Check DNS, Urls + Redirects, Certificates and Content of your Website



X

DNS-problem - authoritative Nameserver refused, not defined or timeout

Checked:
14.01.2022 18:28:22


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
rms.triolcorp.ru
A
77.72.135.52
Berlin/Land Berlin/Germany (DE) - COLOBRIDGE
No Hostname found
yes
1
0

AAAA

yes


www.rms.triolcorp.ru

Name Error
yes
1
0
*.triolcorp.ru
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


*.rms.triolcorp.ru
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 9799, Flags 256



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 01.02.2022, 00:00:00 +, Signature-Inception: 11.01.2022, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: ru
ru
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 7729, DigestType 2 and Digest wDWHERO7fHDB+/wcm/36l4FzM0jVT375pK0CGqADNvM=



1 RRSIG RR to validate DS RR found



RRSIG-Owner ru., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 27.01.2022, 05:00:00 +, Signature-Inception: 14.01.2022, 04:00:00 +, KeyTag 9799, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 9799 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 7729, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 52638, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner ru., Algorithm: 8, 1 Labels, original TTL: 345600 sec, Signature-expiration: 28.01.2022, 00:00:00 +, Signature-Inception: 08.01.2022, 00:00:00 +, KeyTag 7729, Signer-Name: ru



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 7729 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 7729, DigestType 2 and Digest "wDWHERO7fHDB+/wcm/36l4FzM0jVT375pK0CGqADNvM=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: triolcorp.ru
triolcorp.ru
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "pc04tsue1gt21f03sovdjd4rchskdpp0" between the hashed NSEC3-owner "pbuv52bd6kt32911drvupqisl0ca3no0" and the hashed NextOwner "pc1cbc4r5sgjhkqd3v91hb5gme2hbfnk". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner pbuv52bd6kt32911drvupqisl0ca3no0.ru., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 21.01.2022, 09:09:10 +, Signature-Inception: 19.12.2021, 00:18:43 +, KeyTag 52638, Signer-Name: ru



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "tdui9d4jkuds8b9t86gj39pgflcnlgm5" as Owner. That's the Hash of "ru" with the NextHashedOwnerName "te33kgtaqu9m5crq3ibsilqu11gfgttt". So that domain name is the Closest Encloser of "triolcorp.ru". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner tdui9d4jkuds8b9t86gj39pgflcnlgm5.ru., Algorithm: 8, 2 Labels, original TTL: 3600 sec, Signature-expiration: 22.02.2022, 09:53:08 +, Signature-Inception: 12.01.2022, 16:18:52 +, KeyTag 52638, Signer-Name: ru



0 DNSKEY RR found




Zone: rms.triolcorp.ru
rms.triolcorp.ru
0 DS RR in the parent zone found



0 DNSKEY RR found




Zone: www.rms.triolcorp.ru
www.rms.triolcorp.ru
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
www.rms.triolcorp.ru
  ns1.beget.com

rms.triolcorp.ru
  ns1.beget.com

triolcorp.ru
  ns1.beget.com
5.101.159.11
St Petersburg/St.-Petersburg/Russia (RU) - Geo location BEGET.RU


  ns1.beget.pro
5.101.159.11
St Petersburg/St.-Petersburg/Russia (RU) - Geo location BEGET.RU


  ns1.beget.ru
5.101.159.11
St Petersburg/St.-Petersburg/Russia (RU) - Geo location BEGET.RU


  ns2.beget.com
185.50.27.12
Moscow/Russia (RU) - Beget LLC


  ns2.beget.pro
185.50.27.12
Moscow/Russia (RU) - Beget LLC


  ns2.beget.ru
185.50.27.12
Moscow/Russia (RU) - Beget LLC

ru
  a.dns.ripn.net


  b.dns.ripn.net


  d.dns.ripn.net


  e.dns.ripn.net


  f.dns.ripn.net


4. SOA-Entries


Domain:ru
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:5


Domain:triolcorp.ru
Zone-Name:triolcorp.ru
Primary:ns1.beget.com
Mail:hostmaster.beget.com
Serial:1619720525
Refresh:300
Retry:600
Expire:86400
TTL:300
num Entries:6


Domain:rms.triolcorp.ru
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:www.rms.triolcorp.ru
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

Startaddress: https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx, address used: https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx, Screenshot created 2022-01-14 18:29:56 +00:0 url is insecure, certificate invalid

Mobil (412px x 732px)

337 milliseconds

Screenshot mobile - https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
Mobil + Landscape (732px x 412px)

270 milliseconds

Screenshot mobile landscape - https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
Screen (1280px x 1680px)

627 milliseconds

Screenshot Desktop - https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx

Mobile- and other Chrome-Checks

widthheight
visual Viewport412716
content Size932716

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

Chrome-Connection: secure. secure connection settings. The connection to this site is encrypted and authenticated using TLS 1.2, ECDHE_RSA with P-384, and AES_256_GCM.

Chrome-Resources : secure. all served securely. All resources on this page are served securely.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://rms.triolcorp.ru/
77.72.135.52
301
https://rms.triolcorp.ru/RDWeb
Html is minified: 100.00 %
0.046
A
Content-Type: text/html; charset=UTF-8
Location: https://rms.triolcorp.ru/RDWeb
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 14 Jan 2022 17:28:57 GMT
Connection: close
Content-Length: 153

• https://rms.triolcorp.ru/
77.72.135.52
301
https://rms.triolcorp.ru/RDWeb
Html is minified: 100.00 %
2.297
N
Certificate error: RemoteCertificateChainErrors
Content-Type: text/html; charset=UTF-8
Location: https://rms.triolcorp.ru/RDWeb
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Fri, 14 Jan 2022 17:28:57 GMT
Connection: close
Content-Length: 153

• https://rms.triolcorp.ru/RDWeb

301
https://rms.triolcorp.ru/RDWeb/Pages
Html is minified: 100.00 %
2.344
N
Certificate error: RemoteCertificateChainErrors
Content-Type: text/html; charset=UTF-8
Location: https://rms.triolcorp.ru/RDWeb/Pages
Server: Microsoft-IIS/10.0
Date: Fri, 14 Jan 2022 17:29:15 GMT
Connection: close
Content-Length: 159

• https://rms.triolcorp.ru/RDWeb/Pages

301
https://rms.triolcorp.ru/RDWeb/Pages/
Html is minified: 100.00 %
2.360
N
Certificate error: RemoteCertificateChainErrors
Content-Type: text/html; charset=UTF-8
Location: https://rms.triolcorp.ru/RDWeb/Pages/
Server: Microsoft-IIS/10.0
Set-Cookie: TSWAFeatureCheckCookie=true; path=/RDWeb/
Date: Fri, 14 Jan 2022 17:29:17 GMT
Connection: close
Content-Length: 160

• https://rms.triolcorp.ru/RDWeb/Pages/

302
https://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
Html is minified: 104.23 %
2.263
N
Certificate error: RemoteCertificateChainErrors
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /RDWeb/Pages/en-US/Default.aspx
Server: Microsoft-IIS/10.0
Set-Cookie: TSWAFeatureCheckCookie=true; path=/RDWeb/
Date: Fri, 14 Jan 2022 17:29:20 GMT
Connection: close
Content-Length: 148

• https://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx

302
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
Html is minified: 102.91 %
2.280
N
Certificate error: RemoteCertificateChainErrors
Cache-Control: no-cache
Pragma: no-cache
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Expires: -1
Location: https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
Server: Microsoft-IIS/10.0
Set-Cookie: TSWAFeatureCheckCookie=true; path=/RDWeb/
Date: Fri, 14 Jan 2022 17:29:23 GMT
Connection: close

• https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
No GZip used - 3419 / 14550 - 23.50 % possible
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
200

Html is minified: 160.22 %
2.330
N
Certificate error: RemoteCertificateChainErrors
small visible content (num chars: 403)
Error: Unable to display RD Web Access An unexpected error has occurred that is preventing this page from being displayed correctly. Viewing this page in Internet Explorer with the Enhanced Security Configuration enabled can cause such an error. Please try loading this page without the Enhanced Security Configuration enabled. If this error continues to be displayed, please contact your administrator.
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/xml; charset=utf-8
Expires: -1
Server: Microsoft-IIS/10.0
Set-Cookie: TSWAFeatureCheckCookie=true; path=/RDWeb/
Date: Fri, 14 Jan 2022 17:29:26 GMT
Connection: close
Content-Length: 14550

• http://rms.triolcorp.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
77.72.135.52
-14

10.060
T
Timeout - The operation has timed out
Visible Content:

• https://77.72.135.52/
77.72.135.52
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
404

Html is minified: 103.96 %
2.313
N
Not Found
Certificate error: RemoteCertificateNameMismatch, RemoteCertificateChainErrors
small visible content (num chars: 162)
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN""http://www.w3.org/TR/html4/strict.dtd"> Not Found Not Found HTTP Error 404. The requested resource is not found.
Content-Type: text/html; charset=us-ascii
Server: Microsoft-HTTPAPI/2.0
Date: Fri, 14 Jan 2022 17:29:11 GMT
Connection: close
Content-Length: 315

7. Comments


1. General Results, most used to calculate the result

Aname "rms.triolcorp.ru" is subdomain, public suffix is ".ru", top-level-domain is ".ru", top-level-domain-type is "country-code", Country is Russian Federation (the), tld-manager is "Coordination Center for TLD RU", num .ru-domains preloaded: 1928 (complete: 175327)
Agood: All ip addresses are public addresses
Warning: Only one ip address found: rms.triolcorp.ru has only one ip address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: rms.triolcorp.ru has no ipv6 address.
Agood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
Ahttps://rms.triolcorp.ru/RDWeb
301
https://rms.triolcorp.ru/RDWeb/Pages
correct redirect https to https
Ahttps://rms.triolcorp.ru/RDWeb/Pages
301
https://rms.triolcorp.ru/RDWeb/Pages/
correct redirect https to https
Ahttps://rms.triolcorp.ru/RDWeb/Pages/
302
https://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
correct redirect https to https
Ahttps://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
302
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
correct redirect https to https
Ahttps://rms.triolcorp.ru/ 77.72.135.52
301
https://rms.triolcorp.ru/RDWeb
correct redirect https to https
Agood: destination is https
Agood - only one version with Http-Status 200
Agood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Bhttps://rms.triolcorp.ru/RDWeb
301

Missing HSTS-Header
Bhttps://rms.triolcorp.ru/RDWeb/Pages
301

Missing HSTS-Header
Bhttps://rms.triolcorp.ru/RDWeb/Pages/
302

Missing HSTS-Header
Bhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
302

Missing HSTS-Header
Bhttps://rms.triolcorp.ru/ 77.72.135.52
301

Missing HSTS-Header
Bhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200

Missing HSTS-Header
Bhttps://rms.triolcorp.ru/RDWeb/Pages
301
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie sent via https, but not marked as secure
Bhttps://rms.triolcorp.ru/RDWeb/Pages/
302
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie sent via https, but not marked as secure
Bhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
302
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie sent via https, but not marked as secure
Bhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie sent via https, but not marked as secure
Bhttps://rms.triolcorp.ru/RDWeb/Pages
301
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://rms.triolcorp.ru/RDWeb/Pages/
302
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
302
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200
TSWAFeatureCheckCookie=true; path=/RDWeb/
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Mhttps://77.72.135.52/ 77.72.135.52
404

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://rms.triolcorp.ru/RDWeb
301
https://rms.triolcorp.ru/RDWeb/Pages
Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://rms.triolcorp.ru/RDWeb/Pages
301
https://rms.triolcorp.ru/RDWeb/Pages/
Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://rms.triolcorp.ru/RDWeb/Pages/
302
https://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/Default.aspx
302
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://rms.triolcorp.ru/ 77.72.135.52
301
https://rms.triolcorp.ru/RDWeb
Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200

Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://77.72.135.52/ 77.72.135.52
404

Error - Certificate isn't trusted, RemoteCertificateNameMismatch, RemoteCertificateChainErrors
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain rms.triolcorp.ru, 1 ip addresses, 1 different http results.

2. DNS- and NameServer - Checks

AInfo:: 6 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 6 Name Servers.
AInfo:: 6 Queries complete, 6 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.ns1.beget.com (5.101.159.11), ns1.beget.pro (5.101.159.11), ns1.beget.ru (5.101.159.11), ns2.beget.com (185.50.27.12), ns2.beget.pro (185.50.27.12), ns2.beget.ru (185.50.27.12)
AGood (1 - 3.0):: An average of 1.0 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 6 different Name Servers found: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru, 2 Name Servers included in Delegation: ns1.beget.ru, ns2.beget.ru, 6 Name Servers included in 1 Zone definitions: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru, 1 Name Servers listed in SOA.Primary: ns1.beget.com.
AGood: Only one SOA.Primary Name Server found.: ns1.beget.com.
Error: SOA.Primary Name Server not included in the delegation set.: ns1.beget.com.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: ns1.beget.com (5.101.159.11): Delegation: ns1.beget.ru, ns2.beget.ru, Zone: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru. Name Servers defined in Zone, missing in Delegation: ns1.beget.com, ns1.beget.pro, ns2.beget.com, ns2.beget.pro.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: ns1.beget.pro (5.101.159.11): Delegation: ns1.beget.ru, ns2.beget.ru, Zone: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru. Name Servers defined in Zone, missing in Delegation: ns1.beget.com, ns1.beget.pro, ns2.beget.com, ns2.beget.pro.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: ns1.beget.ru (5.101.159.11): Delegation: ns1.beget.ru, ns2.beget.ru, Zone: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru. Name Servers defined in Zone, missing in Delegation: ns1.beget.com, ns1.beget.pro, ns2.beget.com, ns2.beget.pro.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: ns2.beget.com (185.50.27.12): Delegation: ns1.beget.ru, ns2.beget.ru, Zone: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru. Name Servers defined in Zone, missing in Delegation: ns1.beget.com, ns1.beget.pro, ns2.beget.com, ns2.beget.pro.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: ns2.beget.pro (185.50.27.12): Delegation: ns1.beget.ru, ns2.beget.ru, Zone: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru. Name Servers defined in Zone, missing in Delegation: ns1.beget.com, ns1.beget.pro, ns2.beget.com, ns2.beget.pro.
XFatal: Inconsistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone.: ns2.beget.ru (185.50.27.12): Delegation: ns1.beget.ru, ns2.beget.ru, Zone: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru. Name Servers defined in Zone, missing in Delegation: ns1.beget.com, ns1.beget.pro, ns2.beget.com, ns2.beget.pro.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AInfo: Ipv4-Subnet-list: 6 Name Servers, 2 different subnets (first Byte): 185., 5., 2 different subnets (first two Bytes): 185.50., 5.101., 2 different subnets (first three Bytes): 185.50.27., 5.101.159.
AGood: Name Server IPv4-addresses from different subnet found:
AGood: Nameserver supports TCP connections: 6 good Nameserver
AGood: Nameserver supports Echo Capitalization: 6 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 6 good Nameserver
Nameserver doesn't pass all EDNS-Checks: a.dns.ripn.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: b.dns.ripn.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: d.dns.ripn.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: e.dns.ripn.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: f.dns.ripn.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns1.beget.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns1.beget.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

http://rms.triolcorp.ru/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 77.72.135.52
-14

Fatal: Check of /.well-known/acme-challenge/random-filename has a timeout. Creating a Letsencrypt certificate via http-01 challenge can't work. You need a running webserver (http) and an open port 80. If it's a home server + ipv4, perhaps a correct port forwarding port 80 extern ⇒ working port intern is required. Port 80 / http can redirect to another domain port 80 or port 443, but not other ports. If it's a home server, perhaps your ISP blocks port 80. Then you may use the dns-01 challenge. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200

Warning: https result with status 200 and size greater then 1024 Bytes without GZip found. Add GZip support so the html content is compressed.
AGood: No https + http status 200 with inline CSS / JavaScript found
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
https://77.72.135.52/ 77.72.135.52
404
2.313 seconds
Warning: 404 needs more then one second
AInfo: Different Server-Headers found
ADuration: 107154 milliseconds, 107.154 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
rms.triolcorp.ru
rms.triolcorp.ru
443
Certificate/chain invalid






error checking OCSP stapling
ok
rms.triolcorp.ru
rms.triolcorp.ru
443
Certificate/chain invalid







error checking OCSP stapling
ok
no http/2 via ALPN 
no Tls.1.2
Tls.1.1
no Tls.1.0
no http/2 via ALPN
no Tls.1.2
Tls.1.1
no Tls.1.0


rms.triolcorp.ru
77.72.135.52
443
Certificate/chain invalid






error checking OCSP stapling
ok

rms.triolcorp.ru
77.72.135.52
443
Certificate/chain invalid







error checking OCSP stapling
ok
no http/2 via ALPN 
no Tls.1.2
Tls.1.1
no Tls.1.0
no http/2 via ALPN
no Tls.1.2
Tls.1.1
no Tls.1.0


77.72.135.52
77.72.135.52
443
Certificate/chain invalid and wrong name






error checking OCSP stapling
ok

77.72.135.52
77.72.135.52
443
Certificate/chain invalid and wrong name







error checking OCSP stapling
ok
no http/2 via ALPN 
Cert sent without SNI
no Tls.1.2
Tls.1.1
no Tls.1.0
no http/2 via ALPN
Cert sent without SNI
no Tls.1.2
Tls.1.1
no Tls.1.0


9. Certificates

1.
1.
CN=rms.triolcorp.ru
12.01.2022
14.07.2022
expires in 171 days

1.
1.
CN=rms.triolcorp.ru
12.01.2022

14.07.2022
expires in 171 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:29A1FF0012FE209A4814344BB8BFFFDF
Thumbprint:10C91E7F5EEBCFA135B9A2CFB2AFA2D7671C8688
SHA256 / Certificate:tt4huC5yzUd8XN3oWeBKdSKCEKAHjYX2ctlRLA2aBCg=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):9c3ecfb2d8ae0a49ff869434e2a7983e37ec91d5e4b1b1c67fc10d9bf720447f
SHA256 hex / Subject Public Key Information (SPKI):9c3ecfb2d8ae0a49ff869434e2a7983e37ec91d5e4b1b1c67fc10d9bf720447f (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

UntrustedRoot: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.


10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

No CRT - CT-Log entries found


11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx
a

4

0


0
0
0


form

1
14,602 Bytes
0
1
0
0
0
0


meta
other
1

0


0
0
0

https://77.72.135.52/
77.72.135.52
meta
other
1

0


0
0
0

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://rms.triolcorp.ru/RDWeb/Pages/en-US/login.aspx?ReturnUrl=/RDWeb/Pages/en-US/Default.aspx

a

javascript:onclickExplanation('lnkHdSec')


1
ok








a

javascript:onclickExplanation('lnkShwSec')


1
ok








a

password.aspx


2
ok








form
post
login.aspx?ReturnUrl=%2FRDWeb%2FPages%2Fen-US%2FDefault.aspx
200

1
ok
text/xml; charset=utf-8, missing X-Content-Type-Options nosniff

14602 Bytes






meta
Content-Type
text/html; charset=utf-8


1
ok







https://77.72.135.52/
77.72.135.52
meta
Content-Type
text/html; charset=us-ascii


1
ok








12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1.beget.com, ns1.beget.pro, ns1.beget.ru, ns2.beget.com, ns2.beget.pro, ns2.beget.ru

QNr.DomainTypeNS used
1
com
NS
b.root-servers.net (2001:500:200::b)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ns1.beget.com: 5.101.159.11
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2.beget.com
185.50.27.12
3
pro
NS
a.root-servers.net (2001:503:ba3e::2:30)

Answer: a0.pro.afilias-nst.info, a2.pro.afilias-nst.info, b0.pro.afilias-nst.org, b2.pro.afilias-nst.org, c0.pro.afilias-nst.info, d0.pro.afilias-nst.org
4
ns1.beget.pro: 5.101.159.11
NS
a0.pro.afilias-nst.info (2001:500:c0::1)

Answer: ns2.beget.pro
185.50.27.12
5
ru
NS
l.root-servers.net (2001:500:9f::42)

Answer: a.dns.ripn.net, b.dns.ripn.net, d.dns.ripn.net, e.dns.ripn.net, f.dns.ripn.net
6
ns1.beget.ru: 5.101.159.11
NS
a.dns.ripn.net (2001:678:17:0:193:232:128:6)

Answer: ns2.beget.ru
185.50.27.12


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
rms.triolcorp.ru
0

no CAA entry found
1
0
triolcorp.ru
0

no CAA entry found
1
0
ru
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
triolcorp.ru
google-site-verification=gw1MuqSbAl6B6FWcPJ0yz7obidWXOKpFXkbVwxX0sWk
ok
1
0
triolcorp.ru
mailru-verification: aff5969474b99774
ok
1
0
triolcorp.ru
MS=ms89081585
ok
1
0
triolcorp.ru
v=spf1 include:spf.protection.outlook.com -all
ok
1
0
rms.triolcorp.ru

ok
1
0
_acme-challenge.rms.triolcorp.ru

Name Error - The domain name does not exist
1
0
_acme-challenge.rms.triolcorp.ru.triolcorp.ru

Name Error - The domain name does not exist
1
0
_acme-challenge.rms.triolcorp.ru.rms.triolcorp.ru

Name Error - The domain name does not exist
1
0


15. Portchecks

No Port checks



Permalink: https://check-your-website.server-daten.de/?i=79b38b19-6cb2-43fa-86e0-5ea5e7912689


Last Result: https://check-your-website.server-daten.de/?q=rms.triolcorp.ru - 2022-01-14 18:28:22


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=rms.triolcorp.ru" target="_blank">Check this Site: rms.triolcorp.ru</a>