Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 0 of max. 8 Checks (19:34:07)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A

 

Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. Html-Parsing | 13. NameServer-IPAddresses | 14. CAA | 15. TXT | 16. DomainServiceEntries | 17. Cipher Suites | 18. Portchecks |

 

S

 

Server error

 

Checked:
03.09.2025 15:11:23

 

Older results

No older results found

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
tsd.kspu.edu
CNAME
zionnew.kspu.edu
yes
1
0

A
20.93.147.159
Amsterdam/North Holland/Netherlands (NL) - Microsoft Corporation
No Hostname found
yes


www.tsd.kspu.edu
CNAME
zionnew.kspu.edu
yes
1
0

A
20.93.147.159
Amsterdam/North Holland/Netherlands (NL) - Microsoft Corporation
No Hostname found
yes


*.kspu.edu
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


*.tsd.kspu.edu
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






 Status: Valid because published






4 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 46441, Flags 256






Public Key with Algorithm 8, KeyTag 53148, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 20.09.2025, 00:00:00 +, Signature-Inception: 30.08.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: edu

edu
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 35663, DigestType 2 and Digest ouFhQpGDGkdGtaxStLNFNXaHJx6FNTCCdB8c89BqTB0=






2 RRSIG RR to validate DS RR found






RRSIG-Owner edu., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 16.09.2025, 05:00:00 +, Signature-Inception: 03.09.2025, 04:00:00 +, KeyTag 46441, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46441 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 35663, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 59321, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner edu., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 12.09.2025, 15:11:14 +, Signature-Inception: 28.08.2025, 15:06:14 +, KeyTag 35663, Signer-Name: edu






 Status: Good - Algorithmus 13 and DNSKEY with KeyTag 35663 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 35663, DigestType 2 and Digest "ouFhQpGDGkdGtaxStLNFNXaHJx6FNTCCdB8c89BqTB0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: kspu.edu

kspu.edu
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "b3hgulpi8m9g01538lef74njb7qvnap2" between the hashed NSEC3-owner "aq6cn2fet6ndibuc4tqehrbt6eu1aqhp" and the hashed NextOwner "bbggokff3m9f43o48sirbrpf20da1jjr". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner aq6cn2fet6ndibuc4tqehrbt6eu1aqhp.edu., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 07.09.2025, 02:53:24 +, Signature-Inception: 31.08.2025, 01:43:24 +, KeyTag 59321, Signer-Name: edu






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "9dhs4ep5g85pf9nufk06hek0o48qgk77" as Owner. That's the Hash of "edu" with the NextHashedOwnerName "9irjmuel398sejh8crdik2h2k85k5243". So that domain name is the Closest Encloser of "kspu.edu". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner 9dhs4ep5g85pf9nufk06hek0o48qgk77.edu., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 10.09.2025, 02:54:32 +, Signature-Inception: 03.09.2025, 01:44:32 +, KeyTag 59321, Signer-Name: edu






0 DNSKEY RR found









Zone: tsd.kspu.edu

tsd.kspu.edu
0 DS RR in the parent zone found



Zone: www.tsd.kspu.edu

www.tsd.kspu.edu
0 DS RR in the parent zone found



Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






 Status: Valid because published






4 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 46441, Flags 256






Public Key with Algorithm 8, KeyTag 53148, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 20.09.2025, 00:00:00 +, Signature-Inception: 30.08.2025, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: edu

edu
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 35663, DigestType 2 and Digest ouFhQpGDGkdGtaxStLNFNXaHJx6FNTCCdB8c89BqTB0=






2 RRSIG RR to validate DS RR found






RRSIG-Owner edu., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 16.09.2025, 05:00:00 +, Signature-Inception: 03.09.2025, 04:00:00 +, KeyTag 46441, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 46441 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 35663, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 59321, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner edu., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 12.09.2025, 15:11:14 +, Signature-Inception: 28.08.2025, 15:06:14 +, KeyTag 35663, Signer-Name: edu






 Status: Good - Algorithmus 13 and DNSKEY with KeyTag 35663 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 35663, DigestType 2 and Digest "ouFhQpGDGkdGtaxStLNFNXaHJx6FNTCCdB8c89BqTB0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: kspu.edu

kspu.edu
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "b3hgulpi8m9g01538lef74njb7qvnap2" between the hashed NSEC3-owner "aq6cn2fet6ndibuc4tqehrbt6eu1aqhp" and the hashed NextOwner "bbggokff3m9f43o48sirbrpf20da1jjr". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner aq6cn2fet6ndibuc4tqehrbt6eu1aqhp.edu., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 07.09.2025, 02:53:24 +, Signature-Inception: 31.08.2025, 01:43:24 +, KeyTag 59321, Signer-Name: edu






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "9dhs4ep5g85pf9nufk06hek0o48qgk77" as Owner. That's the Hash of "edu" with the NextHashedOwnerName "9irjmuel398sejh8crdik2h2k85k5243". So that domain name is the Closest Encloser of "kspu.edu". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner 9dhs4ep5g85pf9nufk06hek0o48qgk77.edu., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 10.09.2025, 02:54:32 +, Signature-Inception: 03.09.2025, 01:44:32 +, KeyTag 59321, Signer-Name: edu






0 DNSKEY RR found









Zone: zionnew.kspu.edu

zionnew.kspu.edu
0 DS RR in the parent zone found






0 DNSKEY RR found







 

3. Name Servers

DomainNameserverNS-IP
kspu.edu
  ns1-07.azure-dns.com
13.107.236.7
New York/United States (US) - Microsoft Corporation

 
2603:1061:0:700::7
Marseille/Provence-Alpes-Côte d'Azur/France (FR) - Microsoft Corporation

  ns2-07.azure-dns.net
150.171.21.7
Québec/Canada (CA) - Microsoft Corporation

 
2620:1ec:8ec:700::7
Redmond/Washington/United States (US) - Microsoft Corporation

  ns3-07.azure-dns.org
204.14.183.7
Québec/Canada (CA) - Microsoft Corporation

 
2a01:111:4000:700::7
London/England/United Kingdom (GB) - Microsoft

  ns4-07.azure-dns.info
208.84.5.7
Cleveland/Ohio/United States (US) - Microsoft Corporation

 
2620:1ec:bda:700::7
Redmond/Washington/United States (US) - Microsoft Corporation
edu
  a.edu-servers.net / nnn1-par6


  b.edu-servers.net / nnn1-elwaw4


  c.edu-servers.net / nnn1-par6


  d.edu-servers.net / nnn1-par6


  e.edu-servers.net / nnn1-par6


  f.edu-servers.net / nnn1-defra-4


  g.edu-servers.net / nnn1-defra-4


  h.edu-servers.net / nnn1-defra-4


  i.edu-servers.net / nnn1-defra-4


  j.edu-servers.net / nnn1-frmrs-2


  k.edu-servers.net / nnn1-frmrs-2


  l.edu-servers.net / nnn1-frmrs-2


  m.edu-servers.net / nnn1-frmrs-2

zionnew.kspu.edu
  ns1-07.azure-dns.com
13.107.236.7
New York/United States (US) - Microsoft Corporation

 
2603:1061:0:700::7
Marseille/Provence-Alpes-Côte d'Azur/France (FR) - Microsoft Corporation
kspu.edu
  ns1-07.azure-dns.com
13.107.236.7
New York/United States (US) - Microsoft Corporation

 
2603:1061:0:700::7
Marseille/Provence-Alpes-Côte d'Azur/France (FR) - Microsoft Corporation

  ns2-07.azure-dns.net
150.171.21.7
Québec/Canada (CA) - Microsoft Corporation

 
2620:1ec:8ec:700::7
Redmond/Washington/United States (US) - Microsoft Corporation

  ns3-07.azure-dns.org
204.14.183.7
Québec/Canada (CA) - Microsoft Corporation

 
2a01:111:4000:700::7
London/England/United Kingdom (GB) - Microsoft

  ns4-07.azure-dns.info
208.84.5.7
Cleveland/Ohio/United States (US) - Microsoft Corporation

 
2620:1ec:bda:700::7
Redmond/Washington/United States (US) - Microsoft Corporation
edu
  a.edu-servers.net / nnn1-par6


  b.edu-servers.net / nnn1-elwaw4


  c.edu-servers.net / nnn1-par6


  d.edu-servers.net / nnn1-par6


  e.edu-servers.net / nnn1-par6


  f.edu-servers.net / nnn1-defra-4


  g.edu-servers.net / nnn1-defra-4


  h.edu-servers.net / nnn1-defra-4


  i.edu-servers.net / nnn1-defra-4


  j.edu-servers.net / nnn1-frmrs-2


  k.edu-servers.net / nnn1-frmrs-2


  l.edu-servers.net / nnn1-frmrs-2


  m.edu-servers.net / nnn1-frmrs-2

 

4. SOA-Entries


Domain:edu
Zone-Name:edu
Primary:a.edu-servers.net
Mail:nstld.verisign-grs.com
Serial:1756905060
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:5


Domain:edu
Zone-Name:edu
Primary:a.edu-servers.net
Mail:nstld.verisign-grs.com
Serial:1756905075
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:8


Domain:kspu.edu
Zone-Name:kspu.edu
Primary:ns1-07.azure-dns.com
Mail:hostmaster.kspu.kherson.ua
Serial:2002023337
Refresh:28800
Retry:7200
Expire:604800
TTL:86400
num Entries:8


Domain:edu
Zone-Name:edu
Primary:a.edu-servers.net
Mail:nstld.verisign-grs.com
Serial:1756905075
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:1


Domain:edu
Zone-Name:edu
Primary:a.edu-servers.net
Mail:nstld.verisign-grs.com
Serial:1756905090
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:12


Domain:kspu.edu
Zone-Name:kspu.edu
Primary:ns1-07.azure-dns.com
Mail:hostmaster.kspu.kherson.ua
Serial:2002023337
Refresh:28800
Retry:7200
Expire:604800
TTL:86400
num Entries:8


Domain:zionnew.kspu.edu
Zone-Name:kspu.edu
Primary:ns1-07.azure-dns.com
Mail:hostmaster.kspu.kherson.ua
Serial:2002023337
Refresh:28800
Retry:7200
Expire:604800
TTL:86400
num Entries:2


5. Screenshots

Startaddress: https://tsd.kspu.edu/, address used: https://tsd.kspu.edu/, Screenshot created 2025-09-03 15:17:24 +00:0 url is insecure, certificate invalid

 

Mobil (412px x 732px)

 

1049 milliseconds

 

Screenshot mobile - https://tsd.kspu.edu/
Mobil + Landscape (732px x 412px)

 

1047 milliseconds

 

Screenshot mobile landscape - https://tsd.kspu.edu/
Screen (1280px x 1680px)

 

1113 milliseconds

 

Screenshot Desktop - https://tsd.kspu.edu/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412732
content Size412732

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://tsd.kspu.edu/
20.93.147.159
301
https://tsd.kspu.edu/
Html is minified: 108.54 %
0.054
A
Server: nginx
Date: Wed, 03 Sep 2025 13:13:01 GMT
Connection: keep-alive
Location: https://tsd.kspu.edu/
Content-Type: text/html
Content-Length: 178

• http://www.tsd.kspu.edu/
20.93.147.159
301
https://www.tsd.kspu.edu/
Html is minified: 108.54 %
0.027
A
Server: nginx
Date: Wed, 03 Sep 2025 13:13:01 GMT
Connection: keep-alive
Location: https://www.tsd.kspu.edu/
Content-Type: text/html
Content-Length: 178

• https://tsd.kspu.edu/
20.93.147.159
502

Html is minified: 109.21 %
2.380
N
Bad Gateway
Certificate error: RemoteCertificateNameMismatch
Server: nginx
Date: Wed, 03 Sep 2025 13:13:01 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html
Content-Length: 166

• https://www.tsd.kspu.edu/
20.93.147.159
502

Html is minified: 109.21 %
2.316
N
Bad Gateway
Certificate error: RemoteCertificateNameMismatch
Server: nginx
Date: Wed, 03 Sep 2025 13:13:05 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: text/html
Content-Length: 166

• http://tsd.kspu.edu/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
20.93.147.159
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		502

Html is minified: 109.21 %
Other inline scripts (∑/total): 0/0		0.030
S
Bad Gateway
Visible Content:
Server: nginx
Date: Wed, 03 Sep 2025 13:13:09 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 166

• http://www.tsd.kspu.edu/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
20.93.147.159
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		502

Html is minified: 109.21 %
Other inline scripts (∑/total): 0/0		0.027
S
Bad Gateway
Visible Content:
Server: nginx
Date: Wed, 03 Sep 2025 13:13:09 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 166

• https://20.93.147.159/
20.93.147.159 gzip used - 4407 / 13584 - 67.56 %
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		200

Html is minified: 143.69 %
Other inline scripts (∑/total): 0/0		2.333
N
Certificate error: RemoteCertificateNameMismatch
Server: nginx/1.14.0,(Ubuntu)
Date: Wed, 03 Sep 2025 13:13:09 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"683862e1-3510"
Content-Type: text/html
Last-Modified: Thu, 29 May 2025 13:36:33 GMT
Content-Encoding: gzip
Content-Length: 4407

 

7. Comments


1. General Results, most used to calculate the result

Aname "tsd.kspu.edu" is subdomain, public suffix is ".edu", top-level-domain is ".edu", top-level-domain-type is "sponsored", tld-manager is "EDUCAUSE", num .edu-domains preloaded: 87 (complete: 276475)
AGood: All ip addresses are public addresses
Warning: Only one ip address found: tsd.kspu.edu has only one ip address.
Warning: Only one ip address found: www.tsd.kspu.edu has only one ip address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: tsd.kspu.edu has no ipv6 address.
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.tsd.kspu.edu has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
AGood: destination is https
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (1 urls)
https://20.93.147.159/ 20.93.147.159


Url with incomplete Content-Type - header - missing charset
Ahttp://tsd.kspu.edu/ 20.93.147.159
301
https://tsd.kspu.edu/
Correct redirect http - https with the same domain name
Ahttp://www.tsd.kspu.edu/ 20.93.147.159
301
https://www.tsd.kspu.edu/
Correct redirect http - https with the same domain name
Nhttps://tsd.kspu.edu/ 20.93.147.159
502

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://www.tsd.kspu.edu/ 20.93.147.159
502

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://20.93.147.159/ 20.93.147.159
200

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Otsd.kspu.edu / 20.93.147.159 / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 16 Cipher Suites without Forward Secrecy found
Owww.tsd.kspu.edu / 20.93.147.159 / 443


Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 16 Cipher Suites without Forward Secrecy found
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain tsd.kspu.edu, 1 ip addresses, 1 different http results.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain www.tsd.kspu.edu, 1 ip addresses, 1 different http results.
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.tsd.kspu.edu

2. Header-Checks

U

No https result with http status 2** or 4** (standard-check) found, no header checked.

3. DNS- and NameServer - Checks

AInfo:: 16 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
AInfo:: 16 Queries complete, 16 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 4.0 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 4 different Name Servers found: ns1-07.azure-dns.com, ns2-07.azure-dns.net, ns3-07.azure-dns.org, ns4-07.azure-dns.info, 4 Name Servers included in Delegation: ns1-07.azure-dns.com, ns2-07.azure-dns.net, ns3-07.azure-dns.org, ns4-07.azure-dns.info, 4 Name Servers included in 1 Zone definitions: ns1-07.azure-dns.com, ns2-07.azure-dns.net, ns3-07.azure-dns.org, ns4-07.azure-dns.info, 1 Name Servers listed in SOA.Primary: ns1-07.azure-dns.com.
AGood: Only one SOA.Primary Name Server found.: ns1-07.azure-dns.com.
AGood: SOA.Primary Name Server included in the delegation set.: ns1-07.azure-dns.com.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AInfo: Ipv4-Subnet-list: 4 Name Servers, 4 different subnets (first Byte): 13., 150., 204., 208., 4 different subnets (first two Bytes): 13.107., 150.171., 204.14., 208.84., 4 different subnets (first three Bytes): 13.107.236., 150.171.21., 204.14.183., 208.84.5.
AExcellent: Every Name Server IPv4-address starts with an unique Byte.
AInfo: IPv6-Subnet-list: 4 Name Servers with IPv6, 3 different subnets (first block): 2603:, 2620:, 2a01:, 3 different subnets (first two blocks): 2603:1061:, 2620:01ec:, 2a01:0111:, 4 different subnets (first three blocks): 2603:1061:0000:, 2620:01ec:08ec:, 2620:01ec:0bda:, 2a01:0111:4000:, 4 different subnets (first four blocks): 2603:1061:0000:0700:, 2620:01ec:08ec:0700:, 2620:01ec:0bda:0700:, 2a01:0111:4000:0700:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 16 good Nameserver
AGood: Nameserver supports Echo Capitalization: 16 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 16 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 16 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

http://tsd.kspu.edu/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 20.93.147.159
502

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status 500 - 599, Server Error. Creating a Letsencrypt certificate via http-01 challenge can't work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://www.tsd.kspu.edu/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 20.93.147.159
502

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status 500 - 599, Server Error. Creating a Letsencrypt certificate via http-01 challenge can't work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: No https + http status 200 with inline CSS / JavaScript found
https://20.93.147.159/ 20.93.147.159
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
https://20.93.147.159/ 20.93.147.159
200

Warning: Https connections (Standard Port 443) found without support of the http/2 protocol via ALPN. Http/2 is the new Http-Version (old: http 1.1) with some important new features. Update your server software so http/2 is available. Only one TCP-connection per Server (that's a performance boost), Header-Compression and Server Pushs are available. Domain Sharding and Inline-CSS/Javascript shouldn't used with http/2.
https://20.93.147.159/ 20.93.147.159
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 5 script elements without defer/async.
AGood: All checked attribute values are enclosed in quotation marks (" or ').
AGood: Some img-elements have a valid alt-attribute.: 7 img-elements found, 2 img-elements with correct alt-attributes (defined, not an empty value).
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 5 img-elements without alt-attribute, 0 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
AInfo: Different Server-Headers found
ADuration: 368016 milliseconds, 368.016 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
tsd.kspu.edu
20.93.147.159
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
tsd.kspu.edu
20.93.147.159
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=4ksu.kspu.edu


2CN=R13, O=Let's Encrypt, C=US


www.tsd.kspu.edu
20.93.147.159
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

www.tsd.kspu.edu
20.93.147.159
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
 Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=4ksu.kspu.edu


2CN=R13, O=Let's Encrypt, C=US


20.93.147.159
20.93.147.159
443
name does not match
Tls12
ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok

20.93.147.159
20.93.147.159
443
name does not match
Tls12

ECDH Ephermal
255
Aes256
256
Sha384
not supported
ok
no http/2 via ALPN 
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=4ksu.kspu.edu


2CN=R13, O=Let's Encrypt, C=US

 

9. Certificates

1.
1.
CN=4ksu.kspu.edu
01.09.2025
30.11.2025
71 days expired		4ksu.kspu.edu, www.4ksu.kspu.edu - 2 entries
1.
1.
CN=4ksu.kspu.edu
01.09.2025

30.11.2025
71 days expired


4ksu.kspu.edu, www.4ksu.kspu.edu - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:057F3B555DABC3620A11C69B6CED1ECA7030
Thumbprint:7539DB52D9586B887354B0888B14A3996F298464
SHA256 / Certificate:GWa+NGpPV4ntyaDZvmzvumcnSVw+4fZZsxIdC3xLgQ8=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):269a79503594979b6e1fcbeb495530246aa84fa620f130a8c3424753387ab8e0
SHA256 hex / Subject Public Key Information (SPKI):269a79503594979b6e1fcbeb495530246aa84fa620f130a8c3424753387ab8e0 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=R13, O=Let's Encrypt, C=US
13.03.2024
13.03.2027
expires in 397 days

2.
CN=R13, O=Let's Encrypt, C=US
13.03.2024

13.03.2027
expires in 397 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:5A00F212D8D4B480F3924157EA298305
Thumbprint:22FF89586561FC2D52F77491E9F1EFF1B80BE33E
SHA256 / Certificate:07EoIWqEP47xMhUB9d9Spd9Sk57iwZKXcSzT3k1Bk1Q=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):025490860b498ab73c6a12f27a49ad5fe230fafe3ac8f6112c9b7d0aad46941d
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015
04.06.2035
expires in 3402 days

3.
CN=ISRG Root X1, O=Internet Security Research Group, C=US
04.06.2015

04.06.2035
expires in 3402 days




KeyalgorithmRSA encryption (4096 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:008210CFB0D240E3594463E0BB63828B00
Thumbprint:CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

 

11. Html-Content - Entries

Summary


Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://20.93.147.159/
20.93.147.159		a

21

0


0
0
0


iframe

1

0


0
0
0


img

7

0


0
0
0


link
stylesheet
4

0


0
0
0


link
other
1

0


0
0
0


meta
other
3

0


0
0
0


script

5

0


0
0
0

 

Details (currently limited to 500 rows - some problems with spam users)

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://20.93.147.159/
20.93.147.159
a

/Mainpage/mainfund.html


2
ok















a

/News/05.12.24/newsin05.html


1
ok















a

/News/27.01.25/index.html


1
ok















a

/News/news.html


2
ok















a

/Partners/partners.html


2
ok















a

/Projects/ProjectHotel/project.html


1
ok















a

/Projects/projects.html


3
ok















a

/Report/report.html


2
ok















a

/Teampage/team.html


2
ok















a

https://www.facebook.com/people/Відділ-фандрайзингу-ХДУ/61570668022947/


1
ok















a

https://www.kspu.edu


1
ok















a

https://www.kspu.edu/About/DepartmentAndServices/Fundraising.aspx


1
ok















a

https://www.linkedin.com/school/kherson-state-university/


1
ok















a

mailto:fundraising@ksu.ks.ua


1
ok















iframe
src
https://www.youtube.com/embed/BoyoEngwr1Q


1
ok















img
src
/assets/ImgLogo/logoblack.png


1
ok
alt: Logo














img
src
/assets/ImgLogo/logofund.png


1
ok
alt: Logo














img
src
/Mainpage/img/HDU.png


1
ok
no alt-Attribute














img
src
/News/images/05.12.24/news2.jpg


1
ok
no alt-Attribute














img
src
/News/images/27.01.25/шпр4.jpg


1
ok
no alt-Attribute














img
src
/Projects/images/Hotel.webp


1
ok
no alt-Attribute














img
src
/Projects/images/image0.png


1
ok
no alt-Attribute














link
icon
/assets/ImgLogo/logofund.png


1
ok















link
stylesheet
/assets/ReqCSS/bootstrap.min.css


1
ok















link
stylesheet
/assets/ReqCSS/fonts.css


1
ok















link
stylesheet
/Mainpage/main.css


1
ok















link
stylesheet
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css


1
ok















meta
charset
 UTF-8


1
ok















meta
X-UA-Compatible
IE=edge


1
ok















meta
viewport
width=device-width, initial-scale=1.0


1
ok















script
src
/assets/ReqJs/bootstrap.bundle.min.js


1
ok
Missing defer / async attribute.














script
src
/assets/ReqJs/smooth.js


1
ok
Missing defer / async attribute.














script
src
/assets/ReqJs/smoothnav.js


1
ok
Missing defer / async attribute.














script
src
/Mainpage/langchange.js


1
ok
Missing defer / async attribute.














script
src
/Mainpage/main.js


1
ok
Missing defer / async attribute.













 

12. Html-Parsing via https://validator.w3.org/nu/


No https result http status 200 and Content-Type text/html or text/xml found, no Html-Parsing - Check

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1-07.azure-dns.com, ns2-07.azure-dns.net, ns3-07.azure-dns.org, ns4-07.azure-dns.info

 

QNr.DomainTypeNS used
1
com
NS
e.root-servers.net (2001:500:a8::e)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ns1-07.azure-dns.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1-01.azure-dns.com, ns1-02.azure-dns.com, ns1-03.azure-dns.com, ns1-04.azure-dns.com

Answer: ns1-04.azure-dns.com
13.107.236.4, 2603:1061:0:700::4

Answer: ns1-03.azure-dns.com
13.107.236.3, 2603:1061:0:700::3

Answer: ns1-02.azure-dns.com
13.107.236.2, 2603:1061:0:700::2

Answer: ns1-01.azure-dns.com
13.107.236.1, 2603:1061:0:700::1
3
net
NS
d.root-servers.net (2001:500:2d::d)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
4
ns2-07.azure-dns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2-01.azure-dns.net, ns2-02.azure-dns.net, ns2-03.azure-dns.net, ns2-04.azure-dns.net

Answer: ns2-04.azure-dns.net
150.171.21.4, 2620:1ec:8ec:700::4

Answer: ns2-03.azure-dns.net
150.171.21.3, 2620:1ec:8ec:700::3

Answer: ns2-02.azure-dns.net
150.171.21.2, 2620:1ec:8ec:700::2

Answer: ns2-01.azure-dns.net
150.171.21.1, 2620:1ec:8ec:700::1
5
org
NS
d.root-servers.net (2001:500:2d::d)

Answer: a0.org.afilias-nst.info, a2.org.afilias-nst.info, b0.org.afilias-nst.org, b2.org.afilias-nst.org, c0.org.afilias-nst.info, d0.org.afilias-nst.org
6
ns3-07.azure-dns.org
NS
a0.org.afilias-nst.info (2001:500:e::1)

Answer: ns3-01.azure-dns.org, ns3-02.azure-dns.org, ns3-03.azure-dns.org, ns3-04.azure-dns.org

Answer: ns3-04.azure-dns.org
204.14.183.4, 2a01:111:4000:700::4

Answer: ns3-03.azure-dns.org
204.14.183.3, 2a01:111:4000:700::3

Answer: ns3-02.azure-dns.org
204.14.183.2, 2a01:111:4000:700::2

Answer: ns3-01.azure-dns.org
204.14.183.1, 2a01:111:4000:700::1
7
info
NS
f.root-servers.net (2001:500:2f::f)

Answer: a0.info.afilias-nst.info, a2.info.afilias-nst.info, b0.info.afilias-nst.org, b2.info.afilias-nst.org, c0.info.afilias-nst.info, d0.info.afilias-nst.org
8
ns4-07.azure-dns.info
NS
a0.info.afilias-nst.info (2001:500:19::1)

Answer: ns4-01.azure-dns.info, ns4-02.azure-dns.info, ns4-03.azure-dns.info, ns4-04.azure-dns.info

Answer: ns4-04.azure-dns.info
208.84.5.4, 2620:1ec:bda:700::4

Answer: ns4-03.azure-dns.info
208.84.5.3, 2620:1ec:bda:700::3

Answer: ns4-02.azure-dns.info
208.84.5.2, 2620:1ec:bda:700::2

Answer: ns4-01.azure-dns.info
208.84.5.1, 2620:1ec:bda:700::1
9
ns1-07.azure-dns.com: 13.107.236.7
A
ns1-01.azure-dns.com (2603:1061:0:700::1)
10
ns1-07.azure-dns.com: 2603:1061:0:700::7
AAAA
ns1-01.azure-dns.com (2603:1061:0:700::1)
11
ns2-07.azure-dns.net: 150.171.21.7
A
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
12
ns2-07.azure-dns.net: 2620:1ec:8ec:700::7
AAAA
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
13
ns3-07.azure-dns.org: 204.14.183.7
A
ns3-01.azure-dns.org (2a01:111:4000:700::1)
14
ns3-07.azure-dns.org: 2a01:111:4000:700::7
AAAA
ns3-01.azure-dns.org (2a01:111:4000:700::1)
15
ns4-07.azure-dns.info: 208.84.5.7
A
ns4-01.azure-dns.info (2620:1ec:bda:700::1)
16
ns4-07.azure-dns.info: 2620:1ec:bda:700::7
AAAA
ns4-01.azure-dns.info (2620:1ec:bda:700::1)

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.tsd.kspu.edu



1
0
zionnew.kspu.edu
0

no CAA entry found
1
0
tsd.kspu.edu



1
0
kspu.edu
0

no CAA entry found
1
0

0

no CAA entry found
1
0
edu
0

no CAA entry found
1
0

0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
kspu.edu
google-site-verification=6-XWlOX_6PEQV4pHszOg_8oT4B3HMggt0uFa6T_Q4iE
ok
1
0
kspu.edu
google-site-verification=dPOFebUT0Wgq3BsKimLcrN2OWUAqv_JgMbNMnR9s1ic
ok
1
0
kspu.edu
v=spf1 mx ~all
ok
1
0
kspu.edu
ZOOM_verify_ZSOO4GeZ3BagqqTZedgeev
ok
1
0
tsd.kspu.edu


1
0
www.tsd.kspu.edu


1
0
_acme-challenge.tsd.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.www.tsd.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.zionnew.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.tsd.kspu.edu.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.tsd.kspu.edu.tsd.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.www.tsd.kspu.edu.tsd.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.www.tsd.kspu.edu.www.tsd.kspu.edu

Name Error - The domain name does not exist
1
0
_acme-challenge.zionnew.kspu.edu.zionnew.kspu.edu

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
SPF
TXT
tsd.kspu.edu

32768TXT expected, but CNAME found. CNAME not allowed, only TXT queries are allowed. See RFC 7208, 4.4.

				 
			

				 
			
17. Cipher Suites
Summary
DomainIPPortnum CipherstimeStd.ProtocolForward Secrecy
tsd.kspu.edu
20.93.147.159
443
27 Ciphers101.99 sec
16 without, 11 FS
40.74 %
www.tsd.kspu.edu
20.93.147.159
443
27 Ciphers101.73 sec
16 without, 11 FS
40.74 %
Complete

2
54 Ciphers
27.00 Ciphers/Check		203.72 sec101.86 sec/Check
32 without, 22 FS
40.74 %

Details
DomainIPPortCipher (OpenSsl / IANA)
tsd.kspu.edu
20.93.147.159
443
ECDHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xA8
 FS
27 Ciphers, 

101.99 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x30
 FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-ARIA256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x61
 FS

TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384

ECDH
RSA
ARIAGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x2F
 FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-ARIA128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x60
 FS

TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256

ECDH
RSA
ARIAGCM(128)
AEAD




ECDHE-RSA-CAMELLIA256-SHA384
 (Weak)
TLSv1.2
0xC0,0x77
 FS

TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384

ECDH
RSA
Camellia(256)
SHA384




ECDHE-RSA-AES256-SHA384
 (Weak)
TLSv1.2
0xC0,0x28
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDH
RSA
AES(256)
SHA384




CAMELLIA256-SHA256
 (Weak)
TLSv1.2
0x00,0xC0
 No FS

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256

RSA
RSA
Camellia(256)
SHA256




ARIA256-GCM-SHA384
 (Weak)
TLSv1.2
0xC0,0x51
 No FS

TLS_RSA_WITH_ARIA_256_GCM_SHA384

RSA
RSA
ARIAGCM(256)
AEAD




AES256-GCM-SHA384
 (Weak)
TLSv1.2
0x00,0x9D
 No FS

TLS_RSA_WITH_AES_256_GCM_SHA384

RSA
RSA
AESGCM(256)
AEAD




AES256-SHA256
 (Weak)
TLSv1.2
0x00,0x3D
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA256

RSA
RSA
AES(256)
SHA256




AES256-CCM8
 (Weak)
TLSv1.2
0xC0,0xA1
 No FS

TLS_RSA_WITH_AES_256_CCM_8

RSA
RSA
AESCCM8(256)
AEAD




AES256-CCM
 (Weak)
TLSv1.2
0xC0,0x9D
 No FS

TLS_RSA_WITH_AES_256_CCM

RSA
RSA
AESCCM(256)
AEAD




ECDHE-RSA-CAMELLIA128-SHA256
 (Weak)
TLSv1.2
0xC0,0x76
 FS

TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256

ECDH
RSA
Camellia(128)
SHA256




ECDHE-RSA-AES128-SHA256
 (Weak)
TLSv1.2
0xC0,0x27
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




CAMELLIA128-SHA256
 (Weak)
TLSv1.2
0x00,0xBA
 No FS

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256

RSA
RSA
Camellia(128)
SHA256




ARIA128-GCM-SHA256
 (Weak)
TLSv1.2
0xC0,0x50
 No FS

TLS_RSA_WITH_ARIA_128_GCM_SHA256

RSA
RSA
ARIAGCM(128)
AEAD




AES128-GCM-SHA256
 (Weak)
TLSv1.2
0x00,0x9C
 No FS

TLS_RSA_WITH_AES_128_GCM_SHA256

RSA
RSA
AESGCM(128)
AEAD




AES128-SHA256
 (Weak)
TLSv1.2
0x00,0x3C
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA256

RSA
RSA
AES(128)
SHA256




AES128-CCM8
 (Weak)
TLSv1.2
0xC0,0xA0
 No FS

TLS_RSA_WITH_AES_128_CCM_8

RSA
RSA
AESCCM8(128)
AEAD




AES128-CCM
 (Weak)
TLSv1.2
0xC0,0x9C
 No FS

TLS_RSA_WITH_AES_128_CCM

RSA
RSA
AESCCM(128)
AEAD




ECDHE-RSA-AES256-SHA
 (Weak)
TLSv1
0xC0,0x14
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
 (Weak)
TLSv1
0xC0,0x13
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1




CAMELLIA256-SHA
 (Weak)
SSLv3
0x00,0x84
 No FS

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

RSA
RSA
Camellia(256)
SHA1




AES256-SHA
 (Weak)
SSLv3
0x00,0x35
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA

RSA
RSA
AES(256)
SHA1




CAMELLIA128-SHA
 (Weak)
SSLv3
0x00,0x41
 No FS

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

RSA
RSA
Camellia(128)
SHA1




AES128-SHA
 (Weak)
SSLv3
0x00,0x2F
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA

RSA
RSA
AES(128)
SHA1

www.tsd.kspu.edu
20.93.147.159
443
ECDHE-RSA-CHACHA20-POLY1305
 (Secure)
TLSv1.2
0xCC,0xA8
 FS
27 Ciphers, 

101.73 sec
TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256

ECDH
RSA
CHACHA20/POLY1305(256)
AEAD




ECDHE-RSA-AES256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x30
 FS

TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

ECDH
RSA
AESGCM(256)
AEAD




ECDHE-ARIA256-GCM-SHA384
 (Secure)
TLSv1.2
0xC0,0x61
 FS

TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384

ECDH
RSA
ARIAGCM(256)
AEAD




ECDHE-RSA-AES128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x2F
 FS

TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

ECDH
RSA
AESGCM(128)
AEAD




ECDHE-ARIA128-GCM-SHA256
 (Secure)
TLSv1.2
0xC0,0x60
 FS

TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256

ECDH
RSA
ARIAGCM(128)
AEAD




ECDHE-RSA-CAMELLIA256-SHA384
 (Weak)
TLSv1.2
0xC0,0x77
 FS

TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384

ECDH
RSA
Camellia(256)
SHA384




ECDHE-RSA-AES256-SHA384
 (Weak)
TLSv1.2
0xC0,0x28
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

ECDH
RSA
AES(256)
SHA384




CAMELLIA256-SHA256
 (Weak)
TLSv1.2
0x00,0xC0
 No FS

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256

RSA
RSA
Camellia(256)
SHA256




ARIA256-GCM-SHA384
 (Weak)
TLSv1.2
0xC0,0x51
 No FS

TLS_RSA_WITH_ARIA_256_GCM_SHA384

RSA
RSA
ARIAGCM(256)
AEAD




AES256-GCM-SHA384
 (Weak)
TLSv1.2
0x00,0x9D
 No FS

TLS_RSA_WITH_AES_256_GCM_SHA384

RSA
RSA
AESGCM(256)
AEAD




AES256-SHA256
 (Weak)
TLSv1.2
0x00,0x3D
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA256

RSA
RSA
AES(256)
SHA256




AES256-CCM8
 (Weak)
TLSv1.2
0xC0,0xA1
 No FS

TLS_RSA_WITH_AES_256_CCM_8

RSA
RSA
AESCCM8(256)
AEAD




AES256-CCM
 (Weak)
TLSv1.2
0xC0,0x9D
 No FS

TLS_RSA_WITH_AES_256_CCM

RSA
RSA
AESCCM(256)
AEAD




ECDHE-RSA-CAMELLIA128-SHA256
 (Weak)
TLSv1.2
0xC0,0x76
 FS

TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256

ECDH
RSA
Camellia(128)
SHA256




ECDHE-RSA-AES128-SHA256
 (Weak)
TLSv1.2
0xC0,0x27
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

ECDH
RSA
AES(128)
SHA256




CAMELLIA128-SHA256
 (Weak)
TLSv1.2
0x00,0xBA
 No FS

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256

RSA
RSA
Camellia(128)
SHA256




ARIA128-GCM-SHA256
 (Weak)
TLSv1.2
0xC0,0x50
 No FS

TLS_RSA_WITH_ARIA_128_GCM_SHA256

RSA
RSA
ARIAGCM(128)
AEAD




AES128-GCM-SHA256
 (Weak)
TLSv1.2
0x00,0x9C
 No FS

TLS_RSA_WITH_AES_128_GCM_SHA256

RSA
RSA
AESGCM(128)
AEAD




AES128-SHA256
 (Weak)
TLSv1.2
0x00,0x3C
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA256

RSA
RSA
AES(128)
SHA256




AES128-CCM8
 (Weak)
TLSv1.2
0xC0,0xA0
 No FS

TLS_RSA_WITH_AES_128_CCM_8

RSA
RSA
AESCCM8(128)
AEAD




AES128-CCM
 (Weak)
TLSv1.2
0xC0,0x9C
 No FS

TLS_RSA_WITH_AES_128_CCM

RSA
RSA
AESCCM(128)
AEAD




ECDHE-RSA-AES256-SHA
 (Weak)
TLSv1
0xC0,0x14
 FS

TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

ECDH
RSA
AES(256)
SHA1




ECDHE-RSA-AES128-SHA
 (Weak)
TLSv1
0xC0,0x13
 FS

TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

ECDH
RSA
AES(128)
SHA1




CAMELLIA256-SHA
 (Weak)
SSLv3
0x00,0x84
 No FS

TLS_RSA_WITH_CAMELLIA_256_CBC_SHA

RSA
RSA
Camellia(256)
SHA1




AES256-SHA
 (Weak)
SSLv3
0x00,0x35
 No FS

TLS_RSA_WITH_AES_256_CBC_SHA

RSA
RSA
AES(256)
SHA1




CAMELLIA128-SHA
 (Weak)
SSLv3
0x00,0x41
 No FS

TLS_RSA_WITH_CAMELLIA_128_CBC_SHA

RSA
RSA
Camellia(128)
SHA1




AES128-SHA
 (Weak)
SSLv3
0x00,0x2F
 No FS

TLS_RSA_WITH_AES_128_CBC_SHA

RSA
RSA
AES(128)
SHA1


				 
			
18. Portchecks



No open Ports <> 80 / 443 found, so no additional Ports checked.



				 
			

				 
			

Permalink: https://check-your-website.server-daten.de/?i=582d045a-4afd-470e-a0f3-9697cd0cd82f

				 
			


Last Result: https://check-your-website.server-daten.de/?q=tsd.kspu.edu - 2025-09-03 15:11:23

				 
			
Do you like this page? Support this tool, add a link on your page:

				 
			
<a href="https://check-your-website.server-daten.de/?q=tsd.kspu.edu" target="_blank">Check this Site: tsd.kspu.edu</a>

				 
			

				 
			


Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

				 
			
QR-Code of this page - https://check-your-website.server-daten.de/?d=tsd.kspu.edu

				 
			

				 
			



Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • 
USt-IdNr.: DE221734518

				 
			


Errors, ideas, questions? Use the 
Contact form • A project using

Server-Daten - Web Database solutions