Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

No trusted Certificate

Checked:
05.07.2019 12:19:53

Older results

No older results found

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
tipgunlukleri.com	A	160.153.128.41 Amsterdam/North Holland/Netherlands (NL) - GoDaddy.com, LLC Hostname: ip-160-153-128-41.ip.secureserver.net	yes	2	0
	AAAA		yes
www.tipgunlukleri.com	CNAME	tipgunlukleri.com	yes	1	0
	A	160.153.128.41 Amsterdam/North Holland/Netherlands (NL) - GoDaddy.com, LLC Hostname: ip-160-153-128-41.ip.secureserver.net	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	• Status: Valid because published


	3 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 25266, Flags 256


	Public Key with Algorithm 8, KeyTag 59944, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 22.07.2019, 00:00:00 +, Signature-Inception: 01.07.2019, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com	1 DS RR in the parent zone found


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 18.07.2019, 05:00:00 +, Signature-Inception: 05.07.2019, 04:00:00 +, KeyTag 59944, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 59944 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 3800, Flags 256


	Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 16.07.2019, 18:25:33 +, Signature-Inception: 01.07.2019, 18:20:33 +, KeyTag 30909, Signer-Name: com


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: tipgunlukleri.com
tipgunlukleri.com	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "v5aoiebgqulgrq0ngpd45gcnq6unvh3p" between the hashed NSEC3-owner "v5aoe55to39uh1ekdr2ti91e533dii8i" and the hashed NextOwner "v5aost3vcc40dgpgvqfhhhna3tfjs5hd". So the parent zone confirmes the not-existence of a DS RR. Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner v5aoe55to39uh1ekdr2ti91e533dii8i.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 12.07.2019, 04:35:44 +, Signature-Inception: 05.07.2019, 03:25:44 +, KeyTag 3800, Signer-Name: com


	0 DNSKEY RR found




Zone: www.tipgunlukleri.com
www.tipgunlukleri.com	0 DS RR in the parent zone found

3. Name Servers

Domain	Nameserver	NS-IP
tipgunlukleri.com	• ns53.domaincontrol.com / p15	97.74.106.27 Scottsdale/Arizona/United States (US) - GoDaddy.com, LLC	•
	•	2603:5:21a2::1b Scottsdale/Arizona/United States (US) - GoDaddy.com	•
	• ns54.domaincontrol.com / p16	173.201.74.27 Scottsdale/Arizona/United States (US) - GoDaddy.com, LLC	•
	•	2603:5:22a2::1b Scottsdale/Arizona/United States (US) - GoDaddy.com	•
com	• a.gtld-servers.net		•
	• b.gtld-servers.net		•
	• c.gtld-servers.net		•
	• d.gtld-servers.net		•
	• e.gtld-servers.net		•
	• f.gtld-servers.net		•
	• g.gtld-servers.net		•
	• h.gtld-servers.net		•
	• i.gtld-servers.net		•
	• j.gtld-servers.net		•
	• k.gtld-servers.net		•
	• l.gtld-servers.net		•
	• m.gtld-servers.net		•

4. SOA-Entries

Domain:	com
Zone-Name:
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1562321962
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	86400
num Entries:	1

Domain:	com
Zone-Name:
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1562321977
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	86400
num Entries:	8

Domain:	com
Zone-Name:
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1562321992
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	86400
num Entries:	4

Domain:	tipgunlukleri.com
Zone-Name:
Primary:	ns53.domaincontrol.com
Mail:	dns.jomax.net
Serial:	2019070501
Refresh:	28800
Retry:	7200
Expire:	604800
TTL:	600
num Entries:	4

5. Screenshots

No Screenshot listed, because no screenshot found. Perhaps the check is too old, the feature startet 2019-12-23.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://www.tipgunlukleri.com/ 160.153.128.41	301	http://tipgunlukleri.com/	0.497	D
Date: Fri, 05 Jul 2019 10:20:26 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Upgrade: h2,h2c
Connection: Upgrade, close
Location: http://tipgunlukleri.com/
Vary: User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• http://tipgunlukleri.com/ 160.153.128.41	200		0.630	H
Date: Fri, 05 Jul 2019 10:20:26 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Link: <https://tipgunlukleri.com/wp-json/>; rel="https://api.w.org/", <https://wp.me/a9Sxq>; rel=shortlink
Upgrade: h2,h2c
Connection: Upgrade, close
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

• https://tipgunlukleri.com/ 160.153.128.41	200		0.360	N
Certificate error: RemoteCertificateNameMismatch
Date: Fri, 05 Jul 2019 10:20:27 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Thu, 09 May 2019 15:54:39 GMT
ETag: "e0259-7ab-5887677b6e681"
Accept-Ranges: bytes
Content-Length: 1963
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

• https://www.tipgunlukleri.com/ 160.153.128.41	200		0.306	N
Certificate error: RemoteCertificateNameMismatch
Date: Fri, 05 Jul 2019 10:20:28 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, close
Last-Modified: Thu, 09 May 2019 15:54:39 GMT
ETag: "e0259-7ab-5887677b6e681"
Accept-Ranges: bytes
Content-Length: 1963
Vary: Accept-Encoding,User-Agent
Content-Type: text/html

• http://www.tipgunlukleri.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 160.153.128.41	301	http://tipgunlukleri.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	0.480	D
Visible Content:
Date: Fri, 05 Jul 2019 10:20:29 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Upgrade: h2,h2c
Connection: Upgrade, close
Location: http://tipgunlukleri.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Vary: User-Agent
Content-Length: 0
Content-Type: text/html; charset=UTF-8

• http://tipgunlukleri.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 160.153.128.41	404		0.607	A
Not Found
Visible Content:
Date: Fri, 05 Jul 2019 10:20:28 GMT
Server: Apache
X-Powered-By: PHP/7.2.17
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://tipgunlukleri.com/wp-json/>; rel="https://api.w.org/"
Upgrade: h2,h2c
Connection: Upgrade, close
Vary: Accept-Encoding,User-Agent
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

7. Comments

	1. General Results, most used to calculate the result
A	name "tipgunlukleri.com" is domain, public suffix is "com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
A	Good: All ip addresses are public addresses
A	Good: No asked Authoritative Name Server had a timeout
A	Good: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):2 complete Content-Type - header (4 urls)
	https://tipgunlukleri.com/ 160.153.128.41			Url with incomplete Content-Type - header - missing charset
	https://www.tipgunlukleri.com/ 160.153.128.41			Url with incomplete Content-Type - header - missing charset
B	https://tipgunlukleri.com/ 160.153.128.41	200		Missing HSTS-Header
B	https://www.tipgunlukleri.com/ 160.153.128.41	200		Missing HSTS-Header
C	Error - no preferred version www or non-www. Select one version as preferred version, then add a redirect https + not-preferred version to https + preferred version. Perhaps in your port 443 vHost something like "RewriteEngine on" + "RewriteCond %{SERVER_NAME} = example.com" + "ReWriteRule ^ https://www.example.com%{REQUEST_URI} [END,QSA,R=permanent]" (three rows, without the "). That should create a redirect https + example.com ⇒ https + www.example.com. Or switch both values to use the non-www version as your preferred version.
C	Error - more then one version with Http-Status 200. After all redirects, all users (and search engines) should see the same https url: Non-www or www, but not both with http status 200.
D	http://www.tipgunlukleri.com/ 160.153.128.41	301	http://tipgunlukleri.com/	Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
D	http://www.tipgunlukleri.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 160.153.128.41	301	http://tipgunlukleri.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
H	Fatal error: http result with http-status 200, no encryption. Add a redirect http ⇒ https, so every connection is secure. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop.
N	https://tipgunlukleri.com/ 160.153.128.41	200		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	https://www.tipgunlukleri.com/ 160.153.128.41	200		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
	2. Header-Checks
	3. DNS- and NameServer - Checks
A	Good: Nameserver supports TCP connections: 4 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 4 good Nameserver
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 4 good Nameserver
A	Good: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 4 good Nameserver
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	4. Content- and Performance-critical Checks
A	Good: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
A	Duration: 42230 milliseconds, 42.230 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

tipgunlukleri.com

160.153.128.41

443

name does not match

Tls12

DiffieHellman

2048

Aes256

256

Sha384

supported

tipgunlukleri.com

160.153.128.41

443

name does not match

Tls12

DiffieHellman

2048

Aes256

256

Sha384

supported

no Tls.1.2
no Tls.1.1
no Tls.1.0

www.tipgunlukleri.com

160.153.128.41

443

name does not match

Tls12

DiffieHellman

2048

Aes256

256

Sha384

supported

www.tipgunlukleri.com

160.153.128.41

443

name does not match

Tls12

DiffieHellman

2048

Aes256

256

Sha384

supported

no Tls.1.2
no Tls.1.1
no Tls.1.0

9. Certificates

CN=*.prod.ams3.secureserver.net, OU=Domain Control Validated

16.04.2018

16.04.2020
1838 days expired

*.prod.ams3.secureserver.net, prod.ams3.secureserver.net - 2 entries

CN=*.prod.ams3.secureserver.net, OU=Domain Control Validated

16.04.2018

16.04.2020
1838 days expired

*.prod.ams3.secureserver.net, prod.ams3.secureserver.net - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0094A9013CDD942D99
Thumbprint:	6A52E43F8C8CA8BA4BAEED59A8FE1BD10BEE9716
SHA256 / Certificate:	iZVyJREM4237axku7kTm68bS/Pu4H4cSMvvY3Ssn2OM=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	fb57cf1372e6181c66e5bfa05fb2e0da5b5aafa633302684b7435c00781ecdba
SHA256 hex / Subject Public Key Information (SPKI):	fb57cf1372e6181c66e5bfa05fb2e0da5b5aafa633302684b7435c00781ecdba
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.starfieldtech.com/
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)

CN=*.prod.ams3.secureserver.net, OU=Domain Control Validated

16.04.2018

16.04.2020
1838 days expired

*.prod.ams3.secureserver.net, prod.ams3.secureserver.net - 2 entries

CN=*.prod.ams3.secureserver.net, OU=Domain Control Validated

16.04.2018

16.04.2020
1838 days expired

*.prod.ams3.secureserver.net, prod.ams3.secureserver.net - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0094A9013CDD942D99
Thumbprint:	6A52E43F8C8CA8BA4BAEED59A8FE1BD10BEE9716
SHA256 / Certificate:	iZVyJREM4237axku7kTm68bS/Pu4H4cSMvvY3Ssn2OM=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	fb57cf1372e6181c66e5bfa05fb2e0da5b5aafa633302684b7435c00781ecdba
SHA256 hex / Subject Public Key Information (SPKI):	fb57cf1372e6181c66e5bfa05fb2e0da5b5aafa633302684b7435c00781ecdba
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.starfieldtech.com/
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)

CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

03.05.2011

03.05.2031
expires in 2196 days

CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

03.05.2011

03.05.2031
expires in 2196 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	07
Thumbprint:	7EDC376DCFD45E6DDF082C160DF6AC21835B95D4
SHA256 / Certificate:	k6B4mNibLMoWa6bx+KFBOM5Dgo5JG4MZJryCR9ORzHI=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	f24196ae94078667348f02e8e37458a3a6e6aad1e0b0dc610118cce721427bfc
SHA256 hex / Subject Public Key Information (SPKI):	f24196ae94078667348f02e8e37458a3a6e6aad1e0b0dc610118cce721427bfc
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://ocsp.starfieldtech.com/
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

03.05.2011

03.05.2031
expires in 2196 days

CN=Starfield Secure Certificate Authority - G2, OU=http://certs.starfieldtech.com/repository/, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

03.05.2011

03.05.2031
expires in 2196 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	07
Thumbprint:	7EDC376DCFD45E6DDF082C160DF6AC21835B95D4
SHA256 / Certificate:	k6B4mNibLMoWa6bx+KFBOM5Dgo5JG4MZJryCR9ORzHI=
SHA256 hex / Cert (DANE * 0 1):	93a07898d89b2cca166ba6f1f8a14138ce43828e491b831926bc8247d391cc72
SHA256 hex / PublicKey (DANE * 1 1):	f24196ae94078667348f02e8e37458a3a6e6aad1e0b0dc610118cce721427bfc
SHA256 hex / Subject Public Key Information (SPKI):	f24196ae94078667348f02e8e37458a3a6e6aad1e0b0dc610118cce721427bfc
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.starfieldtech.com/
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

01.01.2014

30.05.2031
expires in 2223 days

CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

01.01.2014

30.05.2031
expires in 2223 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	391484
Thumbprint:	9565B778C8A50EB4FEFD45C8A658DDE2411EAD0A
SHA256 / Certificate:	n0PVLoCMIK/2ngL6rCBarGhOaXUhPWYg+sZL3l/KtLw=
SHA256 hex / Cert (DANE * 0 1):	9f43d52e808c20aff69e02faac205aac684e6975213d6620fac64bde5fcab4bc
SHA256 hex / PublicKey (DANE * 1 1):	808d68b3fab4884a5f971ace7d10550d7a95a163774f3ec36afffb213fbe4c74
SHA256 hex / Subject Public Key Information (SPKI):	808d68b3fab4884a5f971ace7d10550d7a95a163774f3ec36afffb213fbe4c74
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:	http://ocsp.starfieldtech.com/
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

01.09.2009

01.01.2038
expires in 4631 days

CN=Starfield Root Certificate Authority - G2, O="Starfield Technologies, Inc.", L=Scottsdale, S=Arizona, C=US

01.09.2009

01.01.2038
expires in 4631 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00
Thumbprint:	B51C067CEE2B0C3DF855AB2D92F4FE39D4E70F0E
SHA256 / Certificate:	LOHLC/nS+eECmT++IVFSw7LdDKveHGjlMZuDkVTbt/U=
SHA256 hex / Cert (DANE * 0 1):	2ce1cb0bf9d2f9e102993fbe215152c3b2dd0cabde1c68e5319b839154dbb7f5
SHA256 hex / PublicKey (DANE * 1 1):	808d68b3fab4884a5f971ace7d10550d7a95a163774f3ec36afffb213fbe4c74
SHA256 hex / Subject Public Key Information (SPKI):	808d68b3fab4884a5f971ace7d10550d7a95a163774f3ec36afffb213fbe4c74
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US

29.06.2004

29.06.2034
expires in 3349 days

OU=Starfield Class 2 Certification Authority, O="Starfield Technologies, Inc.", C=US

29.06.2004

29.06.2034
expires in 3349 days

Keyalgorithm	RSA encryption ( bit)
Signatur:	SHA-1 with RSA Encryption
Serial Number:	00
Thumbprint:	AD7E1C28B064EF8F6003402014C3D0E3370EB58A
SHA256 / Certificate:	FGX6IFOXuHb6pvCplY5VkOQPzH+qT7fCyGd1Iftftlg=
SHA256 hex / Cert (DANE * 0 1):	1465fa205397b876faa6f0a9958e5590e40fcc7faa4fb7c2c8677521fb5fb658
SHA256 hex / PublicKey (DANE * 1 1):	15f14ac45c9c7da233d3479164e8137fe35ee0f38ae858183f08410ea82ac4b4
SHA256 hex / Subject Public Key Information (SPKI):	15f14ac45c9c7da233d3479164e8137fe35ee0f38ae858183f08410ea82ac4b4
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Small Code Update - wait one minute

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

11. Html-Content - Entries

Summary

No data found or small Code-update

Details (currently limited to 500 rows - some problems with spam users)

Small Code Update - wait one minute

12. Html-Parsing via https://validator.w3.org/nu/

Small Code update, wait one minute

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

No NameServer - IP address informations found. The feature is new (2020-05-07), so recheck this domain.

14. CAA - Entries

Domainname	flag	Value	∑ Queries
www.tipgunlukleri.com			1
tipgunlukleri.com	0	no CAA entry found	1
com	0	no CAA entry found	1

15. TXT - Entries

Domainname	Status	∑ Queries
tipgunlukleri.com	ok	1
www.tipgunlukleri.com		1
_acme-challenge.tipgunlukleri.com	Name Error - The domain name does not exist	1
_acme-challenge.www.tipgunlukleri.com	Name Error - The domain name does not exist	1
_acme-challenge.tipgunlukleri.com.tipgunlukleri.com	Name Error - The domain name does not exist	1
_acme-challenge.www.tipgunlukleri.com.tipgunlukleri.com	Name Error - The domain name does not exist	1
_acme-challenge.www.tipgunlukleri.com.www.tipgunlukleri.com	Name Error - The domain name does not exist	1

16. DomainService - Entries

No DomainServiceEntries entries found

17. Cipher Suites

No Ciphers found

18. Portchecks

No Port informations found. The feature is new (startet 2019-07-09), so recheck this domain.

Permalink: https://check-your-website.server-daten.de/?i=3fe6793f-1a7e-42f1-a4d3-6033013e6b25

Last Result: https://check-your-website.server-daten.de/?q=tipgunlukleri.com - 2019-07-05 12:19:53

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=tipgunlukleri.com" target="_blank">Check this Site: tipgunlukleri.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

QR-Code of this page - https://check-your-website.server-daten.de/?d=tipgunlukleri.com

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

Summary

Details (currently limited to 500 rows - some problems with spam users)

12. Html-Parsing via https://validator.w3.org/nu/

13. Nameserver - IP-Adresses

14. CAA - Entries

15. TXT - Entries

16. DomainService - Entries

17. Cipher Suites

18. Portchecks