Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
iphone-ld.apple.com
CNAME
iphone-ld.origin-apple.com.akadns.net
yes
1
0

CNAME
iphone-ld.apple.com-v1.edgesuite.net
yes


www.iphone-ld.apple.com

Name Error
yes
1
0
iphone-ld.apple.com
A
23.48.202.82
Berlin/Land Berlin/Germany (DE) - Akamai International, BV
No Hostname found
no



A
23.48.202.83
Berlin/Land Berlin/Germany (DE) - Akamai International, BV
No Hostname found
no


*.apple.com
A

yes



AAAA

yes



CNAME

yes


*.iphone-ld.apple.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20038, Flags 256






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.10.2024, 00:00:00 +, Signature-Inception: 19.09.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: com

com
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=






1 RRSIG RR to validate DS RR found






RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.10.2024, 20:00:00 +, Signature-Inception: 30.09.2024, 19:00:00 +, KeyTag 20038, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 59354, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 09.10.2024, 14:02:35 +, Signature-Inception: 24.09.2024, 13:57:35 +, KeyTag 19718, Signer-Name: com






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: apple.com

apple.com
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "s0nu66fpjnr91aioa0a6649sii2jvq1a" between the hashed NSEC3-owner "s0nu35sdb7k3j8q3tjlv6874aj058i1o" and the hashed NextOwner "s0nu90lgv459klhvqs37tuga7qjq5lpl". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner s0nu35sdb7k3j8q3tjlv6874aj058i1o.com., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 07.10.2024, 01:35:08 +, Signature-Inception: 30.09.2024, 00:25:08 +, KeyTag 59354, Signer-Name: com






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q3udg8cekkae7rukpgct1dvssh8ll". So that domain name is the Closest Encloser of "apple.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 07.10.2024, 00:26:10 +, Signature-Inception: 29.09.2024, 23:16:10 +, KeyTag 59354, Signer-Name: com






0 DNSKEY RR found









Zone: iphone-ld.apple.com

iphone-ld.apple.com
0 DS RR in the parent zone found



Zone: www.iphone-ld.apple.com

www.iphone-ld.apple.com
0 DS RR in the parent zone found



Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20038, Flags 256






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.10.2024, 00:00:00 +, Signature-Inception: 19.09.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: net

net
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=






1 RRSIG RR to validate DS RR found






RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 13.10.2024, 20:00:00 +, Signature-Inception: 30.09.2024, 19:00:00 +, KeyTag 20038, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20038 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 37331, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 42924, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner net., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 09.10.2024, 14:10:35 +, Signature-Inception: 24.09.2024, 14:05:35 +, KeyTag 37331, Signer-Name: net






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 37331 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest "LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: akadns.net

akadns.net
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "o7vmn67931abl61dtsv9vl6cmbf3qroe" between the hashed NSEC3-owner "o7vm7jqq7m00i80kldebif0rta8109qg" and the hashed NextOwner "o7vopa298lci0isuhupl1g86t99hdqji". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner o7vm7jqq7m00i80kldebif0rta8109qg.net., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 06.10.2024, 02:50:50 +, Signature-Inception: 29.09.2024, 01:40:50 +, KeyTag 42924, Signer-Name: net






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1rtlnpgulogn7b9a62shje1u3ttp8dr". So that domain name is the Closest Encloser of "akadns.net". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 13, 2 Labels, original TTL: 86400 sec, Signature-expiration: 07.10.2024, 03:02:12 +, Signature-Inception: 30.09.2024, 01:52:12 +, KeyTag 42924, Signer-Name: net






0 DNSKEY RR found









Zone: com.akadns.net

com.akadns.net
0 DS RR in the parent zone found






0 DNSKEY RR found









Zone: origin-apple.com.akadns.net

origin-apple.com.akadns.net
0 DS RR in the parent zone found






0 DNSKEY RR found









Zone: iphone-ld.origin-apple.com.akadns.net

iphone-ld.origin-apple.com.akadns.net
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.iphone-ld.apple.com
  ns-ext-prod.jackfruit.apple.com

apple.com
  a.ns.apple.com
17.253.200.1
Cupertino/California/United States (US) - Apple Inc.


 
2620:149:ae0::53
New York/United States (US) - Apple Inc.


  b.ns.apple.com
17.253.207.1
Cupertino/California/United States (US) - Apple Inc.


 
2620:149:ae7::53
New York/United States (US) - Apple Inc.


  c.ns.apple.com
204.19.119.1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


 
2620:171:800:714::1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


  d.ns.apple.com
204.26.57.1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


 
2620:171:801:714::1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


  ns-ext-prod.jackfruit.apple.com

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


origin-apple.com.akadns.net
  internal.akadns.net

com.akadns.net
  internal.akadns.net

akadns.net
  a11-129.akadns.net
84.53.139.129
Los Angeles/California/United States (US) - Akamai Technologies


 
2600:1480:1::81
Los Angeles/California/United States (US) - Akamai International B.V.


  a1-128.akadns.net
193.108.88.128
Madrid/Spain (ES) - Akamai International B.V.


 
2600:1403:11::80
Seattle/Washington/United States (US) - Akamai International B.V.


  a12-131.akagtm.org
184.26.160.131
Sterling/Virginia/United States (US) - Akamai International B.V.


  a13-130.akagtm.org
184.28.92.130
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2.22.230.130
Madrid/Spain (ES) - Akamai Technologies


  a18-128.akagtm.org
95.101.36.128
Warsaw/Mazovia/Poland (PL) - Akamai Technologies


  a28-129.akagtm.org
95.100.173.129
London/England/United Kingdom (GB) - Akamai Technologies


  a3-129.akadns.net
96.7.49.129
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1408:1c::81
Springfield/Illinois/United States (US) - Akamai International B.V.


  a5-130.akagtm.org
95.100.168.130
Milan/Lombardy/Italy (IT) - Akamai Technologies


  a7-131.akadns.net
23.61.199.131
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1406:32::83
San Jose/California/United States (US) - Akamai International B.V.


  a9-128.akadns.net
184.85.248.128
Los Angeles/California/United States (US) - Akamai International B.V.


 
2a02:26f0:117::80
Cambridge/Massachusetts/United States (US) - Akamai International B.V


  internal.akadns.net

net
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net

 

4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1727772357
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:12


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1727772372
Refresh:1800
Retry:900
Expire:604800
TTL:86400
num Entries:1


Domain:apple.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:apple.com
Zone-Name:apple.com
Primary:ns-ext-prod.jackfruit.apple.com
Mail:hostmaster.apple.com
Serial:2010131862
Refresh:900
Retry:900
Expire:2016000
TTL:14400
num Entries:8


Domain:www.iphone-ld.apple.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1



Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1727772357
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:2


Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1727772372
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:11


Domain:akadns.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:akadns.net
Zone-Name:akadns.net
Primary:internal.akadns.net
Mail:hostmaster.akamai.com
Serial:1712104200
Refresh:90000
Retry:90000
Expire:90000
TTL:180
num Entries:16


Domain:com.akadns.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:origin-apple.com.akadns.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

Startaddress: https://iphone-ld.apple.com/, address used: https://iphone-ld.apple.com/, Screenshot created 2024-10-01 10:48:49 +00:0 url is insecure, certificate invalid

 

Mobil (412px x 732px)

 

1098 milliseconds

 

Screenshot mobile - https://iphone-ld.apple.com/
Mobil + Landscape (732px x 412px)

 

1087 milliseconds

 

Screenshot mobile landscape - https://iphone-ld.apple.com/
Screen (1280px x 1680px)

 

1183 milliseconds

 

Screenshot Desktop - https://iphone-ld.apple.com/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412732
content Size412732

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://iphone-ld.apple.com/
23.48.202.82
403

Html is minified: 100.00 %
0.096
M
Forbidden
Date: Tue, 01 Oct 2024 08:47:44 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• http://iphone-ld.apple.com/
23.48.202.83
403

Html is minified: 100.00 %
0.017
M
Forbidden
Date: Tue, 01 Oct 2024 08:47:44 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• https://iphone-ld.apple.com/
23.48.202.82
403

Html is minified: 100.00 %
6.500
N
Forbidden
Certificate error: RemoteCertificateChainErrors
Date: Tue, 01 Oct 2024 08:47:44 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• https://iphone-ld.apple.com/
23.48.202.83
403

Html is minified: 100.00 %
6.513
N
Forbidden
Certificate error: RemoteCertificateChainErrors
Date: Tue, 01 Oct 2024 08:47:52 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
23.48.202.82
403

Html is minified: 100.00 %
0.000
M
Forbidden
Visible Content:
Date: Tue, 01 Oct 2024 08:47:59 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
23.48.202.83
403

Html is minified: 100.00 %
0.013
M
Forbidden
Visible Content:
Date: Tue, 01 Oct 2024 08:47:59 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• https://23.48.202.82/
23.48.202.82
400

Html is minified: 100.00 %
3.000
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Tue, 01 Oct 2024 08:48:00 GMT
Connection: close
Content-Type: text/html
Content-Length: 310
Expires: Tue, 01 Oct 2024 08:48:00 GMT

• https://23.48.202.83/
23.48.202.83
400

Html is minified: 100.00 %
2.936
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Tue, 01 Oct 2024 08:48:03 GMT
Connection: close
Content-Type: text/html
Content-Length: 310
Expires: Tue, 01 Oct 2024 08:48:03 GMT

 

7. Comments


1. General Results, most used to calculate the result

Aname "iphone-ld.apple.com" is subdomain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 94787 (complete: 245733)
AGood: All ip addresses are public addresses
AGood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (6 urls)
http://iphone-ld.apple.com/ 23.48.202.82


Url with incomplete Content-Type - header - missing charset
http://iphone-ld.apple.com/ 23.48.202.83


Url with incomplete Content-Type - header - missing charset
https://iphone-ld.apple.com/ 23.48.202.82


Url with incomplete Content-Type - header - missing charset
https://iphone-ld.apple.com/ 23.48.202.83


Url with incomplete Content-Type - header - missing charset
http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 23.48.202.82


Url with incomplete Content-Type - header - missing charset
http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 23.48.202.83


Url with incomplete Content-Type - header - missing charset
Bhttps://iphone-ld.apple.com/ 23.48.202.82
403

Missing HSTS-Header
Bhttps://iphone-ld.apple.com/ 23.48.202.83
403

Missing HSTS-Header
CError - no version with Http-Status 200
HFatal error: No https - result with http-status 200, no encryption
Mhttp://iphone-ld.apple.com/ 23.48.202.82
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttp://iphone-ld.apple.com/ 23.48.202.83
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://iphone-ld.apple.com/ 23.48.202.82
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://iphone-ld.apple.com/ 23.48.202.83
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://23.48.202.82/ 23.48.202.82
400

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://23.48.202.83/ 23.48.202.83
400

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://iphone-ld.apple.com/ 23.48.202.82
403

Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://iphone-ld.apple.com/ 23.48.202.83
403

Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://23.48.202.82/ 23.48.202.82
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://23.48.202.83/ 23.48.202.83
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.iphone-ld.apple.com

2. Header-Checks (Cross-Origin-* headers are alpha - started 2024-06-05)

Fiphone-ld.apple.com 23.48.202.82
Content-Security-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 23.48.202.82
X-Content-Type-Options
Critical: Missing Header:
Fiphone-ld.apple.com 23.48.202.82
Referrer-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 23.48.202.82
Permissions-Policy
Critical: Missing Header:
Biphone-ld.apple.com 23.48.202.82
Cross-Origin-Embedder-Policy
Info: Missing Header
Biphone-ld.apple.com 23.48.202.82
Cross-Origin-Opener-Policy
Info: Missing Header
Biphone-ld.apple.com 23.48.202.82
Cross-Origin-Resource-Policy
Info: Missing Header
Fiphone-ld.apple.com 23.48.202.83
Content-Security-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 23.48.202.83
X-Content-Type-Options
Critical: Missing Header:
Fiphone-ld.apple.com 23.48.202.83
Referrer-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 23.48.202.83
Permissions-Policy
Critical: Missing Header:
Biphone-ld.apple.com 23.48.202.83
Cross-Origin-Embedder-Policy
Info: Missing Header
Biphone-ld.apple.com 23.48.202.83
Cross-Origin-Opener-Policy
Info: Missing Header
Biphone-ld.apple.com 23.48.202.83
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

AInfo:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
AInfo:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.a.ns.apple.com (17.253.200.1, 2620:149:ae0::53), b.ns.apple.com (17.253.207.1, 2620:149:ae7::53), c.ns.apple.com (204.19.119.1, 2620:171:800:714::1), d.ns.apple.com (204.26.57.1, 2620:171:801:714::1)
AGood (1 - 3.0):: An average of 0.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 5 different Name Servers found: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com, ns-ext-prod.jackfruit.apple.com, 4 Name Servers included in Delegation: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com, 4 Name Servers included in 2 Zone definitions: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com, 1 Name Servers listed in SOA.Primary: ns-ext-prod.jackfruit.apple.com.
AGood: Only one SOA.Primary Name Server found.: ns-ext-prod.jackfruit.apple.com.
Error: SOA.Primary Name Server not included in the delegation set.: ns-ext-prod.jackfruit.apple.com.
AGood: All Name Server Domain Names have a Public Suffix.
Error: Name Server Domain Names with Public Suffix and without ip address found.: 1 Name Servers without ipv4 and ipv6: 1

AInfo: Ipv4-Subnet-list: 4 Name Servers, 2 different subnets (first Byte): 17., 204., 3 different subnets (first two Bytes): 17.253., 204.19., 204.26., 4 different subnets (first three Bytes): 17.253.200., 17.253.207., 204.19.119., 204.26.57.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 4 Name Servers with IPv6, 1 different subnets (first block): 2620:, 2 different subnets (first two blocks): 2620:0149:, 2620:0171:, 4 different subnets (first three blocks): 2620:0149:0ae0:, 2620:0149:0ae7:, 2620:0171:0800:, 2620:0171:0801:, 4 different subnets (first four blocks): 2620:0149:0ae0:0000:, 2620:0149:0ae7:0000:, 2620:0171:0800:0714:, 2620:0171:0801:0714:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 8 good Nameserver
AGood: Nameserver supports Echo Capitalization: 8 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 8 good Nameserver
AGood: All SOA have the same Serial Number
AGood: CAA entries found, creating certificate is limited: entrust.net is allowed to create certificates
AGood: CAA entries found, creating certificate is limited: pki.apple.com is allowed to create certificates

4. Content- and Performance-critical Checks

http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 23.48.202.82
403

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status 401 / 403 Not Allowed / Forbidden. A http status 404 - Not Found - is expected. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 23.48.202.83
403

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status 401 / 403 Not Allowed / Forbidden. A http status 404 - Not Found - is expected. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 154630 milliseconds, 154.630 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
iphone-ld.apple.com
23.48.202.82
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
iphone-ld.apple.com
23.48.202.82
443
Certificate/chain invalid
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


iphone-ld.apple.com
23.48.202.83
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

iphone-ld.apple.com
23.48.202.83
443
Certificate/chain invalid
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


23.48.202.82
23.48.202.82
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

23.48.202.82
23.48.202.82
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


23.48.202.83
23.48.202.83
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

23.48.202.83
23.48.202.83
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US

 

9. Certificates

1.
1.
C=US, S=California, O=Apple Inc., CN=iphone-ld.apple.com
01.05.2024
28.10.2024
expires in 21 days
iphone-ld.apple.com - 1 entry
1.
1.
C=US, S=California, O=Apple Inc., CN=iphone-ld.apple.com
01.05.2024

28.10.2024
expires in 21 days


iphone-ld.apple.com - 1 entry

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA256
Serial Number:5BEA8E4342F473A9137D62ED254C3D2D
Thumbprint:83DD1DDD619DF76C8B2496E957BFB4EB55B84716
SHA256 / Certificate:khgFfBOQnJZOfVVFYtytKf76EOPpiq1H1ZiKD4SUvlg=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):331ca85657f39eb54a512edcfe603b9d2a725cf33effef31543364fdb43f2d86
SHA256 hex / Subject Public Key Information (SPKI):331ca85657f39eb54a512edcfe603b9d2a725cf33effef31543364fdb43f2d86 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.apple.com/ocsp03-appleserverauth202
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)


RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.
OfflineRevocation: The revocation function was unable to check revocation because the revocation server was offline.


2.
C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Server Authentication CA 2
05.01.2017
21.10.2031
expires in 2570 days


2.
C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Server Authentication CA 2
05.01.2017

21.10.2031
expires in 2570 days




KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:5B43A4C47741CCEC
Thumbprint:05593C517582C94A3A2DCB3E02F76BAF1FFE80CC
SHA256 / Certificate:LZtk2OxQ1dPlpmWRlM5S1geyrTwCb909f6tyQYPCMtU=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):4f85b523ec1625da63e281c50e9bd931d81fdff1e241609b872a87bd0ae4bf61
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.apple.com/ocsp03-applerootcag304
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




2.
1.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024
20.04.2025
expires in 195 days
a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries
2.
1.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024

20.04.2025
expires in 195 days


a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0B0EFA6998487092A5D64EC0E7A56EF2
Thumbprint:2839AF637D02E8F71723A0EEE0C92F9C6417680A
SHA256 / Certificate:QLn5+ugGtVcDvAfznkAKbT1hZHO63QSAtAVMMp14vxk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543
SHA256 hex / Subject Public Key Information (SPKI):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024
20.04.2025
expires in 195 days
a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

2.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024

20.04.2025
expires in 195 days


a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0B0EFA6998487092A5D64EC0E7A56EF2
Thumbprint:2839AF637D02E8F71723A0EEE0C92F9C6417680A
SHA256 / Certificate:QLn5+ugGtVcDvAfznkAKbT1hZHO63QSAtAVMMp14vxk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543
SHA256 hex / Subject Public Key Information (SPKI):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 2380 days


3.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 2380 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:06D8D904D5584346F68A2FA754227EC4
Thumbprint:1C58A3A8518E8759BF075B76B750D4F2DF264FCD
SHA256 / Certificate:UidMV85N7jtJ23p/9wjAQPdxiYs76IclqG+0QwGC/hQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SHA256 hex / Subject Public Key Information (SPKI):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




4.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 2380 days


4.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 2380 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:06D8D904D5584346F68A2FA754227EC4
Thumbprint:1C58A3A8518E8759BF075B76B750D4F2DF264FCD
SHA256 / Certificate:UidMV85N7jtJ23p/9wjAQPdxiYs76IclqG+0QwGC/hQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SHA256 hex / Subject Public Key Information (SPKI):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 2590 days


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 2590 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016
10.05.2025
expires in 215 days


6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016

10.05.2025
expires in 215 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F5BC3A176CB789E2020C7893C8167B4
Thumbprint:FB20FA8A6A93B375F054814F9E00273EA51A6138
SHA256 / Certificate:bay7iUUTex2tQhGwQ2774G8SrONpBJc7Ra4ldAgj02k=
SHA256 hex / Cert (DANE * 0 1):6dacbb8945137b1dad4211b0436efbe06f12ace36904973b45ae25740823d369
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000
13.05.2025
expires in 218 days


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000

13.05.2025
expires in 218 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:020000B9
Thumbprint:D4DE20D05E66FC53FE1A50882C78DB2852CAE474
SHA256 / Certificate:Fq9XqfZ2sKsSYJWqXrre8iqzERnWRKyVzUuT2/Pyaus=
SHA256 hex / Cert (DANE * 0 1):16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
SHA256 hex / PublicKey (DANE * 1 1):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SHA256 hex / Subject Public Key Information (SPKI):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

No CRT - CT-Log entries found

 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.nu/ / https://validator.w3.org/nu/ (started 2024-09-28, 09:00, alpha)

  Unfortunately, there are differences between the first used validator.nu and validator.w3.org/nu/ - switched to validator.w3.org/nu/. Looks like some error messages (link - fetchpriority attribute) of validator.nu are obsolete, not seen in the w3.org-version and not found in the current specification: link may have a fetchpriority attribute.

No https result http status 200 and Content-Type text/html or text/xml found, no Html-Parsing - Check

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com

 

QNr.DomainTypeNS used
1
com
NS
b.root-servers.net (2001:500:200::b)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
a.ns.apple.com: 17.253.200.1, 2620:149:ae0::53
NS
a.gtld-servers.net (2001:503:a83e::2:30)

Answer: b.ns.apple.com
17.253.207.1, 2620:149:ae7::53

Answer: c.ns.apple.com
204.19.119.1, 2620:171:800:714::1

Answer: d.ns.apple.com
204.26.57.1, 2620:171:801:714::1

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
iphone-ld.origin-apple.com.akadns.net



1
0
origin-apple.com.akadns.net
0

no CAA entry found
1
0
iphone-ld.apple.com



1
0
com.akadns.net
0

no CAA entry found
1
0
akadns.net
0

no CAA entry found
1
0
apple.com
5
issue
entrust.net
1
0

5
iodef
mailto:contact_pki@apple.com
1
0

5
issue
pki.apple.com
1
0
com
0

no CAA entry found
1
0
net
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
apple.com
77a4a6de-da14-449c-83c4-85366e0f55f9
ok
1
0
apple.com
adobe-idp-site-verification=6bd5e74c-a3a0-4781-b2e1-e95399b5e11c
ok
1
0
apple.com
apple-domain-verification=X5Jt76bn3Dnmgzjj
ok
1
0
apple.com
atlassian-domain-verification=mLabq99iaT8kquJechF6l31FAYoNUe3WB7tLpLFUiUYVJCse9SKq83hOJzFkwqrh
ok
1
0
apple.com
cerner-client-id=22dd1d8a-5e8b-4e1e-80ef-39bcdfd42798
ok
1
0
apple.com
cerner-client-id=ce3abf18-ee87-43b9-9927-9eb24b4bac4a
ok
1
0
apple.com
cisco-ci-domain-verification=6f3bfb849796a518061f8e8c4356f687a138502d86db742791685059176547dd
ok
1
0
apple.com
Dynatrace-site-verification=7d881a7c-c13f-4146-9d27-2731459e2509__iqls0105tagglcsaul0m16ibrf
ok
1
0
apple.com
facebook-domain-verification=n6cqjfucq6plswmtfbwnbbeu1qiq3v
ok
1
0
apple.com
google-site-verification=8M6XjQCzydT62jk8HY3VXPAG-nKDllTRV-JpA3-Ktyw
ok
1
0
apple.com
google-site-verification=L5kkMdiFI8npvb6KlHui84fJaCw5G64DWhaDRIAT4_c
ok
1
0
apple.com
google-site-verification=zBSq1mG5ssu2If-C17UAz_MzSZDcx03MVxmeDwMNc5w
ok
1
0
apple.com
json:eyJ3aHkiOiJUaGlzIGlzIHRvIHRydW5jYXRlIFVEUCByZXNwb25zZXMgZm9yIFRYVCBxdWVyaWVzIHRvIGFwcGxlLmNvbSIsInBhZGRpbmciOiJpZW4wYWVHaGF0aG9oNmhhaHZpZWphaTNlYXkwYWh2YWhjaGFocXVhZWxlZTBZdWw0cGhpZXRoMHNvNXZpZXllZWNvaDRpZThzaGVlcGllVDNwYWVjaGVpVjZqb2h3aWVwaG82In0K
ok
1
0
apple.com
json:eyJ3aHkiOiJUaGlzIGlzIHRvIHRydW5jYXRlIFVEUCByZXNwb25zZXMgZm9yIFRYVCBxdWVyaWVzIHRvIGFwcGxlLmNvbSIsInBhZGRpbmciOiJxdWFoMGVpamFhNGVlajh0aWVkYWlnaG9jZWljaGFlOGVUb3ppZTVmdTVhaFRoMldlaU00aWsyaHVxdThpZXBoaWVxdW9oc2hlaXBhZWdoOUthZWw3b2NoaWVuZ2llem9lc2g1In0K
ok
1
0
apple.com
miro-verification=2494d255c4c50b1e521650a0659cbf3fa08b0072
ok
1
0
apple.com
v=spf1 include:_spf.apple.com include:_spf-txn.apple.com ~all
ok
1
0
apple.com
ValidationTokenValue=77a4a6de-da14-449c-83c4-85366e0f55f9
ok
1
0
apple.com
webexdomainverification.8C462=b728ec3f-dfc9-42f9-92cb-9ba8853cbee8
ok
1
0
apple.com
yahoo-verification-key=Ay+djyw0qWQgXKWGA/jstjYryTMrKb+PBXI5l8u5/jw=
ok
1
0
iphone-ld.apple.com


1
0
_acme-challenge.iphone-ld.apple.com

Name Error - The domain name does not exist
1
0
_acme-challenge.iphone-ld.apple.com.apple.com
v=spf1 redirect=_spf.apple.com
perhaps wrong
1
0
_acme-challenge.iphone-ld.origin-apple.com.akadns.net

Name Error - The domain name does not exist
1
0
_acme-challenge.iphone-ld.apple.com.iphone-ld.apple.com

Name Error - The domain name does not exist
1
0
_acme-challenge.iphone-ld.origin-apple.com.akadns.net.iphone-ld.origin-apple.com.akadns.net

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
SPF
TXT
iphone-ld.apple.com

32768TXT expected, but CNAME found. CNAME not allowed, only TXT queries are allowed. See RFC 7208, 4.4.

 

 

17. Cipher Suites

No results

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=2af4b3ae-2607-4e18-8a8f-165ac009c72f

 

Last Result: https://check-your-website.server-daten.de/?q=iphone-ld.apple.com - 2024-10-01 10:46:21

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=iphone-ld.apple.com" target="_blank">Check this Site: iphone-ld.apple.com</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=iphone-ld.apple.com