Check DNS, Urls + Redirects, Certificates and Content of your Website




I

Content problems - mixed content, missing files etc.

Checked:
26.05.2023 06:03:21


Older results

No older results found


1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
live.com
A
204.79.197.212
Toronto/Ontario/Canada (CA) - Microsoft Corporation
Hostname: a-0010.a-msedge.net
yes
1
0

A
204.79.197.212
Toronto/Ontario/Canada (CA) - Microsoft Corporation
Hostname: a-0010.a-msedge.net
yes
1
0

AAAA

yes


www.live.com
CNAME
a-0010.a-msedge.net
yes
1
0

CNAME
outlook-fd-0010.live.com
yes
1
0

CNAME
a-0010.a-msedge.net
yes



A
204.79.197.212
Toronto/Ontario/Canada (CA) - Microsoft Corporation
Hostname: a-0010.a-msedge.net
yes



AAAA
2620:1ec:c11::212
Montreal/Quebec/Canada (CA) - Microsoft Corporation

yes


*.live.com
A

yes



A

yes



AAAA

yes



AAAA

yes



CNAME
a-0010.a-msedge.net
yes



CNAME
a-0010.a-msedge.net
yes



2. DNSSEC

Zone (*)DNSSEC - Informations

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 60955, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 11.06.2023, 00:00:00 +, Signature-Inception: 21.05.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest 4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=



2 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 07.06.2023, 21:00:00 +, Signature-Inception: 25.05.2023, 20:00:00 +, KeyTag 60955, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 60955 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 46551, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 04.06.2023, 17:24:21 +, Signature-Inception: 20.05.2023, 17:19:21 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: live.com
live.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "nd818aqqu3vt4dqkrf3d65h6l2r3fdtk" between the hashed NSEC3-owner "nd80t874foqa4ahcmde5qilpluon05c1" and the hashed NextOwner "nd81c4v19vgf9h5hjnjt3it3gfjvv9kp". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner nd80t874foqa4ahcmde5qilpluon05c1.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 31.05.2023, 06:19:54 +, Signature-Inception: 24.05.2023, 05:09:54 +, KeyTag 46551, Signer-Name: com



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q2d6ni4i7eqh8na30ns61o48ul8g5". So that domain name is the Closest Encloser of "live.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 30.05.2023, 04:25:12 +, Signature-Inception: 23.05.2023, 03:15:12 +, KeyTag 46551, Signer-Name: com



0 DNSKEY RR found




Zone: www.live.com
www.live.com
0 DS RR in the parent zone found

Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 60955, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 11.06.2023, 00:00:00 +, Signature-Inception: 21.05.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: net
net
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=



1 RRSIG RR to validate DS RR found



RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 07.06.2023, 21:00:00 +, Signature-Inception: 25.05.2023, 20:00:00 +, KeyTag 60955, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 60955 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 27554, Flags 256



Public Key with Algorithm 8, KeyTag 35886, Flags 257 (SEP = Secure Entry Point)



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 03.06.2023, 16:28:30 +, Signature-Inception: 19.05.2023, 16:23:30 +, KeyTag 35886, Signer-Name: net



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 35886 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 35886, DigestType 2 and Digest "eGKyf19Rbr4ZaARE1M5edimBkxhCxGXwAjZAHYvZc+4=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: a-msedge.net
a-msedge.net
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "6q339npn0er0kk0nk85i8lo783ai09sp" between the hashed NSEC3-owner "6q327flib2eeqnat01vu4vuubv9uk9rr" and the hashed NextOwner "6q3468m7ovdfb3134rrlsm5gkbqf42s5". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 6q327flib2eeqnat01vu4vuubv9uk9rr.net., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 01.06.2023, 06:54:53 +, Signature-Inception: 25.05.2023, 05:44:53 +, KeyTag 27554, Signer-Name: net



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1rtlnpgulogn7b9a62shje1u3ttp8dr". So that domain name is the Closest Encloser of "a-msedge.net". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 30.05.2023, 07:00:27 +, Signature-Inception: 23.05.2023, 05:50:27 +, KeyTag 27554, Signer-Name: net



0 DNSKEY RR found




Zone: a-0010.a-msedge.net
a-0010.a-msedge.net
0 DS RR in the parent zone found



0 DNSKEY RR found




Zone: (root)
(root)
1 DS RR published



DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=



Status: Valid because published



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 60955, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 11.06.2023, 00:00:00 +, Signature-Inception: 21.05.2023, 00:00:00 +, KeyTag 20326, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: com
com
1 DS RR in the parent zone found



DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest 4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=



2 RRSIG RR to validate DS RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 07.06.2023, 21:00:00 +, Signature-Inception: 25.05.2023, 20:00:00 +, KeyTag 60955, Signer-Name: (root)



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 60955 used to validate the DS RRSet in the parent zone



2 DNSKEY RR found



Public Key with Algorithm 8, KeyTag 30909, Flags 257 (SEP = Secure Entry Point)



Public Key with Algorithm 8, KeyTag 46551, Flags 256



1 RRSIG RR to validate DNSKEY RR found



RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 04.06.2023, 17:24:21 +, Signature-Inception: 20.05.2023, 17:19:21 +, KeyTag 30909, Signer-Name: com



Status: Good - Algorithmus 8 and DNSKEY with KeyTag 30909 used to validate the DNSKEY RRSet



Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 30909, DigestType 2 and Digest "4tPJFvbe6scylOgmj7WIUESoM/xUWViPSpGEz8QaV2Y=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone

Zone: live.com
live.com
0 DS RR in the parent zone found



DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "nd818aqqu3vt4dqkrf3d65h6l2r3fdtk" between the hashed NSEC3-owner "nd80t874foqa4ahcmde5qilpluon05c1" and the hashed NextOwner "nd81c4v19vgf9h5hjnjt3it3gfjvv9kp". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner nd80t874foqa4ahcmde5qilpluon05c1.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 31.05.2023, 06:19:54 +, Signature-Inception: 24.05.2023, 05:09:54 +, KeyTag 46551, Signer-Name: com



DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q2d6ni4i7eqh8na30ns61o48ul8g5". So that domain name is the Closest Encloser of "live.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 8, 2 Labels, original TTL: 86400 sec, Signature-expiration: 30.05.2023, 04:25:12 +, Signature-Inception: 23.05.2023, 03:15:12 +, KeyTag 46551, Signer-Name: com



0 DNSKEY RR found




Zone: outlook-fd-0010.live.com
outlook-fd-0010.live.com
0 DS RR in the parent zone found


3. Name Servers

DomainNameserverNS-IP
live.com
T  ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com
40.66.196.211
Chicago/Illinois/United States (US) - Microsoft Corporation


T 
2603:10b6:628:2::19
Redmond/Washington/United States (US) - Microsoft Corporation


  ns1-34.azure-dns.com
150.171.10.34
Gävle/Gävleborg County/Sweden (SE) - Microsoft Corporation


 
2603:1061:0:10::22
Ashburn/Virginia/United States (US) - Microsoft Corporation


  ns2-34.azure-dns.net
150.171.16.34
Québec/Canada (CA) - Microsoft Corporation


 
2620:1ec:8ec:10::22
Redmond/Washington/United States (US) - Microsoft Corporation


  ns5-34.azure-dns.com
150.171.11.34
Ashburn/Virginia/United States (US) - Microsoft Corporation


  ns7-34.azure-dns.org
13.107.223.34
Ashburn/Virginia/United States (US) - Microsoft Corporation


  ns8-34.azure-dns.info
13.107.207.34
Ashburn/Virginia/United States (US) - Microsoft Corporation


  nse12.o365filtering.com
104.47.38.8
Washington/Washington, D.C./United States (US) - Microsoft Corporation


  nse13.o365filtering.com
104.47.2.8
Dublin/Leinster/Ireland (IE) - Microsoft Corporation


  nse21.o365filtering.com
104.47.40.8
Quincy-moses Lake/Washington/United States (US) - Microsoft Corporation


T  ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com
40.66.197.21
Chicago/Illinois/United States (US) - Microsoft Corporation


T 
2603:10b6:500::21
Redmond/Washington/United States (US) - Microsoft Corporation

com
  a.gtld-servers.net / nnn1-defra-5


  b.gtld-servers.net / nnn1-elpar7


  c.gtld-servers.net / nnn1-defra-5


  d.gtld-servers.net / nnn1-defra-5


  e.gtld-servers.net / nnn1-defra-5


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-nlams-1b


  k.gtld-servers.net / nnn1-lon5


  l.gtld-servers.net / nnn1-nlams-1a


  m.gtld-servers.net / nnn1-nlams-1a


a-0010.a-msedge.net
  ns1.a-msedge.net
204.79.197.1
Toronto/Ontario/Canada (CA) - Microsoft Corporation

a-msedge.net
  ns1.a-msedge.net
204.79.197.1
Toronto/Ontario/Canada (CA) - Microsoft Corporation


  ns2.a-msedge.net
204.79.197.2
Toronto/Ontario/Canada (CA) - Microsoft Corporation


  ns3.a-msedge.net
131.253.21.1
Montreal/Quebec/Canada (CA) - Microsoft Corporation

live.com
  ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com


  ns1-34.azure-dns.com
150.171.10.34
Gävle/Gävleborg County/Sweden (SE) - Microsoft Corporation


 
2603:1061:0:10::22
Ashburn/Virginia/United States (US) - Microsoft Corporation


  ns2-34.azure-dns.net
150.171.16.34
Québec/Canada (CA) - Microsoft Corporation


 
2620:1ec:8ec:10::22
Redmond/Washington/United States (US) - Microsoft Corporation


  ns5-34.azure-dns.com
150.171.11.34
Ashburn/Virginia/United States (US) - Microsoft Corporation


  ns7-34.azure-dns.org
13.107.223.34
Ashburn/Virginia/United States (US) - Microsoft Corporation


  ns8-34.azure-dns.info
13.107.207.34
Ashburn/Virginia/United States (US) - Microsoft Corporation


  nse12.o365filtering.com
104.47.38.8
Washington/Washington, D.C./United States (US) - Microsoft Corporation


  nse13.o365filtering.com
104.47.2.8
Dublin/Leinster/Ireland (IE) - Microsoft Corporation


  nse21.o365filtering.com
104.47.40.8
Quincy-moses Lake/Washington/United States (US) - Microsoft Corporation


  ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com

net
  a.gtld-servers.net / nnn1-defra-5


  a.gtld-servers.net / nnn1-stk4


  b.gtld-servers.net / nnn1-elpar7


  b.gtld-servers.net / nnn1-elpar7


  c.gtld-servers.net / nnn1-stk4


  c.gtld-servers.net / nnn1-defra-5


  d.gtld-servers.net / nnn1-stk4


  d.gtld-servers.net / nnn1-defra-5


  e.gtld-servers.net / nnn1-stk4


  e.gtld-servers.net / nnn1-defra-5


  f.gtld-servers.net / nnn1-defra-4


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-nlams-1d


  j.gtld-servers.net / nnn1-nlams-1c


  k.gtld-servers.net / nnn1-lon5


  k.gtld-servers.net / nnn1-nlams-1a


  l.gtld-servers.net / nnn1-lon5


  l.gtld-servers.net / nnn1-nlams-1c


  m.gtld-servers.net / nnn1-lon5


  m.gtld-servers.net / nnn1-nlams-1a


4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1685073778
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:8


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1685073793
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:5


Domain:live.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:4


Domain:live.com
Zone-Name:live.com
Primary:ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com
Mail:msnhst.microsoft.com
Serial:2019444464
Refresh:300
Retry:120
Expire:2419200
TTL:60
num Entries:3


Domain:live.com
Zone-Name:live.com
Primary:ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com
Mail:msnhst.microsoft.com
Serial:2019444463
Refresh:300
Retry:120
Expire:2419200
TTL:60
num Entries:7



Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1685073973
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:13


Domain:a-msedge.net
Zone-Name:a-msedge.net
Primary:ns1.a-msedge.net
Mail:msnhst.microsoft.com
Serial:2016092901
Refresh:1800
Retry:900
Expire:2419200
TTL:240
num Entries:3


Domain:a-0010.a-msedge.net
Zone-Name:a-msedge.net
Primary:ns1.a-msedge.net
Mail:msnhst.microsoft.com
Serial:2016092901
Refresh:1800
Retry:900
Expire:2419200
TTL:240
num Entries:1



Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1685073988
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:3


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1685074003
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:10


Domain:live.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:2


Domain:live.com
Zone-Name:live.com
Primary:ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com
Mail:msnhst.microsoft.com
Serial:2019444464
Refresh:300
Retry:120
Expire:2419200
TTL:60
num Entries:1


Domain:live.com
Zone-Name:live.com
Primary:ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com
Mail:msnhst.microsoft.com
Serial:2019444465
Refresh:300
Retry:120
Expire:2419200
TTL:60
num Entries:2


Domain:live.com
Zone-Name:live.com
Primary:ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com
Mail:msnhst.microsoft.com
Serial:2019444463
Refresh:300
Retry:120
Expire:2419200
TTL:60
num Entries:7


5. Screenshots

Startaddress: https://outlook.live.com/owa/, address used: https://outlook.live.com/owa/, Screenshot created 2023-05-26 06:09:27 +00:0

Mobil (412px x 732px)

510 milliseconds

Screenshot mobile - https://outlook.live.com/owa/
Mobil + Landscape (732px x 412px)

499 milliseconds

Screenshot mobile landscape - https://outlook.live.com/owa/
Screen (1280px x 1680px)

1376 milliseconds

Screenshot Desktop - https://outlook.live.com/owa/

Mobile- and other Chrome-Checks

widthheight
visual Viewport396732
content Size39610556

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://live.com/
204.79.197.212
301
https://outlook.live.com/owa/
0.037
E
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: A4F98D6F142B4E0D81C3A71A19B86E96 Ref B: FRAEDGE2009 Ref C: 2023-05-26T04:08:44Z
Date: Fri, 26 May 2023 04:08:44 GMT
Connection: close
Content-Length: 0

• http://www.live.com/
204.79.197.212
301
https://outlook.live.com/owa/
0.047
E
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: 63D6BDCDD6284FFDA20D5167A9BAC1BE Ref B: FRAEDGE1706 Ref C: 2023-05-26T04:08:44Z
Date: Fri, 26 May 2023 04:08:44 GMT
Connection: close
Content-Length: 0

• http://www.live.com/
2620:1ec:c11::212
301
https://outlook.live.com/owa/
0.037
E
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: 593400D9F9D14B23897B90D327CA0426 Ref B: FRAEDGE1512 Ref C: 2023-05-26T04:08:44Z
Date: Fri, 26 May 2023 04:08:44 GMT
Connection: close
Content-Length: 0

• https://live.com/
204.79.197.212
301
https://outlook.live.com/owa/
2.710
B
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: A149BAC1B2254253B45D49CAFD0B09AF Ref B: FRAEDGE1310 Ref C: 2023-05-26T04:08:44Z
Date: Fri, 26 May 2023 04:08:44 GMT
Connection: close
Content-Length: 0

• https://www.live.com/
204.79.197.212
301
https://outlook.live.com/owa/
2.646
B
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: 6E1B41C1C5874D26B58B1FA59A9FA662 Ref B: FRAEDGE1419 Ref C: 2023-05-26T04:08:48Z
Date: Fri, 26 May 2023 04:08:47 GMT
Connection: close
Content-Length: 0

• https://www.live.com/
2620:1ec:c11::212
301
https://outlook.live.com/owa/
2.647
B
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: F27D06F604174A28951AD6744999D7D8 Ref B: FRAEDGE1119 Ref C: 2023-05-26T04:08:52Z
Date: Fri, 26 May 2023 04:08:51 GMT
Connection: close
Content-Length: 0

• https://outlook.live.com/owa/
GZip used - 9833 / 38088 - 74.18 %
Inline-JavaScript (∑/total): 9/1207 Inline-CSS (∑/total): 0/0
200

Html is minified: 125.31 %
2.790
I
Cache-Control: private
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
request-id: 12e5ab41-c75e-add7-68d7-2472be6e9527
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Alt-Svc: h3=":443",h3-29=":443"
X-CalculatedFETarget: BE1P281CU015.internal.outlook.com
X-BackEndHttpStatus: 200,200
Set-Cookie: ClientId=C101E1E82F644F12A99BE093FEA022F6; expires=Sun, 26-May-2024 04:09:03 GMT; path=/;SameSite=None; secure,ClientId=C101E1E82F644F12A99BE093FEA022F6; expires=Sun, 26-May-2024 04:09:03 GMT; path=/;SameSite=None; secure,RoutingKeyCookie=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure,HostSwitchPrg=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure,OptInPrg=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure,logonLatency=LGN01=638206709430607413; domain=live.com; path=/; secure; HttpOnly,O365Consumer=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure
X-CalculatedBETarget: BEZP281MB3285.DEUP281.PROD.OUTLOOK.COM
X-RUM-Validated: 1
X-RUM-NotUpdateQueriedPath: 1
X-RUM-NotUpdateQueriedDbCopy: 1
X-Content-Type-Options: nosniff
X-BeSku: WCS7
X-BackEnd-Begin: 2023-05-26T04:09:03.060
X-BackEnd-End: 2023-05-26T04:09:03.076
X-DiagInfo: BEZP281MB3285
X-BEServer: BEZP281MB3285
X-UA-Compatible: IE=EmulateIE7
X-Proxy-RoutingCorrectness: 1
X-Proxy-BackendServerStatus: 200
X-FEProxyInfo: FR3P281CA0046.DEUP281.PROD.OUTLOOK.COM
X-FEEFZInfo: HHN
X-FEServer: BE1P281CA0173,FR3P281CA0046
Report-To: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HHN"}],"include_subdomains":true}
NEL: {"report_to":"NelOfficeUpload1","max_age":7200,"include_subdomains":true,"failure_fraction":1.0,"success_fraction":0.01}
X-FirstHopCafeEFZ: HHN
Date: Fri, 26 May 2023 04:09:02 GMT
Connection: close

• http://live.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
204.79.197.212
301
https://outlook.live.com/owa/
0.040
E
Visible Content:
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: 6EA75CF77DBE44DBAC03C153DC926384 Ref B: FRAEDGE1805 Ref C: 2023-05-26T04:08:55Z
Date: Fri, 26 May 2023 04:08:55 GMT
Connection: close
Content-Length: 0

• http://www.live.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
204.79.197.212
301
https://outlook.live.com/owa/
0.033
E
Visible Content:
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: BC8721E519D740C3AA71E09F9E3479FE Ref B: FRAEDGE1712 Ref C: 2023-05-26T04:08:55Z
Date: Fri, 26 May 2023 04:08:55 GMT
Connection: close
Content-Length: 0

• http://www.live.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2620:1ec:c11::212
301
https://outlook.live.com/owa/
0.040
E
Visible Content:
Location: https://outlook.live.com/owa/
X-MSEdge-Ref: Ref A: 49CBAB7CC55140068F6B16258BF172B7 Ref B: FRAEDGE1206 Ref C: 2023-05-26T04:08:55Z
Date: Fri, 26 May 2023 04:08:55 GMT
Connection: close
Content-Length: 0

• https://204.79.197.212/
204.79.197.212
400

Html is minified: 100.00 %
2.637
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Transfer-Encoding: chunked
X-MSEdge-Ref: 02DBwZAAAAADNngHnK4bLTLtgQNZczt6lRlJBRURHRTE3MTAARWRnZQ==
Date: Fri, 26 May 2023 04:08:55 GMT
Connection: close

• https://[2620:01ec:0c11:0000:0000:0000:0000:0212]/
2620:1ec:c11::212
400

Html is minified: 100.00 %
2.650
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Transfer-Encoding: chunked
X-MSEdge-Ref: 02zBwZAAAAAAW5kAYAeEFTJ11xKdGVTblRlJBRURHRTEyMDkARWRnZQ==
Date: Fri, 26 May 2023 04:08:58 GMT
Connection: close

7. Comments


1. General Results, most used to calculate the result

Aname "live.com" is domain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 86299 (complete: 221801)
AGood: All ip addresses are public addresses
AGood: Minimal 2 ip addresses per domain name found: live.com has 2 different ip addresses (authoritative).
AGood: Minimal 2 ip addresses per domain name found: www.live.com has 2 different ip addresses (authoritative).
AGood: Ipv4 and Ipv6 addresses per domain name found: www.live.com has 1 ipv4, 1 ipv6 addresses
Warning: No ipv6 address found. Ipv6 is the future with a lot of new features. So every domain name should have an ipv6 address. See https://en.wikipedia.org/wiki/IPv6: live.com has no ipv6 address.
AGood: No asked Authoritative Name Server had a timeout
Ahttps://live.com/ 204.79.197.212
301
https://outlook.live.com/owa/
Correct redirect https to https
AGood: destination is https
AGood - only one version with Http-Status 200
AGood: one preferred version: non-www is preferred
AGood: No cookie sent via http.
AGood: every cookie sent via https is marked as secure
Warning: HSTS preload sent, but not in Preload-List. Never send a preload directive if you don't know what preload means. Check https://hstspreload.org/ to learn the basics about the Google-Preload list. If you send a preload directive, you should **immediately** add your domain to the HSTS preload list via https://hstspreload.org/ . If Google accepts the domain, so the status is "pending": Note that new entries are hardcoded into the Chrome source code and can take several months before they reach the stable version. So you will see this message some months. If you don't want that or if you don't understand "preload", but if you send a preload directive and if you have correct A-redirects, everybody can add your domain to that list. Then you may have problems, it's not easy to undo that. So if you don't want your domain preloaded, remove the preload directive.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: All urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset)
Bhttps://live.com/ 204.79.197.212
301

Missing HSTS-Header
Bhttps://www.live.com/ 204.79.197.212
301

Missing HSTS-Header
Bhttps://www.live.com/ 2620:1ec:c11::212
301

Missing HSTS-Header
Bhttps://outlook.live.com/owa/
200
RoutingKeyCookie=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://outlook.live.com/owa/
200
HostSwitchPrg=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://outlook.live.com/owa/
200
OptInPrg=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://outlook.live.com/owa/
200
logonLatency=LGN01=638206709430607413; domain=live.com; path=/; secure; HttpOnly
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Bhttps://outlook.live.com/owa/
200
O365Consumer=; expires=Wed, 26-May-1993 04:09:03 GMT; path=/; secure
Cookie without a SameSite-Attribute. Possible values are: Strict/Lax/None. Cookie may not work as expected, if "None" is wanted, but browsers use "Lax" as default value.
Ehttp://live.com/ 204.79.197.212
301
https://outlook.live.com/owa/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://www.live.com/ 204.79.197.212
301
https://outlook.live.com/owa/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Ehttp://www.live.com/ 2620:1ec:c11::212
301
https://outlook.live.com/owa/
Wrong redirect one domain http to other domain https. First redirect to https without new dns query, so the server can send the HSTS header. That's fundamental using HSTS (Http Strict Transport Security). First step: Add correct redirects http ⇒ https. Perhaps in your port 80 vHost something like "RewriteEngine on" + "RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,QSA,R=permanent]" (two rows, without the "). Don't add this in your port 443 vHost, that would create a loop. Then recheck your domain, should be Grade C. There is the rule to select one https version as preferred version.
Mhttps://204.79.197.212/ 204.79.197.212
400

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://[2620:01ec:0c11:0000:0000:0000:0000:0212]/ 2620:1ec:c11::212
400

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://204.79.197.212/ 204.79.197.212
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://[2620:01ec:0c11:0000:0000:0000:0000:0212]/ 2620:1ec:c11::212
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
XFatal error: Nameserver doesn't support TCP connection: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 40.66.196.211: Timeout
XFatal error: Nameserver doesn't support TCP connection: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 2603:10b6:628:2::19: Timeout
XFatal error: Nameserver doesn't support TCP connection: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 40.66.197.21: Timeout
XFatal error: Nameserver doesn't support TCP connection: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 2603:10b6:500::21: Timeout
AGood: More then one ip address per domain name found, checking all ip addresses the same http status and the same certificate found: Domain www.live.com, 2 ip addresses.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain live.com, 1 ip addresses, 1 different http results.
Info: Checking all ip addresses of that domain without sending the hostname only one certificate found. Checking all ip addresses and sending the hostname only one certificate found. Both certificates are the same. So that domain doesn't require Server Name Indication (SNI), it's the primary certificate of that set of ip addresses.: Domain www.live.com, 2 ip addresses, 1 different http results.
AGood: _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Domainname: _mta-sts.live.com
AGood: _mta-sts TXT record is valid.
BBad: Valid _mta-sts TXT found, but no ip address of the subdomain mta-sts found _mta-sts.live.com

2. Header-Checks

Aoutlook.live.com
report-to
Ok: Header without syntax errors found: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HHN"}],"include_subdomains":true}
A

Ok: Header without syntax errors found: {"group":"NelOfficeUpload1","max_age":7200,"endpoints":[{"url":"https://exo.nel.measure.office.net/api/report?TenantId=&FrontEnd=Cafe&DestinationEndpoint=HHN"}],"include_subdomains":true}
A
X-Content-Type-Options
Ok: Header without syntax errors found: nosniff
Foutlook.live.com
Content-Security-Policy
Critical: Missing Header:
Foutlook.live.com
Referrer-Policy
Critical: Missing Header:
Foutlook.live.com
Permissions-Policy
Critical: Missing Header:

3. DNS- and NameServer - Checks

AInfo:: 34 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 10 Name Servers.
AInfo:: 34 Queries complete, 34 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.nse12.o365filtering.com (104.47.38.8), nse13.o365filtering.com (104.47.2.8), nse21.o365filtering.com (104.47.40.8)
Ok (4 - 8):: An average of 3.4 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 10 different Name Servers found: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com, ns1-34.azure-dns.com, ns2-34.azure-dns.net, ns5-34.azure-dns.com, ns7-34.azure-dns.org, ns8-34.azure-dns.info, nse12.o365filtering.com, nse13.o365filtering.com, nse21.o365filtering.com, ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com, 8 Name Servers included in Delegation: ns1-34.azure-dns.com, ns2-34.azure-dns.net, ns5-34.azure-dns.com, ns7-34.azure-dns.org, ns8-34.azure-dns.info, nse12.o365filtering.com, nse13.o365filtering.com, nse21.o365filtering.com, 8 Name Servers included in 2 Zone definitions: ns1-34.azure-dns.com, ns2-34.azure-dns.net, ns5-34.azure-dns.com, ns7-34.azure-dns.org, ns8-34.azure-dns.info, nse12.o365filtering.com, nse13.o365filtering.com, nse21.o365filtering.com, 2 Name Servers listed in SOA.Primary: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com, ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com.
Error: Different SOA.Primary Name Servers found, different SOA Definitions.: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com,ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com.
Error: SOA.Primary Name Server not included in the delegation set.: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com,ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AGood: Minimal 2 different name servers (public suffix and public ip address) found: 10 different Name Servers found
AGood: Some Name Servers have IPv6 addresses: 4 Name Servers with IPv6 found (6 Name Servers without IPv6)
AGood: Name servers with different Top Level Domains / Public Suffix List entries found: 10 Name Servers, 4 Top Level Domains: com, org, net, info
AGood: Name Servers with different domain names found.: 6 different Domains found
AGood: Name servers with different Country locations found: 10 Name Servers, 4 Countries: CA, IE, SE, US
AInfo: Ipv4-Subnet-list: 10 Name Servers, 4 different subnets (first Byte): 104., 13., 150., 40., 4 different subnets (first two Bytes): 104.47., 13.107., 150.171., 40.66., 10 different subnets (first three Bytes): 104.47.2., 104.47.38., 104.47.40., 13.107.207., 13.107.223., 150.171.10., 150.171.11., 150.171.16., 40.66.196., 40.66.197.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 4 Name Servers with IPv6, 2 different subnets (first block): 2603:, 2620:, 3 different subnets (first two blocks): 2603:1061:, 2603:10b6:, 2620:01ec:, 4 different subnets (first three blocks): 2603:1061:0000:, 2603:10b6:0500:, 2603:10b6:0628:, 2620:01ec:08ec:, 4 different subnets (first four blocks): 2603:1061:0000:0010:, 2603:10b6:0500:0000:, 2603:10b6:0628:0002:, 2620:01ec:08ec:0010:
AGood: Name Server IPv6 addresses from different subnets found.
AInfo: Nameserver mit different domain names found. May be a problem with DNS-Updates
XNameserver Timeout checking Echo Capitalization: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 40.66.196.211
XNameserver Timeout checking Echo Capitalization: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 2603:10b6:628:2::19
XNameserver Timeout checking Echo Capitalization: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 40.66.197.21
XNameserver Timeout checking Echo Capitalization: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 2603:10b6:500::21
XNameserver Timeout checking EDNS512: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 40.66.196.211
XNameserver Timeout checking EDNS512: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 2603:10b6:628:2::19
XNameserver Timeout checking EDNS512: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 40.66.197.21
XNameserver Timeout checking EDNS512: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 2603:10b6:500::21
Nameserver doesn't pass all EDNS-Checks: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 40.66.196.211: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com / 2603:10b6:628:2::19: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 40.66.197.21: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
Nameserver doesn't pass all EDNS-Checks: ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com / 2603:10b6:500::21: OP100: fatal timeout. FLAGS: fatal timeout. V1: fatal timeout. V1OP100: fatal timeout. V1FLAGS: fatal timeout. DNSSEC: fatal timeout. V1DNSSEC: fatal timeout. NSID: fatal timeout. COOKIE: fatal timeout. CLIENTSUBNET: fatal timeout.
XFatal error: Nameservers with different SOA Serial Numbers
AGood: CAA entries found, creating certificate is limited: digicert.com is allowed to create certificates
AGood: CAA entries found, creating certificate is limited: dtrust.de is allowed to create certificates
AGood: CAA entries found, creating certificate is limited: entrust.net is allowed to create certificates
AGood: CAA entries found, creating certificate is limited: globalsign.com is allowed to create certificates
AGood: CAA entries found, creating certificate is limited: microsoft.com is allowed to create certificates
Warning: Unknown CAA found: microsoft.com isn't defined. Unknown entry. May be wrong written, may be not longer valid. May be a missing entry in this tool.

4. Content- and Performance-critical Checks

Fatal: All checks of /.well-known/acme-challenge/random-filename have a redirect, destination doesn't have the random filename. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AGood: Every https result with status 200 supports GZip.
https://outlook.live.com/owa/
200

Warning: Https + http status 200 + Inline CSS / JavaScript found. Don't use inline CSS / JavaScript. These are compiled and re-used ressources, save these with a long Cache-Control max-age - header.
https://outlook.live.com/owa/
200

Warning: Https result with status 200 found, Html-Content is too big. Should be max. 110 %. May contain inline CSS / JavaScript, too much comments or white space. Re-used ressources - create files with a long Cache-Control max-age header. Remove comments and white space.
AGood: Every https connection via port 443 supports the http/2 protocol via ALPN.
https://outlook.live.com/owa/
200

Critical: Some script Elements (type text/javascript) with a src-Attribute don't have a defer / async - Attribute. Loading and executing these JavaScripts blocks parsing and rendering the Html-Output. That's bad if your site is large or the connection is slow / mobile usage. Use "async" if the js file has only functions (so nothing is executed after parsing the file) or is independend. Use "defer" if the order of the scripts is important. All "defer" scripts are executed before the DOMContentLoaded event is fired. Check https://developer.mozilla.org/en-US/docs/Web/HTML/Element/script to see some details.: 7 script elements without defer/async.
AGood: All CSS / JavaScript files are sent with GZip. That reduces the content of the files. 8 external CSS / JavaScript files found
AGood: All images with internal compression not sent via GZip. Images (.png, .jpg) are already compressed, so an additional GZip isn't helpful. 6 images (type image/png, image/jpg) found without additional GZip. Not required because these images are already compressed
Warning: CSS / JavaScript files with a missing or too short Cache-Control header found. Browsers should cache and re-use these files. 0 external CSS / JavaScript files without Cache-Control-Header, 0 with Cache-Control, but no max-age, 1 with Cache-Control max-age too short (minimum 7 days), 7 with Cache-Control long enough, 8 complete.
AGood: All images are sent with a long Cache-Control header (minimum 7 days). So the browser can reuse these files, no download is required. 6 image files with long Cache-Control max-age found
AGood: Some checked attribute values are enclosed in quotation marks (" or ').: 70 Html-Elements checked, 55 without problems.
IWrong: Attribute values found, not enclosed in quotation marks (" or ').: 15 Html-Elements with attributes and missing enclosed quotation marks found. 18 wrong attributes.
AGood: Some img-elements have a valid alt-attribute.: 7 img-elements found, 1 img-elements with correct alt-attributes (defined, not an empty value).
Wrong: img-elements without alt-attribute or empty alt-attribute found. The alt-attribute ("alternative") is required and should describe the img. So Screenreader and search engines are able to use these informations.: 6 img-elements without alt-attribute, 0 img-elements with empty alt-attribute found.
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 379584 milliseconds, 379.584 seconds


8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
live.com
204.79.197.212
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
live.com
204.79.197.212
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
No SNI required - domain included in main certificate
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
No SNI required - domain included in main certificate
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US


www.live.com
204.79.197.212
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok

www.live.com
204.79.197.212
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
No SNI required - domain included in main certificate
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
No SNI required - domain included in main certificate
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US


www.live.com
2620:1ec:c11::212
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok

www.live.com
2620:1ec:c11::212
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
No SNI required - domain included in main certificate
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
No SNI required - domain included in main certificate
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US


outlook.live.com
outlook.live.com
443
ok
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok

outlook.live.com
outlook.live.com
443
ok
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete
1CN=outlook.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US


204.79.197.212
204.79.197.212
443
name does not match
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok

204.79.197.212
204.79.197.212
443
name does not match
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US


[2620:01ec:0c11:0000:0000:0000:0000:0212]
2620:1ec:c11::212
443
name does not match
Tls12
ECDH Ephermal
384
Aes256
256
Sha384
supported
ok

[2620:01ec:0c11:0000:0000:0000:0000:0212]
2620:1ec:c11::212
443
name does not match
Tls12

ECDH Ephermal
384
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)
1CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, C=US, ST=Washington

2CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US


9. Certificates

1.
1.
CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
04.09.2022
05.09.2023
169 days expired
outlook.live.com, outlook-sdf.live.com, attachment.outlook.office.net, attachment.outlook.officeppe.net, hotmail.com, *.calendar.live.com, *.hotmail.com, *.live.com, *.mail.live.com, afd-l.office.com, live.com, *.nrb.footprintdns.com, *.fp.measure.office.com, premium.outlook.com - 14 entries
1.
1.
CN=outlook.live.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
04.09.2022

05.09.2023
169 days expired
outlook.live.com, outlook-sdf.live.com, attachment.outlook.office.net, attachment.outlook.officeppe.net, hotmail.com, *.calendar.live.com, *.hotmail.com, *.live.com, *.mail.live.com, afd-l.office.com, live.com, *.nrb.footprintdns.com, *.fp.measure.office.com, premium.outlook.com - 14 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:043AA544195A1FD11B1A8698B054A4E9
Thumbprint:4CCB51085E463F5FB98F7276674A4BE4914970E6
SHA256 / Certificate:C/+3wIin+TGX0DI672bEyrUIPt1tIpsLOf9nQfc3dXo=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):e37cb2292761b0adf10467bd735a6368f0bc970eea552852c5ded5135da13b2b
SHA256 hex / Subject Public Key Information (SPKI):e37cb2292761b0adf10467bd735a6368f0bc970eea552852c5ded5135da13b2b (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocspx.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
04.08.2015
04.08.2030
expires in 2356 days


2.
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
04.08.2015

04.08.2030
expires in 2356 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:019EC1C6BD3F597BB20C3338E551D877
Thumbprint:81B68D6CD2F221F8F534E677523BB236BBA1DC56
SHA256 / Certificate:L2iJlhp8pwZ+i6EDws+bmpJPjKKT8RF44joZeNLxM9M=
SHA256 hex / Cert (DANE * 0 1):2f6889961a7ca7067e8ba103c2cf9b9a924f8ca293f11178e23a1978d2f133d3
SHA256 hex / PublicKey (DANE * 1 1):520a545696ab8a693c4028ed59069443b106aedaf291cfcbf0deba121158dd51
SHA256 hex / Subject Public Key Information (SPKI):520a545696ab8a693c4028ed59069443b106aedaf291cfcbf0deba121158dd51
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


3.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 2819 days


3.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 2819 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


2.
1.
CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
27.04.2023
27.04.2024
expires in 66 days
*.clo.footprintdns.com, *.hotmail.com, *.internal.outlook.com, *.live.com, *.nrb.footprintdns.com, *.office.com, *.office365.com, *.outlook.com, *.outlook.office365.com, attachment.outlook.live.net, attachment.outlook.office.net, attachment.outlook.officeppe.net, attachments.office.net, attachments-sdf.office.net, ccs.login.microsoftonline.com, ccs-sdf.login.microsoftonline.com, hotmail.com, mail.services.live.com, office365.com, outlook.com, outlook.office.com, substrate.office.com, substrate-sdf.office.com - 23 entries
2.
1.
CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
27.04.2023

27.04.2024
expires in 66 days
*.clo.footprintdns.com, *.hotmail.com, *.internal.outlook.com, *.live.com, *.nrb.footprintdns.com, *.office.com, *.office365.com, *.outlook.com, *.outlook.office365.com, attachment.outlook.live.net, attachment.outlook.office.net, attachment.outlook.officeppe.net, attachments.office.net, attachments-sdf.office.net, ccs.login.microsoftonline.com, ccs-sdf.login.microsoftonline.com, hotmail.com, mail.services.live.com, office365.com, outlook.com, outlook.office.com, substrate.office.com, substrate-sdf.office.com - 23 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:05C5C01EBE095375E330F85893C210C6
Thumbprint:AB21824732033EC2D0F72A8850E967399049C0FE
SHA256 / Certificate:eT5wTegTvugRk21SHhb/UOG+vbwAr4n9yFV7AbVPSuc=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):06e980c29f71e306f7e9675a4f345283194ac27e5d19a754f15df9b699e88c5e
SHA256 hex / Subject Public Key Information (SPKI):06e980c29f71e306f7e9675a4f345283194ac27e5d19a754f15df9b699e88c5e (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocspx.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


2.
CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
27.04.2023
27.04.2024
expires in 66 days
*.clo.footprintdns.com, *.hotmail.com, *.internal.outlook.com, *.live.com, *.nrb.footprintdns.com, *.office.com, *.office365.com, *.outlook.com, *.outlook.office365.com, attachment.outlook.live.net, attachment.outlook.office.net, attachment.outlook.officeppe.net, attachments.office.net, attachments-sdf.office.net, ccs.login.microsoftonline.com, ccs-sdf.login.microsoftonline.com, hotmail.com, mail.services.live.com, office365.com, outlook.com, outlook.office.com, substrate.office.com, substrate-sdf.office.com - 23 entries

2.
CN=outlook.com, O=Microsoft Corporation, L=Redmond, S=Washington, C=US
27.04.2023

27.04.2024
expires in 66 days
*.clo.footprintdns.com, *.hotmail.com, *.internal.outlook.com, *.live.com, *.nrb.footprintdns.com, *.office.com, *.office365.com, *.outlook.com, *.outlook.office365.com, attachment.outlook.live.net, attachment.outlook.office.net, attachment.outlook.officeppe.net, attachments.office.net, attachments-sdf.office.net, ccs.login.microsoftonline.com, ccs-sdf.login.microsoftonline.com, hotmail.com, mail.services.live.com, office365.com, outlook.com, outlook.office.com, substrate.office.com, substrate-sdf.office.com - 23 entries

KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:05C5C01EBE095375E330F85893C210C6
Thumbprint:AB21824732033EC2D0F72A8850E967399049C0FE
SHA256 / Certificate:eT5wTegTvugRk21SHhb/UOG+vbwAr4n9yFV7AbVPSuc=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):06e980c29f71e306f7e9675a4f345283194ac27e5d19a754f15df9b699e88c5e
SHA256 hex / Subject Public Key Information (SPKI):06e980c29f71e306f7e9675a4f345283194ac27e5d19a754f15df9b699e88c5e (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocspx.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


3.
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
25.09.2020
25.09.2030
expires in 2408 days


3.
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
25.09.2020

25.09.2030
expires in 2408 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F171A48C6F223809218CD2ED6DDC0E8
Thumbprint:B3F6B64A07BB9611F47174407841F564FB991F29
SHA256 / Certificate:X4hpRhXkxhaG4Qa4TDM4xnIMU19g029hKC7RXhl33UQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):520a545696ab8a693c4028ed59069443b106aedaf291cfcbf0deba121158dd51
SHA256 hex / Subject Public Key Information (SPKI):520a545696ab8a693c4028ed59069443b106aedaf291cfcbf0deba121158dd51
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


4.
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
25.09.2020
25.09.2030
expires in 2408 days


4.
CN=DigiCert Cloud Services CA-1, O=DigiCert Inc, C=US
25.09.2020

25.09.2030
expires in 2408 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F171A48C6F223809218CD2ED6DDC0E8
Thumbprint:B3F6B64A07BB9611F47174407841F564FB991F29
SHA256 / Certificate:X4hpRhXkxhaG4Qa4TDM4xnIMU19g029hKC7RXhl33UQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):520a545696ab8a693c4028ed59069443b106aedaf291cfcbf0deba121158dd51
SHA256 hex / Subject Public Key Information (SPKI):520a545696ab8a693c4028ed59069443b106aedaf291cfcbf0deba121158dd51
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 2819 days


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 2819 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016
10.05.2025
expires in 444 days


6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016

10.05.2025
expires in 444 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F5BC3A176CB789E2020C7893C8167B4
Thumbprint:FB20FA8A6A93B375F054814F9E00273EA51A6138
SHA256 / Certificate:bay7iUUTex2tQhGwQ2774G8SrONpBJc7Ra4ldAgj02k=
SHA256 hex / Cert (DANE * 0 1):6dacbb8945137b1dad4211b0436efbe06f12ace36904973b45ae25740823d369
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000
13.05.2025
expires in 447 days


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000

13.05.2025
expires in 447 days


KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:020000B9
Thumbprint:D4DE20D05E66FC53FE1A50882C78DB2852CAE474
SHA256 / Certificate:Fq9XqfZ2sKsSYJWqXrre8iqzERnWRKyVzUuT2/Pyaus=
SHA256 hex / Cert (DANE * 0 1):16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
SHA256 hex / PublicKey (DANE * 1 1):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SHA256 hex / Subject Public Key Information (SPKI):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:



10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

Small Code Update - wait one minute


2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Small Code Update - wait one minute


11. Html-Content - Entries

Summary

Subresource Integrity (SRI)
DomainnameHtmlElementrel/property∑ size∑ problems∑ int.∑ ext.∑ Origin poss.∑ SRI ParseErrors∑ SRI valid∑ SRI missing
https://outlook.live.com/owa/
a

31

0


0
0
0


iframe

1

0


0
0
0


img

7
812,020 Bytes
0
0
6
6
0
0
-6

link (1)
stylesheet
1
14,810 Bytes
0
0
1
1
0
0
-1

link
other
1
7,886 Bytes
0
0
1
1
0
0
-1

meta (4)
apple
2

0


0
0
0


meta (3)
og
8
77,661 Bytes
0
1
1
1
0
0
-1

meta (1)
twitter
4
77,661 Bytes
0
0
1
1
0
0
-1

meta (9)
other
8

0


0
0
0


script

7
56,547 Bytes
0
0
7
7
0
0
-7

Details

DomainnameHtml-Elementname/equiv/ property/relhref/src/contentHttpStatusmsgStatus
https://outlook.live.com/owa/

a

./?nlp=1


3
ok








a

https://choice.microsoft.com/


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2005900&WT.mc_id=PROD_OL-Web_PreAuth_May19UI


4
ok








a

https://go.microsoft.com/fwlink/?LinkID=206977


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087713


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087714


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087715


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087915


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087916


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087917


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2087918


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2088010


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2121428


1
ok








a

https://go.microsoft.com/fwlink/?linkid=2208171


1
ok








a

https://go.microsoft.com/fwlink/?LinkId=521839


1
ok








a

https://go.microsoft.com/fwlink/?linkid=845480


1
ok








a

https://go.microsoft.com/fwlink/?linkid=867851


1
ok








a

https://outlook.live.com/owa/?nlp=1&signup=1


5
ok








a

https://support.microsoft.com/en-us/contactus/


1
ok








a

https://www.microsoft.com


2
ok








a

https://www.microsoft.com/trademarks


1
ok








iframe
src
https://outlook.live.com/owa/prefetch.aspx


1
ok








img




1
ok
alt: Anne, a nonsighted person, uses an assistive device with her laptop








img
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-android-01.png
200

1
ok
no alt-Attributeimage/png, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 83924 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-w78yq5lgdIQwpi8NcJoT5BDd3uOsbxCVDZQze0k1XWs=
sha384-8WkdM3w2bXfGXhkizDcD2nCuy5DnHoWXgMmJuZFYPKWduo+er+77HpwIm1ZlAKdF
sha512-lZfRNuexLcmHlujjAa8ZQNwPwJYYARlIn5g/dezcbhM8e0L4Eh3vgbTbf7eDURtSpU4I53rg3u46YVL4z9ADGQ==

<img src="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-android-01.png" crossorigin="anonymous" integrity="sha256-w78yq5lgdIQwpi8NcJoT5BDd3uOsbxCVDZQze0k1XWs=" />




img
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-android-02.png
200

1
ok
no alt-Attributeimage/png, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 86698 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-jAe4aggeZekiAgMk976BM8cHeSY3O3x+Kt2csAn8RF8=
sha384-fzD1CCds+0yJe5Q9P9pK3EHjx9zU9raGGO0x0ezkkrA4JcfFh3N+JZwTM6kAvlVw
sha512-mHYoOW3rij8FMfHQ3HcMQUmkkfHU3qXtQoyZfvqHSRW9q0T3Qd+pwBQ4CFfdgYNlfVMxWMpz291FEln73l4mSg==

<img src="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-android-02.png" crossorigin="anonymous" integrity="sha256-jAe4aggeZekiAgMk976BM8cHeSY3O3x+Kt2csAn8RF8=" />




img
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-android-03.png
200

1
ok
no alt-Attributeimage/png, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 78422 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-Vwd0e0EhyI6vOOysoCvHRJUAjfnfziOgAXf/6NtDZqE=
sha384-k6gYUohCyEg9c+ngezqJ2j509fXb5cam+cuYRRdgcj9l0Q06VARTXNa9ppzgXaNV
sha512-6tnPsY0tGo/YqY+Nz6XXEWwogxS3jvRe+UX8WgA4hSlTeswBUN2shX22cJspziRYf1mfJy39hFrPYrId9aJfEA==

<img src="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-android-03.png" crossorigin="anonymous" integrity="sha256-Vwd0e0EhyI6vOOysoCvHRJUAjfnfziOgAXf/6NtDZqE=" />




img
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-ios-01.png
200

1
ok
no alt-Attributeimage/png, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 272801 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-CleKvo9y7DsSVFyIWJtvWXfOxSnYo7AZJoNo5xzxzE4=
sha384-HZ03YskBTU7HZe42MDcwpwBf1SsLI/BAEIgk9fClGcfCtPHA9XcV8vYqkFSdZnGQ
sha512-qptiT+JKDS1EVBzMrO8VlT6MWNy0ei+8AJcSluTVV+B/uL3ha8epEJW4GCm9YNHw9Mo0k3Wpv1yUHBRUJs69ig==

<img src="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-ios-01.png" crossorigin="anonymous" integrity="sha256-CleKvo9y7DsSVFyIWJtvWXfOxSnYo7AZJoNo5xzxzE4=" />




img
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-ios-02.png
200

1
ok
no alt-Attributeimage/png, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 202867 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-E+jjp0zONCI2EpZkcybNvCbsNe37oJeN8jc8tQhCgbw=
sha384-7pnMYcAQA/Fi91vWXy9Lx3kybkOmQdKvXcJBBa3Erxp0W35GJ/6Qi7qdETz8lMS3
sha512-GhiJNj6sigQjFD5z+zymNyZM0kda47xGDTSKFN5wU61aS/wSFjRsnGjkET53yUwf3u2LVIAQWfL27x3T8ZSbjg==

<img src="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-ios-02.png" crossorigin="anonymous" integrity="sha256-E+jjp0zONCI2EpZkcybNvCbsNe37oJeN8jc8tQhCgbw=" />




img
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-ios-03.png
200

1
ok
no alt-Attributeimage/png, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 87308 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-5Dn5WHcJfIHDPIrTfZ3ewMF/Vy+WcDc49v2QWD/BwoM=
sha384-fCy9k7uIPUpBmu/JqoIIv0U6PQHi5tuBaNPQfw7fUbAQzwx04P0PpkrFqj4WNxkd
sha512-ympRuCAekHa7fCJaS77bCTKxiS4JXHL6eNuLuWptiopZOYwNH75kudG4PqCwi0Za3YEDByVf8fbfjVLp/8RoEg==

<img src="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/mobile-scenario-triptych-ios-03.png" crossorigin="anonymous" integrity="sha256-5Dn5WHcJfIHDPIrTfZ3ewMF/Vy+WcDc49v2QWD/BwoM=" />




link
shortcut icon
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/favicon.ico?v=4
200

1
ok
image/x-icon, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 7886 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-412Ut2iU1uypb/WxoS2U3+c0he88UstbQ5W+j/rBy0U=
sha384-HoD5y93+Za0/8JJ3xVwhJZV+O/cXTDpLBjAKgSbAGzBFD8XfMJJA6jR8BENEwRHX
sha512-/wiE+fPe04GRx9HyFFRVCegN5hS8gkOV88lBKu2NgduVun52GTmsHxeYwdOaeWmj2/Nz0DqIQENFcU7dgWXxnQ==

<link rel="shortcut icon" href="https://ow2.res.office365.com/owalanding/2023.4.13.03/images/favicon.ico?v=4" crossorigin="anonymous" integrity="sha256-412Ut2iU1uypb/WxoS2U3+c0he88UstbQ5W+j/rBy0U=" />




link (1)
stylesheet
https://ow2.res.office365.com/owalanding/2023.4.13.03/stylesheets/compiled.css
200

1
ok
text/css, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 14810/107084 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-m8pFqK8XMwEQXzgX7ATpdGrG/JSIYvcrFMoFRwmDHVk=
sha384-NY4AohTHxiwe9bVkhhDUgxwSKEaxgRdkPf2AleW5c5n6xJLeZqu4o1+HEzfZMN3w
sha512-mpmws51o0r6fij7wv6I38Jt4TbmMOBN/zNz2WSPyOWqkuOZjMlX38sALIh8kqjpNY/44M3k9rcO1i8sj0PYzZg==

<link rel="stylesheet" href="https://ow2.res.office365.com/owalanding/2023.4.13.03/stylesheets/compiled.css" crossorigin="anonymous" integrity="sha256-m8pFqK8XMwEQXzgX7ATpdGrG/JSIYvcrFMoFRwmDHVk=" />



Content loaded via url("...")

../fonts/segoeui-bold.woff1
../fonts/segoeui-light.woff1
../fonts/segoeui-regular.woff1
../fonts/segoeui-semibold.woff1
../fonts/segoeui-semilight.woff1
../images/arrow-rightward-blue.png1
../images/download-app-badge-android.svg2
../images/download-app-badge-ios.svg2
../images/fabric-close-x.svg2
../images/fabric-info.svg1
../images/fabric-rightward-arrow-blue.svg1
../images/glyph-apple.svg1
../images/glyph-googleplay.svg1
../images/hotmail-ornament.svg1
../images/masthead-alt-06-wide-large.jpg6
../images/masthead-static-strip-fallback-texture.jpg1
../images/ms-wordmark-white.svg2
../images/outlook-icon.jpg2
../images/premium-diamond-03.svg1
../images/productivity-app-drop-shadow.jpg1
../images/security-feature-attachments.svg1
../images/security-feature-encryption.svg1
../images/security-feature-microsoft.svg1
../images/security-feature-onedrive.svg1
../images/triangle-up.svg1

meta (1)

utf-8


1
ok








meta
og:description
Get free Outlook email and calendar, plus Office Online apps like Word, Excel and PowerPoint. Sign in to access your Outlook, Hotmail or Live email account.


1
ok








meta
og:image
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/opengraph.jpg
200

1
ok
image/jpeg, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 77661 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-KC2zC6hq8eMGSWLk2tydRvBZkyv2WHt97Aam9+g5YQU=
sha384-BJ3SBT12VoTM8STNjMraK60LOxBozIzByJp+iyqUSuH92QrJxGoJGsFLliCh1MYH
sha512-iscVstMU0mldO5uuTkyIhgZ3Y0mKB7A5UXVMyj+E79t5sh+zUNq6R2GbHHkWzwq7n/T/XKhhjKW6es6T+uyj3g==

<meta crossorigin="anonymous" integrity="sha256-KC2zC6hq8eMGSWLk2tydRvBZkyv2WHt97Aam9+g5YQU=" />




meta (1)
og:image:height
630


1
ok








meta (1)
og:image:width
1200


1
ok








meta
og:site_name
Outlook – free personal email and calendar from Microsoft


1
ok








meta
og:title
Outlook – free personal email and calendar from Microsoft


1
ok








meta (1)
og:type
website


1
ok








meta
og:url
https://outlook.live.com/
302
https://outlook.live.com/owa/
1
ok
, missing X-Content-Type-Options nosniff

0 Bytes






meta (1)
x-ua-compatible
ie=edge


1
ok








meta (2)
apple-mobile-web-app-capable
yes


1
ok








meta (2)
apple-mobile-web-app-status-bar-style
black


1
ok








meta (1)
author
Microsoft


1
ok








meta (1)
description
Get free Outlook email and calendar, plus Office Online apps like Word, Excel and PowerPoint. Sign in to access your Outlook, Hotmail or Live email account.


1
ok








meta (1)
format-detection
telephone=no


1
ok








meta (2)
google-site-verification
ndUMYrQxqoeHEcER1rwsksTlMitMJTaJw7AodiXa2JI


1
ok








meta (1)
msvalidate.01
CCBCCCA52CB8A45B73BD0B9A90D648DE


1
ok








meta (1)
twitter:card
summary_large_image


1
ok








meta
twitter:description
Get free Outlook email and calendar, plus Office Online apps like Word, Excel and PowerPoint. Sign in to access your Outlook, Hotmail or Live email account.


1
ok








meta
twitter:image
https://ow2.res.office365.com/owalanding/2023.4.13.03/images/opengraph.jpg
200

1
ok
image/jpeg, missing X-Content-Type-Options nosniff

Cache-Control: max-age=630720000 with long duration found.
No GZip - 77661 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-KC2zC6hq8eMGSWLk2tydRvBZkyv2WHt97Aam9+g5YQU=
sha384-BJ3SBT12VoTM8STNjMraK60LOxBozIzByJp+iyqUSuH92QrJxGoJGsFLliCh1MYH
sha512-iscVstMU0mldO5uuTkyIhgZ3Y0mKB7A5UXVMyj+E79t5sh+zUNq6R2GbHHkWzwq7n/T/XKhhjKW6es6T+uyj3g==

<meta crossorigin="anonymous" integrity="sha256-KC2zC6hq8eMGSWLk2tydRvBZkyv2WHt97Aam9+g5YQU=" />




meta
twitter:title
Outlook – free personal email and calendar from Microsoft


1
ok








meta (1)
viewport
width=device-width, initial-scale=1, shrink-to-fit=no


1
ok








script
src
https://az725175.vo.msecnd.net/scripts/jsll-4.js
200

1
ok
Missing defer / async attribute. text/javascript; charset="utf-8", missing X-Content-Type-Options nosniff

Cache-Control: public, max-age=1800, immutable - max-age too short.
GZip: 18421/56291 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-4kbv8vauPiVaButWHm/JOuO+8sziLF4BJNcTwV+AVnw=
sha384-rnAS6REbL56vqv55l8bn8W5QMFHK+5JQPy3Sndn639rQGIzRa8/PcP1lSt8awgTb
sha512-2rczRgr/gou8aWsVnYsLOHfmSP1OPlmpE4ZcZ2AygWtFmdU5AybH7+ZSxWNsW09WudeEE+sZrRnlYW0Em8d1sA==

<script src="https://az725175.vo.msecnd.net/scripts/jsll-4.js" crossorigin="anonymous" integrity="sha256-4kbv8vauPiVaButWHm/JOuO+8sziLF4BJNcTwV+AVnw=" />




script
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/device-utils.js
200

1
ok
Missing defer / async attribute. application/javascript, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 416/754 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-5OhzQZ8s6eG2Sj1tOE/wXUxAcJTI58GBQLruXPUT0V4=
sha384-WdGSGR3oMBPVo7l9BeY57Y0bWuG1KWhNSoTyuVdQH33aUy8MWjujfmLFceLe8rFj
sha512-hQdUIRmDmHhfZDcpVr9aK97Zmv7dKoEjA7yqHv3SO34niid1jwfcRyJ933QWx42riOsV7jiokEecvL5Xd06pmA==

<script src="https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/device-utils.js" crossorigin="anonymous" integrity="sha256-5OhzQZ8s6eG2Sj1tOE/wXUxAcJTI58GBQLruXPUT0V4=" />




script
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/dom-scripts.js
200

1
ok
Missing defer / async attribute. application/javascript, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 1892/4913 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-p2jLC+yQjSX5CEfspN74zmkP3SaLc8bBrfbCygtSo8A=
sha384-AmhDU3sJqZjIoBcUcE0FRtTjyfQ3NjUH9IijTeFBO6a1qjO63zvhwqPzuu9YUC0E
sha512-ralQdoV3QOM/BkKsl30XQENe8Yxre1ZJVQHaGS+JT/LIUkUGSzERwnVow9PgPVz2GwHXsNgQFVWznggEho9g6w==

<script src="https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/dom-scripts.js" crossorigin="anonymous" integrity="sha256-p2jLC+yQjSX5CEfspN74zmkP3SaLc8bBrfbCygtSo8A=" />




script
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/jquery.onscreen.js
200

1
ok
Missing defer / async attribute. application/javascript, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 2342/6120 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-VY2Le9ZNsHeRERBUMpEJRdgCy+HiNjQfN+Wx0fmm8Ak=
sha384-v5sY5oiXk8eVo6DVlamAP/nIXobPYVbMfgeX1Y5YZmlMyX+KueckQqsbF0wXs3sI
sha512-+oW3AztEivlQ+xjnpCW/AlzHrppVmWJKoyYkLLpukqQxqhphqEdVD3KRA6nSvKw/kz+pRTNuP6F9dCsR82NrSw==

<script src="https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/jquery.onscreen.js" crossorigin="anonymous" integrity="sha256-VY2Le9ZNsHeRERBUMpEJRdgCy+HiNjQfN+Wx0fmm8Ak=" />




script
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/jquery-3.6.0.min.js
200

1
ok
Missing defer / async attribute. application/javascript, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 31003/89595 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-j/wm7+2WIoNzobR7gZ+E38bmsU4FKJq3/UHthcC9CGQ=
sha384-9EuL4sFQWtlfnJPN9hgixsimU/rnQHOAmB3LDH64g4Nr+GyUVhy0xBSthcLaKPDf
sha512-dtJnMxM2fbtR8jZO3XOMI6Ye4cf43cwDvWf2jXBo6VUsTj2I2Kkrv5PlmFZJ0uBfzHrGl+xngQeJO5iXp8dcIw==

<script src="https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/jquery-3.6.0.min.js" crossorigin="anonymous" integrity="sha256-j/wm7+2WIoNzobR7gZ+E38bmsU4FKJq3/UHthcC9CGQ=" />




script
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/lazyload.min.js
200

1
ok
Missing defer / async attribute. application/javascript, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 2057/5272 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-PVN/ueJz2F1gA2JFad2O19sJWh7Wz0mI5MSY4RLuI2s=
sha384-7SjdjjJbIusi6j6u9UheWDh6CSbDdRtCgTN24U6WcHDmqTzRHPCS4AYrhrpwMTd2
sha512-Tj51isbKA6hJBmpRmVPVxM2CCvdCmSSMpV/Kk87rAJBwrG8fiKKtc42B2TnwIc5PHnJwp/oV4Da99eAh2Lf9Dg==

<script src="https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/lazyload.min.js" crossorigin="anonymous" integrity="sha256-PVN/ueJz2F1gA2JFad2O19sJWh7Wz0mI5MSY4RLuI2s=" />




script
src
https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/vh-check.min.js
200

1
ok
Missing defer / async attribute. application/javascript, X-Content-Type-Options nosniff found

Cache-Control: max-age=630720000 - with long duration found.
GZip: 416/899 Bytes




Server-Header Access-Control-Allow-Origin: *
Cross-Origin Resource Sharing (CORS) supported

missing crossorigin=anonymous|use-credentials and integrity - attribute, possible hash-values:

sha256-T91uTLLCo5QKNCUBjJkRXM5Cv7meLqtErvWsEKtcRao=
sha384-avjeKg/cH+nhYNPBbVkNumNuuUnXUsb+UwWK8hleJecGUmSwHiwt8C8uArNdODEg
sha512-Svwk5s/xbaVE2AT0n3kj/3IzIqREEBwUfGTZmN4il5C3ukzgXpYqPYQ/xpVAyke5byjUb0LSdakMpmfRpGUp3g==

<script src="https://ow2.res.office365.com/owalanding/2023.4.13.03/javascripts/vh-check.min.js" crossorigin="anonymous" integrity="sha256-T91uTLLCo5QKNCUBjJkRXM5Cv7meLqtErvWsEKtcRao=" />




12. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com, ns1-34.azure-dns.com, ns2-34.azure-dns.net, ns5-34.azure-dns.com, ns7-34.azure-dns.org, ns8-34.azure-dns.info, nse12.o365filtering.com, nse13.o365filtering.com, nse21.o365filtering.com, ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com

QNr.DomainTypeNS used
1
com
NS
j.root-servers.net (2001:503:c27::2:30)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1-32.azure-dns.com, ns2-32.azure-dns.net, ns5-32.azure-dns.com, ns6-32.azure-dns.net, ns7-32.azure-dns.org, nse12.o365filtering.com, nse13.o365filtering.com, nse21.o365filtering.com

Answer: ns1-32.azure-dns.com
150.171.10.32, 2603:1061:0:10::20

Answer: ns5-32.azure-dns.com
150.171.11.32

Answer: nse12.o365filtering.com
104.47.38.8

Answer: nse13.o365filtering.com
104.47.2.8

Answer: nse21.o365filtering.com
104.47.40.8
3
ns1-34.azure-dns.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1-01.azure-dns.com, ns1-02.azure-dns.com, ns1-03.azure-dns.com, ns1-04.azure-dns.com

Answer: ns1-01.azure-dns.com
13.107.236.1, 2603:1061:0:700::1

Answer: ns1-02.azure-dns.com
13.107.236.2, 2603:1061:0:700::2

Answer: ns1-03.azure-dns.com
13.107.236.3, 2603:1061:0:700::3

Answer: ns1-04.azure-dns.com
13.107.236.4, 2603:1061:0:700::4
4
net
NS
k.root-servers.net (2001:7fd::1)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
5
ns2-34.azure-dns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2-01.azure-dns.net, ns2-02.azure-dns.net, ns2-03.azure-dns.net, ns2-04.azure-dns.net

Answer: ns2-01.azure-dns.net
150.171.21.1, 2620:1ec:8ec:700::1

Answer: ns2-02.azure-dns.net
150.171.21.2, 2620:1ec:8ec:700::2

Answer: ns2-03.azure-dns.net
150.171.21.3, 2620:1ec:8ec:700::3

Answer: ns2-04.azure-dns.net
150.171.21.4, 2620:1ec:8ec:700::4
6
ns5-34.azure-dns.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1-01.azure-dns.com, ns1-02.azure-dns.com, ns1-03.azure-dns.com, ns1-04.azure-dns.com

Answer: ns1-01.azure-dns.com
13.107.236.1, 2603:1061:0:700::1

Answer: ns1-02.azure-dns.com
13.107.236.2, 2603:1061:0:700::2

Answer: ns1-03.azure-dns.com
13.107.236.3, 2603:1061:0:700::3

Answer: ns1-04.azure-dns.com
13.107.236.4, 2603:1061:0:700::4
7
org
NS
b.root-servers.net (2001:500:200::b)

Answer: a0.org.afilias-nst.info, a2.org.afilias-nst.info, b0.org.afilias-nst.org, b2.org.afilias-nst.org, c0.org.afilias-nst.info, d0.org.afilias-nst.org
8
ns7-34.azure-dns.org
NS
a0.org.afilias-nst.info (2001:500:e::1)

Answer: ns3-01.azure-dns.org, ns3-02.azure-dns.org, ns3-03.azure-dns.org, ns3-04.azure-dns.org

Answer: ns3-01.azure-dns.org
204.14.183.1, 2a01:111:4000:700::1

Answer: ns3-02.azure-dns.org
204.14.183.2, 2a01:111:4000:700::2

Answer: ns3-03.azure-dns.org
204.14.183.3, 2a01:111:4000:700::3

Answer: ns3-04.azure-dns.org
204.14.183.4, 2a01:111:4000:700::4
9
info
NS
k.root-servers.net (2001:7fd::1)

Answer: a0.info.afilias-nst.info, a2.info.afilias-nst.info, b0.info.afilias-nst.org, b2.info.afilias-nst.org, c0.info.afilias-nst.info, d0.info.afilias-nst.org
10
ns8-34.azure-dns.info
NS
a0.info.afilias-nst.info (2001:500:19::1)

Answer: ns4-01.azure-dns.info, ns4-02.azure-dns.info, ns4-03.azure-dns.info, ns4-04.azure-dns.info

Answer: ns4-01.azure-dns.info
208.84.5.1, 2620:1ec:bda:700::1

Answer: ns4-02.azure-dns.info
208.84.5.2, 2620:1ec:bda:700::2

Answer: ns4-03.azure-dns.info
208.84.5.3, 2620:1ec:bda:700::3

Answer: ns4-04.azure-dns.info
208.84.5.4, 2620:1ec:bda:700::4
11
ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns1-32.azure-dns.com, ns2-32.azure-dns.net, ns5-32.azure-dns.com, ns6-32.azure-dns.net, ns7-32.azure-dns.org, nse12.o365filtering.com, nse13.o365filtering.com, nse21.o365filtering.com

Answer: ns1-32.azure-dns.com
150.171.10.32, 2603:1061:0:10::20

Answer: ns5-32.azure-dns.com
150.171.11.32

Answer: nse12.o365filtering.com
104.47.38.8

Answer: nse13.o365filtering.com
104.47.2.8

Answer: nse21.o365filtering.com
104.47.40.8
12
ns2-32.azure-dns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2-01.azure-dns.net, ns2-02.azure-dns.net, ns2-03.azure-dns.net, ns2-04.azure-dns.net

Answer: ns2-01.azure-dns.net
150.171.21.1, 2620:1ec:8ec:700::1

Answer: ns2-02.azure-dns.net
150.171.21.2, 2620:1ec:8ec:700::2

Answer: ns2-03.azure-dns.net
150.171.21.3, 2620:1ec:8ec:700::3

Answer: ns2-04.azure-dns.net
150.171.21.4, 2620:1ec:8ec:700::4
13
ns6-32.azure-dns.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns2-01.azure-dns.net, ns2-02.azure-dns.net, ns2-03.azure-dns.net, ns2-04.azure-dns.net

Answer: ns2-01.azure-dns.net
150.171.21.1, 2620:1ec:8ec:700::1

Answer: ns2-02.azure-dns.net
150.171.21.2, 2620:1ec:8ec:700::2

Answer: ns2-03.azure-dns.net
150.171.21.3, 2620:1ec:8ec:700::3

Answer: ns2-04.azure-dns.net
150.171.21.4, 2620:1ec:8ec:700::4
14
ns7-32.azure-dns.org
NS
a0.org.afilias-nst.info (2001:500:e::1)

Answer: ns3-01.azure-dns.org, ns3-02.azure-dns.org, ns3-03.azure-dns.org, ns3-04.azure-dns.org

Answer: ns3-01.azure-dns.org
204.14.183.1, 2a01:111:4000:700::1

Answer: ns3-02.azure-dns.org
204.14.183.2, 2a01:111:4000:700::2

Answer: ns3-03.azure-dns.org
204.14.183.3, 2a01:111:4000:700::3

Answer: ns3-04.azure-dns.org
204.14.183.4, 2a01:111:4000:700::4
15
ns2-32.azure-dns.net: 150.171.16.32
A
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
16
ns2-32.azure-dns.net: 2620:1ec:8ec:10::20
AAAA
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
17
ns6-32.azure-dns.net: 150.171.17.32
A
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
18
ns6-32.azure-dns.net: No AAAA record found
AAAA
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
19
ns7-32.azure-dns.org: 13.107.223.32
A
ns3-01.azure-dns.org (2a01:111:4000:700::1)
20
ns7-32.azure-dns.org: No AAAA record found
AAAA
ns3-01.azure-dns.org (2a01:111:4000:700::1)
21
ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com: 40.66.196.211
A
ns1-32.azure-dns.com (2603:1061:0:10::20)
22
ch0mgt0101dc001.prdmgt01.prod.exchangelabs.com: 2603:10b6:628:2::19
AAAA
ns1-32.azure-dns.com (2603:1061:0:10::20)
23
ns1-34.azure-dns.com: 150.171.10.34
A
ns1-01.azure-dns.com (2603:1061:0:700::1)
24
ns1-34.azure-dns.com: 2603:1061:0:10::22
AAAA
ns1-01.azure-dns.com (2603:1061:0:700::1)
25
ns2-34.azure-dns.net: 150.171.16.34
A
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
26
ns2-34.azure-dns.net: 2620:1ec:8ec:10::22
AAAA
ns2-01.azure-dns.net (2620:1ec:8ec:700::1)
27
ns5-34.azure-dns.com: 150.171.11.34
A
ns1-01.azure-dns.com (2603:1061:0:700::1)
28
ns5-34.azure-dns.com: No AAAA record found
AAAA
ns1-01.azure-dns.com (2603:1061:0:700::1)
29
ns7-34.azure-dns.org: 13.107.223.34
A
ns3-01.azure-dns.org (2a01:111:4000:700::1)
30
ns7-34.azure-dns.org: No AAAA record found
AAAA
ns3-01.azure-dns.org (2a01:111:4000:700::1)
31
ns8-34.azure-dns.info: 13.107.207.34
A
ns4-01.azure-dns.info (2620:1ec:bda:700::1)
32
ns8-34.azure-dns.info: No AAAA record found
AAAA
ns4-01.azure-dns.info (2620:1ec:bda:700::1)
33
ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com: 40.66.197.21
A
ns1-32.azure-dns.com (2603:1061:0:10::20)
34
ph0mgt0101dc003.prdmgt01.prod.exchangelabs.com: 2603:10b6:500::21
AAAA
ns1-32.azure-dns.com (2603:1061:0:10::20)


13. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
outlook-fd-0010.live.com



1
0
a-0010.a-msedge.net
0

no CAA entry found
1
0
a-msedge.net
0

no CAA entry found
1
0
www.live.com



1
0
live.com
5
issue
digicert.com
1
0

5
issue
digicert.com
1
0

5
issue
dtrust.de
1
0

5
issue
dtrust.de
1
0

5
issue
entrust.net
1
0

5
issue
entrust.net
1
0

5
issue
globalsign.com
1
0

5
issue
globalsign.com
1
0

5
iodef
mailto:domains@microsoft.com
1
0

5
iodef
mailto:domains@microsoft.com
1
0

5
issue
microsoft.com
1
0

5
issue
microsoft.com
1
0
net
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0

0

no CAA entry found
1
0


14. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
live.com

ok
1
0
www.live.com


1
0
a-0010.a-msedge.net

ok
1
0
_acme-challenge.live.com


1
0
outlook-fd-0010.live.com


1
0
_acme-challenge.www.live.com

Name Error - The domain name does not exist
1
0
_acme-challenge.live.com.live.com

Name Error - The domain name does not exist
1
0
_acme-challenge.a-0010.a-msedge.net


1
0
_acme-challenge.www.live.com.live.com

Name Error - The domain name does not exist
1
0
_acme-challenge.outlook-fd-0010.live.com

Name Error - The domain name does not exist
1
0
_acme-challenge.www.live.com.www.live.com

Name Error - The domain name does not exist
1
0
_acme-challenge.a-0010.a-msedge.net.a-0010.a-msedge.net


1
0
_acme-challenge.outlook-fd-0010.live.com.outlook-fd-0010.live.com

Name Error - The domain name does not exist
1
0


15. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
MX

live.com
2
live-com.olc.protection.outlook.com
01ok

A


104.47.59.161
02ok

A


104.47.66.33
02ok

CNAME


00ok
_mta-sts
TXT
_mta-sts.live.com

v=STSv1; id=20190225000000Z;
ok
_dmarc
TXT
_dmarc.live.com

v=DMARC1; p=none; sp=quarantine; pct=100; rua=mailto:d@rua.agari.com; ruf=mailto:d@ruf.agari.com; fo=1
01ok



16. Cipher Suites

DomainIPPortCipher (OpenSsl / IANA)



Skipped, CDN used or too many ip addresses






17. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.



Permalink: https://check-your-website.server-daten.de/?i=e056630f-6901-403f-a98a-a3799f3ffb20


Last Result: https://check-your-website.server-daten.de/?q=live.com - 2023-05-26 06:03:21


Do you like this page? Support this tool, add a link on your page:

<a href="https://check-your-website.server-daten.de/?q=live.com" target="_blank">Check this Site: live.com</a>

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro