Check DNS, Urls + Redirects, Certificates and Content of your Website

0 in Queue, 0 of max. 8 Checks (04:47:34)
Why should you only use Prefix - Cookies? |
Hall of Fame - A+ and A

 

Shortcuts: 1. IP-Addresses | 2. DNSSEC | 3. Name Servers | 4. SOA-Entries | 5. Screenshots | 6. Url-Checks | 7. Comments | 8. Connections | 9. Certificates | 10. CT-Logs | 11. Html-Content | 12. Html-Parsing | 13. NameServer-IPAddresses | 14. CAA | 15. TXT | 16. DomainServiceEntries | 17. Cipher Suites | 18. Portchecks |

 

M

 

Misconfiguration - http-status 400 - 499

 

Checked:
27.03.2026 23:40:37

 

Older results

 

M - 23.10.2025 03:36:33
M - 15.10.2025 21:24:07
M - 27.08.2025 03:24:48
M - 25.04.2025 07:02:52
M - 21.04.2025 09:01:19
M - 16.04.2025 23:06:07
M - 29.03.2025 06:00:49
M - 17.02.2025 13:08:47
M - 27.01.2025 03:22:55
M - 23.01.2025 15:11:05

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
image-cdn-ak.spotifycdn.com
CNAME
common-eipb-ak.spotifycdn.com.edgesuite.net
yes
1
0

CNAME
squadcdn.scdn.co.splitter-eip.akadns.net
yes


www.image-cdn-ak.spotifycdn.com

Name Error
yes
1
0
image-cdn-ak.spotifycdn.com
A
2.21.245.184
Berlin/State of Berlin/Germany (DE) - Akamai Technologies
No Hostname found
no



A
2.21.245.185
Berlin/State of Berlin/Germany (DE) - Akamai Technologies
No Hostname found
no



A
2.22.231.122
Berlin/State of Berlin/Germany (DE) - Akamai Technologies
No Hostname found
no


*.spotifycdn.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


*.image-cdn-ak.spotifycdn.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






 Status: Valid because published






4 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 21831, Flags 256






Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 54393, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 12.04.2026, 00:00:00 +, Signature-Inception: 22.03.2026, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: com

com
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=






1 RRSIG RR to validate DS RR found






RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 09.04.2026, 19:00:00 +, Signature-Inception: 27.03.2026, 18:00:00 +, KeyTag 21831, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 21831 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 35511, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 02.04.2026, 14:02:35 +, Signature-Inception: 18.03.2026, 13:57:35 +, KeyTag 19718, Signer-Name: com






 Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: spotifycdn.com

spotifycdn.com
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "39sa8is5plsupe4oondo7jv97ma4u04b" between the hashed NSEC3-owner "39sa88jk3ntko77k9lpqgitl0d6c3m01" and the hashed NextOwner "39saci6nqpfaj3h66gtmqme3gvbateba". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner 39sa88jk3ntko77k9lpqgitl0d6c3m01.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 01.04.2026, 00:25:10 +, Signature-Inception: 24.03.2026, 23:15:10 +, KeyTag 35511, Signer-Name: com






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q3udg8cekkae7rukpgct1dvssh8ll". So that domain name is the Closest Encloser of "spotifycdn.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 31.03.2026, 00:26:30 +, Signature-Inception: 23.03.2026, 23:16:30 +, KeyTag 35511, Signer-Name: com






0 DNSKEY RR found









Zone: image-cdn-ak.spotifycdn.com

image-cdn-ak.spotifycdn.com
0 DS RR in the parent zone found



Zone: www.image-cdn-ak.spotifycdn.com

www.image-cdn-ak.spotifycdn.com
0 DS RR in the parent zone found



Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






 Status: Valid because published






4 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 21831, Flags 256






Public Key with Algorithm 8, KeyTag 38696, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 54393, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 12.04.2026, 00:00:00 +, Signature-Inception: 22.03.2026, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: net

net
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=






1 RRSIG RR to validate DS RR found






RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 09.04.2026, 19:00:00 +, Signature-Inception: 27.03.2026, 18:00:00 +, KeyTag 21831, Signer-Name: (root)






 Status: Good - Algorithmus 8 and DNSKEY with KeyTag 21831 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 37331, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 44109, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner net., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 02.04.2026, 14:10:35 +, Signature-Inception: 18.03.2026, 14:05:35 +, KeyTag 37331, Signer-Name: net






 Status: Good - Algorithmus 13 and DNSKEY with KeyTag 37331 used to validate the DNSKEY RRSet






 Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest "LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: edgesuite.net

edgesuite.net
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "b5jlejrq6ofj80h5u7q4o81i7nvel95j" between the hashed NSEC3-owner "b5jjd28mfhk2qeo58rnoojnf8s5loi6t" and the hashed NextOwner "b5jlj08h2hp07depkrj85j6007rejmpe". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner b5jjd28mfhk2qeo58rnoojnf8s5loi6t.net., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 31.03.2026, 03:13:45 +, Signature-Inception: 24.03.2026, 02:03:45 +, KeyTag 44109, Signer-Name: net






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1rtlnpgulogn7b9a62shje1u3ttp8dr". So that domain name is the Closest Encloser of "edgesuite.net". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 31.03.2026, 03:21:28 +, Signature-Inception: 24.03.2026, 02:11:28 +, KeyTag 44109, Signer-Name: net






0 DNSKEY RR found









Zone: com.edgesuite.net

com.edgesuite.net
0 DS RR in the parent zone found



Zone: spotifycdn.com.edgesuite.net

spotifycdn.com.edgesuite.net
0 DS RR in the parent zone found






0 DNSKEY RR found









Zone: common-eipb-ak.spotifycdn.com.edgesuite.net

common-eipb-ak.spotifycdn.com.edgesuite.net
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.image-cdn-ak.spotifycdn.com
  dns1.p07.nsone.net

spotifycdn.com
  dns1.p07.nsone.net / ns1dns-mrs01-11129-5317-0
198.51.44.7
New York/United States (US) - NSONE Inc

 
2620:4d:4000:6259:7:7:0:1
New York/United States (US) - NSONE Inc

  dns2.p07.nsone.net / ns1dns-fra03-5bc3d07a-f603-4c92-9c33-ad8556067190-5347-0
198.51.45.7
Kimball/Nebraska/United States (US) - NSONE Inc

 
2a00:edc0:6259:7:7::2
Amsterdam/North Holland/The Netherlands (NL) - NS1

  dns3.p07.nsone.net / ns1dns-mrs01-11129-5320-0
198.51.44.71
New York/United States (US) - NSONE Inc

 
2620:4d:4000:6259:7:7:0:3
New York/United States (US) - NSONE Inc

  dns4.p07.nsone.net / ns1dns-fra03-1836f9f0-c622-421a-97fc-9fcde5e7135b-5322-0
198.51.45.71
Kimball/Nebraska/United States (US) - NSONE Inc

 
2a00:edc0:6259:7:7::4
Amsterdam/North Holland/The Netherlands (NL) - NS1

  ns-cloud-b1.googledomains.com
216.239.32.107
Austell/Georgia/United States (US) - Google LLC

 
2001:4860:4802:32::6b
Montreal/Quebec/Canada (CA) - Google LLC

  ns-cloud-b2.googledomains.com
216.239.34.107
Austell/Georgia/United States (US) - Google LLC

 
2001:4860:4802:34::6b
Montreal/Quebec/Canada (CA) - Google LLC

  ns-cloud-b3.googledomains.com
216.239.36.107
Austell/Georgia/United States (US) - Google LLC

 
2001:4860:4802:36::6b
Montreal/Quebec/Canada (CA) - Google LLC

  ns-cloud-b4.googledomains.com
216.239.38.107
Austell/Georgia/United States (US) - Google LLC

 
2001:4860:4802:38::6b
Montreal/Quebec/Canada (CA) - Google LLC
com
  a.gtld-servers.net / nnn1-par6


  b.gtld-servers.net / nnn1-elwaw4


  c.gtld-servers.net / nnn1-defra-5


  d.gtld-servers.net / nnn1-par6


  e.gtld-servers.net / nnn1-defra-5


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-frmrs-2


  k.gtld-servers.net / nnn1-frmrs-2


  l.gtld-servers.net / nnn1-frmrs-2


  m.gtld-servers.net / nnn1-frmrs-2

spotifycdn.com.edgesuite.net
  ns1-2.akamai.com

edgesuite.net
  a11-64.akam.net
84.53.139.64
San Jose/California/United States (US) - Akamai Technologies

 
2600:1480:1::40
Los Angeles/California/United States (US) - Akamai International B.V.

  a1-2.akam.net
193.108.91.2
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

 
2600:1401:2::2
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

  a12-64.akam.net
184.26.160.64
Frankfurt am Main/Hesse/Germany (DE) - Akamai International B.V.

 
2600:1480:f000::40
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

  a13-64.akam.net
2.22.230.64
Madrid/Spain (ES) - Akamai Technologies

 
2600:1480:800::40
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

  a14-67.akam.net
184.26.161.67
Los Angeles/California/United States (US) - Akamai International B.V.

 
2600:1480:1800::43
El Segundo/California/United States (US) - Akamai International B.V.

  a18-64.akam.net
95.101.36.64
Cambridge/Massachusetts/United States (US) - Akamai Technologies

 
2600:1480:4800::40
Newark/New Jersey/United States (US) - Akamai International B.V.

  a24-64.akam.net
2.16.130.64
New York/United States (US) - Akamai Technologies

 
2600:1480:9800::40
New York/United States (US) - Akamai International B.V.

  a28-64.akam.net
95.100.173.64
Slough/England/United Kingdom (GB) - Akamai Technologies

 
2600:1480:d800::40
Newark/New Jersey/United States (US) - Akamai International B.V.

  a3-64.akam.net
96.7.49.64
Cambridge/Massachusetts/US

 
2600:1408:1c::40
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

  a5-64.akam.net
95.100.168.64
Milan/Lombardy/Italy (IT) - Akamai Technologies

 
2600:1480:b000::40
Milan/Lombardy/Italy (IT) - Akamai International B.V.

  a6-64.akam.net
23.211.133.64
Paris/Île-de-France/France (FR) - Akamai International B.V.

 
2600:1401:1::40
Frankfurt am Main/Hesse/Germany (DE) - Akamai International B.V.

  a9-64.akam.net
184.85.248.64
Amsterdam/North Holland/The Netherlands (NL) - Akamai International B.V.

 
2a02:26f0:117::40
Cambridge/Massachusetts/United States (US) - Akamai International B.V

  a9-65.akam.net
184.85.248.65
Amsterdam/North Holland/The Netherlands (NL) - Akamai International B.V.

 
2a02:26f0:117::41
Cambridge/Massachusetts/United States (US) - Akamai International B.V

  adns3.akam.net
184.26.161.67
Los Angeles/California/United States (US) - Akamai International B.V.

  ns1-2.akam.net
193.108.91.2
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

 
2600:1401:2::2
Cambridge/Massachusetts/United States (US) - Akamai International B.V.

  ns1-2.akamai.com


  usw6.akam.net
23.61.199.64
Cambridge/Massachusetts/United States (US) - Akamai International B.V.
net
  a.gtld-servers.net / nnn1-defra-5


  b.gtld-servers.net / nnn1-elwaw4


  c.gtld-servers.net / nnn1-par6


  d.gtld-servers.net / nnn1-par6


  e.gtld-servers.net / nnn1-par6


  f.gtld-servers.net / nnn1-defra-4


  g.gtld-servers.net / nnn1-defra-4


  h.gtld-servers.net / nnn1-defra-4


  i.gtld-servers.net / nnn1-defra-4


  j.gtld-servers.net / nnn1-frmrs-2


  k.gtld-servers.net / nnn1-ein1


  l.gtld-servers.net / nnn1-frmrs-2


  m.gtld-servers.net / nnn1-ein2

 

4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1774651212
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:11


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1774651227
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:2


Domain:spotifycdn.com
Zone-Name:spotifycdn.com
Primary:dns1.p07.nsone.net
Mail:hostmaster.nsone.net
Serial:1655888800
Refresh:43200
Retry:7200
Expire:1209600
TTL:3600
num Entries:8


Domain:spotifycdn.com
Zone-Name:spotifycdn.com
Primary:ns-cloud-b1.googledomains.com
Mail:cloud-dns-hostmaster.google.com
Serial:1
Refresh:21600
Retry:3600
Expire:259200
TTL:300
num Entries:8


Domain:www.image-cdn-ak.spotifycdn.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1774651242
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:5


Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1774651257
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:8


Domain:edgesuite.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:edgesuite.net
Zone-Name:edgesuite.net
Primary:ns1-2.akamai.com
Mail:hostmaster.akamai.com
Serial:1579852951
Refresh:900
Retry:300
Expire:604800
TTL:180
num Entries:30


Domain:spotifycdn.com.edgesuite.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

Startaddress: https://image-cdn-ak.spotifycdn.com/, address used: https://image-cdn-ak.spotifycdn.com/, Screenshot created 2026-03-27 23:45:08 +00:0

 

Mobil (412px x 732px)

 

672 milliseconds

 

Screenshot mobile - https://image-cdn-ak.spotifycdn.com/
Mobil + Landscape (732px x 412px)

 

692 milliseconds

 

Screenshot mobile landscape - https://image-cdn-ak.spotifycdn.com/
Screen (1280px x 1680px)

 

756 milliseconds

 

Screenshot Desktop - https://image-cdn-ak.spotifycdn.com/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412717
content Size416717

 

Fatal: Horizontal scrollbar detected. Content-size width is greater then visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://image-cdn-ak.spotifycdn.com/
2.21.245.184
403

Html is minified: 102.12 %
0.024
M
Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: text/html
Content-Length: 385
Expires: Fri, 27 Mar 2026 22:44:39 GMT

• http://image-cdn-ak.spotifycdn.com/
2.21.245.185
403

Html is minified: 102.10 %
0.010
M
Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: text/html
Content-Length: 389
Expires: Fri, 27 Mar 2026 22:44:39 GMT

• http://image-cdn-ak.spotifycdn.com/
2.22.231.122
403

Html is minified: 102.10 %
0.010
M
Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:39 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: text/html
Content-Length: 389
Expires: Fri, 27 Mar 2026 22:44:39 GMT

• https://image-cdn-ak.spotifycdn.com/
2.21.245.184
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		403

Html is minified: 102.10 %
Other inline scripts (∑/total): 0/0		2.890
M
Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:40 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: text/html
Content-Length: 389
Expires: Fri, 27 Mar 2026 22:44:40 GMT

• https://image-cdn-ak.spotifycdn.com/
2.21.245.185
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		403

Html is minified: 102.10 %
Other inline scripts (∑/total): 0/0		2.883
M
Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:43 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: text/html
Content-Length: 389
Expires: Fri, 27 Mar 2026 22:44:43 GMT

• https://image-cdn-ak.spotifycdn.com/
2.22.231.122
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		403

Html is minified: 102.10 %
Other inline scripts (∑/total): 0/0		2.874
M
Forbidden
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:47 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: text/html
Content-Length: 389
Expires: Fri, 27 Mar 2026 22:44:47 GMT

• http://image-cdn-ak.spotifycdn.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2.21.245.184
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		400

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0		0.383
M
Bad Request
Visible Content:
Cache-Control: no-cache, max-age=0
Pragma: no-cache
Date: Fri, 27 Mar 2026 22:44:51 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: application/xml; charset=UTF-8
Content-Length: 199
Expires: Fri, 27 Mar 2026 22:44:51 GMT

• http://image-cdn-ak.spotifycdn.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2.21.245.185
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		400

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0		0.200
M
Bad Request
Visible Content:
Cache-Control: no-cache, max-age=0
Pragma: no-cache
Date: Fri, 27 Mar 2026 22:44:52 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: application/xml; charset=UTF-8
Content-Length: 199
Expires: Fri, 27 Mar 2026 22:44:52 GMT

• http://image-cdn-ak.spotifycdn.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2.22.231.122
Inline-JavaScript (∑/total): 0/0 Inline-CSS (∑/total): 0/0		400

Html is minified: 100.00 %
Other inline scripts (∑/total): 0/0		0.207
M
Bad Request
Visible Content:
Cache-Control: no-cache, max-age=0
Pragma: no-cache
Date: Fri, 27 Mar 2026 22:44:52 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Access-Control-Allow-Headers: range
Access-Control-Allow-Methods: GET
Content-Type: application/xml; charset=UTF-8
Content-Length: 199
Expires: Fri, 27 Mar 2026 22:44:52 GMT

• https://2.21.245.184/
2.21.245.184
400

Html is minified: 101.65 %
2.926
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:52 GMT
Connection: close
Content-Type: text/html
Content-Length: 308
Expires: Fri, 27 Mar 2026 22:44:52 GMT

• https://2.21.245.185/
2.21.245.185
400

Html is minified: 101.63 %
2.950
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:44:56 GMT
Connection: close
Content-Type: text/html
Content-Length: 312
Expires: Fri, 27 Mar 2026 22:44:56 GMT

• https://2.22.231.122/
2.22.231.122
400

Html is minified: 101.63 %
2.886
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Mar 2026 22:45:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 312
Expires: Fri, 27 Mar 2026 22:45:00 GMT

 

7. Comments


1. General Results, most used to calculate the result

Aname "image-cdn-ak.spotifycdn.com" is subdomain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 108094 (complete: 276475)
AGood: All ip addresses are public addresses
AGood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (6 urls)
http://image-cdn-ak.spotifycdn.com/ 2.21.245.184


Url with incomplete Content-Type - header - missing charset
http://image-cdn-ak.spotifycdn.com/ 2.21.245.185


Url with incomplete Content-Type - header - missing charset
http://image-cdn-ak.spotifycdn.com/ 2.22.231.122


Url with incomplete Content-Type - header - missing charset
https://image-cdn-ak.spotifycdn.com/ 2.21.245.184


Url with incomplete Content-Type - header - missing charset
https://image-cdn-ak.spotifycdn.com/ 2.21.245.185


Url with incomplete Content-Type - header - missing charset
https://image-cdn-ak.spotifycdn.com/ 2.22.231.122


Url with incomplete Content-Type - header - missing charset
Bhttps://image-cdn-ak.spotifycdn.com/ 2.21.245.184
403

Missing HSTS-Header
Bhttps://image-cdn-ak.spotifycdn.com/ 2.21.245.185
403

Missing HSTS-Header
Bhttps://image-cdn-ak.spotifycdn.com/ 2.22.231.122
403

Missing HSTS-Header
CError - no version with Http-Status 200
HFatal error: No https - result with http-status 200, no encryption
Mhttp://image-cdn-ak.spotifycdn.com/ 2.21.245.184
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttp://image-cdn-ak.spotifycdn.com/ 2.21.245.185
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttp://image-cdn-ak.spotifycdn.com/ 2.22.231.122
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://image-cdn-ak.spotifycdn.com/ 2.21.245.184
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://image-cdn-ak.spotifycdn.com/ 2.21.245.185
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://image-cdn-ak.spotifycdn.com/ 2.22.231.122
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://2.21.245.184/ 2.21.245.184
400

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://2.21.245.185/ 2.21.245.185
400

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://2.22.231.122/ 2.22.231.122
400

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://2.21.245.184/ 2.21.245.184
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://2.21.245.185/ 2.21.245.185
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://2.22.231.122/ 2.22.231.122
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.image-cdn-ak.spotifycdn.com

2. Header-Checks

Fimage-cdn-ak.spotifycdn.com 2.21.245.184
Content-Security-Policy
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.21.245.184
X-Content-Type-Options
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.21.245.184
Referrer-Policy
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.21.245.184
Permissions-Policy
Critical: Missing Header:
Bimage-cdn-ak.spotifycdn.com 2.21.245.184
Cross-Origin-Embedder-Policy
Info: Missing Header
Bimage-cdn-ak.spotifycdn.com 2.21.245.184
Cross-Origin-Opener-Policy
Info: Missing Header
Bimage-cdn-ak.spotifycdn.com 2.21.245.184
Cross-Origin-Resource-Policy
Info: Missing Header
Fimage-cdn-ak.spotifycdn.com 2.21.245.185
Content-Security-Policy
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.21.245.185
X-Content-Type-Options
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.21.245.185
Referrer-Policy
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.21.245.185
Permissions-Policy
Critical: Missing Header:
Bimage-cdn-ak.spotifycdn.com 2.21.245.185
Cross-Origin-Embedder-Policy
Info: Missing Header
Bimage-cdn-ak.spotifycdn.com 2.21.245.185
Cross-Origin-Opener-Policy
Info: Missing Header
Bimage-cdn-ak.spotifycdn.com 2.21.245.185
Cross-Origin-Resource-Policy
Info: Missing Header
Fimage-cdn-ak.spotifycdn.com 2.22.231.122
Content-Security-Policy
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.22.231.122
X-Content-Type-Options
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.22.231.122
Referrer-Policy
Critical: Missing Header:
Fimage-cdn-ak.spotifycdn.com 2.22.231.122
Permissions-Policy
Critical: Missing Header:
Bimage-cdn-ak.spotifycdn.com 2.22.231.122
Cross-Origin-Embedder-Policy
Info: Missing Header
Bimage-cdn-ak.spotifycdn.com 2.22.231.122
Cross-Origin-Opener-Policy
Info: Missing Header
Bimage-cdn-ak.spotifycdn.com 2.22.231.122
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

AInfo:: 26 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 8 Name Servers.
AInfo:: 26 Queries complete, 26 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
Ok (4 - 8):: An average of 3.3 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 8 different Name Servers found: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, ns-cloud-b1.googledomains.com, ns-cloud-b2.googledomains.com, ns-cloud-b3.googledomains.com, ns-cloud-b4.googledomains.com, 8 Name Servers included in Delegation: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, ns-cloud-b1.googledomains.com, ns-cloud-b2.googledomains.com, ns-cloud-b3.googledomains.com, ns-cloud-b4.googledomains.com, 8 Name Servers included in 1 Zone definitions: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, ns-cloud-b1.googledomains.com, ns-cloud-b2.googledomains.com, ns-cloud-b3.googledomains.com, ns-cloud-b4.googledomains.com, 2 Name Servers listed in SOA.Primary: dns1.p07.nsone.net, ns-cloud-b1.googledomains.com.
Error: Different SOA.Primary Name Servers found, different SOA Definitions.: dns1.p07.nsone.net,ns-cloud-b1.googledomains.com.
Error: SOA.Primary Name Server not included in the delegation set.: dns1.p07.nsone.net,ns-cloud-b1.googledomains.com.
AGood: All Name Server Domain Names have a Public Suffix.
AGood: All Name Server Domain Names ending with a Public Suffix have minimal one IPv4- or IPv6 address.
AGood: All Name Server ip addresses are public.
AInfo: Ipv4-Subnet-list: 8 Name Servers, 2 different subnets (first Byte): 198., 216., 2 different subnets (first two Bytes): 198.51., 216.239., 6 different subnets (first three Bytes): 198.51.44., 198.51.45., 216.239.32., 216.239.34., 216.239.36., 216.239.38.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 8 Name Servers with IPv6, 3 different subnets (first block): 2001:, 2620:, 2a00:, 3 different subnets (first two blocks): 2001:4860:, 2620:004d:, 2a00:edc0:, 3 different subnets (first three blocks): 2001:4860:4802:, 2620:004d:4000:, 2a00:edc0:6259:, 6 different subnets (first four blocks): 2001:4860:4802:0032:, 2001:4860:4802:0034:, 2001:4860:4802:0036:, 2001:4860:4802:0038:, 2620:004d:4000:6259:, 2a00:edc0:6259:0007:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 16 good Nameserver
AGood: Nameserver supports Echo Capitalization: 16 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 16 good Nameserver
AGood: Nameserver has passed 10 EDNS-Checks (OP100, FLAGS, V1, V1OP100, V1FLAGS, DNSSEC, V1DNSSEC, NSID, COOKIE, CLIENTSUBNET): 16 good Nameserver
Nameserver doesn't pass all EDNS-Checks: a24-64.akam.net / 2600:1480:9800::40: OP100: ok. FLAGS: ok. V1: ok. V1OP100: ok. V1FLAGS: ok. DNSSEC: ok. V1DNSSEC: ok. NSID: ok. COOKIE: ok. CLIENTSUBNET: ok.
Nameserver doesn't pass all EDNS-Checks: dns1.p07.nsone.net: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns1-2.akamai.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
Nameserver doesn't pass all EDNS-Checks: ns1-2.akamai.com: OP100: no result. FLAGS: no result. V1: no result. V1OP100: no result. V1FLAGS: no result. DNSSEC: no result. V1DNSSEC: no result. NSID: no result. COOKIE: no result. CLIENTSUBNET: no result.
AGood: All SOA have the same Serial Number
Warning: No CAA entry with issue/issuewild found, every CAA can create a certificate. Read https://en.wikipedia.org/wiki/DNS_Certification_Authority_Authorization to learn some basics about the idea of CAA. Your name server must support such an entry. Not all dns providers support CAA entries.

4. Content- and Performance-critical Checks

http://image-cdn-ak.spotifycdn.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.21.245.184
400

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status between 400 and 499, but not 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://image-cdn-ak.spotifycdn.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.21.245.185
400

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status between 400 and 499, but not 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://image-cdn-ak.spotifycdn.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.22.231.122
400

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status between 400 and 499, but not 404 - Not Found. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 276436 milliseconds, 276.436 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
image-cdn-ak.spotifycdn.com
2.21.245.184
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
image-cdn-ak.spotifycdn.com
2.21.245.184
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE


2CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


image-cdn-ak.spotifycdn.com
2.21.245.185
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

image-cdn-ak.spotifycdn.com
2.21.245.185
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE


2CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


image-cdn-ak.spotifycdn.com
2.22.231.122
443
ok
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

image-cdn-ak.spotifycdn.com
2.22.231.122
443
ok
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
http/2 via ALPN supported 
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
http/2 via ALPN supported
SNI required 		Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE


2CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


2.21.245.184
2.21.245.184
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

2.21.245.184
2.21.245.184
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI 		Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI 		Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1, O=DigiCert Inc, C=US


2.21.245.185
2.21.245.185
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

2.21.245.185
2.21.245.185
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI 		Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI 		Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1, O=DigiCert Inc, C=US


2.22.231.122
2.22.231.122
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

2.22.231.122
2.22.231.122
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI 		Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI 		Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain (complete)

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1, O=DigiCert Inc, C=US

 

9. Certificates

1.
1.
CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE
27.06.2025
29.07.2026
expires in 106 days		*.spotifycdn.com, spotifycdn.com - 2 entries
1.
1.
CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE
27.06.2025

29.07.2026
expires in 106 days


*.spotifycdn.com, spotifycdn.com - 2 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0534608D36C71758811F4E1395AF0DAC
Thumbprint:386E8AA8261C7948DCEB3F9B5415EAED970920DF
SHA256 / Certificate:DEyD+sgUzq3+mtolThTcDFKtxANiSiRwcqWR2f6Wu4w=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):3960e9a720f1de3e2312f4cce9cfdfa9eabea3f2ea7b0859cd8e1e5b5bfc0cae
SHA256 hex / Subject Public Key Information (SPKI):3960e9a720f1de3e2312f4cce9cfdfa9eabea3f2ea7b0859cd8e1e5b5bfc0cae (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE
27.06.2025
29.07.2026
expires in 106 days		*.spotifycdn.com, spotifycdn.com - 2 entries

2.
CN=*.spotifycdn.com, O=Spotify AB, L=Stockholm, C=SE
27.06.2025

29.07.2026
expires in 106 days


*.spotifycdn.com, spotifycdn.com - 2 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0534608D36C71758811F4E1395AF0DAC
Thumbprint:386E8AA8261C7948DCEB3F9B5415EAED970920DF
SHA256 / Certificate:DEyD+sgUzq3+mtolThTcDFKtxANiSiRwcqWR2f6Wu4w=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):3960e9a720f1de3e2312f4cce9cfdfa9eabea3f2ea7b0859cd8e1e5b5bfc0cae
SHA256 hex / Subject Public Key Information (SPKI):3960e9a720f1de3e2312f4cce9cfdfa9eabea3f2ea7b0859cd8e1e5b5bfc0cae (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
30.03.2021
30.03.2031
expires in 1811 days

3.
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
30.03.2021

30.03.2031
expires in 1811 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0CF5BD062B5602F47AB8502C23CCF066
Thumbprint:1B511ABEAD59C6CE207077C0BF0E0043B1382612
SHA256 / Certificate:yAJfn8Zf38lbPKjMeGe5pYe1J3lzlXkXRj/IE9C2Jak=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):59e738e674221702af1edb87c5200c1a4b75f64fae3d2c3d265124c61bd83c79
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




4.
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
30.03.2021
30.03.2031
expires in 1811 days

4.
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
30.03.2021

30.03.2031
expires in 1811 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0CF5BD062B5602F47AB8502C23CCF066
Thumbprint:1B511ABEAD59C6CE207077C0BF0E0043B1382612
SHA256 / Certificate:yAJfn8Zf38lbPKjMeGe5pYe1J3lzlXkXRj/IE9C2Jak=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):59e738e674221702af1edb87c5200c1a4b75f64fae3d2c3d265124c61bd83c79
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




5.
CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
29.10.2024
09.11.2031
expires in 2035 days

5.
CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
29.10.2024

09.11.2031
expires in 2035 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0E7D75235CA83761577F4CCD24CD6D1D
Thumbprint:B7402517EEAAC80AB04681186E8247BD7851CD0A
SHA256 / Certificate:oNYJp+PENOh4qaHBvQZbjc8zqn7+4bEbx1zOXloEIIA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.cn
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




6.
CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
01.08.2013
15.01.2038
expires in 4294 days

6.
CN=DigiCert Global Root G2, OU=www.digicert.com, O=DigiCert Inc, C=US
01.08.2013

15.01.2038
expires in 4294 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:033AF1E6A711A9A0BB2864B11D09FAE5
Thumbprint:DF3C24F9BFD666761B268073FE06D1CC8D4F82A4
SHA256 / Certificate:yzzLt2Ax5eATj43TmiP53kf/w15DwRRM6ifUalqxy18=
SHA256 hex / Cert (DANE * 0 1):cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA256 hex / PublicKey (DANE * 1 1):8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SHA256 hex / Subject Public Key Information (SPKI):8bb593a93be1d0e8a822bb887c547890c3e706aad2dab76254f97fb36b82fc26
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





7.
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 2036 days

7.
CN=DigiCert High Assurance EV Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 2036 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:02AC5C266A0B409B8F0B79F2AE462577
Thumbprint:5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25
SHA256 / Certificate:dDHl9MPBzkaQd08LYeBUQIg7qaAe0Aumq9eAbtOxGM8=
SHA256 hex / Cert (DANE * 0 1):7431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf
SHA256 hex / PublicKey (DANE * 1 1):5a889647220e54d6bd8a16817224520bb5c78e58984bd570506388b9de0f075f
SHA256 hex / Subject Public Key Information (SPKI):5a889647220e54d6bd8a16817224520bb5c78e58984bd570506388b9de0f075f
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




2.
1.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
22.12.2025
23.12.2026
expires in 253 days		a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries
2.
1.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
22.12.2025

23.12.2026
expires in 253 days


a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:0373AB420F54941B555742D9AC890626
Thumbprint:80B29FCE36F71B99CDBB7138B2107D022D478AF9
SHA256 / Certificate:eSznF7ZlyooK7fn3o7povRW3v4HaNU4sfcSGm/nyLmI=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):4a23f058d7ca609b6558cf3fbfb89f540e731d01662857bbb44babb6a80e8fd4
SHA256 hex / Subject Public Key Information (SPKI):4a23f058d7ca609b6558cf3fbfb89f540e731d01662857bbb44babb6a80e8fd4 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




2.
CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 1826 days

2.
CN=DigiCert Global G3 TLS ECC SHA384 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 1826 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:0B00E92D4D6D731FCA3059C7CB1E1886
Thumbprint:9577F91FE86C27D9912129730E8166373FC2EEB8
SHA256 / Certificate:BYfWvSgZWHq5D7WWSApXk72fdQaj6s5z9eqzZgF/4lk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):a814636663a69123492f4a7bd337a4ee8752233aacfe6b91e0993dc58c823fe1
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US
01.08.2013
15.01.2038
expires in 4294 days

3.
CN=DigiCert Global Root G3, OU=www.digicert.com, O=DigiCert Inc, C=US
01.08.2013

15.01.2038
expires in 4294 days




KeyalgorithmEC Public Key (384 bit, secp384r1)
Signatur:ECDSA SHA384
Serial Number:055556BCF25EA43535C3A40FD5AB4572
Thumbprint:7E04DE896A3E666D00E687D33FFAD93BE83D349E
SHA256 / Certificate:Ma1mSPgQQTjHOPOepDIBMzk+OhjMAilu+Xwqye9nMdA=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):b94c198300cec5c057ad0727b70bbe91816992256439a7b32f4598119dda9c97
SHA256 hex / Subject Public Key Information (SPKI):b94c198300cec5c057ad0727b70bbe91816992256439a7b32f4598119dda9c97
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
0
2
6
CN=GlobalSign Atlas R3 DV TLS CA 2023 Q2, O=GlobalSign nv-sa, C=BE
0
0
1
CN=GlobalSign Atlas R3 DV TLS CA 2024 Q2, O=GlobalSign nv-sa, C=BE
0
0
1
CN=GlobalSign Atlas R3 DV TLS CA 2025 Q1, O=GlobalSign nv-sa, C=BE
0
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
19289259783
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2025-06-26 22:00:00
2026-07-28 21:59:59
*.spotifycdn.com, spotifycdn.com
2 entries


19288965164
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2025-06-26 22:00:00
2026-07-28 21:59:59
*.spotifycdn.com, spotifycdn.com
2 entries


16652761171
precert		CN=GlobalSign Atlas R3 DV TLS CA 2025 Q1, O=GlobalSign nv-sa, C=BE
2025-02-10 10:52:54
2026-03-14 10:52:53
*.spotifycdn.com
1 entries


13762832363
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-07-15 22:00:00
2025-08-09 21:59:59
*.spotifycdn.com, spotifycdn.com
2 entries


18063885415
leaf cert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2024-07-08 22:00:00
2025-08-09 21:59:59
*.spotifycdn.com, spotifycdn.com
2 entries


12667842339
precert		CN=GlobalSign Atlas R3 DV TLS CA 2024 Q2, O=GlobalSign nv-sa, C=BE
2024-04-09 09:45:12
2025-05-11 09:45:11
*.spotifycdn.com
1 entries


10030945960
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-07-30 22:00:00
2024-08-21 21:59:59
*.spotifycdn.com, spotifycdn.com
2 entries


10031422310
precert		CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
2023-07-30 22:00:00
2024-07-30 21:59:59
*.spotifycdn.com, spotifycdn.com
2 entries


9848133321
precert		CN=GlobalSign Atlas R3 DV TLS CA 2023 Q2, O=GlobalSign nv-sa, C=BE
2023-07-07 09:41:09
2024-08-07 09:41:08
*.spotifycdn.com
1 entries


 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.w3.org/nu/


No https result http status 200 and Content-Type text/html or text/xml found, no Html-Parsing - Check

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: dns1.p07.nsone.net, dns2.p07.nsone.net, dns3.p07.nsone.net, dns4.p07.nsone.net, ns-cloud-b1.googledomains.com, ns-cloud-b2.googledomains.com, ns-cloud-b3.googledomains.com, ns-cloud-b4.googledomains.com

 

QNr.DomainTypeNS used
1
net
NS
d.root-servers.net (2001:500:2d::d)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
dns1.p07.nsone.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net

Answer: dns1.p01.nsone.net
198.51.44.1, 2620:4d:4000:6259:7:1:0:1

Answer: dns2.p01.nsone.net
198.51.45.1, 2a00:edc0:6259:7:1::2

Answer: dns3.p01.nsone.net
198.51.44.65, 2620:4d:4000:6259:7:1:0:3

Answer: dns4.p01.nsone.net
198.51.45.65, 2a00:edc0:6259:7:1::4
3
dns2.p07.nsone.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net

Answer: dns1.p01.nsone.net
198.51.44.1, 2620:4d:4000:6259:7:1:0:1

Answer: dns2.p01.nsone.net
198.51.45.1, 2a00:edc0:6259:7:1::2

Answer: dns3.p01.nsone.net
198.51.44.65, 2620:4d:4000:6259:7:1:0:3

Answer: dns4.p01.nsone.net
198.51.45.65, 2a00:edc0:6259:7:1::4
4
dns3.p07.nsone.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net

Answer: dns1.p01.nsone.net
198.51.44.1, 2620:4d:4000:6259:7:1:0:1

Answer: dns2.p01.nsone.net
198.51.45.1, 2a00:edc0:6259:7:1::2

Answer: dns3.p01.nsone.net
198.51.44.65, 2620:4d:4000:6259:7:1:0:3

Answer: dns4.p01.nsone.net
198.51.45.65, 2a00:edc0:6259:7:1::4
5
dns4.p07.nsone.net
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: dns1.p01.nsone.net, dns2.p01.nsone.net, dns3.p01.nsone.net, dns4.p01.nsone.net

Answer: dns1.p01.nsone.net
198.51.44.1, 2620:4d:4000:6259:7:1:0:1

Answer: dns2.p01.nsone.net
198.51.45.1, 2a00:edc0:6259:7:1::2

Answer: dns3.p01.nsone.net
198.51.44.65, 2620:4d:4000:6259:7:1:0:3

Answer: dns4.p01.nsone.net
198.51.45.65, 2a00:edc0:6259:7:1::4
6
com
NS
a.root-servers.net (2001:503:ba3e::2:30)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
7
ns-cloud-b1.googledomains.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com

Answer: ns5.googledomains.com
2001:4860:4802:32::a, 216.239.32.10

Answer: ns6.googledomains.com
2001:4860:4802:34::a, 216.239.34.10

Answer: ns7.googledomains.com
2001:4860:4802:36::a, 216.239.36.10

Answer: ns8.googledomains.com
2001:4860:4802:38::a, 216.239.38.10
8
ns-cloud-b2.googledomains.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com

Answer: ns5.googledomains.com
2001:4860:4802:32::a, 216.239.32.10

Answer: ns6.googledomains.com
2001:4860:4802:34::a, 216.239.34.10

Answer: ns7.googledomains.com
2001:4860:4802:36::a, 216.239.36.10

Answer: ns8.googledomains.com
2001:4860:4802:38::a, 216.239.38.10
9
ns-cloud-b3.googledomains.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com

Answer: ns5.googledomains.com
2001:4860:4802:32::a, 216.239.32.10

Answer: ns6.googledomains.com
2001:4860:4802:34::a, 216.239.34.10

Answer: ns7.googledomains.com
2001:4860:4802:36::a, 216.239.36.10

Answer: ns8.googledomains.com
2001:4860:4802:38::a, 216.239.38.10
10
ns-cloud-b4.googledomains.com
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: ns5.googledomains.com, ns6.googledomains.com, ns7.googledomains.com, ns8.googledomains.com

Answer: ns5.googledomains.com
2001:4860:4802:32::a, 216.239.32.10

Answer: ns6.googledomains.com
2001:4860:4802:34::a, 216.239.34.10

Answer: ns7.googledomains.com
2001:4860:4802:36::a, 216.239.36.10

Answer: ns8.googledomains.com
2001:4860:4802:38::a, 216.239.38.10
11
dns1.p07.nsone.net: 198.51.44.7
A
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
12
dns1.p07.nsone.net: 2620:4d:4000:6259:7:7:0:1
AAAA
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
13
dns2.p07.nsone.net: 198.51.45.7
A
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
14
dns2.p07.nsone.net: 2a00:edc0:6259:7:7::2
AAAA
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
15
dns3.p07.nsone.net: 198.51.44.71
A
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
16
dns3.p07.nsone.net: 2620:4d:4000:6259:7:7:0:3
AAAA
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
17
dns4.p07.nsone.net: 198.51.45.71
A
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
18
dns4.p07.nsone.net: 2a00:edc0:6259:7:7::4
AAAA
dns1.p01.nsone.net (2620:4d:4000:6259:7:1:0:1)
19
ns-cloud-b1.googledomains.com: 216.239.32.107
A
ns5.googledomains.com (2001:4860:4802:32::a)
20
ns-cloud-b1.googledomains.com: 2001:4860:4802:32::6b
AAAA
ns5.googledomains.com (2001:4860:4802:32::a)
21
ns-cloud-b2.googledomains.com: 216.239.34.107
A
ns5.googledomains.com (2001:4860:4802:32::a)
22
ns-cloud-b2.googledomains.com: 2001:4860:4802:34::6b
AAAA
ns5.googledomains.com (2001:4860:4802:32::a)
23
ns-cloud-b3.googledomains.com: 216.239.36.107
A
ns5.googledomains.com (2001:4860:4802:32::a)
24
ns-cloud-b3.googledomains.com: 2001:4860:4802:36::6b
AAAA
ns5.googledomains.com (2001:4860:4802:32::a)
25
ns-cloud-b4.googledomains.com: 216.239.38.107
A
ns5.googledomains.com (2001:4860:4802:32::a)
26
ns-cloud-b4.googledomains.com: 2001:4860:4802:38::6b
AAAA
ns5.googledomains.com (2001:4860:4802:32::a)

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
common-eipb-ak.spotifycdn.com.edgesuite.net



1
0
spotifycdn.com.edgesuite.net
0

no CAA entry found
1
0
image-cdn-ak.spotifycdn.com



1
0
com.edgesuite.net



1
0
spotifycdn.com
0

no CAA entry found
1
0
edgesuite.net
0

no CAA entry found
1
0
com
0

no CAA entry found
1
0
net
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
spotifycdn.com
v=spf1 -all
ok
1
0
image-cdn-ak.spotifycdn.com


1
0
_acme-challenge.image-cdn-ak.spotifycdn.com

Name Error - The domain name does not exist
1
0
_acme-challenge.image-cdn-ak.spotifycdn.com.spotifycdn.com

Name Error - The domain name does not exist
1
0
_acme-challenge.common-eipb-ak.spotifycdn.com.edgesuite.net

Name Error - The domain name does not exist
1
0
_acme-challenge.image-cdn-ak.spotifycdn.com.image-cdn-ak.spotifycdn.com

Name Error - The domain name does not exist
1
0
_acme-challenge.common-eipb-ak.spotifycdn.com.edgesuite.net.common-eipb-ak.spotifycdn.com.edgesuite.net

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
SPF
TXT
image-cdn-ak.spotifycdn.com

32768TXT expected, but CNAME found. CNAME not allowed, only TXT queries are allowed. See RFC 7208, 4.4.

				 
			

				 
			
17. Cipher Suites
No results 

				 
			
18. Portchecks



No open Ports <> 80 / 443 found, so no additional Ports checked.



				 
			

				 
			

Permalink: https://check-your-website.server-daten.de/?i=34c13416-46a0-47d3-ba06-e07439eac78b

				 
			


Last Result: https://check-your-website.server-daten.de/?q=image-cdn-ak.spotifycdn.com - 2026-03-27 23:40:37

				 
			
Do you like this page? Support this tool, add a link on your page:

				 
			
<a href="https://check-your-website.server-daten.de/?q=image-cdn-ak.spotifycdn.com" target="_blank">Check this Site: image-cdn-ak.spotifycdn.com</a>

				 
			

				 
			


Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

				 
			
QR-Code of this page - https://check-your-website.server-daten.de/?d=image-cdn-ak.spotifycdn.com

				 
			

				 
			



Jürgen Auer • Friedenstr. 37 • 10249 Berlin • +49(0)30 420 200 60 • info@sql-und-xml.de • 
USt-IdNr.: DE221734518

				 
			


Errors, ideas, questions? Use the 
Contact form • A project using

Server-Daten - Web Database solutions