Check DNS, Urls + Redirects, Certificates and Content of your Website



N

No trusted Certificate

Checked:
15.09.2019 15:42:54


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
whitby-photography.com
A
176.58.100.62
London/England/United Kingdom (GB) - Linode
Hostname: whitby-photography.com
yes
2
0

AAAA

yes


www.whitby-photography.com
CNAME
whitby-photography.com
yes
1
0

A
176.58.100.62
London/England/United Kingdom (GB) - Linode
Hostname: whitby-photography.com
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 59944, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 30.09.2019, 00:00:00 +, Signature-Inception: 09.09.2019, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



1 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 28.09.2019, 05:00:00 +, Signature-Inception: 15.09.2019, 04:00:00 +, KeyTag 59944, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 59944 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 17708, Flags 256



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 24.09.2019, 18:25:33 +, Signature-Inception: 09.09.2019, 18:20:33 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: whitby-photography.com
whitby-photography.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "l8q8ds6722fnuhq9erhaikl35lr9e1sq" between the hashed NSEC3-owner "l8q8b342nhgmi5vai48dgitdmlg5mbo2" and the hashed NextOwner "l8q8euqbal3ksb0i9abbfee8aun2h8h5". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner l8q8b342nhgmi5vai48dgitdmlg5mbo2.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 19.09.2019, 04:42:57 +, Signature-Inception: 12.09.2019, 03:32:57 +, KeyTag 17708, Signer-Name: com



0 DNSKEY RR found




Zone: www.whitby-photography.com
www.whitby-photography.com
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
whitby-photography.com
  ns1.linode.com / 67m30
162.159.27.72
Ashburn/Virginia/United States (US) - Cloudflare, Inc.


 
2400:cb00:2049:1::a29f:1a63
Columbus/North Carolina/United States (US) - CLOUDFLARE


  ns2.linode.com / 67m30
162.159.24.39
Ashburn/Virginia/United States (US) - Cloudflare, Inc.


 
2400:cb00:2049:1::a29f:1827
Columbus/North Carolina/United States (US) - CLOUDFLARE


  ns3.linode.com / 67m20
162.159.25.129
Ashburn/Virginia/United States (US) - Cloudflare, Inc.


 
2400:cb00:2049:1::a29f:1981
Columbus/North Carolina/United States (US) - CLOUDFLARE


  ns4.linode.com / 67m11
162.159.26.99
Ashburn/Virginia/United States (US) - Cloudflare, Inc.


 
2400:cb00:2049:1::a29f:1b48
Columbus/North Carolina/United States (US) - CLOUDFLARE

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


4. SOA-Entries


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1568554958
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:12


Domain:com
Zone-Name:
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1568554973
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:1


Domain:whitby-photography.com
Zone-Name:
Primary:ns1.linode.com
Mail:whitbywebdesign.gmail.com
Serial:2019051843
Refresh:14400
Retry:14400
Expire:1209600
TTL:86400
num Entries:8


5. Screenshots

No Screenshot listed, because no screenshot found. Perhaps the check is too old, the feature startet 2019-12-23.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://whitby-photography.com/
176.58.100.62
301
https://www.whitby-photography.com/
0.714
E
X-Powered-By: PHP/7.2.12
Vary: Accept-Encoding, Cookie
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.whitby-photography.com/xmlrpc.php
Expires: Sun, 15 Sep 2019 14:43:41 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://www.whitby-photography.com/
Content-Length: 0
Date: Sun, 15 Sep 2019 13:43:41 GMT
Server: LiteSpeed
Connection: close

• http://www.whitby-photography.com/
176.58.100.62
301
https://www.whitby-photography.com/
0.713
A
X-Powered-By: PHP/7.2.12
Vary: Accept-Encoding, Cookie
Content-Type: text/html; charset=UTF-8
X-Pingback: http://www.whitby-photography.com/xmlrpc.php
Expires: Sun, 15 Sep 2019 14:43:42 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://www.whitby-photography.com/
Content-Length: 0
Date: Sun, 15 Sep 2019 13:43:42 GMT
Server: LiteSpeed
Connection: close

• https://whitby-photography.com/
176.58.100.62
301
https://www.whitby-photography.com/
2.826
N
Certificate error: RemoteCertificateChainErrors
X-Powered-By: PHP/7.2.12
Vary: Accept-Encoding, Cookie
Content-Type: text/html; charset=UTF-8
X-Pingback: https://www.whitby-photography.com/xmlrpc.php
Expires: Sun, 15 Sep 2019 14:43:43 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: https://www.whitby-photography.com/
Content-Length: 0
Date: Sun, 15 Sep 2019 13:43:43 GMT
Server: LiteSpeed
Alt-Svc: quic=":443"; ma=2592000; v="35,39,43,44"
Connection: close

• https://www.whitby-photography.com/
176.58.100.62 GZip used - 135986 / 1104449 - 87.69 %
Inline-JavaScript (∑/total): 39/12576 Inline-CSS (∑/total): 10/956186
200

Html is minified: 854.57 %
2.687
N
Certificate error: RemoteCertificateChainErrors
Vary: Accept-Encoding, Cookie
X-Powered-By: PHP/7.2.12
Content-Type: text/html; charset=UTF-8
X-Pingback: https://www.whitby-photography.com/xmlrpc.php
Link: <https://www.whitby-photography.com/wp-json/>; rel="https://api.w.org/", <https://www.whitby-photography.com/>; rel=shortlink
Content-Length: 135986
Content-Encoding: gzip
Date: Sun, 15 Sep 2019 13:43:45 GMT
Server: LiteSpeed
Alt-Svc: quic=":443"; ma=2592000; v="35,39,43,44"
Connection: close

• http://whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
176.58.100.62
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0
301
http://www.whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
0.746
D
Visible Content:
X-Powered-By: PHP/7.2.12
Vary: Accept-Encoding, Cookie
Content-Type: text/html; charset=UTF-8
Expires: Sun, 15 Sep 2019 14:44:01 GMT
Cache-Control: max-age=3600
X-Redirect-By: WordPress
Location: http://www.whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 0
Date: Sun, 15 Sep 2019 13:44:01 GMT
Server: LiteSpeed
Connection: close

• http://www.whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
176.58.100.62 GZip used - 167140 / 1028427 - 83.75 %
Inline-JavaScript (∑/total): 39/12575 Inline-CSS (∑/total): 7/956262
404

Html is minified: 1874.19 %
1.450
A
Not Found
Visible Content: Skip to content Text Us Today - 07879451837 | whi&#116;&#98;yp&#104;&#111;&#116;&#111;g&#114;&#97;p&#104;&#121;1&#64;g&#109;&#97;&#105;&#108;&#46;c&#111;m Facebook Twitter YouTube Instagram Pinterest LinkedIn Email Shop Home Offers Calendars Coasters Whats On Blog Family Services Family Portraits Whitby Photography Tuition Guest Houses Commissions Photography Walks Search for: Shop Home Offers Calendars Coasters Whats On Blog Family Services Family Portraits Whitby Photography Tuition Guest Houses Commissions Photography Walks Search for: Error 404 Page Home / 404 - Page not Found Oops, This Page Could Not Be Found! 404 Helpful Links Shop Home Offers Calendars Coasters Whats On Blog Family Services Search Our Website Can&#039;t find what you need? Take a moment and do a search below! Search for: Contact Info Flat 2, 18 John Street, Whitby, YO21 3ET Mobile: 07879451837 Email: Email Us Web: Facebook Glenn&#8217;s Blog Apology To Anyone Offended By The Nazi Flag Photograph Whitby War Weekend 2019 &#8211; Germans Were Present Ohh Another Facebook Ban &#8211; How Original. Your Feedback Bridget Lobley on Apology To Anyone Offended By The Nazi Flag Photograph Stella Hayselden on Apology To Anyone Offended By The Nazi Flag Photograph Significant Pages Photographs Of Whitby Sunsets Buy Whitby Canvases Shop Now Buy Whitby Calendars Copyright Whitby Photography | All Rights Reserved | Glenn Kilpatrick | Built By Whitby Web Design Facebook Twitter YouTube Instagram Pinterest LinkedIn Email Toggle Sliding Bar Area This Is A Custom Widget This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile. This Is A Custom Widget This Sliding Bar can be switched on or off in theme options, and can take any widget you throw at it or even fill it with your custom HTML Code. Its perfect for grabbing the attention of your viewers. Choose between 1, 2, 3 or 4 columns, set the background color, widget divider color, activate transparency, a top border or fully disable it on desktop and mobile.
X-Powered-By: PHP/7.2.12
Vary: Accept-Encoding, Cookie
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-transform, no-cache, must-revalidate, max-age=0
Content-Type: text/html; charset=UTF-8
Link: <https://www.whitby-photography.com/wp-json/>; rel="https://api.w.org/"
Transfer-Encoding: chunked
Content-Encoding: gzip
Date: Sun, 15 Sep 2019 13:44:02 GMT
Server: LiteSpeed
Connection: close

7. Comments


1. General Results, most used to calculate the result

Aname "whitby-photography.com" is domain, public suffix is "com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services"
Agood: All ip addresses are public addresses
Agood: No asked Authoritative Name Server had a timeout
Agood: destination is https
Agood - only one version with Http-Status 200
Agood: one preferred version: www is preferred
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Ahttp://www.whitby-photography.com/ 176.58.100.62
301
https://www.whitby-photography.com/
correct redirect http - https with the same domain name
Bhttps://whitby-photography.com/ 176.58.100.62
301

Missing HSTS-Header
Bhttps://www.whitby-photography.com/ 176.58.100.62
200

Missing HSTS-Header
Dhttp://whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 176.58.100.62
301
http://www.whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Wrong redirect one domain http to other domain http. First redirect to https without changing the domain, so no new dns query is required. So the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://whitby-photography.com/ 176.58.100.62
301
https://www.whitby-photography.com/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ihttps://www.whitby-photography.com/ 176.58.100.62
200

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Check the Html-Content - Part.
Ihttp://www.whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 176.58.100.62
404

Content problems or problems with resources included - http links, files doesn't exist, different Content-Type definitions. Not used to calculate the result because it's a http - check. But listed so you should fix it.
Nhttps://whitby-photography.com/ 176.58.100.62
301
https://www.whitby-photography.com/
Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://www.whitby-photography.com/ 176.58.100.62
200

Error - Certificate isn't trusted, RemoteCertificateChainErrors
OOld connection: SHA1 as Hash Algorithm is deprecated. Switch to SHA256 or SHA384. If your certificate has SHA256, first check your domain via ssllabs.com and update weak Cipher Suites. Forward Secrecy support is required. The part "Cipher Suites" should have a preference. First Cipher Suite with SHA instead of SHA256 or higher - that's the problem, change that. If that doesn't help, check if there is an old Firewall / router or something else, that supports only SHA1. Update that component.

2. DNS- and NameServer - Checks

AGood: Nameserver supports TCP connections: 8 good Nameserver
AGood: Nameserver supports Echo Capitalization: 8 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 8 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 8 good Nameserver
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

3. Content- and Performance-critical Checks

AGood: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
http://www.whitby-photography.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 176.58.100.62
404
1.450 seconds
Warning: 404 needs more then one second
ADuration: 163400 milliseconds, 163.400 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
whitby-photography.com
176.58.100.62
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes128
128
Sha1
error checking OCSP stapling
weak
whitby-photography.com
176.58.100.62
443
Certificate/chain invalid
Tls12

ECDH Ephermal
256
Aes128
128
Sha1
error checking OCSP stapling
weak
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.whitby-photography.com

2CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US

3CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US


www.whitby-photography.com
176.58.100.62
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes128
128
Sha1
error checking OCSP stapling
weak

www.whitby-photography.com
176.58.100.62
443
Certificate/chain invalid
Tls12

ECDH Ephermal
256
Aes128
128
Sha1
error checking OCSP stapling
weak
 
no Tls.1.2
no Tls.1.1
no Tls.1.0

no Tls.1.2
no Tls.1.1
no Tls.1.0
Chain (complete)
1CN=www.whitby-photography.com

2CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US

3CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US


9. Certificates

1.
1.
CN=www.whitby-photography.com
21.11.2018
14.09.2019
1021 days expired
www.whitby-photography.com, whitby-photography.com - 2 entries
1.
1.
CN=www.whitby-photography.com
21.11.2018

14.09.2019
1021 days expired
www.whitby-photography.com, whitby-photography.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0EC6CCA5FB696C214FD7BF746D9E5DF3
Thumbprint:A20AE64AFF46895B378615C0BCACBDBE0EE24274
SHA256 / Certificate:a7MdpKNm1ItF4vjOsixFwU0bBCNdcHzhHR62jLM43WA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):9fedce286c9541691b66a32c48444e3fa7a2f6952f2348b903a9dc9e59be6bad
SHA256 hex / Subject Public Key Information (SPKI):9fedce286c9541691b66a32c48444e3fa7a2f6952f2348b903a9dc9e59be6bad
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://status.rapidssl.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)

NotTimeValid: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

2.
CN=www.whitby-photography.com
21.11.2018
14.09.2019
1021 days expired
www.whitby-photography.com, whitby-photography.com - 2 entries

2.
CN=www.whitby-photography.com
21.11.2018

14.09.2019
1021 days expired
www.whitby-photography.com, whitby-photography.com - 2 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0EC6CCA5FB696C214FD7BF746D9E5DF3
Thumbprint:A20AE64AFF46895B378615C0BCACBDBE0EE24274
SHA256 / Certificate:a7MdpKNm1ItF4vjOsixFwU0bBCNdcHzhHR62jLM43WA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):9fedce286c9541691b66a32c48444e3fa7a2f6952f2348b903a9dc9e59be6bad
SHA256 hex / Subject Public Key Information (SPKI):9fedce286c9541691b66a32c48444e3fa7a2f6952f2348b903a9dc9e59be6bad
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://status.rapidssl.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)

NotTimeValid: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

3.
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
06.11.2017
06.11.2027
expires in 1954 days


3.
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
06.11.2017

06.11.2027
expires in 1954 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:08A5A246CD4B5C8C83D702B4BBAB5349
Thumbprint:98C6A8DC887963BA3CF9C2731CBDD3F7DE05AC2D
SHA256 / Certificate:x5C0cShEfsC2DyK/y3ldccMm3ZEO4Sy7TMWoYZHrkbw=
SHA256 hex / Cert (DANE * 0 1):c790b47128447ec0b60f22bfcb795d71c326dd910ee12cbb4cc5a86191eb91bc
SHA256 hex / PublicKey (DANE * 1 1):9ca59cb18adcfb2e48f2f2dfd55181ca36edf879dab2397ef61f2534a272b681
SHA256 hex / Subject Public Key Information (SPKI):9ca59cb18adcfb2e48f2f2dfd55181ca36edf879dab2397ef61f2534a272b681
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Server Authentication (1.3.6.1.5.5.7.3.1), Client Authentication (1.3.6.1.5.5.7.3.2)


4.
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
06.11.2017
06.11.2027
expires in 1954 days


4.
CN=RapidSSL RSA CA 2018, OU=www.digicert.com, O=DigiCert Inc, C=US
06.11.2017

06.11.2027
expires in 1954 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:08A5A246CD4B5C8C83D702B4BBAB5349
Thumbprint:98C6A8DC887963BA3CF9C2731CBDD3F7DE05AC2D
SHA256 / Certificate:x5C0cShEfsC2DyK/y3ldccMm3ZEO4Sy7TMWoYZHrkbw=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):9ca59cb18adcfb2e48f2f2dfd55181ca36edf879dab2397ef61f2534a272b681
SHA256 hex / Subject Public Key Information (SPKI):9ca59cb18adcfb2e48f2f2dfd55181ca36edf879dab2397ef61f2534a272b681
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 3419 days


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 3419 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016
10.05.2025
expires in 1044 days


6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016

10.05.2025
expires in 1044 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F5BC3A176CB789E2020C7893C8167B4
Thumbprint:FB20FA8A6A93B375F054814F9E00273EA51A6138
SHA256 / Certificate:bay7iUUTex2tQhGwQ2774G8SrONpBJc7Ra4ldAgj02k=
SHA256 hex / Cert (DANE * 0 1):6dacbb8945137b1dad4211b0436efbe06f12ace36904973b45ae25740823d369
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000
13.05.2025
expires in 1047 days


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000

13.05.2025
expires in 1047 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:020000B9
Thumbprint:D4DE20D05E66FC53FE1A50882C78DB2852CAE474
SHA256 / Certificate:Fq9XqfZ2sKsSYJWqXrre8iqzERnWRKyVzUuT2/Pyaus=
SHA256 hex / Cert (DANE * 0 1):16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
SHA256 hex / PublicKey (DANE * 1 1):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SHA256 hex / Subject Public Key Information (SPKI):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuerlast 7 daysactivenum Certs
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
0
0
2

CertSpotter-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
1130749348
precert
Leaf-1130749348
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-09-15 11:47:53
2019-12-14 11:47:53
whitby-photography.com, www.whitby-photography.com - 2 entries


1130680370
precert
Leaf-1130680370
CN=Let's Encrypt Authority X3, O=Let's Encrypt, C=US
2019-09-15 11:46:52
2019-12-14 11:46:52
whitby-photography.com - 1 entries



2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > 2019 are listed

No CRT - CT-Log entries found


11. Html-Content - Entries

Summary

No data found or small Code-update

Details

Small Code Update - wait one minute


12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers:

No NameServer - IP address informations found. The feature is new (2020-05-07), so recheck this domain.


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
www.whitby-photography.com



1
0
whitby-photography.com
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
whitby-photography.com
v=spf1 mx ip6:2a01:7e00::f03c:91ff:fe56:9374 ~all
ok
1
0
www.whitby-photography.com
v=spf1 mx ip6:2a01:7e00::f03c:91ff:fe56:9374 ~all
ok
1
0
_acme-challenge.whitby-photography.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.whitby-photography.com

Name Error - The domain name does not exist
1
0
_acme-challenge.whitby-photography.com.whitby-photography.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.whitby-photography.com.whitby-photography.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.whitby-photography.com.www.whitby-photography.com

Name Error - The domain name does not exist
1
0


15. Portchecks

No Port checks



Permalink: https://check-your-website.server-daten.de/?i=9c86863c-6774-4fe1-8d2e-c334b09c7c31


Last Result: https://check-your-website.server-daten.de/?q=whitby-photography.com - 2019-09-15 15:42:54


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=whitby-photography.com" target="_blank">Check this Site: whitby-photography.com</a>