privacydesign.ch
212.51.149.69
2222
DirectAdmin (https)



www.privacydesign.ch
212.51.149.69
2222
DirectAdmin (https)



www.privacydesign.ch
212.51.149.69
3306
mySql



www.privacydesign.ch
212.51.149.69
3306
mySql



www.privacydesign.ch
212.51.149.69
5224
Plesk Licensing



www.privacydesign.ch
212.51.149.69
5224
Plesk Licensing



www.privacydesign.ch
212.51.149.69
5432
PostgreSQL



www.privacydesign.ch
212.51.149.69
5432
PostgreSQL



www.privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (http)



www.privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (http)



www.privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (https)



www.privacydesign.ch
212.51.149.69
8080
Ookla Speedtest (https)



www.privacydesign.ch
212.51.149.69
8083
VestaCP http



www.privacydesign.ch
212.51.149.69
8083
VestaCP http



www.privacydesign.ch
212.51.149.69
8083
VestaCP https



www.privacydesign.ch
212.51.149.69
8083
VestaCP https



www.privacydesign.ch
212.51.149.69
8443
Plesk Administration (https)



www.privacydesign.ch
212.51.149.69
8443
Plesk Administration (https)



www.privacydesign.ch
212.51.149.69
8447
Plesk Installer + Updates



www.privacydesign.ch
212.51.149.69
8447
Plesk Installer + Updates



www.privacydesign.ch
212.51.149.69
8880
Plesk Administration (http)



www.privacydesign.ch
212.51.149.69
8880
Plesk Administration (http)



www.privacydesign.ch
212.51.149.69
10000
Webmin (http)



www.privacydesign.ch
212.51.149.69
10000
Webmin (http)



www.privacydesign.ch
212.51.149.69
10000
Webmin (https)



www.privacydesign.ch
212.51.149.69
10000
Webmin (https)



 

 

Permalink: https://check-your-website.server-daten.de/?i=68d06fab-d647-4c24-b523-a5d1a8aefd42

 

Last Result: https://check-your-website.server-daten.de/?q=privacydesign.ch - 2024-05-23 17:28:49

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=privacydesign.ch" target="_blank">Check this Site: privacydesign.ch</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=privacydesign.ch