It produced this output: faera.de:acme: Error 403 - urn:acme:error:unauthorized - Incorrect validation certificate for tls-sni-01 challenge. Requested 1a6dbd5787c6567666f192868477c1d9.5bf36074d2438121061145e2b0d4a378.acme.invalid from 5.35.247.11:443. Received 1 certificate(s), first certificate had names "parallels panel"
Error Detail:
Validation for faera.de:443
Resolved to:
5.35.247.11
Used: 5.35.247.11
]+v"
My web server is (include version):
The operating system my web server runs on is (include version):
Docker Environment “traefik” container
My hosting provider, if applicable, is: contabo.de
I can login to a root shell on my machine (yes or no, or I don’t know): yes
When I repeat the query, I get both IP addresses (but not in response to the same query—more like alternately!). I agree that there’s something quite odd about this and it does seem reminiscent of DNS-based load balancing or a CDN.
There seems to be some sort of load-balanced DNS delegation through DNS server lvps5-35-247-11.dedicated.hosteurope.de (which is the same IP returned at times = 5.35.247.11):
nslookup -q=ns de
de nameserver = l.de.net
de nameserver = n.de.net
de nameserver = s.de.net
de nameserver = z.nic.de
de nameserver = a.nic.de
de nameserver = f.nic.de
l.de.net internet address = 77.67.63.105
n.de.net internet address = 194.146.107.6
s.de.net internet address = 195.243.137.26
z.nic.de internet address = 194.246.96.1
a.nic.de internet address = 194.0.0.53
f.nic.de internet address = 81.91.164.5
nslookup -d faera.de 77.67.63.105
------------
Got answer:
HEADER:
opcode = QUERY, id = 1, rcode = REFUSED
header flags: response, want recursion
questions = 1, answers = 0, authority records = 0, additional = 0
QUESTIONS:
105.63.67.77.in-addr.arpa, type = PTR, class = IN
------------
Server: UnKnown
Address: 77.67.63.105
------------
Got answer:
HEADER:
opcode = QUERY, id = 2, rcode = NOERROR
header flags: response, want recursion
questions = 1, answers = 0, authority records = 2, additional = 0
QUESTIONS:
faera.de, type = A, class = IN
AUTHORITY RECORDS:
-> faera.de
nameserver = lvps5-35-247-11.dedicated.hosteurope.de
ttl = 86400 (1 day)
-> faera.de
nameserver = ns2.hans.hosteurope.de
ttl = 86400 (1 day)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 3, rcode = NOERROR
header flags: response, want recursion
questions = 1, answers = 0, authority records = 2, additional = 0
QUESTIONS:
faera.de, type = AAAA, class = IN
AUTHORITY RECORDS:
-> faera.de
nameserver = ns2.hans.hosteurope.de
ttl = 86400 (1 day)
-> faera.de
nameserver = lvps5-35-247-11.dedicated.hosteurope.de
ttl = 86400 (1 day)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 4, rcode = NOERROR
header flags: response, want recursion
questions = 1, answers = 0, authority records = 2, additional = 0
QUESTIONS:
faera.de, type = A, class = IN
AUTHORITY RECORDS:
-> faera.de
nameserver = ns2.hans.hosteurope.de
ttl = 86400 (1 day)
-> faera.de
nameserver = lvps5-35-247-11.dedicated.hosteurope.de
ttl = 86400 (1 day)
------------
------------
Got answer:
HEADER:
opcode = QUERY, id = 5, rcode = NOERROR
header flags: response, want recursion
questions = 1, answers = 0, authority records = 2, additional = 0
QUESTIONS:
faera.de, type = AAAA, class = IN
AUTHORITY RECORDS:
-> faera.de
nameserver = lvps5-35-247-11.dedicated.hosteurope.de
ttl = 86400 (1 day)
-> faera.de
nameserver = ns2.hans.hosteurope.de
ttl = 86400 (1 day)
------------
Name: faera.de
Served by:
- ns2.hans.hosteurope.de
faera.de
- lvps5-35-247-11.dedicated.hosteurope.de
faera.de
