Shortcuts: 1. Basic DNS | 2. Url-Checks | 3. Comments | 4. Connections | 5. Certificates | 6. CT-Logs | 7. Html-Content | 8. CAA | 9. TXT |


N

No trusted Certificate

Checked:
20.04.2019 22:56:49


Older results

No older results found

1. Basic DNS and Nameserver Checks

HostTIP-Addressis auth.∑ Queries∑ Timeout
rockingsoccer.com
A
136.144.222.204
yes
1
0

AAAA
2a01:7c8:d003:be::1
yes


www.rockingsoccer.com
A
136.144.222.204
yes
1
0

AAAA
2a01:7c8:d003:be::1
yes



Zone (*)DNSSEC - Informations (beta)
(root)
1 DS RR published

Status: Valid because published

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)

Public Key with Algorithm 8, KeyTag 25266, Flags 256

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 02.05.2019, 00:00:00, Signature-Inception: 11.04.2019, 00:00:00, KeyTag 20326, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
com
1 DS RR in the parent zone found

1 RRSIG RR to validate DS RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 03.05.2019, 17:00:00, Signature-Inception: 20.04.2019, 16:00:00, KeyTag 25266, Signer-Name: (root)

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 25266 used to validate the DS RRSet in the parent zone

2 DNSKEY RR found

Public Key with Algorithm 8, KeyTag 3800, Flags 256

Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)

1 RRSIG RR to validate DNSKEY RR found

Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 27.04.2019, 18:25:33, Signature-Inception: 12.04.2019, 18:20:33, KeyTag 30909, Signer-Name: com

Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet

Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone
rockingsoccer.com
0 DS RR in the parent zone found

DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed domain name between the hashed NSEC3-owner and the hashed NextOwner. So the parent zone confirmes the non-existence of a DS RR.

0 DNSKEY RR found


www.rockingsoccer.com
0 DS RR in the parent zone found


DomainNameserverNS-IP
www.rockingsoccer.com
  ns1.delftgames.com

rockingsoccer.com
  ns1.delftgames.com
136.144.222.201

 
2a01:7c8:d003:bb::1

  ns2.delftgames.com
85.17.194.58
com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net



SOA - records (beta)

Domain:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1555793783
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:3


Domain:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1555793798
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:10


Domain:rockingsoccer.com
Primary:ns1.delftgames.com
Mail:sjoerd.delftgames.com
Serial:2018120606
Refresh:14400
Retry:3600
Expire:1209600
TTL:3600
num Entries:3


Domain:www.rockingsoccer.com
Primary:ns1.delftgames.com
Mail:sjoerd.delftgames.com
Serial:2018120606
Refresh:14400
Retry:3600
Expire:1209600
TTL:3600
num Entries:1


2. Url-Checks


show header:
Domainname Http-StatusredirectSec.G
• http://rockingsoccer.com/
136.144.222.204
301
https://rockingsoccer.com/
0.043
A
Location: https://rockingsoccer.com/
Content-Length: 0
Connection: close
Date: Sat, 20 Apr 2019 20:57:18 GMT
Server: lighttpd/1.4.35

• http://www.rockingsoccer.com/
136.144.222.204
301
http://rockingsoccer.com/
0.047
D
Location: http://rockingsoccer.com/
Content-Length: 0
Connection: close
Date: Sat, 20 Apr 2019 20:57:18 GMT
Server: lighttpd/1.4.35

• http://rockingsoccer.com/
2a01:7c8:d003:be::1
-14

10.024
T
Timeout - The operation has timed out

• http://www.rockingsoccer.com/
2a01:7c8:d003:be::1
-14

10.027
T
Timeout - The operation has timed out

• https://rockingsoccer.com/
136.144.222.204
302
https://rockingsoccer.com/en/soccer
0.380
B
Set-Cookie: PHPSESSID=j0usqsi3pfidek7iu67chit6r3; Path=/; Domain=rockingsoccer.com; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://rockingsoccer.com/en/soccer
Content-type: text/html; charset=UTF-8
Content-Length: 0
Connection: close
Date: Sat, 20 Apr 2019 20:57:39 GMT
Server: lighttpd/1.4.35

• https://www.rockingsoccer.com/
136.144.222.204
301
http://rockingsoccer.com/
0.260
N
Certificate error: RemoteCertificateNameMismatch
Location: http://rockingsoccer.com/
Content-Length: 0
Connection: close
Date: Sat, 20 Apr 2019 20:57:39 GMT
Server: lighttpd/1.4.35

• https://rockingsoccer.com/
2a01:7c8:d003:be::1
-14

10.026
T
Timeout - The operation has timed out

• https://www.rockingsoccer.com/
2a01:7c8:d003:be::1
-14

10.030
T
Timeout - The operation has timed out

• https://rockingsoccer.com/en/soccer

-14

10.026
T
Timeout - The operation has timed out

• http://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
136.144.222.204
301
https://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.043
A
Visible Content:
Location: https://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 0
Connection: close
Date: Sat, 20 Apr 2019 20:58:00 GMT
Server: lighttpd/1.4.35

• http://www.rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
136.144.222.204
301
http://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.043
D
Visible Content:
Location: http://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 0
Connection: close
Date: Sat, 20 Apr 2019 20:58:00 GMT
Server: lighttpd/1.4.35

• http://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7c8:d003:be::1
-14

10.027
T
Timeout - The operation has timed out
Visible Content:

• http://www.rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2a01:7c8:d003:be::1
-14

10.027
T
Timeout - The operation has timed out
Visible Content:

• https://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de

-14

10.026
T
Timeout - The operation has timed out
Visible Content:

3. Comments

Aname "rockingsoccer.com" is domain, public suffix is "com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
Ahttp://rockingsoccer.com/ 136.144.222.204
301
https://rockingsoccer.com/
correct redirect http - https with the same domain name
Bhttps://rockingsoccer.com/ 136.144.222.204
302

Missing HSTS-Header
Bhttps://www.rockingsoccer.com/ 136.144.222.204
301

Missing HSTS-Header
CError - no version with Http-Status 200
Dhttp://www.rockingsoccer.com/ 136.144.222.204
301
http://rockingsoccer.com/
wrong redirect one version http to other version http - first redirect to https without new dns query
Dhttp://www.rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 136.144.222.204
301
http://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
wrong redirect one version http to other version http - first redirect to https without new dns query
Fhttps://www.rockingsoccer.com/ 136.144.222.204
301
http://rockingsoccer.com/
wrong redirect https - http - never redirect https to http
Hfatal error: No https - result with http-status 200, no encryption
Khttp://rockingsoccer.com/ 136.144.222.204, Status 301

http://rockingsoccer.com/ 2a01:7c8:d003:be::1, Status -14
configuration problem - different ip addresses with different status
Khttp://www.rockingsoccer.com/ 136.144.222.204, Status 301

http://www.rockingsoccer.com/ 2a01:7c8:d003:be::1, Status -14
configuration problem - different ip addresses with different status
Khttps://rockingsoccer.com/ 136.144.222.204, Status 302

https://rockingsoccer.com/ 2a01:7c8:d003:be::1, Status -14
configuration problem - different ip addresses with different status
Khttps://www.rockingsoccer.com/ 136.144.222.204, Status 301

https://www.rockingsoccer.com/ 2a01:7c8:d003:be::1, Status -14
configuration problem - different ip addresses with different status
Khttp://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 136.144.222.204, Status 301

http://rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2a01:7c8:d003:be::1, Status -14
configuration problem - different ip addresses with different status
Khttp://www.rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 136.144.222.204, Status 301

http://www.rockingsoccer.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2a01:7c8:d003:be::1, Status -14
configuration problem - different ip addresses with different status
Nhttps://www.rockingsoccer.com/ 136.144.222.204
301
http://rockingsoccer.com/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
OOld connection: Diffie-Hellman Key Exchange with 1024 Bit is unsecure. Update to 2048 Bit Key Exchange.
AGood: Nameserver supports TCP connections: 3 good Nameserver
AGood: Nameserver supports Echo Capitalization: 3 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 3 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 3 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate
ADuration: 111736 milliseconds, 111.736 seconds


4. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
rockingsoccer.com
136.144.222.204
443
ok
Tls12
DiffieHellman
1024
Aes256
256
Sha384
error checking OCSP stapling
weak
Chain (complete)
1CN=rockingsoccer.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
www.rockingsoccer.com
136.144.222.204
443
name does not match
Tls12
DiffieHellman
1024
Aes256
256
Sha384
error checking OCSP stapling
weak
Chain (complete)
1CN=rockingsoccer.com

2CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US


5. Certificates

1.
1.
CN=rockingsoccer.com
24.01.2019
24.04.2019
31 days expired
rockingsoccer.com - 1 entry

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:03198EEFA0F28482218DD40BEF31198A354D
Thumbprint:086087F3C08C75D5BAE9D8D3D5792E899011E1D1
SHA256 / Certificate:SYUzd33vEbyZxv/S5EXV6g1VsXmixHv0Pf3h1zKGj5E=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):7e8a80fc6260f6cf7eabf11fd53738889f88e470e4bc7c050ec4e81a09f17c3f
OCSP - Url:http://ocsp.int-x3.letsencrypt.org
OCSP - must staple:no
Certificate Transparency:yes


2.
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
17.03.2016
17.03.2021
expires in 662 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0A0141420000015385736A0B85ECA708
Thumbprint:E6A3B45B062D509B3382282D196EFE97D5956CCB
SHA256 / Certificate:JYR9Zo608E/dQLErawdAxWfafQJDCOtsLJb+QdneIY0=
SHA256 hex / Cert (DANE * 0 1):25847d668eb4f04fdd40b12b6b0740c567da7d024308eb6c2c96fe41d9de218d
SHA256 hex / PublicKey (DANE * 1 1):60b87575447dcba2a36b7d11ac09fb24a9db406fee12d2cc90180517616e8a18
OCSP - Url:http://isrg.trustid.ocsp.identrust.com
OCSP - must staple:no
Certificate Transparency:no


3.
CN=DST Root CA X3, O=Digital Signature Trust Co.
30.09.2000
30.09.2021
expires in 859 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:44AFB080D6A327BA893039862EF8406B
Thumbprint:DAC9024F54D8F6DF94935FB1732638CA6AD77C13
SHA256 / Certificate:BocmAzGnJAPZCfEF5pvPDTLhvSST/8bZIG0RvNZ3Bzk=
SHA256 hex / Cert (DANE * 0 1):0687260331a72403d909f105e69bcf0d32e1bd2493ffc6d9206d11bcd6770739
SHA256 hex / PublicKey (DANE * 1 1):563b3caf8cfef34c2335caf560a7a95906e8488462eb75ac59784830df9e5b2b
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no



6. Last Certificates - Certificate Transparency Log Check (BETA)

1. Source CertSpotter - active certificates

No CertSpotter - Certificate-Transparency-Log informations found. The feature is new (startet 2019-05-07), so recheck this domain.


2. Source crt.sh - old and new certificates, sometimes very slow.

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0
1
12

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
1404740021
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-04-20 18:56:39
2019-07-19 18:56:39
rockingsoccer.com
1 entries


1140352107
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-01-24 10:33:58
2019-04-24 09:33:58
rockingsoccer.com
1 entries


974369438
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2018-11-25 03:05:07
2019-02-23 03:05:07
rockingsoccer.com
1 entries


805369875
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2018-09-16 02:05:07
2018-12-15 03:05:07
rockingsoccer.com
1 entries


615662744
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2018-07-15 02:05:07
2018-10-13 02:05:07
rockingsoccer.com
1 entries


459205635
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2018-05-13 02:05:07
2018-08-11 02:05:07
rockingsoccer.com
1 entries


352493426
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2018-03-11 03:05:11
2018-06-09 02:05:11
rockingsoccer.com
1 entries


296578785
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2018-01-07 03:05:14
2018-04-07 02:05:14
rockingsoccer.com
1 entries


247014924
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2017-11-03 22:45:35
2018-02-01 22:45:35
rockingsoccer.com
1 entries


204450951
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2017-09-04 21:38:00
2017-12-03 22:38:00
rockingsoccer.com
1 entries


168106381
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2017-07-06 21:01:00
2017-10-04 21:01:00
rockingsoccer.com
1 entries


134208980
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2017-05-07 17:08:00
2017-08-05 17:08:00
rockingsoccer.com
1 entries



7. Html-Content - Entries (BETA - mixed content and other checks)

No Html-Content entries found. Only checked if https + status 200/401/403/404


8. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.rockingsoccer.com
0

no CAA entry found
1
0
rockingsoccer.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


9. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
rockingsoccer.com
v=spf1 a mx include:hemminga-online.nl -all
ok
1
0
rockingsoccer.com
Ceci n'est pas une oeuf de Paques
ok
1
0
www.rockingsoccer.com

ok
1
0
_acme-challenge.rockingsoccer.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.rockingsoccer.com

Name Error - The domain name does not exist
1
0
_acme-challenge.rockingsoccer.com.rockingsoccer.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.rockingsoccer.com.www.rockingsoccer.com

Name Error - The domain name does not exist
1
0



Permalink: https://check-your-website.server-daten.de/?i=1300e8e0-8f3e-4fe4-84c1-9f28ddf98146


Last Result: https://check-your-website.server-daten.de/?q=rockingsoccer.com - 2019-04-20 22:56:49