Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

N

 

No trusted Certificate

 

Checked:
31.10.2024 04:43:50

 

Older results

 

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
swag.com.cn
A
152.32.189.143
Hong Kong/Kowloon/Hong Kong (HK) - UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
No Hostname found
yes
1
0

AAAA

yes


www.swag.com.cn
A
152.32.189.143
Hong Kong/Kowloon/Hong Kong (HK) - UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED
No Hostname found
yes
1
0

AAAA

yes


*.swag.com.cn
A

yes



A

yes



AAAA

yes



AAAA

yes



CNAME

yes



CNAME

yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 11.11.2024, 00:00:00 +, Signature-Inception: 21.10.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: cn

cn
1 DS RR in the parent zone found






DS with Algorithm 8, KeyTag 57724, DigestType 2 and Digest XQQjYz6ySkmb54qiLRwMm6NiGP9J/ZWkzfGkrZfGcEQ=






1 RRSIG RR to validate DS RR found






RRSIG-Owner cn., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 12.11.2024, 20:00:00 +, Signature-Inception: 30.10.2024, 19:00:00 +, KeyTag 61050, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 61050 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 38388, Flags 256






Public Key with Algorithm 8, KeyTag 57724, Flags 257 (SEP = Secure Entry Point)






2 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner cn., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.11.2024, 16:43:56 +, Signature-Inception: 14.10.2024, 16:26:17 +, KeyTag 38388, Signer-Name: cn






RRSIG-Owner cn., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.11.2024, 16:43:56 +, Signature-Inception: 14.10.2024, 16:26:17 +, KeyTag 57724, Signer-Name: cn






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 38388 used to validate the DNSKEY RRSet






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 57724 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 57724, DigestType 2 and Digest "XQQjYz6ySkmb54qiLRwMm6NiGP9J/ZWkzfGkrZfGcEQ=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: com.cn

com.cn
1 DS RR in the parent zone found






DS with Algorithm 8, KeyTag 46387, DigestType 2 and Digest 32myz+ZtY6MGhCPmdvHX1A4I4oaAZOxwfKv3hMAGlSs=






1 RRSIG RR to validate DS RR found






RRSIG-Owner com.cn., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.11.2024, 21:32:32 +, Signature-Inception: 14.10.2024, 20:47:44 +, KeyTag 38388, Signer-Name: cn






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 38388 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 43326, Flags 256






Public Key with Algorithm 8, KeyTag 46387, Flags 257 (SEP = Secure Entry Point)






2 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner com.cn., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.11.2024, 19:57:22 +, Signature-Inception: 14.10.2024, 19:23:11 +, KeyTag 43326, Signer-Name: com.cn






RRSIG-Owner com.cn., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 13.11.2024, 19:57:22 +, Signature-Inception: 14.10.2024, 19:23:11 +, KeyTag 46387, Signer-Name: com.cn






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 43326 used to validate the DNSKEY RRSet






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46387 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 46387, DigestType 2 and Digest "32myz+ZtY6MGhCPmdvHX1A4I4oaAZOxwfKv3hMAGlSs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: swag.com.cn

swag.com.cn
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "k2vn3069ge37t0o1cfs79orhjfcu69rb" between the hashed NSEC3-owner "k1lp4ld55m91q4ic1k6hsvi45fmbvaug" and the hashed NextOwner "k3ne1g5j8k2kopgqfs8bnmvp2bjm1qrt". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner k1lp4ld55m91q4ic1k6hsvi45fmbvaug.com.cn., Algorithm: 8, 3 Labels, original TTL: 21600 sec, Signature-expiration: 13.11.2024, 19:44:32 +, Signature-Inception: 14.10.2024, 18:48:22 +, KeyTag 43326, Signer-Name: com.cn






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "gice14dntmdn31g43augvrktkalvb8qc" as Owner. That's the Hash of "com.cn" with the NextHashedOwnerName "gj8jb3sf8sgev59i4trjtj1satcfrtk0". So that domain name is the Closest Encloser of "swag.com.cn". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner gice14dntmdn31g43augvrktkalvb8qc.com.cn., Algorithm: 8, 3 Labels, original TTL: 21600 sec, Signature-expiration: 13.11.2024, 20:23:22 +, Signature-Inception: 14.10.2024, 20:13:46 +, KeyTag 43326, Signer-Name: com.cn






0 DNSKEY RR found









Zone: www.swag.com.cn

www.swag.com.cn
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.swag.com.cn
  localhost

swag.com.cn
  localhost


  ns1.eachnic.com
152.32.189.143
Hong Kong/Kowloon/Hong Kong (HK) - UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED


  ns2.eachnic.com
152.32.189.143
Hong Kong/Kowloon/Hong Kong (HK) - UCLOUD INFORMATION TECHNOLOGY (HK) LIMITED

com.cn
  a.dns.cn
203.119.25.1
Haidian/Beijing/China (CN) - CNNIC


X 
2001:dc7::1
Beijing/China (CN) - China Internet Network Information Center


  b.dns.cn
203.119.26.1
Beijing/China (CN) - China Internet Network Information Center


 
2001:dc7:1::1
Beijing/China (CN) - China Internet Network Information Center


  c.dns.cn
203.119.27.1
Beijing/China (CN) - China Internet Network Information Center


 
2001:dc7:2::1
Beijing/China (CN) - China Internet Network Information Center


  cns.cernet.net
103.137.60.44
Haidian/Beijing/China (CN) - China Education and Research Network


 
202.112.0.44
Beijing/China (CN) - China Education and Research Network Center


 
2001:250:c006::44
Beijing/China (CN) - CERNET


 
2001:da8:1:100::44
Haidian/Beijing/China (CN) - CNGI-CERNET2


 
2001:dd9::44
Haidian/Beijing/China (CN) - China Education and Research Network


  d.dns.cn
203.119.28.1
Beijing/China (CN) - China Internet Network Information Center


 
2001:dc7:1000::1
Beijing/China (CN) - China Internet Network Information Center


  e.dns.cn
203.119.29.1
Beijing/China (CN) - China Internet Network Information Center


 
2001:dc7:3::1
Stockholm/Stockholm County/Sweden (SE) - China Internet Network Information Center

cn
T  a.dns.cn


  b.dns.cn


  c.dns.cn


  d.dns.cn


  e.dns.cn


  ns.cernet.net

 

4. SOA-Entries


Domain:cn
Zone-Name:cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2032707072
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:6


Domain:com.cn
Zone-Name:com.cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2029573994
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:1


Domain:com.cn
Zone-Name:com.cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2029573994
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:1


Domain:com.cn
Zone-Name:com.cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2029574023
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:2


Domain:com.cn
Zone-Name:com.cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2029574023
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:2


Domain:com.cn
Zone-Name:com.cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2029574024
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:12


Domain:com.cn
Zone-Name:com.cn
Primary:a.dns.cn
Mail:root.cnnic.cn
Serial:2029574024
Refresh:7200
Retry:3600
Expire:2419200
TTL:21600
num Entries:12


Domain:swag.com.cn
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:swag.com.cn
Zone-Name:
Primary:localhost
Mail:root.localhost
Serial:2
Refresh:604800
Retry:86400
Expire:2419200
TTL:604800
num Entries:2


Domain:www.swag.com.cn
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

No Screenshot listed, because no url-check with https + http status 200-299, 400-599 + not-ACME-check found.

 

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://swag.com.cn/
152.32.189.143 gzip used - 2324 / 9332 - 75.10 %
200

Html is minified: 153.03 %
0.417
H
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:49:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Encoding: gzip
Content-Length: 2324

• http://www.swag.com.cn/
152.32.189.143 gzip used - 2314 / 9322 - 75.18 %
200

Html is minified: 153.02 %
0.217
H
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:49:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Encoding: gzip
Content-Length: 2314

• https://swag.com.cn/
152.32.189.143
301
http://swag.com.cn/
Html is minified: 108.54 %
6.743
N
Certificate error: RemoteCertificateNameMismatch
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:49:54 GMT
Connection: keep-alive
Location: http://swag.com.cn/
Content-Type: text/html
Content-Length: 178

• https://www.swag.com.cn/
152.32.189.143
301
http://www.swag.com.cn/
Html is minified: 108.54 %
6.650
N
Certificate error: RemoteCertificateNameMismatch
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:50:02 GMT
Connection: keep-alive
Location: http://www.swag.com.cn/
Content-Type: text/html
Content-Length: 178

• http://swag.com.cn/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
152.32.189.143
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
404

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0
0.210
A
Visible Content:
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:50:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 171

• http://www.swag.com.cn/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
152.32.189.143
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
404

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0
0.213
A
Visible Content:
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:50:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Origin,Access-Control-Request-Method,Access-Control-Request-Headers
Content-Type: application/json
Content-Length: 171

• http://152.32.189.143/
gzip used - 337 / 509 - 33.79 %
200

Html is minified: 128.86 %
0.206
H
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:50:17 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Language: en-US
Content-Encoding: gzip
Content-Length: 337

• https://152.32.189.143/
152.32.189.143
301
http://152.32.189.143/
Html is minified: 108.54 %
6.660
N
Certificate error: RemoteCertificateNameMismatch
Server: nginx/1.18.0,(Ubuntu)
Date: Thu, 31 Oct 2024 03:50:10 GMT
Connection: keep-alive
Location: http://152.32.189.143/
Content-Type: text/html
Content-Length: 178

 

7. Comments


1. General Results, most used to calculate the result

Aname "swag.com.cn" is domain, public suffix is ".com.cn", top-level-domain is ".cn", top-level-domain-type is "country-code", Country is China, tld-manager is "China Internet Network Information Center (CNNIC)", num .cn-domains preloaded: 892 (complete: 251685)
AGood: All ip addresses are public addresses
Warning: Only one ip address found: swag.com.cn has only one ip address.
Warning: Only one ip address found: www.swag.com.cn has only one ip address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: swag.com.cn has no ipv6 address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.swag.com.cn has no ipv6 address.
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):3 complete Content-Type - header (5 urls)
http://swag.com.cn/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 152.32.189.143


Url with incomplete Content-Type - header - missing charset
http://www.swag.com.cn/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 152.32.189.143


Url with incomplete Content-Type - header - missing charset
Bhttps://swag.com.cn/ 152.32.189.143
301

Missing HSTS-Header
Bhttps://www.swag.com.cn/ 152.32.189.143
301

Missing HSTS-Header
Fhttps://swag.com.cn/ 152.32.189.143
301
http://swag.com.cn/
Wrong redirect https - http - never redirect https to http
Fhttps://www.swag.com.cn/ 152.32.189.143
301
http://www.swag.com.cn/
Wrong redirect https - http - never redirect https to http
Fhttps://152.32.189.143/ 152.32.189.143
301
http://152.32.189.143/
Wrong redirect https - http - never redirect https to http
HFatal error: No https - result with http-status 200, no encryption
HFatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
Nhttps://swag.com.cn/ 152.32.189.143
301
http://swag.com.cn/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://www.swag.com.cn/ 152.32.189.143
301
http://www.swag.com.cn/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://152.32.189.143/ 152.32.189.143
301
http://152.32.189.143/
Error - Certificate isn't trusted, RemoteCertificateNameMismatch
XFatal error: Nameserver doesn't support TCP connection: a.dns.cn / 2001:dc7::1: Fatal error (-14). Details: Unable to read data from the transport connection: Eine vorhandene Verbindung wurde vom Remotehost geschlossen.. - Eine vorhandene Verbindung wurde vom Remotehost geschlossen.
XFatal error: Nameserver doesn't support TCP connection: ns1.eachnic.com / 152.32.189.143: Timeout
XFatal error: Nameserver doesn't support TCP connection: ns2.eachnic.com / 152.32.189.143: Timeout
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain swag.com.cn, 1 ip addresses, 1 different http results.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain www.swag.com.cn, 1 ip addresses, 1 different http results.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.swag.com.cn

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

U

No https result with http status 2** or 4** (standard-check) found, no header checked.

3. DNS- and NameServer - Checks

AInfo:: 5 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 1 Name Servers.
AInfo:: 5 Queries complete, 5 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 5.0 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 6 different Name Servers found: a.dns.cn, b.dns.cn, c.dns.cn, cns.cernet.net, d.dns.cn, e.dns.cn, 6 Name Servers included in Delegation: a.dns.cn, b.dns.cn, c.dns.cn, cns.cernet.net, d.dns.cn, e.dns.cn, 6 Name Servers included in 1 Zone definitions: a.dns.cn, b.dns.cn, c.dns.cn, cns.cernet.net, d.dns.cn, e.dns.cn, 1 Name Servers listed in SOA.Primary: a.dns.cn.
AGood: Only one SOA.Primary Name Server found.: a.dns.cn.
AGood: SOA.Primary Name Server included in the delegation set.: a.dns.cn.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AInfo: Ipv4-Subnet-list: 7 Name Servers, 3 different subnets (first Byte): 103., 202., 203., 3 different subnets (first two Bytes): 103.137., 202.112., 203.119., 7 different subnets (first three Bytes): 103.137.60., 202.112.0., 203.119.25., 203.119.26., 203.119.27., 203.119.28., 203.119.29.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 8 Name Servers with IPv6, 1 different subnets (first block): 2001:, 4 different subnets (first two blocks): 2001:0250:, 2001:0da8:, 2001:0dc7:, 2001:0dd9:, 8 different subnets (first three blocks): 2001:0250:c006:, 2001:0da8:0001:, 2001:0dc7:0000:, 2001:0dc7:0001:, 2001:0dc7:0002:, 2001:0dc7:0003:, 2001:0dc7:1000:, 2001:0dd9:0000:, 8 different subnets (first four blocks): 2001:0250:c006:0000:, 2001:0da8:0001:0100:, 2001:0dc7:0000:0000:, 2001:0dc7:0001:0000:, 2001:0dc7:0002:0000:, 2001:0dc7:0003:0000:, 2001:0dc7:1000:0000:, 2001:0dd9:0000:0000:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports Echo Capitalization: 2 good Nameserver
XNameserver Timeout checking Echo Capitalization: a.dns.cn
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 2 good Nameserver
XNameserver Timeout checking EDNS512: a.dns.cn
Nameserver doesn't pass all EDNS-Checks: a.dns.cn: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: a.dns.cn / 203.119.25.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: a.dns.cn / 2001:dc7::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: b.dns.cn / 2001:dc7:1::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: c.dns.cn / 2001:dc7:2::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: d.dns.cn: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: d.dns.cn / 203.119.28.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: d.dns.cn / 2001:dc7:1000::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: e.dns.cn: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: e.dns.cn / 203.119.29.1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: e.dns.cn / 2001:dc7:3::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: localhost: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: localhost: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 682970 milliseconds, 682.970 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
swag.com.cn
152.32.189.143
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
swag.com.cn
152.32.189.143
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.tupu88.com


2CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT


3CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, C=US, ST=New Jersey


www.swag.com.cn
152.32.189.143
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.swag.com.cn
152.32.189.143
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.tupu88.com


2CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT


3CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, C=US, ST=New Jersey


152.32.189.143
152.32.189.143
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

152.32.189.143
152.32.189.143
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=www.tupu88.com


2CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT


3CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, C=US, ST=New Jersey

 

9. Certificates

1.
1.
CN=www.tupu88.com
30.09.2024
30.12.2024
expires in 55 days
www.tupu88.com - 1 entry
1.
1.
CN=www.tupu88.com
30.09.2024

30.12.2024
expires in 55 days


www.tupu88.com - 1 entry

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:333C8888F3AC4E9F0D00AA6C40E57437
Thumbprint:5AE61A743EB75D02DAB5CC92627B31D32B12244A
SHA256 / Certificate:ULPDBbMSwUjeYeqF3qd/tH/E0K6Ot/YKV4G3ibDHA0E=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):718be2426acef422395f8aaf5604e336a462cf5d7e69918dbbe0d70ebb938fb8
SHA256 hex / Subject Public Key Information (SPKI):718be2426acef422395f8aaf5604e336a462cf5d7e69918dbbe0d70ebb938fb8 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://zerossl.ocsp.sectigo.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=www.tupu88.com
30.09.2024
30.12.2024
expires in 55 days
www.tupu88.com - 1 entry

2.
CN=www.tupu88.com
30.09.2024

30.12.2024
expires in 55 days


www.tupu88.com - 1 entry

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:333C8888F3AC4E9F0D00AA6C40E57437
Thumbprint:5AE61A743EB75D02DAB5CC92627B31D32B12244A
SHA256 / Certificate:ULPDBbMSwUjeYeqF3qd/tH/E0K6Ot/YKV4G3ibDHA0E=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):718be2426acef422395f8aaf5604e336a462cf5d7e69918dbbe0d70ebb938fb8
SHA256 hex / Subject Public Key Information (SPKI):718be2426acef422395f8aaf5604e336a462cf5d7e69918dbbe0d70ebb938fb8 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://zerossl.ocsp.sectigo.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT
30.01.2020
30.01.2030
expires in 1912 days


3.
CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT
30.01.2020

30.01.2030
expires in 1912 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:23B76DE3C1BB2B1A51961E08EAB764E8
Thumbprint:7F95276D4951499FD756DF344AA24FB38CEAF678
SHA256 / Certificate:XdZh08sztQBcvtBFoiPdxERaqkHRrLXfcAiEytm6QZU=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):ddf2cb5634485a70aa0ea2044d4d8e72730fec4ce637f67743f8d0f1c21a0287
SHA256 hex / Subject Public Key Information (SPKI):ddf2cb5634485a70aa0ea2044d4d8e72730fec4ce637f67743f8d0f1c21a0287
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.usertrust.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




4.
CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT
30.01.2020
30.01.2030
expires in 1912 days


4.
CN=ZeroSSL ECC Domain Secure Site CA, O=ZeroSSL, C=AT
30.01.2020

30.01.2030
expires in 1912 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:23B76DE3C1BB2B1A51961E08EAB764E8
Thumbprint:7F95276D4951499FD756DF344AA24FB38CEAF678
SHA256 / Certificate:XdZh08sztQBcvtBFoiPdxERaqkHRrLXfcAiEytm6QZU=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):ddf2cb5634485a70aa0ea2044d4d8e72730fec4ce637f67743f8d0f1c21a0287
SHA256 hex / Subject Public Key Information (SPKI):ddf2cb5634485a70aa0ea2044d4d8e72730fec4ce637f67743f8d0f1c21a0287
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.usertrust.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




5.
CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
12.03.2019
01.01.2029
expires in 1518 days


5.
CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
12.03.2019

01.01.2029
expires in 1518 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:SHA384 With RSA Encryption
Serial Number:56671D04EA4F994C6F10814759D27594
Thumbprint:CA7788C32DA1E4B7863A4FB57D00B55DDACBC7F9
SHA256 / Certificate:ps9k27TI1f0ZzkiJYGjbA7UzqNEzbGJWqH0Ay7Pe8+o=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):2021917e98263945c859c43f1d73cb4139053c414fa03ca3bc7ee88614298f3b
SHA256 hex / Subject Public Key Information (SPKI):2021917e98263945c859c43f1d73cb4139053c414fa03ca3bc7ee88614298f3b
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.comodoca.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




6.
CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
01.02.2010
19.01.2038
expires in 4823 days


6.
CN=USERTrust ECC Certification Authority, O=The USERTRUST Network, L=Jersey City, S=New Jersey, C=US
01.02.2010

19.01.2038
expires in 4823 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:5C8B99C55A94C5D27156DECD8980CC26
Thumbprint:D1CBCA5DB2D52A7F693B674DE5F05A1D0C957DF0
SHA256 / Certificate:T/Rg1Uuchtq/vPxXEuBADSvtP7xNT72qhuBq3NKprXo=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):2021917e98263945c859c43f1d73cb4139053c414fa03ca3bc7ee88614298f3b
SHA256 hex / Subject Public Key Information (SPKI):2021917e98263945c859c43f1d73cb4139053c414fa03ca3bc7ee88614298f3b
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





7.
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, S=Greater Manchester, C=GB
01.01.2004
01.01.2029
expires in 1518 days


7.
CN=AAA Certificate Services, O=Comodo CA Limited, L=Salford, S=Greater Manchester, C=GB
01.01.2004

01.01.2029
expires in 1518 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:01
Thumbprint:D1EB23A46D17D68FD92564C2F1F1601764D8E349
SHA256 / Certificate:16eg+11+JzHXcelITrze9x1fDD4KKUh4K8g+4OppnvQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):bd153ed7b0434f6886b17bce8bbe84ed340c7132d702a8f4fa318f756ecbd6f3
SHA256 hex / Subject Public Key Information (SPKI):bd153ed7b0434f6886b17bce8bbe84ed340c7132d702a8f4fa318f756ecbd6f3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.nu/ / https://validator.w3.org/nu/ (started 2024-09-28, 09:00, alpha)

  Unfortunately, there are differences between the first used validator.nu and validator.w3.org/nu/ - switched to validator.w3.org/nu/. Looks like some error messages (link - fetchpriority attribute) of validator.nu are obsolete, not seen in the w3.org-version and not found in the current specification: link may have a fetchpriority attribute.

No https result http status 200 and Content-Type text/html or text/xml found, no Html-Parsing - Check

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: a.dns.cn, b.dns.cn, c.dns.cn, cns.cernet.net, d.dns.cn, e.dns.cn

 

QNr.DomainTypeNS used
1
cn
NS
k.root-servers.net (2001:7fd::1)

Answer: a.dns.cn, b.dns.cn, c.dns.cn, d.dns.cn, e.dns.cn, ns.cernet.net
2
net
NS
c.root-servers.net (2001:500:2::c)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
3
cns.cernet.net
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: dns.cernet.net, dns2.cernet.net

Answer: dns.cernet.net
2001:250:c006::35, 202.38.109.35

Answer: dns2.cernet.net
2001:da8:1:100::13, 202.112.0.13
4
cns.cernet.net: 103.137.60.44, 202.112.0.44
A
dns.cernet.net (2001:250:c006::35)
5
cns.cernet.net: 2001:250:c006::44, 2001:da8:1:100::44, 2001:dd9::44
AAAA
dns.cernet.net (2001:250:c006::35)

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.swag.com.cn
0

no CAA entry found
1
0
swag.com.cn
0

no CAA entry found
1
0
com.cn
0

no CAA entry found
2
1
cn
0

no CAA entry found
2
1

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
swag.com.cn

ok
1
0
www.swag.com.cn

ok
1
0
_acme-challenge.swag.com.cn

missing entry or wrong length
1
0
_acme-challenge.www.swag.com.cn

missing entry or wrong length
1
0
_acme-challenge.swag.com.cn.swag.com.cn

perhaps wrong
1
0
_acme-challenge.www.swag.com.cn.swag.com.cn

perhaps wrong
1
0
_acme-challenge.www.swag.com.cn.www.swag.com.cn

perhaps wrong
1
0

 

16. DomainService - Entries

No DomainServiceEntries entries found

 

 

17. Cipher Suites

Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
swag.com.cn
152.32.189.143
443
13 Ciphers127.68 sec
0 without, 13 FS
100.00 %
www.swag.com.cn
152.32.189.143
443
13 Ciphers128.29 sec
0 without, 13 FS
100.00 %
Complete

2
26 Ciphers
13.00 Ciphers/Check
255.97 sec127.99 sec/Check
0 without, 26 FS
100.00 %

Details
DomainIPPortCipher (OpenSsl / IANA)
swag.com.cn
152.32.189.143
443
ECDHE-ECDSA-CHACHA20-POLY1305
(Recommended)
TLSv1.2
0xCC,0xA9
FS
13 Ciphers, 127.68 sec
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
ECDSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-ECDSA-AES256-GCM-SHA384
(Recommended)
TLSv1.2
0xC0,0x2C
FS

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

ECDH
ECDSA
AESGCM(256)
AEAD




ECDHE-ECDSA-AES128-GCM-SHA256
(Recommended)
TLSv1.2
0xC0,0x2B
FS

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

ECDH
ECDSA
AESGCM(128)
AEAD




ECDHE-ECDSA-AES256-CCM8
(Secure)
TLSv1.2
0xC0,0xAF
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8

ECDH
ECDSA
AESCCM8(256)
AEAD




ECDHE-ECDSA-AES256-CCM
(Secure)
TLSv1.2
0xC0,0xAD
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CCM

ECDH
ECDSA
AESCCM(256)
AEAD




ECDHE-ECDSA-AES128-CCM8
(Secure)
TLSv1.2
0xC0,0xAE
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8

ECDH
ECDSA
AESCCM8(128)
AEAD




ECDHE-ECDSA-AES128-CCM
(Secure)
TLSv1.2
0xC0,0xAC
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CCM

ECDH
ECDSA
AESCCM(128)
AEAD




ECDHE-ECDSA-ARIA256-GCM-SHA384
(Weak)
TLSv1.2
0xC0,0x5D
FS

TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384

ECDH
ECDSA
ARIAGCM(256)
AEAD




ECDHE-ECDSA-AES256-SHA384
(Weak)
TLSv1.2
0xC0,0x24
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

ECDH
ECDSA
AES(256)
SHA384




ECDHE-ECDSA-ARIA128-GCM-SHA256
(Weak)
TLSv1.2
0xC0,0x5C
FS

TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256

ECDH
ECDSA
ARIAGCM(128)
AEAD




ECDHE-ECDSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x23
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

ECDH
ECDSA
AES(128)
SHA256




ECDHE-ECDSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x0A
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

ECDH
ECDSA
AES(256)
SHA1




ECDHE-ECDSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x09
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

ECDH
ECDSA
AES(128)
SHA1

www.swag.com.cn
152.32.189.143
443
ECDHE-ECDSA-CHACHA20-POLY1305
(Recommended)
TLSv1.2
0xCC,0xA9
FS
13 Ciphers, 128.29 sec
TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
ECDSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-ECDSA-AES256-GCM-SHA384
(Recommended)
TLSv1.2
0xC0,0x2C
FS

TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384

ECDH
ECDSA
AESGCM(256)
AEAD




ECDHE-ECDSA-AES128-GCM-SHA256
(Recommended)
TLSv1.2
0xC0,0x2B
FS

TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256

ECDH
ECDSA
AESGCM(128)
AEAD




ECDHE-ECDSA-AES256-CCM8
(Secure)
TLSv1.2
0xC0,0xAF
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8

ECDH
ECDSA
AESCCM8(256)
AEAD




ECDHE-ECDSA-AES256-CCM
(Secure)
TLSv1.2
0xC0,0xAD
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CCM

ECDH
ECDSA
AESCCM(256)
AEAD




ECDHE-ECDSA-AES128-CCM8
(Secure)
TLSv1.2
0xC0,0xAE
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8

ECDH
ECDSA
AESCCM8(128)
AEAD




ECDHE-ECDSA-AES128-CCM
(Secure)
TLSv1.2
0xC0,0xAC
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CCM

ECDH
ECDSA
AESCCM(128)
AEAD




ECDHE-ECDSA-ARIA256-GCM-SHA384
(Weak)
TLSv1.2
0xC0,0x5D
FS

TLS_ECDHE_ECDSA_WITH_ARIA_256_GCM_SHA384

ECDH
ECDSA
ARIAGCM(256)
AEAD




ECDHE-ECDSA-AES256-SHA384
(Weak)
TLSv1.2
0xC0,0x24
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384

ECDH
ECDSA
AES(256)
SHA384




ECDHE-ECDSA-ARIA128-GCM-SHA256
(Weak)
TLSv1.2
0xC0,0x5C
FS

TLS_ECDHE_ECDSA_WITH_ARIA_128_GCM_SHA256

ECDH
ECDSA
ARIAGCM(128)
AEAD




ECDHE-ECDSA-AES128-SHA256
(Weak)
TLSv1.2
0xC0,0x23
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256

ECDH
ECDSA
AES(128)
SHA256




ECDHE-ECDSA-AES256-SHA
(Weak)
TLSv1
0xC0,0x0A
FS

TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA

ECDH
ECDSA
AES(256)
SHA1




ECDHE-ECDSA-AES128-SHA
(Weak)
TLSv1
0xC0,0x09
FS

TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA

ECDH
ECDSA
AES(128)
SHA1

 

18. Portchecks

DomainIPPortDescriptionResultAnswer
swag.com.cn
152.32.189.143
21
FTP



swag.com.cn
152.32.189.143
21
FTP



swag.com.cn
152.32.189.143
22
SSH
open
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3

swag.com.cn
152.32.189.143
22
SSH
open
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Bad: SSH without DNS SSHFP Record found

Possible DNS SSHFP Entries:
swag.com.cn IN SSHFP 1 2 5f7c60a3c7c0b3a8761a55a1ad57e5e74ffcfc8ebd7d500997e028ed3bc88a2c
swag.com.cn
152.32.189.143
25
SMTP



swag.com.cn
152.32.189.143
25
SMTP



swag.com.cn
152.32.189.143
53
DNS



swag.com.cn
152.32.189.143
53
DNS



swag.com.cn
152.32.189.143
110
POP3



swag.com.cn
152.32.189.143
110
POP3



swag.com.cn
152.32.189.143
143
IMAP



swag.com.cn
152.32.189.143
143
IMAP



swag.com.cn
152.32.189.143
465
SMTP (encrypted)



swag.com.cn
152.32.189.143
465
SMTP (encrypted)



swag.com.cn
152.32.189.143
587
SMTP (encrypted, submission)



swag.com.cn
152.32.189.143
587
SMTP (encrypted, submission)



swag.com.cn
152.32.189.143
993
IMAP (encrypted)



swag.com.cn
152.32.189.143
993
IMAP (encrypted)



swag.com.cn
152.32.189.143
995
POP3 (encrypted)



swag.com.cn
152.32.189.143
995
POP3 (encrypted)



swag.com.cn
152.32.189.143
1433
MS SQL



swag.com.cn
152.32.189.143
1433
MS SQL



swag.com.cn
152.32.189.143
2082
cPanel (http)



swag.com.cn
152.32.189.143
2082
cPanel (http)



swag.com.cn
152.32.189.143
2083
cPanel (https)



swag.com.cn
152.32.189.143
2083
cPanel (https)



swag.com.cn
152.32.189.143
2086
WHM (http)



swag.com.cn
152.32.189.143
2086
WHM (http)



swag.com.cn
152.32.189.143
2087
WHM (https)



swag.com.cn
152.32.189.143
2087
WHM (https)



swag.com.cn
152.32.189.143
2089
cPanel Licensing



swag.com.cn
152.32.189.143
2089
cPanel Licensing



swag.com.cn
152.32.189.143
2095
cPanel Webmail (http)



swag.com.cn
152.32.189.143
2095
cPanel Webmail (http)



swag.com.cn
152.32.189.143
2096
cPanel Webmail (https)



swag.com.cn
152.32.189.143
2096
cPanel Webmail (https)



swag.com.cn
152.32.189.143
2222
DirectAdmin (http)



swag.com.cn
152.32.189.143
2222
DirectAdmin (http)



swag.com.cn
152.32.189.143
2222
DirectAdmin (https)



swag.com.cn
152.32.189.143
2222
DirectAdmin (https)



swag.com.cn
152.32.189.143
3306
mySql



swag.com.cn
152.32.189.143
3306
mySql



swag.com.cn
152.32.189.143
5224
Plesk Licensing



swag.com.cn
152.32.189.143
5224
Plesk Licensing



swag.com.cn
152.32.189.143
5432
PostgreSQL



swag.com.cn
152.32.189.143
5432
PostgreSQL



swag.com.cn
152.32.189.143
8080
Ookla Speedtest (http)



swag.com.cn
152.32.189.143
8080
Ookla Speedtest (http)



swag.com.cn
152.32.189.143
8080
Ookla Speedtest (https)



swag.com.cn
152.32.189.143
8080
Ookla Speedtest (https)



swag.com.cn
152.32.189.143
8083
VestaCP http



swag.com.cn
152.32.189.143
8083
VestaCP http



swag.com.cn
152.32.189.143
8083
VestaCP https



swag.com.cn
152.32.189.143
8083
VestaCP https



swag.com.cn
152.32.189.143
8443
Plesk Administration (https)



swag.com.cn
152.32.189.143
8443
Plesk Administration (https)



swag.com.cn
152.32.189.143
8447
Plesk Installer + Updates



swag.com.cn
152.32.189.143
8447
Plesk Installer + Updates



swag.com.cn
152.32.189.143
8880
Plesk Administration (http)



swag.com.cn
152.32.189.143
8880
Plesk Administration (http)



swag.com.cn
152.32.189.143
10000
Webmin (http)



swag.com.cn
152.32.189.143
10000
Webmin (http)



swag.com.cn
152.32.189.143
10000
Webmin (https)



swag.com.cn
152.32.189.143
10000
Webmin (https)



www.swag.com.cn
152.32.189.143
21
FTP



www.swag.com.cn
152.32.189.143
21
FTP



www.swag.com.cn
152.32.189.143
22
SSH
open
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3

www.swag.com.cn
152.32.189.143
22
SSH
open
SSH-2.0-OpenSSH_8.9p1 Ubuntu-3
Bad: SSH without DNS SSHFP Record found

Possible DNS SSHFP Entries:
www.swag.com.cn IN SSHFP 1 2 5f7c60a3c7c0b3a8761a55a1ad57e5e74ffcfc8ebd7d500997e028ed3bc88a2c
www.swag.com.cn
152.32.189.143
25
SMTP



www.swag.com.cn
152.32.189.143
25
SMTP



www.swag.com.cn
152.32.189.143
53
DNS



www.swag.com.cn
152.32.189.143
53
DNS



www.swag.com.cn
152.32.189.143
110
POP3



www.swag.com.cn
152.32.189.143
110
POP3



www.swag.com.cn
152.32.189.143
143
IMAP



www.swag.com.cn
152.32.189.143
143
IMAP



www.swag.com.cn
152.32.189.143
465
SMTP (encrypted)



www.swag.com.cn
152.32.189.143
465
SMTP (encrypted)



www.swag.com.cn
152.32.189.143
587
SMTP (encrypted, submission)



www.swag.com.cn
152.32.189.143
587
SMTP (encrypted, submission)



www.swag.com.cn
152.32.189.143
993
IMAP (encrypted)



www.swag.com.cn
152.32.189.143
993
IMAP (encrypted)



www.swag.com.cn
152.32.189.143
995
POP3 (encrypted)



www.swag.com.cn
152.32.189.143
995
POP3 (encrypted)



www.swag.com.cn
152.32.189.143
1433
MS SQL



www.swag.com.cn
152.32.189.143
1433
MS SQL



www.swag.com.cn
152.32.189.143
2082
cPanel (http)



www.swag.com.cn
152.32.189.143
2082
cPanel (http)



www.swag.com.cn
152.32.189.143
2083
cPanel (https)



www.swag.com.cn
152.32.189.143
2083
cPanel (https)



www.swag.com.cn
152.32.189.143
2086
WHM (http)



www.swag.com.cn
152.32.189.143
2086
WHM (http)



www.swag.com.cn
152.32.189.143
2087
WHM (https)



www.swag.com.cn
152.32.189.143
2087
WHM (https)



www.swag.com.cn
152.32.189.143
2089
cPanel Licensing



www.swag.com.cn
152.32.189.143
2089
cPanel Licensing



www.swag.com.cn
152.32.189.143
2095
cPanel Webmail (http)



www.swag.com.cn
152.32.189.143
2095
cPanel Webmail (http)



www.swag.com.cn
152.32.189.143
2096
cPanel Webmail (https)



www.swag.com.cn
152.32.189.143
2096
cPanel Webmail (https)



www.swag.com.cn
152.32.189.143
2222
DirectAdmin (http)



www.swag.com.cn
152.32.189.143
2222
DirectAdmin (http)



www.swag.com.cn
152.32.189.143
2222
DirectAdmin (https)



www.swag.com.cn
152.32.189.143
2222
DirectAdmin (https)



www.swag.com.cn
152.32.189.143
3306
mySql



www.swag.com.cn
152.32.189.143
3306
mySql



www.swag.com.cn
152.32.189.143
5224
Plesk Licensing



www.swag.com.cn
152.32.189.143
5224
Plesk Licensing



www.swag.com.cn
152.32.189.143
5432
PostgreSQL



www.swag.com.cn
152.32.189.143
5432
PostgreSQL



www.swag.com.cn
152.32.189.143
8080
Ookla Speedtest (http)



www.swag.com.cn
152.32.189.143
8080
Ookla Speedtest (http)



www.swag.com.cn
152.32.189.143
8080
Ookla Speedtest (https)



www.swag.com.cn
152.32.189.143
8080
Ookla Speedtest (https)



www.swag.com.cn
152.32.189.143
8083
VestaCP http



www.swag.com.cn
152.32.189.143
8083
VestaCP http



www.swag.com.cn
152.32.189.143
8083
VestaCP https



www.swag.com.cn
152.32.189.143
8083
VestaCP https



www.swag.com.cn
152.32.189.143
8443
Plesk Administration (https)



www.swag.com.cn
152.32.189.143
8443
Plesk Administration (https)



www.swag.com.cn
152.32.189.143
8447
Plesk Installer + Updates



www.swag.com.cn
152.32.189.143
8447
Plesk Installer + Updates



www.swag.com.cn
152.32.189.143
8880
Plesk Administration (http)



www.swag.com.cn
152.32.189.143
8880
Plesk Administration (http)



www.swag.com.cn
152.32.189.143
10000
Webmin (http)



www.swag.com.cn
152.32.189.143
10000
Webmin (http)



www.swag.com.cn
152.32.189.143
10000
Webmin (https)



www.swag.com.cn
152.32.189.143
10000
Webmin (https)



 

 

Permalink: https://check-your-website.server-daten.de/?i=f0976465-56ef-49c2-85de-29391d2cd3b2

 

Last Result: https://check-your-website.server-daten.de/?q=swag.com.cn - 2024-10-31 04:43:50

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=swag.com.cn" target="_blank">Check this Site: swag.com.cn</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=swag.com.cn