Check DNS, Urls + Redirects, Certificates and Content of your Website

...

skip EDNS-Check

skip Content-Check

check links

Server error

Checked:
18.09.2023 11:26:55

Older results

N - 17.09.2023 22:17:11

N - 01.04.2023 08:57:14

E - 23.04.2021 13:07:59

L - 26.03.2021 08:44:31

V - 26.03.2021 07:15:13

N - 26.03.2021 07:07:08

V - 26.03.2021 06:15:15

V - 26.03.2021 06:09:44

1. IP-Addresses

Host	Type	IP-Address	is auth.	∑ Queries	∑ Timeout
wtth.net	A	81.166.164.101 Krokstadelva/Viken/Norway (NO) - Altibox Hostname: 101.81-166-164.customer.lyse.net	yes	1	0
	AAAA		yes
www.wtth.net	A	81.166.164.101 Krokstadelva/Viken/Norway (NO) - Altibox Hostname: 101.81-166-164.customer.lyse.net	yes	1	0
	AAAA		yes
*.wtth.net	A	Name Error	yes
	AAAA	Name Error	yes
	CNAME	Name Error	yes

2. DNSSEC

Zone (*)	DNSSEC - Informations

Zone: (root)
(root)	1 DS RR published


	DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=


	• Status: Valid because published


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 11019, Flags 256


	Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 30.09.2023, 00:00:00 +, Signature-Inception: 09.09.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: net
net	1 DS RR in the parent zone found


	DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 01.10.2023, 05:00:00 +, Signature-Inception: 18.09.2023, 04:00:00 +, KeyTag 11019, Signer-Name: (root)


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 11019 used to validate the DS RRSet in the parent zone


	2 DNSKEY RR found


	Public Key with Algorithm 8, KeyTag 35886, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 8, KeyTag 39455, Flags 256


	1 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 01.10.2023, 16:28:30 +, Signature-Inception: 16.09.2023, 16:23:30 +, KeyTag 35886, Signer-Name: net


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 35886 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest "eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: wtth.net
wtth.net	2 DS RR in the parent zone found


	DS with Algorithm 13, KeyTag 30089, DigestType 2 and Digest 1Y7KirrIc1il9CiODcfdCYuRuo9aMTx39OrH6FNeDbk=


	DS with Algorithm 13, KeyTag 30089, DigestType 4 and Digest XX1lwbg/w/IAnwbzXkoqh8z7HkXBJNWmOLhYL3ZXIutuHLFPRPWCZqhNXucujmb5


	1 RRSIG RR to validate DS RR found


	RRSIG-Owner wtth.net., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 24.09.2023, 07:02:31 +, Signature-Inception: 17.09.2023, 05:52:31 +, KeyTag 39455, Signer-Name: net


	• Status: Good - Algorithmus 8 and DNSKEY with KeyTag 39455 used to validate the DS RRSet in the parent zone


	3 DNSKEY RR found


	Public Key with Algorithm 13, KeyTag 22693, Flags 256


	Public Key with Algorithm 13, KeyTag 30089, Flags 257 (SEP = Secure Entry Point)


	Public Key with Algorithm 13, KeyTag 64954, Flags 256


	3 RRSIG RR to validate DNSKEY RR found


	RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 22693, Signer-Name: wtth.net


	RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 30089, Signer-Name: wtth.net


	RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 22693 used to validate the DNSKEY RRSet


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 30089 used to validate the DNSKEY RRSet


	• Status: Good - Algorithmus 13 and DNSKEY with KeyTag 64954 used to validate the DNSKEY RRSet


	• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 30089, DigestType 2 and Digest "1Y7KirrIc1il9CiODcfdCYuRuo9aMTx39OrH6FNeDbk=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone


	• Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 30089, DigestType 4 and Digest "XX1lwbg/w/IAnwbzXkoqh8z7HkXBJNWmOLhYL3ZXIutuHLFPRPWCZqhNXucujmb5" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 22693, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 22693, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner wtth.net., Algorithm: 13, 2 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	CNAME-Query sends a valid NSEC3 RR as result with the hashed query name "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" equal the hashed NSEC3-owner "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" and the hashed NextOwner "v7rjgkefrrif5vdcfmhatqm9mp88dht4". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner qsm7vi5bv85fj2tftm7et2ar6aujtdjh.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.


	TXT-Query sends a valid NSEC3 RR as result with the hashed query name "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" equal the hashed NSEC3-owner "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" and the hashed NextOwner "v7rjgkefrrif5vdcfmhatqm9mp88dht4". So the zone confirmes the not-existence of that TXT RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner qsm7vi5bv85fj2tftm7et2ar6aujtdjh.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.


	AAAA-Query sends a valid NSEC3 RR as result with the hashed query name "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" equal the hashed NSEC3-owner "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" and the hashed NextOwner "v7rjgkefrrif5vdcfmhatqm9mp88dht4". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner qsm7vi5bv85fj2tftm7et2ar6aujtdjh.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.


	TLSA-Query (_443._tcp.wtth.net) sends a valid NSEC3 RR as result with the hashed owner name "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" (unhashed: wtth.net). So that's the Closest Encloser of the query name. TLSA-Query (_443._tcp.wtth.net) sends a valid NSEC3 RR as result with the hashed query name "r6oq5ocoa1207dhlatnrf9j87l5jq3v9" between the hashed NSEC3-owner "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" and the hashed NextOwner "v7rjgkefrrif5vdcfmhatqm9mp88dht4". So the zone confirmes the not-existence of that TLSA RR. Bitmap: A, NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner qsm7vi5bv85fj2tftm7et2ar6aujtdjh.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Next Closer Name "95r9lb2b2u6e0j1ve07l2pv33c13al8n" (unhashed: _tcp.wtth.net) with the owner "54103thaka9kjnthd27k4kmsrprk6nkc" and the NextOwner "9l07es55rsb300jv8iet8ct8gd085hup". So that NSEC3 confirms the not-existence of the Next Closer Name. Bitmap: A, MX, RRSIG Validated: RRSIG-Owner 54103thaka9kjnthd27k4kmsrprk6nkc.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Wildcard expansion of the ClosestEncloser "h7as5c292bujnmn6mk360fel9iq1n504" (unhashed: *.wtth.net) with the owner "9l07es55rsb300jv8iet8ct8gd085hup" and the NextOwner "hg2i0l91fdfdunc46n5l38b92tcpm135". So that NSEC3 confirms the not-existence of the Wildcard expansion. Bitmap: A, RRSIG Validated: RRSIG-Owner 9l07es55rsb300jv8iet8ct8gd085hup.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NXDomain-Proof required and found.


	CAA-Query sends a valid NSEC3 RR as result with the hashed query name "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" equal the hashed NSEC3-owner "qsm7vi5bv85fj2tftm7et2ar6aujtdjh" and the hashed NextOwner "v7rjgkefrrif5vdcfmhatqm9mp88dht4". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner qsm7vi5bv85fj2tftm7et2ar6aujtdjh.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.

Zone: www.wtth.net
www.wtth.net	0 DS RR in the parent zone found


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "hg2i0l91fdfdunc46n5l38b92tcpm135" between the hashed NSEC3-owner "hg2i0l91fdfdunc46n5l38b92tcpm135" and the hashed NextOwner "psoefjj0hboq2o0uait5gh85vbrk24eo". So the parent zone confirmes the not-existence of a DS RR. Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 22693, Signer-Name: wtth.net


	DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "hg2i0l91fdfdunc46n5l38b92tcpm135" between the hashed NSEC3-owner "hg2i0l91fdfdunc46n5l38b92tcpm135" and the hashed NextOwner "psoefjj0hboq2o0uait5gh85vbrk24eo". So the parent zone confirmes the not-existence of a DS RR. Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner www.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 22693, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner www.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 22693, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner www.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	RRSIG Type 1 validates the A - Result: 81.166.164.101 Validated: RRSIG-Owner www.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	CNAME-Query sends a valid NSEC3 RR as result with the hashed query name "hg2i0l91fdfdunc46n5l38b92tcpm135" equal the hashed NSEC3-owner "hg2i0l91fdfdunc46n5l38b92tcpm135" and the hashed NextOwner "psoefjj0hboq2o0uait5gh85vbrk24eo". So the zone confirmes the not-existence of that CNAME RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.


	TXT-Query sends a valid NSEC3 RR as result with the hashed query name "hg2i0l91fdfdunc46n5l38b92tcpm135" equal the hashed NSEC3-owner "hg2i0l91fdfdunc46n5l38b92tcpm135" and the hashed NextOwner "psoefjj0hboq2o0uait5gh85vbrk24eo". So the zone confirmes the not-existence of that TXT RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.


	AAAA-Query sends a valid NSEC3 RR as result with the hashed query name "hg2i0l91fdfdunc46n5l38b92tcpm135" equal the hashed NSEC3-owner "hg2i0l91fdfdunc46n5l38b92tcpm135" and the hashed NextOwner "psoefjj0hboq2o0uait5gh85vbrk24eo". So the zone confirmes the not-existence of that AAAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.


	TLSA-Query (_443._tcp.www.wtth.net) sends a valid NSEC3 RR as result with the hashed owner name "hg2i0l91fdfdunc46n5l38b92tcpm135" (unhashed: www.wtth.net). So that's the Closest Encloser of the query name. Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Next Closer Name "41ibfcvqh5do93dqnnkqfgop8juucded" (unhashed: _tcp.www.wtth.net) with the owner "v7rjgkefrrif5vdcfmhatqm9mp88dht4" and the NextOwner "4evsr4780l2hbhae4v3541mnl62el62p". So that NSEC3 confirms the not-existence of the Next Closer Name. TLSA-Query (_443._tcp.www.wtth.net) sends a valid NSEC3 RR as result with the owner name "v7rjgkefrrif5vdcfmhatqm9mp88dht4" greater the NextOwner-Name "4evsr4780l2hbhae4v3541mnl62el62p", so the NSEC3 covers the end of the zone. The hashed query name "1kssfkmq4h1s1n03gm9cdcka5d172vka" comes before the hashed NextOwner, so the zone confirmes the not-existence of that TLSA RR. Bitmap: A, RRSIG Validated: RRSIG-Owner v7rjgkefrrif5vdcfmhatqm9mp88dht4.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NXDomain-Proof required and found.


	TLSA-Query sends a valid NSEC3 RR as result and covers the hashed Wildcard expansion of the ClosestEncloser "cicrr13rshugmgvhedke18gc6atdlj5i" (unhashed: *.www.wtth.net) with the owner "9l07es55rsb300jv8iet8ct8gd085hup" and the NextOwner "hg2i0l91fdfdunc46n5l38b92tcpm135". So that NSEC3 confirms the not-existence of the Wildcard expansion. Bitmap: A, RRSIG Validated: RRSIG-Owner 9l07es55rsb300jv8iet8ct8gd085hup.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NXDomain-Proof required and found.


	CAA-Query sends a valid NSEC3 RR as result with the hashed query name "hg2i0l91fdfdunc46n5l38b92tcpm135" equal the hashed NSEC3-owner "hg2i0l91fdfdunc46n5l38b92tcpm135" and the hashed NextOwner "psoefjj0hboq2o0uait5gh85vbrk24eo". So the zone confirmes the not-existence of that CAA RR, but the existence of that query name (minimal one RR with that name exists). Bitmap: A, RRSIG Validated: RRSIG-Owner hg2i0l91fdfdunc46n5l38b92tcpm135.wtth.net., Algorithm: 13, 3 Labels, original TTL: 3600 sec, Signature-expiration: 17.10.2023, 07:32:47 +, Signature-Inception: 17.09.2023, 07:32:47 +, KeyTag 64954, Signer-Name: wtth.net


	Status: Good. NoData-Proof required and found.

3. Name Servers

Domain	Nameserver	NS-IP
www.wtth.net	• ns1.hyp.net / ams.nl		•
wtth.net	• ns1.hyp.net / ams.nl	151.249.124.1 Oslo/Oslo County/Norway (NO) - Domeneshop	•
	•	2a01:5b40:ac1::1 Oslo/Oslo County/Norway (NO) - Domeneshop AS	•
	• ns2.hyp.net / reg-fam1_customer10	192.174.68.10 Vienna/Austria (AT) - ipcom GmbH	•
	•	2001:67c:1bc::10 Salzburg/Austria (AT) - IPCom-NET Anycast	•
	• ns3.hyp.net / par.fr	151.249.126.3 Oslo/Oslo County/Norway (NO) - hyp.net anycast	•
	•	2a01:5b40:ac3::1 Oslo/Oslo County/Norway (NO) - Domeneshop	•
net	• a.gtld-servers.net / nnn1-par6		•
	• b.gtld-servers.net / nnn1-eltxl1		•
	• c.gtld-servers.net / nnn1-defra-5		•
	• d.gtld-servers.net / nnn1-par6		•
	• e.gtld-servers.net / nnn1-par6		•
	• f.gtld-servers.net / nnn1-defra-4		•
	• g.gtld-servers.net / nnn1-defra-4		•
	• h.gtld-servers.net / nnn1-defra-4		•
	• i.gtld-servers.net / nnn1-defra-4		•
	• j.gtld-servers.net / nnn1-frmrs-2		•
	• k.gtld-servers.net / nnn1-frmrs-2		•
	• l.gtld-servers.net / nnn1-nlams-1d		•
	• m.gtld-servers.net / nnn1-frmrs-2		•

4. SOA-Entries

Domain:	net
Zone-Name:	net
Primary:	a.gtld-servers.net
Mail:	nstld.verisign-grs.com
Serial:	1695029198
Refresh:	1800
Retry:	900
Expire:	604800
TTL:	86400
num Entries:	13

Domain:	wtth.net
Zone-Name:	wtth.net
Primary:	ns1.hyp.net
Mail:	hostmaster.domeneshop.no
Serial:	1694939567
Refresh:	21600
Retry:	3600
Expire:	1209600
TTL:	3600
num Entries:	6

Domain:	www.wtth.net
Zone-Name:	wtth.net
Primary:	ns1.hyp.net
Mail:	hostmaster.domeneshop.no
Serial:	1694939567
Refresh:	21600
Retry:	3600
Expire:	1209600
TTL:	3600
num Entries:	1

5. Screenshots

No Screenshot listed, because Chrome (used to create the Screenshot) could not load the url. Instead, there was a redirect to "chrome-error://chromewebdata/", so the content of your website isn't visible.

6. Url-Checks

show header:

Domainname	Http-Status	redirect	Sec.	G
• http://wtth.net/ 81.166.164.101	302	https://wtth.net/ Html is minified: 100.00 %	0.097	A
Date: Mon, 18 Sep 2023 09:56:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
Location: https://wtth.net/
Content-Length: 201
Connection: close
Content-Type: text/html; charset=iso-8859-1

• http://www.wtth.net/ 81.166.164.101	302	https://wtth.net/ Html is minified: 100.00 %	0.093	E
Date: Mon, 18 Sep 2023 09:56:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
Location: https://wtth.net/
Content-Length: 201
Connection: close
Content-Type: text/html; charset=iso-8859-1

• https://wtth.net/ 81.166.164.101 Inline-JavaScript (∑/total): 2/13216 Inline-CSS (∑/total): 1/2199	500	Html is minified: 857.50 %	6.793	S
Internal Server Error
small visible content (num chars: 159) Sorry, there was a problem we could not recover from. The server returned a "500 - Whoops, looks like something went wrong." Help me resolve this Joomla - Help
Date: Mon, 18 Sep 2023 09:56:17 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
X-Powered-By: PHP/8.0.30
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

• https://www.wtth.net/ 81.166.164.101 Inline-JavaScript (∑/total): 2/13216 Inline-CSS (∑/total): 1/2199	500	Html is minified: 857.50 %	6.636	N
Internal Server Error
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 159) Sorry, there was a problem we could not recover from. The server returned a "500 - Whoops, looks like something went wrong." Help me resolve this Joomla - Help
Date: Mon, 18 Sep 2023 09:56:26 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
Strict-Transport-Security: max-age=15552000; includeSubDomains
X-Powered-By: PHP/8.0.30
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

• http://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 81.166.164.101 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	302	https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Html is minified: 100.00 %	0.067	A
Visible Content: Found The document has moved here .
Date: Mon, 18 Sep 2023 09:56:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
Location: https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 270
Connection: close
Content-Type: text/html; charset=iso-8859-1

• http://www.wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 81.166.164.101 Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	302	https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Html is minified: 100.00 %	0.087	E
Visible Content: Found The document has moved here .
Date: Mon, 18 Sep 2023 09:56:34 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
Location: https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
Content-Length: 270
Connection: close
Content-Type: text/html; charset=iso-8859-1

• https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0	404	Html is minified: 100.00 %	6.490	A
Not Found
Visible Content: Not Found The requested URL /.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de was not found on this server.
Date: Mon, 18 Sep 2023 09:56:43 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
Content-Length: 267
Connection: close
Content-Type: text/html; charset=iso-8859-1

• https://81.166.164.101/ 81.166.164.101 Inline-JavaScript (∑/total): 2/13216 Inline-CSS (∑/total): 1/2199	500	Html is minified: 857.50 %	6.617	N
Internal Server Error
Certificate error: RemoteCertificateNameMismatch
small visible content (num chars: 159) Sorry, there was a problem we could not recover from. The server returned a "500 - Whoops, looks like something went wrong." Help me resolve this Joomla - Help
Date: Mon, 18 Sep 2023 09:56:35 GMT
Server: Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/8.0.30
X-Powered-By: PHP/8.0.30
Connection: close
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

7. Comments

	1. General Results, most used to calculate the result
A	name "wtth.net" is domain, public suffix is ".net", top-level-domain is ".net", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .net-domains preloaded: 8862 (complete: 231048)
A	Good: All ip addresses are public addresses
	Warning: Only one ip address found: wtth.net has only one ip address.
	Warning: Only one ip address found: www.wtth.net has only one ip address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: wtth.net has no ipv6 address.
	Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: www.wtth.net has no ipv6 address.
A	Good: No asked Authoritative Name Server had a timeout
A	Good: No cookie sent via http.
	HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
A	Good: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
A	http://wtth.net/ 81.166.164.101	302	https://wtth.net/	Correct redirect http - https with the same domain name
B	Warning: HSTS max-age is too short - minimum 31536000 = 365 days required, 15552000 seconds = 180 days found
B	https://wtth.net/ 81.166.164.101	500		Missing HSTS-Header
B	https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	404		Missing HSTS-Header
C	Error - no version with Http-Status 200
E	http://www.wtth.net/ 81.166.164.101	302	https://wtth.net/	Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
H	Fatal error: No https - result with http-status 200, no encryption
N	https://www.wtth.net/ 81.166.164.101	500		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	https://81.166.164.101/ 81.166.164.101	500		Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	wtth.net:8443			Error - Certificate isn't trusted, RemoteCertificateNameMismatch
N	www.wtth.net:8443			Error - Certificate isn't trusted, RemoteCertificateNameMismatch
O	wtth.net / 81.166.164.101 / 8443			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 7 Cipher Suites without Forward Secrecy found
O	www.wtth.net / 81.166.164.101 / 8443			Old connection: Cipher Suites without Forward Secrecy (FS) found. Remove all of these Cipher Suites, use only Cipher Suites with Forward Secrecy: Starting with ECDHE- or DHE - the last "E" says: "ephemeral". Or use Tls.1.3, then all Cipher Suites use FS. 7 Cipher Suites without Forward Secrecy found
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain wtth.net, 1 ip addresses, 1 different http results.
	Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain www.wtth.net, 1 ip addresses, 1 different http results.
B	No _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.wtth.net
	2. Header-Checks
U				No https result with http status 2 or 4 (standard-check) found, no header checked.
	3. DNS- and NameServer - Checks
A	Info:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 3 Name Servers.
A	Info:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
A	Good: All DNS Queries done via IPv6.
A	Good: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.ns1.hyp.net (151.249.124.1, 2a01:5b40:ac1::1), ns2.hyp.net (192.174.68.10, 2001:67c:1bc::10), ns3.hyp.net (151.249.126.3, 2a01:5b40:ac3::1)
A	Good (1 - 3.0):: An average of 0.7 queries per domain name server required to find all ip addresses of all name servers.
A	Info:: 3 different Name Servers found: ns1.hyp.net, ns2.hyp.net, ns3.hyp.net, 3 Name Servers included in Delegation: ns1.hyp.net, ns2.hyp.net, ns3.hyp.net, 3 Name Servers included in 1 Zone definitions: ns1.hyp.net, ns2.hyp.net, ns3.hyp.net, 1 Name Servers listed in SOA.Primary: ns1.hyp.net.
A	Good: Only one SOA.Primary Name Server found.: ns1.hyp.net.
A	Good: SOA.Primary Name Server included in the delegation set.: ns1.hyp.net.
A	Good: Consistency between delegation and zone. The set of NS records served by the authoritative name servers must match those proposed for the delegation in the parent zone. Ordered list of name servers: ns1.hyp.net, ns2.hyp.net, ns3.hyp.net
A	Good: All Name Server Domain Names have a Public Suffix.
A	Good: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
A	Good: All Name Server ip addresses are public.
A	Good: Minimal 2 different name servers (public suffix and public ip address) found: 3 different Name Servers found
A	Good: All name servers have ipv4- and ipv6-addresses.: 3 different Name Servers found
	Warning: All Name Servers have the same Top Level Domain / Public Suffix. If there is a problem with that Top Level Domain, your domain may be affected. Better: Use Name Servers with different top level domains.: 3 Name Servers, 1 Top Level Domain: net
	Warning: All Name Servers have the same domain name. If there is a problem with that domain name (or with the name servers of that domain name), your domain may be affected. Better: Use Name Servers with different domain names / different top level domains.: Only one domain name used: hyp.net
A	Good: Name servers with different Country locations found: 3 Name Servers, 2 Countries: AT, NO
A	Info: Ipv4-Subnet-list: 3 Name Servers, 2 different subnets (first Byte): 151., 192., 2 different subnets (first two Bytes): 151.249., 192.174., 3 different subnets (first three Bytes): 151.249.124., 151.249.126., 192.174.68.
A	Good: Name Server IPv4-addresses from different subnet found:
A	Info: IPv6-Subnet-list: 3 Name Servers with IPv6, 2 different subnets (first block): 2001:, 2a01:, 2 different subnets (first two blocks): 2001:067c:, 2a01:5b40:, 3 different subnets (first three blocks): 2001:067c:01bc:, 2a01:5b40:0ac1:, 2a01:5b40:0ac3:, 3 different subnets (first four blocks): 2001:067c:01bc:0000:, 2a01:5b40:0ac1:0000:, 2a01:5b40:0ac3:0000:
A	Good: Name Server IPv6 addresses from different subnets found.
A	Good: Nameserver supports TCP connections: 6 good Nameserver
A	Good: Nameserver supports Echo Capitalization: 6 good Nameserver
A	Good: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 6 good Nameserver
A	Good: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 3 good Nameserver
	Nameserver doesn't pass all EDNS-Checks: ns1.hyp.net: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (ams.nl). COOKIE: fatal timeout. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns1.hyp.net / 2a01:5b40:ac1::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (cph.dk). COOKIE: fatal timeout. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns3.hyp.net / 151.249.126.3: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: SOA expected, but NOT found, NOERR expectend and NOERR found, Version 0 expectend and found (par.fr). COOKIE: fatal timeout. CLIENTSUBNET: ok.
	Nameserver doesn't pass all EDNS-Checks: ns3.hyp.net / 2a01:5b40:ac3::1: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok (cph.dk). COOKIE: SOA expected, but NOT found, NOERR expected, BADVER found, Version 0 expectend and found. CLIENTSUBNET: ok.
A	Good: All SOA have the same Serial Number
	Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.
	4. Content- and Performance-critical Checks
A	Good: All checks /.well-known/acme-challenge/random-filename without redirects answer with the expected http status 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge should work. If it doesn't work: Check your vHost configuration (apachectl -S, httpd -S, nginx -T). Every combination of port and ServerName / ServerAlias (Apache) or Server (Nginx) must be unique. Merge duplicated entries in one vHost. If you use an IIS, extensionless files must be allowed in the /.well-known/acme-challenge subdirectory. Create a web.config in that directory. Content: <configuration><system.webServer><staticContent><mimeMap fileExtension="." mimeType="text/plain" /></staticContent></system.webServer></configuration>. If you have a redirect http ⇒ https, that's ok, Letsencrypt follows such redirects to port 80 / 443 (same or other server). There must be a certificate. But the certificate may be expired, self signed or with a not matching domain name. Checking the validation file Letsencrypt ignores such certificate errors. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
A	Good: All checked attribute values are enclosed in quotation marks (" or ').
A	Info: No img element found, no alt attribute checked
A	Good: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
	https://wtth.net/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de	404	6.490 seconds	Warning: 404 needs more then one second
A	Duration: 1440734 milliseconds, 1440.734 seconds

8. Connections

Domain

Port

Cert.

Protocol

KeyExchange

Strength

Cipher

Strength

HashAlgorithm

OCSP stapling

Domain/KeyExchange

IP/Strength

Port/Cipher

Cert./Strength

Protocol/HashAlgorithm

OCSP stapling

wtth.net

81.166.164.101

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

wtth.net

81.166.164.101

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

no http/2 via ALPN
No SNI required - domain included in main certificate

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN
No SNI required - domain included in main certificate

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=wtth.net
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

www.wtth.net

81.166.164.101

443

name does not match

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

www.wtth.net

81.166.164.101

443

name does not match

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

no http/2 via ALPN

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=wtth.net
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

wtth.net

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

wtth.net

443

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

no http/2 via ALPN

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=wtth.net
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

81.166.164.101

443

name does not match

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

81.166.164.101

443

name does not match

Tls12

ECDH Ephermal

256

Aes256

256

Sha384

not supported

no http/2 via ALPN
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN
Cert sent without SNI

Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=wtth.net
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

wtth.net

81.166.164.101

8443

name does not match

Tls12

ECDH Ephermal

256

Aes128

128

Sha256

not supported

wtth.net

81.166.164.101

8443

name does not match

Tls12

ECDH Ephermal

256

Aes128

128

Sha256

not supported

no http/2 via ALPN

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=tfcloude.wtth.net
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

www.wtth.net

81.166.164.101

8443

name does not match

Tls12

ECDH Ephermal

256

Aes128

128

Sha256

not supported

www.wtth.net

81.166.164.101

8443

name does not match

Tls12

ECDH Ephermal

256

Aes128

128

Sha256

not supported

no http/2 via ALPN

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

no http/2 via ALPN

Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2

Chain - too much certificates, don't send root certificates	1	CN=tfcloude.wtth.net
	2	CN=R3, O=Let's Encrypt, C=US
	3	CN=ISRG Root X1, O=Internet Security Research Group, C=US

9. Certificates

CN=wtth.net

17.09.2023

16.12.2023
expires in 76 days

tfweb2.wtth.net, wtth.net - 2 entries

CN=wtth.net

17.09.2023

16.12.2023
expires in 76 days

tfweb2.wtth.net, wtth.net - 2 entries

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	0416A7EF80BE1124180B306D6CC86B82F56A
Thumbprint:	9CD95967226E7A6EC1968628D10735F3B8AA01B0
SHA256 / Certificate:	0DZCWE21Lb+CZoyFLpZv7ja29QtqZQUhdu1we0563AU=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	9bde68e8b650d09409eb1a7ad593a44d947b5b15ba7cfae8a5860c16f66cf194
SHA256 hex / Subject Public Key Information (SPKI):	9bde68e8b650d09409eb1a7ad593a44d947b5b15ba7cfae8a5860c16f66cf194 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://r3.o.lencr.org
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 715 days

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 715 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:	A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:	Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 4264 days

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 4264 days

Keyalgorithm	RSA encryption (4096 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	008210CFB0D240E3594463E0BB63828B00
Thumbprint:	CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:	lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):	96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

CN=tfcloude.wtth.net

03.09.2023

02.12.2023
expires in 62 days

tfcloude.wtth.net - 1 entry

CN=tfcloude.wtth.net

03.09.2023

02.12.2023
expires in 62 days

tfcloude.wtth.net - 1 entry

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	03A6169707918B8A5762BC2D8EEC005898BB
Thumbprint:	6FDBF86DF2A7E42138B412082CBC7D64EB004024
SHA256 / Certificate:	71IGvGGWtdWfc1ceEi+qRteXDVk9jgRq93DthtxyVds=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	bc6eaa40be77ebb57545f31e3237386ca987686fb0f6c2225dcbd5b5546823db
SHA256 hex / Subject Public Key Information (SPKI):	bc6eaa40be77ebb57545f31e3237386ca987686fb0f6c2225dcbd5b5546823db (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:	http://r3.o.lencr.org
OCSP - must staple:	no
Certificate Transparency:	yes
Enhanced Key Usage:	Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 715 days

CN=R3, O=Let's Encrypt, C=US

04.09.2020

15.09.2025
expires in 715 days

Keyalgorithm	RSA encryption (2048 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	00912B084ACF0C18A753F6D62E25A75F5A
Thumbprint:	A053375BFE84E8B748782C7CEE15827A6AF5A405
SHA256 / Certificate:	Z63RFmsCCuYbj1/JaBPATCqliZYHloZVcqPH5zdhPf0=
SHA256 hex / Cert (DANE * 0 1):	e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SHA256 hex / Subject Public Key Information (SPKI):	8d02536c887482bc34ff54e41d2ba659bf85b341a0a20afadb5813dcfbcf286d
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:	Clientauthentifizierung (1.3.6.1.5.5.7.3.2), Serverauthentifizierung (1.3.6.1.5.5.7.3.1)

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 4264 days

CN=ISRG Root X1, O=Internet Security Research Group, C=US

04.06.2015

04.06.2035
expires in 4264 days

Keyalgorithm	RSA encryption (4096 bit)
Signatur:	SHA256 With RSA-Encryption
Serial Number:	008210CFB0D240E3594463E0BB63828B00
Thumbprint:	CABD2A79A1076A31F21D253635CB039D4329A5E8
SHA256 / Certificate:	lrzsBiZJdvN0YHeazyjFp8/oo8Cq4RqP/O4FwL3fCMY=
SHA256 hex / Cert (DANE * 0 1):	96bcec06264976f37460779acf28c5a7cfe8a3c0aae11a8ffcee05c0bddf08c6
SHA256 hex / PublicKey (DANE * 1 1):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SHA256 hex / Subject Public Key Information (SPKI):	0b9fa5a59eed715c26c1020c711b4f6ec42d58b0015e14337a39dad301c5afc3
SPKI checked via https://v1.pwnedkeys.com/spki-hash:	Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:	no
Certificate Transparency:	no
Enhanced Key Usage:

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Issuer				last 7 days	active	num Certs
CN=R3, O=Let's Encrypt, C=US				0	3	5

CertSpotter-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
5798041908 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-09-04 11:30:21	2023-12-03 11:30:20	tfweb.wtth.net, wtth.net - 2 entries
5798023459 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-09-04 11:25:12	2023-12-03 11:25:11	tfweb.wtth.net, wtth.net - 2 entries
5581959884 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-07-25 16:53:16	2023-10-23 16:53:15	tafweb2.wtth.net, wtth.net, www.wtth.net - 3 entries
5012429252 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-03-29 06:29:02	2023-06-27 06:29:01	tfweb2.wtth.net, wtth.net - 2 entries
4805697512 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-02-10 15:12:55	2023-05-11 15:12:54	tafweb2.wtth.net, wtth.net - 2 entries

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuer				last 7 days	active	num Certs
CN=R3, O=Let's Encrypt, C=US				0 /0 new	1	4

CRT-Id	Issuer	not before	not after	Domain names	LE-Duplicate	next LE
10080292276 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-07-25 14:53:16	2023-10-23 14:53:15	tafweb2.wtth.net, wtth.net, www.wtth.net 3 entries
9312796540 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-05-04 14:52:55	2023-08-02 14:52:54	tafweb2.wtth.net, wtth.net 2 entries
9034687310 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-03-29 04:29:02	2023-06-27 04:29:01	tfweb2.wtth.net, wtth.net 2 entries
8706322429 leaf cert	CN=R3, O=Let's Encrypt, C=US	2023-02-10 14:12:55	2023-05-11 13:12:54	tafweb2.wtth.net, wtth.net 2 entries

11. Html-Content - Entries

Summary

							Subresource Integrity (SRI)
Domainname	HtmlElement	rel/property	∑	∑ size	∑ problems	∑ int.	∑ ext.	∑ Origin poss.	∑ SRI ParseErrors	∑ SRI valid	∑ SRI missing
https://wtth.net/ 81.166.164.101	a		3		0			0	0	0
	meta	other	4		0			0	0	0
https://www.wtth.net/ 81.166.164.101	a		3		0			0	0	0
	meta	other	4		0			0	0	0
https://81.166.164.101/ 81.166.164.101	a		3		0			0	0	0
	meta	other	4		0			0	0	0

Details

Domainname	Html-Element	name/equiv/ property/rel	href/src/content
https://wtth.net/ 81.166.164.101	a		https://docs.joomla.org/	1	ok
					ok


	a		https://docs.joomla.org/Special:MyLanguage/J4.x:FatalError	1	ok
					ok


	a		https://www.joomla.org/	1	ok
					ok


	meta		utf-8	1	ok
					ok


	meta	Content-Language	en-GB	1	ok
					ok


	meta	robots	noindex, nofollow	1	ok
					ok


	meta	viewport	width=device-width, initial-scale=1.0	1	ok
					ok


https://www.wtth.net/ 81.166.164.101	a		https://docs.joomla.org/	1	ok
					ok


	a		https://docs.joomla.org/Special:MyLanguage/J4.x:FatalError	1	ok
					ok


	a		https://www.joomla.org/	1	ok
					ok


	meta		utf-8	1	ok
					ok


	meta	Content-Language	en-GB	1	ok
					ok


	meta	robots	noindex, nofollow	1	ok
					ok


	meta	viewport	width=device-width, initial-scale=1.0	1	ok
					ok


https://81.166.164.101/ 81.166.164.101	a		https://docs.joomla.org/	1	ok
					ok


	a		https://docs.joomla.org/Special:MyLanguage/J4.x:FatalError	1	ok
					ok


	a		https://www.joomla.org/	1	ok
					ok


	meta		utf-8	1	ok
					ok


	meta	Content-Language	en-GB	1	ok
					ok


	meta	robots	noindex, nofollow	1	ok
					ok


	meta	viewport	width=device-width, initial-scale=1.0	1	ok
					ok

12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ns1.hyp.net, ns2.hyp.net, ns3.hyp.net

QNr.	Domain	Type	NS used
1	net	NS	a.root-servers.net (2001:503:ba3e::2:30)
	Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2	ns1.hyp.net: 151.249.124.1, 2a01:5b40:ac1::1	NS	b.gtld-servers.net (2001:503:231d::2:30)
	Answer: ns2.hyp.net 192.174.68.10, 2001:67c:1bc::10
	Answer: ns3.hyp.net 151.249.126.3, 2a01:5b40:ac3::1

13. CAA - Entries

Domainname	Value	∑ Queries
www.wtth.net	no CAA entry found	1
wtth.net	no CAA entry found	1
net	no CAA entry found	1

14. TXT - Entries

Domainname	Status	∑ Queries
wtth.net	ok	1
www.wtth.net	ok	1
_acme-challenge.wtth.net	Name Error - The domain name does not exist	1
_acme-challenge.www.wtth.net	Name Error - The domain name does not exist	1
_acme-challenge.wtth.net.wtth.net	Name Error - The domain name does not exist	1
_acme-challenge.www.wtth.net.wtth.net	Name Error - The domain name does not exist	1
_acme-challenge.www.wtth.net.www.wtth.net	Name Error - The domain name does not exist	1

15. DomainService - Entries

Type		Domain	Pref	Value	DNS-error	num Answers	Status	Description
_dmarc	TXT	_dmarc.wtth.net		v=DMARC1; p=none	0	1	ok

16. Cipher Suites

Domain	IP	Port	Cipher (OpenSsl / IANA)
wtth.net	81.166.164.101	443	ECDHE-RSA-AES256-GCM-SHA384	(Secure)	TLSv1.2	0xC0,0x30	FS
2 Ciphers, 230.89 sec			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH	RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256	(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH	RSA	AESGCM(128)	AEAD
		8443	ECDHE-RSA-AES256-GCM-SHA384	(Secure)	TLSv1.2	0xC0,0x30	FS
17 Ciphers, 237.24 sec			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH	RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256	(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH	RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES256-SHA384	(Weak)	TLSv1.2	0xC0,0x28	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
			ECDH	RSA	AES(256)	SHA384
			DHE-RSA-AES256-SHA256	(Weak)	TLSv1.2	0x00,0x6B	FS
			TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
			DH	RSA	AES(256)	SHA256
			AES256-GCM-SHA384	(Weak)	TLSv1.2	0x00,0x9D	No FS
			TLS_RSA_WITH_AES_256_GCM_SHA384
			RSA	RSA	AESGCM(256)	AEAD
			AES256-SHA256	(Weak)	TLSv1.2	0x00,0x3D	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA256
			RSA	RSA	AES(256)	SHA256
			ECDHE-RSA-AES128-SHA256	(Weak)	TLSv1.2	0xC0,0x27	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
			ECDH	RSA	AES(128)	SHA256
			DHE-RSA-AES128-SHA256	(Weak)	TLSv1.2	0x00,0x67	FS
			TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
			DH	RSA	AES(128)	SHA256
			AES128-GCM-SHA256	(Weak)	TLSv1.2	0x00,0x9C	No FS
			TLS_RSA_WITH_AES_128_GCM_SHA256
			RSA	RSA	AESGCM(128)	AEAD
			AES128-SHA256	(Weak)	TLSv1.2	0x00,0x3C	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA256
			RSA	RSA	AES(128)	SHA256
			ECDHE-RSA-AES128-SHA	(Weak)	TLSv1	0xC0,0x13	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
			ECDH	RSA	AES(128)	SHA1
			DHE-RSA-AES256-SHA	(Weak)	SSLv3	0x00,0x39	FS
			TLS_DHE_RSA_WITH_AES_256_CBC_SHA
			DH	RSA	AES(256)	SHA1
			AES256-SHA	(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA	RSA	AES(256)	SHA1
			ECDHE-RSA-DES-CBC3-SHA	(Weak)	SSLv3	0xC0,0x12	FS
			TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA
			ECDH	RSA	3DES(168)	SHA1
			DES-CBC3-SHA	(Weak)	SSLv3	0x00,0x0A	No FS
			TLS_RSA_WITH_3DES_EDE_CBC_SHA
			RSA	RSA	3DES(168)	SHA1
			DHE-RSA-AES128-SHA	(Weak)	SSLv3	0x00,0x33	FS
			TLS_DHE_RSA_WITH_AES_128_CBC_SHA
			DH	RSA	AES(128)	SHA1
			AES128-SHA	(Weak)	SSLv3	0x00,0x2F	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA
			RSA	RSA	AES(128)	SHA1
www.wtth.net	81.166.164.101	443	DHE-RSA-AES256-GCM-SHA384	(Secure)	TLSv1.2	0x00,0x9F	FS
3 Ciphers, 487.97 sec			TLS_DHE_RSA_WITH_AES_256_GCM_SHA384
			DH	RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256	(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH	RSA	AESGCM(128)	AEAD
			DHE-RSA-AES128-GCM-SHA256	(Secure)	TLSv1.2	0x00,0x9E	FS
			TLS_DHE_RSA_WITH_AES_128_GCM_SHA256
			DH	RSA	AESGCM(128)	AEAD
		8443	ECDHE-RSA-AES256-GCM-SHA384	(Secure)	TLSv1.2	0xC0,0x30	FS
17 Ciphers, 239.31 sec			TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384
			ECDH	RSA	AESGCM(256)	AEAD
			ECDHE-RSA-AES128-GCM-SHA256	(Secure)	TLSv1.2	0xC0,0x2F	FS
			TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
			ECDH	RSA	AESGCM(128)	AEAD
			ECDHE-RSA-AES256-SHA384	(Weak)	TLSv1.2	0xC0,0x28	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384
			ECDH	RSA	AES(256)	SHA384
			DHE-RSA-AES256-SHA256	(Weak)	TLSv1.2	0x00,0x6B	FS
			TLS_DHE_RSA_WITH_AES_256_CBC_SHA256
			DH	RSA	AES(256)	SHA256
			AES256-GCM-SHA384	(Weak)	TLSv1.2	0x00,0x9D	No FS
			TLS_RSA_WITH_AES_256_GCM_SHA384
			RSA	RSA	AESGCM(256)	AEAD
			AES256-SHA256	(Weak)	TLSv1.2	0x00,0x3D	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA256
			RSA	RSA	AES(256)	SHA256
			ECDHE-RSA-AES128-SHA256	(Weak)	TLSv1.2	0xC0,0x27	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256
			ECDH	RSA	AES(128)	SHA256
			DHE-RSA-AES128-SHA256	(Weak)	TLSv1.2	0x00,0x67	FS
			TLS_DHE_RSA_WITH_AES_128_CBC_SHA256
			DH	RSA	AES(128)	SHA256
			AES128-GCM-SHA256	(Weak)	TLSv1.2	0x00,0x9C	No FS
			TLS_RSA_WITH_AES_128_GCM_SHA256
			RSA	RSA	AESGCM(128)	AEAD
			AES128-SHA256	(Weak)	TLSv1.2	0x00,0x3C	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA256
			RSA	RSA	AES(128)	SHA256
			ECDHE-RSA-AES256-SHA	(Weak)	TLSv1	0xC0,0x14	FS
			TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA
			ECDH	RSA	AES(256)	SHA1
			ECDHE-RSA-AES128-SHA	(Weak)	TLSv1	0xC0,0x13	FS
			TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA
			ECDH	RSA	AES(128)	SHA1
			DHE-RSA-AES256-SHA	(Weak)	SSLv3	0x00,0x39	FS
			TLS_DHE_RSA_WITH_AES_256_CBC_SHA
			DH	RSA	AES(256)	SHA1
			AES256-SHA	(Weak)	SSLv3	0x00,0x35	No FS
			TLS_RSA_WITH_AES_256_CBC_SHA
			RSA	RSA	AES(256)	SHA1
			DES-CBC3-SHA	(Weak)	SSLv3	0x00,0x0A	No FS
			TLS_RSA_WITH_3DES_EDE_CBC_SHA
			RSA	RSA	3DES(168)	SHA1
			DHE-RSA-AES128-SHA	(Weak)	SSLv3	0x00,0x33	FS
			TLS_DHE_RSA_WITH_AES_128_CBC_SHA
			DH	RSA	AES(128)	SHA1
			AES128-SHA	(Weak)	SSLv3	0x00,0x2F	No FS
			TLS_RSA_WITH_AES_128_CBC_SHA
			RSA	RSA	AES(128)	SHA1

17. Portchecks

Domain	IP	Port	Description	Result	Answer
wtth.net	81.166.164.101	21	FTP

wtth.net	81.166.164.101	21	FTP
wtth.net	81.166.164.101	22	SSH	open
SSH-2.0-OpenSSH_7.4
wtth.net	81.166.164.101	22	SSH	open	SSH-2.0-OpenSSH_7.4	Bad: SSH without DNS SSHFP Record found
					Possible DNS SSHFP Entries: wtth.net IN SSHFP 1 2 717129a13df3d6834c9eb1001d0e0fe4d56b53985d8b457248af59f409a5351d wtth.net IN SSHFP 3 2 17622b0e83f18fbd581eb4b0be0a847b3ba9ee6d4b80201d9b68b5a37fab934d wtth.net IN SSHFP 4 2 e2a53d120a1e451b17d018ad31da84ee7e79206e26f32f138f56b1ae44cd4665
wtth.net	81.166.164.101	25	SMTP

wtth.net	81.166.164.101	25	SMTP
wtth.net	81.166.164.101	53	DNS

wtth.net	81.166.164.101	53	DNS
wtth.net	81.166.164.101	110	POP3

wtth.net	81.166.164.101	110	POP3
wtth.net	81.166.164.101	143	IMAP

wtth.net	81.166.164.101	143	IMAP
wtth.net	81.166.164.101	465	SMTP (encrypted)

wtth.net	81.166.164.101	465	SMTP (encrypted)
wtth.net	81.166.164.101	587	SMTP (encrypted, submission)

wtth.net	81.166.164.101	587	SMTP (encrypted, submission)
wtth.net	81.166.164.101	993	IMAP (encrypted)

wtth.net	81.166.164.101	993	IMAP (encrypted)
wtth.net	81.166.164.101	995	POP3 (encrypted)

wtth.net	81.166.164.101	995	POP3 (encrypted)
wtth.net	81.166.164.101	1433	MS SQL

wtth.net	81.166.164.101	1433	MS SQL
wtth.net	81.166.164.101	2082	cPanel (http)

wtth.net	81.166.164.101	2082	cPanel (http)
wtth.net	81.166.164.101	2083	cPanel (https)

wtth.net	81.166.164.101	2083	cPanel (https)
wtth.net	81.166.164.101	2086	WHM (http)

wtth.net	81.166.164.101	2086	WHM (http)
wtth.net	81.166.164.101	2087	WHM (https)

wtth.net	81.166.164.101	2087	WHM (https)
wtth.net	81.166.164.101	2089	cPanel Licensing

wtth.net	81.166.164.101	2089	cPanel Licensing
wtth.net	81.166.164.101	2095	cPanel Webmail (http)

wtth.net	81.166.164.101	2095	cPanel Webmail (http)
wtth.net	81.166.164.101	2096	cPanel Webmail (https)

wtth.net	81.166.164.101	2096	cPanel Webmail (https)
wtth.net	81.166.164.101	2222	DirectAdmin (http)

wtth.net	81.166.164.101	2222	DirectAdmin (http)
wtth.net	81.166.164.101	2222	DirectAdmin (https)

wtth.net	81.166.164.101	2222	DirectAdmin (https)
wtth.net	81.166.164.101	3306	mySql

wtth.net	81.166.164.101	3306	mySql
wtth.net	81.166.164.101	5224	Plesk Licensing

wtth.net	81.166.164.101	5224	Plesk Licensing
wtth.net	81.166.164.101	5432	PostgreSQL

wtth.net	81.166.164.101	5432	PostgreSQL
wtth.net	81.166.164.101	8080	Ookla Speedtest (http)

wtth.net	81.166.164.101	8080	Ookla Speedtest (http)
wtth.net	81.166.164.101	8080	Ookla Speedtest (https)

wtth.net	81.166.164.101	8080	Ookla Speedtest (https)
wtth.net	81.166.164.101	8083	VestaCP http

wtth.net	81.166.164.101	8083	VestaCP http
wtth.net	81.166.164.101	8083	VestaCP https

wtth.net	81.166.164.101	8083	VestaCP https
wtth.net	81.166.164.101	8443	Plesk Administration (https)	open
https://81.166.164.101:8443/ Http-Status: 400 Bad Request		Certificate is invalid
wtth.net	81.166.164.101	8443	Plesk Administration (https)	open	https://81.166.164.101:8443/ Http-Status: 400 Bad Request	Certificate is invalid
wtth.net	81.166.164.101	8447	Plesk Installer + Updates

wtth.net	81.166.164.101	8447	Plesk Installer + Updates
wtth.net	81.166.164.101	8880	Plesk Administration (http)

wtth.net	81.166.164.101	8880	Plesk Administration (http)
wtth.net	81.166.164.101	10000	Webmin (http)

wtth.net	81.166.164.101	10000	Webmin (http)
wtth.net	81.166.164.101	10000	Webmin (https)

wtth.net	81.166.164.101	10000	Webmin (https)
www.wtth.net	81.166.164.101	21	FTP

www.wtth.net	81.166.164.101	21	FTP
www.wtth.net	81.166.164.101	22	SSH	open
SSH-2.0-OpenSSH_7.4
www.wtth.net	81.166.164.101	22	SSH	open	SSH-2.0-OpenSSH_7.4	Bad: SSH without DNS SSHFP Record found
					Possible DNS SSHFP Entries: www.wtth.net IN SSHFP 1 2 717129a13df3d6834c9eb1001d0e0fe4d56b53985d8b457248af59f409a5351d www.wtth.net IN SSHFP 3 2 17622b0e83f18fbd581eb4b0be0a847b3ba9ee6d4b80201d9b68b5a37fab934d www.wtth.net IN SSHFP 4 2 e2a53d120a1e451b17d018ad31da84ee7e79206e26f32f138f56b1ae44cd4665
www.wtth.net	81.166.164.101	25	SMTP

www.wtth.net	81.166.164.101	25	SMTP
www.wtth.net	81.166.164.101	53	DNS

www.wtth.net	81.166.164.101	53	DNS
www.wtth.net	81.166.164.101	110	POP3

www.wtth.net	81.166.164.101	110	POP3
www.wtth.net	81.166.164.101	143	IMAP

www.wtth.net	81.166.164.101	143	IMAP
www.wtth.net	81.166.164.101	465	SMTP (encrypted)

www.wtth.net	81.166.164.101	465	SMTP (encrypted)
www.wtth.net	81.166.164.101	587	SMTP (encrypted, submission)

www.wtth.net	81.166.164.101	587	SMTP (encrypted, submission)
www.wtth.net	81.166.164.101	993	IMAP (encrypted)

www.wtth.net	81.166.164.101	993	IMAP (encrypted)
www.wtth.net	81.166.164.101	995	POP3 (encrypted)

www.wtth.net	81.166.164.101	995	POP3 (encrypted)
www.wtth.net	81.166.164.101	1433	MS SQL

www.wtth.net	81.166.164.101	1433	MS SQL
www.wtth.net	81.166.164.101	2082	cPanel (http)

www.wtth.net	81.166.164.101	2082	cPanel (http)
www.wtth.net	81.166.164.101	2083	cPanel (https)

www.wtth.net	81.166.164.101	2083	cPanel (https)
www.wtth.net	81.166.164.101	2086	WHM (http)

www.wtth.net	81.166.164.101	2086	WHM (http)
www.wtth.net	81.166.164.101	2087	WHM (https)

www.wtth.net	81.166.164.101	2087	WHM (https)
www.wtth.net	81.166.164.101	2089	cPanel Licensing

www.wtth.net	81.166.164.101	2089	cPanel Licensing
www.wtth.net	81.166.164.101	2095	cPanel Webmail (http)

www.wtth.net	81.166.164.101	2095	cPanel Webmail (http)
www.wtth.net	81.166.164.101	2096	cPanel Webmail (https)

www.wtth.net	81.166.164.101	2096	cPanel Webmail (https)
www.wtth.net	81.166.164.101	2222	DirectAdmin (http)

www.wtth.net	81.166.164.101	2222	DirectAdmin (http)
www.wtth.net	81.166.164.101	2222	DirectAdmin (https)

www.wtth.net	81.166.164.101	2222	DirectAdmin (https)
www.wtth.net	81.166.164.101	3306	mySql

www.wtth.net	81.166.164.101	3306	mySql
www.wtth.net	81.166.164.101	5224	Plesk Licensing

www.wtth.net	81.166.164.101	5224	Plesk Licensing
www.wtth.net	81.166.164.101	5432	PostgreSQL

www.wtth.net	81.166.164.101	5432	PostgreSQL
www.wtth.net	81.166.164.101	8080	Ookla Speedtest (http)

www.wtth.net	81.166.164.101	8080	Ookla Speedtest (http)
www.wtth.net	81.166.164.101	8080	Ookla Speedtest (https)

www.wtth.net	81.166.164.101	8080	Ookla Speedtest (https)
www.wtth.net	81.166.164.101	8083	VestaCP http

www.wtth.net	81.166.164.101	8083	VestaCP http
www.wtth.net	81.166.164.101	8083	VestaCP https

www.wtth.net	81.166.164.101	8083	VestaCP https
www.wtth.net	81.166.164.101	8443	Plesk Administration (https)	open
https://81.166.164.101:8443/ Http-Status: 400 Bad Request		Certificate is invalid
www.wtth.net	81.166.164.101	8443	Plesk Administration (https)	open	https://81.166.164.101:8443/ Http-Status: 400 Bad Request	Certificate is invalid
www.wtth.net	81.166.164.101	8447	Plesk Installer + Updates

www.wtth.net	81.166.164.101	8447	Plesk Installer + Updates
www.wtth.net	81.166.164.101	8880	Plesk Administration (http)

www.wtth.net	81.166.164.101	8880	Plesk Administration (http)
www.wtth.net	81.166.164.101	10000	Webmin (http)

www.wtth.net	81.166.164.101	10000	Webmin (http)
www.wtth.net	81.166.164.101	10000	Webmin (https)

www.wtth.net	81.166.164.101	10000	Webmin (https)

Permalink: https://check-your-website.server-daten.de/?i=8d70dbb4-86f7-4b32-94fd-77d0a015c3f6

Last Result: https://check-your-website.server-daten.de/?q=wtth.net - 2023-09-18 11:26:55

Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=wtth.net" target="_blank">Check this Site: wtth.net</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

Check DNS, Urls + Redirects, Certificates and Content of your Website

Older results

1. IP-Addresses

2. DNSSEC

3. Name Servers

4. SOA-Entries

5. Screenshots

6. Url-Checks

7. Comments

1. General Results, most used to calculate the result

2. Header-Checks

3. DNS- and NameServer - Checks

4. Content- and Performance-critical Checks

8. Connections

9. Certificates

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

11. Html-Content - Entries

Summary

Details

12. Nameserver - IP-Adresses

13. CAA - Entries

14. TXT - Entries

15. DomainService - Entries

16. Cipher Suites

17. Portchecks