Check DNS, Urls + Redirects, Certificates and Content of your Website


 

 

 

1. IP-Addresses

HostTypeIP-Addressis auth.∑ Queries∑ Timeout
iphone-ld.apple.com
CNAME
iphone-ld.origin-apple.com.akadns.net
yes
1
0

CNAME
iphone-ld.apple.com-v1.edgesuite.net
yes


www.iphone-ld.apple.com

Name Error
yes
1
0
iphone-ld.apple.com
A
2.21.245.141
Berlin/Land Berlin/Germany (DE) - Akamai Technologies
No Hostname found
no



A
2.21.245.149
Berlin/Land Berlin/Germany (DE) - Akamai Technologies
No Hostname found
no


*.apple.com
A

yes



AAAA

yes



CNAME

yes


*.iphone-ld.apple.com
A
Name Error
yes



AAAA
Name Error
yes



CNAME
Name Error
yes


 

2. DNSSEC

Zone (*)DNSSEC - Informations


Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 26470, Flags 256






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.01.2025, 00:00:00 +, Signature-Inception: 20.12.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: com

com
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=






1 RRSIG RR to validate DS RR found






RRSIG-Owner com., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 08.01.2025, 17:00:00 +, Signature-Inception: 26.12.2024, 16:00:00 +, KeyTag 61050, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 61050 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 19718, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 13, KeyTag 29942, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner com., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 07.01.2025, 15:02:35 +, Signature-Inception: 23.12.2024, 14:57:35 +, KeyTag 19718, Signer-Name: com






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 19718 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 19718, DigestType 2 and Digest "isuwzSj0ElCoCkkTiUJNNBUi2Uaw2gwCkfLT13HXgFo=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: apple.com

apple.com
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "s0nu66fpjnr91aioa0a6649sii2jvq1a" between the hashed NSEC3-owner "s0nu35sdb7k3j8q3tjlv6874aj058i1o" and the hashed NextOwner "s0nu90lgv459klhvqs37tuga7qjq5lpl". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner s0nu35sdb7k3j8q3tjlv6874aj058i1o.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 03.01.2025, 01:37:24 +, Signature-Inception: 27.12.2024, 00:27:24 +, KeyTag 29942, Signer-Name: com






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "ck0pojmg874ljref7efn8430qvit8bsm" as Owner. That's the Hash of "com" with the NextHashedOwnerName "ck0q3udg8cekkae7rukpgct1dvssh8ll". So that domain name is the Closest Encloser of "apple.com". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner ck0pojmg874ljref7efn8430qvit8bsm.com., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 03.01.2025, 00:26:33 +, Signature-Inception: 26.12.2024, 23:16:33 +, KeyTag 29942, Signer-Name: com






0 DNSKEY RR found









Zone: iphone-ld.apple.com

iphone-ld.apple.com
0 DS RR in the parent zone found



Zone: www.iphone-ld.apple.com

www.iphone-ld.apple.com
0 DS RR in the parent zone found



Zone: (root)

(root)
1 DS RR published






DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest 4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=






Status: Valid because published






3 DNSKEY RR found






Public Key with Algorithm 8, KeyTag 20326, Flags 257 (SEP = Secure Entry Point)






Public Key with Algorithm 8, KeyTag 26470, Flags 256






Public Key with Algorithm 8, KeyTag 61050, Flags 256






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner (root), Algorithm: 8, 0 Labels, original TTL: 172800 sec, Signature-expiration: 10.01.2025, 00:00:00 +, Signature-Inception: 20.12.2024, 00:00:00 +, KeyTag 20326, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 20326 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 8, KeyTag 20326, DigestType 2 and Digest "4G1EuAuPHTmpXAsNfGXQhFjogECbvGg0VxBCN8f47I0=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: net

net
1 DS RR in the parent zone found






DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=






1 RRSIG RR to validate DS RR found






RRSIG-Owner net., Algorithm: 8, 1 Labels, original TTL: 86400 sec, Signature-expiration: 08.01.2025, 17:00:00 +, Signature-Inception: 26.12.2024, 16:00:00 +, KeyTag 61050, Signer-Name: (root)






Status: Good - Algorithmus 8 and DNSKEY with KeyTag 61050 used to validate the DS RRSet in the parent zone






2 DNSKEY RR found






Public Key with Algorithm 13, KeyTag 31059, Flags 256






Public Key with Algorithm 13, KeyTag 37331, Flags 257 (SEP = Secure Entry Point)






1 RRSIG RR to validate DNSKEY RR found






RRSIG-Owner net., Algorithm: 13, 1 Labels, original TTL: 86400 sec, Signature-expiration: 07.01.2025, 15:10:35 +, Signature-Inception: 23.12.2024, 15:05:35 +, KeyTag 37331, Signer-Name: net






Status: Good - Algorithmus 13 and DNSKEY with KeyTag 37331 used to validate the DNSKEY RRSet






Status: Valid Chain of trust. Parent-DS with Algorithm 13, KeyTag 37331, DigestType 2 and Digest "LwvsLW95370dCP0ho6+S0OOaS57x4/QRH/8oJJDaRTs=" validates local Key with the same values, Key ist Secure Entry Point (SEP) of the zone



Zone: akadns.net

akadns.net
0 DS RR in the parent zone found






DS-Query in the parent zone has a valid NSEC3 RR as result with the hashed query name "o7vmn67931abl61dtsv9vl6cmbf3qroe" between the hashed NSEC3-owner "o7vm7jqq7m00i80kldebif0rta8109qg" and the hashed NextOwner "o7vopa298lci0isuhupl1g86t99hdqji". So the parent zone confirmes the not-existence of a DS RR.
Bitmap: NS, DS, RRSIG Validated: RRSIG-Owner o7vm7jqq7m00i80kldebif0rta8109qg.net., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 02.01.2025, 02:58:36 +, Signature-Inception: 26.12.2024, 01:48:36 +, KeyTag 31059, Signer-Name: net






DS-Query in the parent zone sends valid NSEC3 RR with the Hash "a1rt98bs5qgc9nfi51s9hci47uljg6jh" as Owner. That's the Hash of "net" with the NextHashedOwnerName "a1rtlnpgulogn7b9a62shje1u3ttp8dr". So that domain name is the Closest Encloser of "akadns.net". Opt-Out: True.
Bitmap: NS, SOA, RRSIG, DNSKEY, NSEC3PARAM Validated: RRSIG-Owner a1rt98bs5qgc9nfi51s9hci47uljg6jh.net., Algorithm: 13, 2 Labels, original TTL: 900 sec, Signature-expiration: 03.01.2025, 03:06:05 +, Signature-Inception: 27.12.2024, 01:56:05 +, KeyTag 31059, Signer-Name: net






0 DNSKEY RR found









Zone: com.akadns.net

com.akadns.net
0 DS RR in the parent zone found






0 DNSKEY RR found









Zone: origin-apple.com.akadns.net

origin-apple.com.akadns.net
0 DS RR in the parent zone found






0 DNSKEY RR found









Zone: iphone-ld.origin-apple.com.akadns.net

iphone-ld.origin-apple.com.akadns.net
0 DS RR in the parent zone found

 

3. Name Servers

DomainNameserverNS-IP
www.iphone-ld.apple.com
  ns-ext-prod.jackfruit.apple.com

apple.com
  a.ns.apple.com
17.253.200.1
Cupertino/California/United States (US) - Apple Inc.


 
2620:149:ae0::53
Cupertino/California/United States (US) - Apple Inc.


  b.ns.apple.com
17.253.207.1
Cupertino/California/United States (US) - Apple Inc.


 
2620:149:ae7::53
Cupertino/California/United States (US) - Apple Inc.


  c.ns.apple.com
204.19.119.1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


 
2620:171:800:714::1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


  d.ns.apple.com
204.26.57.1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


 
2620:171:801:714::1
Montreal/Quebec/Canada (CA) - WoodyNet, Inc.


  ns-ext-prod.jackfruit.apple.com

com
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net


origin-apple.com.akadns.net
  internal.akadns.net

com.akadns.net
  internal.akadns.net

akadns.net
  a11-129.akadns.net
84.53.139.129
Sterling/Virginia/United States (US) - Akamai Technologies


 
2600:1480:1::81
Los Angeles/California/United States (US) - Akamai International B.V.


  a1-128.akadns.net
193.108.88.128
Seattle/Washington/United States (US) - Akamai International B.V.


 
2600:1403:11::80
Seattle/Washington/United States (US) - Akamai International B.V.


  a12-131.akagtm.org
184.26.160.131
Sterling/Virginia/United States (US) - Akamai International B.V.


  a18-128.akagtm.org
95.101.36.128
Warsaw/Mazovia/Poland (PL) - Akamai Technologies


  a22-129.akadns.net
23.211.61.129
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1480:7800::81
Miami/Florida/United States (US) - Akamai International B.V.


  a28-129.akagtm.org
95.100.173.129
London/England/United Kingdom (GB) - Akamai Technologies


  a3-129.akadns.net
96.7.49.129
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1408:1c::81
Springfield/Illinois/United States (US) - Akamai International B.V.


  a42-130.akagtm.org
184.28.92.130
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


  a44-131.akadns.net
2.17.46.131
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies


 
2600:1480:c00::83
Washington/District of Columbia/United States (US) - Akamai International B.V.


  a5-130.akagtm.org
95.100.168.130
Milan/Lombardy/Italy (IT) - Akamai Technologies


  a7-130.akagtm.org
23.61.199.130
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


  a7-131.akadns.net
23.61.199.131
Cambridge/Massachusetts/United States (US) - Akamai International B.V.


 
2600:1406:32::83
San Jose/California/United States (US) - Akamai International B.V.


  a8-130.akadns.net
2.16.40.130
Frankfurt am Main/Hesse/Germany (DE) - Akamai Technologies


 
2600:1403:a::82
Washington/District of Columbia/United States (US) - Akamai International B.V.


  a9-128.akadns.net
184.85.248.128
Los Angeles/California/United States (US) - Akamai International B.V.


 
2a02:26f0:117::80
Cambridge/Massachusetts/United States (US) - Akamai International B.V


  internal.akadns.net

net
  a.gtld-servers.net


  b.gtld-servers.net


  c.gtld-servers.net


  d.gtld-servers.net


  e.gtld-servers.net


  f.gtld-servers.net


  g.gtld-servers.net


  h.gtld-servers.net


  i.gtld-servers.net


  j.gtld-servers.net


  k.gtld-servers.net


  l.gtld-servers.net


  m.gtld-servers.net

 

4. SOA-Entries


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1735274972
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:2


Domain:com
Zone-Name:com
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1735274987
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:11


Domain:apple.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:apple.com
Zone-Name:apple.com
Primary:ns-ext-prod.jackfruit.apple.com
Mail:hostmaster.apple.com
Serial:2024122300
Refresh:900
Retry:900
Expire:2016000
TTL:1800
num Entries:8


Domain:www.iphone-ld.apple.com
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1



Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1735275002
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:2


Domain:net
Zone-Name:net
Primary:a.gtld-servers.net
Mail:nstld.verisign-grs.com
Serial:1735274987
Refresh:1800
Retry:900
Expire:604800
TTL:900
num Entries:11


Domain:akadns.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:akadns.net
Zone-Name:akadns.net
Primary:internal.akadns.net
Mail:hostmaster.akamai.com
Serial:1734510000
Refresh:90000
Retry:90000
Expire:90000
TTL:180
num Entries:22


Domain:com.akadns.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


Domain:origin-apple.com.akadns.net
Zone-Name:
Primary:
Mail:
Serial:
Refresh:
Retry:
Expire:
TTL:
num Entries:1


5. Screenshots

Startaddress: https://iphone-ld.apple.com/, address used: https://iphone-ld.apple.com/, Screenshot created 2024-12-27 05:52:03 +00:0 url is insecure, certificate invalid

 

Mobil (412px x 732px)

 

1039 milliseconds

 

Screenshot mobile - https://iphone-ld.apple.com/
Mobil + Landscape (732px x 412px)

 

1036 milliseconds

 

Screenshot mobile landscape - https://iphone-ld.apple.com/
Screen (1280px x 1680px)

 

1126 milliseconds

 

Screenshot Desktop - https://iphone-ld.apple.com/

 

Mobile- and other Chrome-Checks


widthheight
visual Viewport412732
content Size412732

 

Good: No horizontal scrollbar. Content-size width = visual Viewport width.

 

6. Url-Checks


:

:
DomainnameHttp-StatusredirectSec.G
• http://iphone-ld.apple.com/
2.21.245.141
403

Html is minified: 102.86 %
0.027
M
Forbidden
Date: Fri, 27 Dec 2024 04:51:29 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• http://iphone-ld.apple.com/
2.21.245.149
403

Html is minified: 102.86 %
0.010
M
Forbidden
Date: Fri, 27 Dec 2024 04:51:29 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• https://iphone-ld.apple.com/
2.21.245.141
403

Html is minified: 102.86 %
6.386
N
Forbidden
Certificate error: RemoteCertificateChainErrors
Date: Fri, 27 Dec 2024 04:51:30 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• https://iphone-ld.apple.com/
2.21.245.149
403

Html is minified: 102.86 %
6.397
N
Forbidden
Certificate error: RemoteCertificateChainErrors
Date: Fri, 27 Dec 2024 04:51:37 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2.21.245.141
403

Html is minified: 102.86 %
0.007
M
Forbidden
Visible Content:
Date: Fri, 27 Dec 2024 04:51:44 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de
2.21.245.149
403

Html is minified: 102.86 %
0.007
M
Forbidden
Visible Content:
Date: Fri, 27 Dec 2024 04:51:44 GMT
Connection: keep-alive
Content-Type: text/html
Content-Length: 144

• https://2.21.245.141/
2.21.245.141
400

Html is minified: 101.63 %
2.920
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Dec 2024 04:51:44 GMT
Connection: close
Content-Type: text/html
Content-Length: 312
Expires: Fri, 27 Dec 2024 04:51:44 GMT

• https://2.21.245.149/
2.21.245.149
400

Html is minified: 101.63 %
2.853
N
Bad Request
Certificate error: RemoteCertificateNameMismatch
Server: AkamaiGHost
Mime-Version: 1.0
Date: Fri, 27 Dec 2024 04:51:48 GMT
Connection: close
Content-Type: text/html
Content-Length: 312
Expires: Fri, 27 Dec 2024 04:51:48 GMT

 

7. Comments


1. General Results, most used to calculate the result

Aname "iphone-ld.apple.com" is subdomain, public suffix is ".com", top-level-domain is ".com", top-level-domain-type is "generic", tld-manager is "VeriSign Global Registry Services", num .com-domains preloaded: 103088 (complete: 263653)
AGood: All ip addresses are public addresses
AGood: No asked Authoritative Name Server had a timeout
ADNS: "Name Error" means: No www-dns-entry defined. This isn't a problem
AGood: No cookie sent via http.
HSTS-Preload-Status: unknown. Domain never included in the Preload-list. Check https://hstspreload.org/ to learn some basics about the Google-Preload-List.
AGood: Some urls with http status 200/404 have a complete Content-Type header (MediaType / MediaSubType + correct charset):0 complete Content-Type - header (6 urls)
http://iphone-ld.apple.com/ 2.21.245.141


Url with incomplete Content-Type - header - missing charset
http://iphone-ld.apple.com/ 2.21.245.149


Url with incomplete Content-Type - header - missing charset
https://iphone-ld.apple.com/ 2.21.245.141


Url with incomplete Content-Type - header - missing charset
https://iphone-ld.apple.com/ 2.21.245.149


Url with incomplete Content-Type - header - missing charset
http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.21.245.141


Url with incomplete Content-Type - header - missing charset
http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.21.245.149


Url with incomplete Content-Type - header - missing charset
Bhttps://iphone-ld.apple.com/ 2.21.245.141
403

Missing HSTS-Header
Bhttps://iphone-ld.apple.com/ 2.21.245.149
403

Missing HSTS-Header
CError - no version with Http-Status 200
HFatal error: No https - result with http-status 200, no encryption
Mhttp://iphone-ld.apple.com/ 2.21.245.141
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttp://iphone-ld.apple.com/ 2.21.245.149
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://iphone-ld.apple.com/ 2.21.245.141
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://iphone-ld.apple.com/ 2.21.245.149
403

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://2.21.245.141/ 2.21.245.141
400

Misconfiguration - main pages should never send http status 400 - 499
Mhttps://2.21.245.149/ 2.21.245.149
400

Misconfiguration - main pages should never send http status 400 - 499
Nhttps://iphone-ld.apple.com/ 2.21.245.141
403

Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://iphone-ld.apple.com/ 2.21.245.149
403

Error - Certificate isn't trusted, RemoteCertificateChainErrors
Nhttps://2.21.245.141/ 2.21.245.141
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
Nhttps://2.21.245.149/ 2.21.245.149
400

Error - Certificate isn't trusted, RemoteCertificateNameMismatch
BNo _mta-sts TXT record found (mta-sts: Mail Transfer Agent Strict Transport Security - see RFC 8461). Read the result of server-daten.de (Url-Checks, Comments, Connections and DomainServiceRecords) to see a complete definition. Domainname: _mta-sts.iphone-ld.apple.com

2. Header-Checks

Fiphone-ld.apple.com 2.21.245.141
Content-Security-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 2.21.245.141
X-Content-Type-Options
Critical: Missing Header:
Fiphone-ld.apple.com 2.21.245.141
Referrer-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 2.21.245.141
Permissions-Policy
Critical: Missing Header:
Biphone-ld.apple.com 2.21.245.141
Cross-Origin-Embedder-Policy
Info: Missing Header
Biphone-ld.apple.com 2.21.245.141
Cross-Origin-Opener-Policy
Info: Missing Header
Biphone-ld.apple.com 2.21.245.141
Cross-Origin-Resource-Policy
Info: Missing Header
Fiphone-ld.apple.com 2.21.245.149
Content-Security-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 2.21.245.149
X-Content-Type-Options
Critical: Missing Header:
Fiphone-ld.apple.com 2.21.245.149
Referrer-Policy
Critical: Missing Header:
Fiphone-ld.apple.com 2.21.245.149
Permissions-Policy
Critical: Missing Header:
Biphone-ld.apple.com 2.21.245.149
Cross-Origin-Embedder-Policy
Info: Missing Header
Biphone-ld.apple.com 2.21.245.149
Cross-Origin-Opener-Policy
Info: Missing Header
Biphone-ld.apple.com 2.21.245.149
Cross-Origin-Resource-Policy
Info: Missing Header

3. DNS- and NameServer - Checks

AInfo:: 2 Root-climbing DNS Queries required to find all IPv4- and IPv6-Addresses of 4 Name Servers.
AInfo:: 2 Queries complete, 2 with IPv6, 0 with IPv4.
AGood: All DNS Queries done via IPv6.
AGood: Some ip addresses of name servers found with the minimum of two DNS Queries. One to find the TLD-Zone, one to ask the TLD-Zone.a.ns.apple.com (17.253.200.1, 2620:149:ae0::53), b.ns.apple.com (17.253.207.1, 2620:149:ae7::53), c.ns.apple.com (204.19.119.1, 2620:171:800:714::1), d.ns.apple.com (204.26.57.1, 2620:171:801:714::1)
AGood (1 - 3.0):: An average of 0.5 queries per domain name server required to find all ip addresses of all name servers.
AInfo:: 5 different Name Servers found: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com, ns-ext-prod.jackfruit.apple.com, 4 Name Servers included in Delegation: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com, 4 Name Servers included in 2 Zone definitions: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com, 1 Name Servers listed in SOA.Primary: ns-ext-prod.jackfruit.apple.com.
AGood: Only one SOA.Primary Name Server found.: ns-ext-prod.jackfruit.apple.com.
Error: SOA.Primary Name Server not included in the delegation set.: ns-ext-prod.jackfruit.apple.com.
AGood: All Name Server Domain Names have a Public Suffix.
Error: Name Server Domain Names with Public Suffix and without ip address found.: 1 Name Servers without ipv4 and ipv6: 1

AInfo: Ipv4-Subnet-list: 4 Name Servers, 2 different subnets (first Byte): 17., 204., 3 different subnets (first two Bytes): 17.253., 204.19., 204.26., 4 different subnets (first three Bytes): 17.253.200., 17.253.207., 204.19.119., 204.26.57.
AGood: Name Server IPv4-addresses from different subnet found:
AInfo: IPv6-Subnet-list: 4 Name Servers with IPv6, 1 different subnets (first block): 2620:, 2 different subnets (first two blocks): 2620:0149:, 2620:0171:, 4 different subnets (first three blocks): 2620:0149:0ae0:, 2620:0149:0ae7:, 2620:0171:0800:, 2620:0171:0801:, 4 different subnets (first four blocks): 2620:0149:0ae0:0000:, 2620:0149:0ae7:0000:, 2620:0171:0800:0714:, 2620:0171:0801:0714:
AGood: Name Server IPv6 addresses from different subnets found.
AGood: Nameserver supports TCP connections: 8 good Nameserver
AGood: Nameserver supports Echo Capitalization: 8 good Nameserver
AGood: Nameserver supports EDNS with max. 512 Byte Udp payload, message is smaller: 8 good Nameserver
AGood: All SOA have the same Serial Number
AGood: CAA entries found, creating certificate is limited: entrust.net is allowed to create certificates
AGood: CAA entries found, creating certificate is limited: pki.apple.com is allowed to create certificates

4. Content- and Performance-critical Checks

http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.21.245.141
403

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status 401 / 403 Not Allowed / Forbidden. A http status 404 - Not Found - is expected. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
http://iphone-ld.apple.com/.well-known/acme-challenge/check-your-website-dot-server-daten-dot-de 2.21.245.149
403

Fatal: Check of /.well-known/acme-challenge/random-filename has a http status 401 / 403 Not Allowed / Forbidden. A http status 404 - Not Found - is expected. Creating a Letsencrypt certificate via http-01 challenge may not work. Trouble creating a certificate? Use https://community.letsencrypt.org/ to ask.
AInfo: No img element found, no alt attribute checked
AGood: Domainname is not on the "Specially Designated Nationals And Blocked Persons List" (SDN). That's an US-list of individuals and companies owned or controlled by, or acting for or on behalf of, targeted countries. It also lists individuals, groups, and entities, such as terrorists and narcotics traffickers designated under programs that are not country-specific. Collectively, such individuals and companies are called "Specially Designated Nationals" or "SDNs." Their assets are blocked and U.S. persons are generally prohibited from dealing with them. So if a domain name is on that list, it's impossible to create a Letsencrypt certificate with that domain name. Check the list manual - https://www.treasury.gov/resource-center/sanctions/sdn-list/pages/default.aspx
ADuration: 127214 milliseconds, 127.214 seconds

 

8. Connections

DomainIPPortCert.ProtocolKeyExchangeStrengthCipherStrengthHashAlgorithmOCSP stapling
Domain/KeyExchangeIP/StrengthPort/CipherCert./StrengthProtocol/HashAlgorithmOCSP stapling
iphone-ld.apple.com
2.21.245.141
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
iphone-ld.apple.com
2.21.245.141
443
Certificate/chain invalid
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


iphone-ld.apple.com
2.21.245.149
443
Certificate/chain invalid
Tls12
ECDH Ephermal
256
Aes256
256
Sha384
supported
ok

iphone-ld.apple.com
2.21.245.149
443
Certificate/chain invalid
Tls12

ECDH Ephermal
256
Aes256
256
Sha384
supported
ok
no http/2 via ALPN 
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Tls.1.2
no Tls.1.1
no Tls.1.0
no Ssl3
no Ssl2


2.21.245.141
2.21.245.141
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

2.21.245.141
2.21.245.141
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US


2.21.245.149
2.21.245.149
443
name does not match
Tls12
ECDH Ephermal
256
Aes128
128
Sha256
supported
ok

2.21.245.149
2.21.245.149
443
name does not match
Tls12

ECDH Ephermal
256
Aes128
128
Sha256
supported
ok
no http/2 via ALPN 
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
no http/2 via ALPN
Cert sent without SNI
Tls.1.2
Tls.1.1
Tls.1.0
no Ssl3
no Ssl2
Chain - incomplete

1CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, C=US, ST=Massachusetts


2CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US

 

9. Certificates

1.
1.
C=US, S=California, O=Apple Inc., CN=iphone-ld.apple.com
13.11.2024
13.03.2025
expires in 28 days
iphone-ld.apple.com - 1 entry
1.
1.
C=US, S=California, O=Apple Inc., CN=iphone-ld.apple.com
13.11.2024

13.03.2025
expires in 28 days


iphone-ld.apple.com - 1 entry

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA256
Serial Number:7727994B36D0C1961F5511ED4C11D034
Thumbprint:CFF54150E7A2C1245443AD95EBD43B4CC061C9DB
SHA256 / Certificate:nVp5eIJnLRLXVtlzGwwfUcwlK0gAZViIJJCC6yptIeE=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):2da18f8ce288615205d00aa2e0cdd0bce51aa9ec3c232284ea0a9ef042f411cb
SHA256 hex / Subject Public Key Information (SPKI):2da18f8ce288615205d00aa2e0cdd0bce51aa9ec3c232284ea0a9ef042f411cb (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.apple.com/ocsp03-appleserverauth202
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1)




2.
C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Server Authentication CA 2
05.01.2017
21.10.2031
expires in 2441 days


2.
C=US, O=Apple Inc., OU=Apple Certification Authority, CN=Apple Server Authentication CA 2
05.01.2017

21.10.2031
expires in 2441 days




KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:ECDSA SHA384
Serial Number:5B43A4C47741CCEC
Thumbprint:05593C517582C94A3A2DCB3E02F76BAF1FFE80CC
SHA256 / Certificate:LZtk2OxQ1dPlpmWRlM5S1geyrTwCb909f6tyQYPCMtU=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):4f85b523ec1625da63e281c50e9bd931d81fdff1e241609b872a87bd0ae4bf61
SHA256 hex / Subject Public Key Information (SPKI):
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.apple.com/ocsp03-applerootcag304
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




2.
1.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024
20.04.2025
expires in 66 days
a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries
2.
1.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024

20.04.2025
expires in 66 days


a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0B0EFA6998487092A5D64EC0E7A56EF2
Thumbprint:2839AF637D02E8F71723A0EEE0C92F9C6417680A
SHA256 / Certificate:QLn5+ugGtVcDvAfznkAKbT1hZHO63QSAtAVMMp14vxk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543
SHA256 hex / Subject Public Key Information (SPKI):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




2.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024
20.04.2025
expires in 66 days
a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

2.
CN=a248.e.akamai.net, O="Akamai Technologies, Inc.", L=Cambridge, S=Massachusetts, C=US
18.04.2024

20.04.2025
expires in 66 days


a248.e.akamai.net, *.akamaized.net, *.akamaized-staging.net, *.akamaihd.net, *.akamaihd-staging.net - 5 entries

KeyalgorithmEC Public Key (256 bit, prime256v1)
Signatur:SHA256 With RSA-Encryption
Serial Number:0B0EFA6998487092A5D64EC0E7A56EF2
Thumbprint:2839AF637D02E8F71723A0EEE0C92F9C6417680A
SHA256 / Certificate:QLn5+ugGtVcDvAfznkAKbT1hZHO63QSAtAVMMp14vxk=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543
SHA256 hex / Subject Public Key Information (SPKI):42dbf007812700e8e65a03dfbd061fd5f52143942f7d95a15c5c1a2f64204543 (is buggy, ignore the result)
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:yes
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




3.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 2251 days


3.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 2251 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:06D8D904D5584346F68A2FA754227EC4
Thumbprint:1C58A3A8518E8759BF075B76B750D4F2DF264FCD
SHA256 / Certificate:UidMV85N7jtJ23p/9wjAQPdxiYs76IclqG+0QwGC/hQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SHA256 hex / Subject Public Key Information (SPKI):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




4.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021
14.04.2031
expires in 2251 days


4.
CN=DigiCert TLS RSA SHA256 2020 CA1, O=DigiCert Inc, C=US
14.04.2021

14.04.2031
expires in 2251 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:06D8D904D5584346F68A2FA754227EC4
Thumbprint:1C58A3A8518E8759BF075B76B750D4F2DF264FCD
SHA256 / Certificate:UidMV85N7jtJ23p/9wjAQPdxiYs76IclqG+0QwGC/hQ=
SHA256 hex / Cert (DANE * 0 1):e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA256 hex / PublicKey (DANE * 1 1):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SHA256 hex / Subject Public Key Information (SPKI):450799901e36ce751fb0320815621189811c2a5ee71f0345c160ab9cc3096d57
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Check unknown. No result 404 / 200
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:Serverauthentifizierung (1.3.6.1.5.5.7.3.1), Clientauthentifizierung (1.3.6.1.5.5.7.3.2)




5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006
10.11.2031
expires in 2461 days


5.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
10.11.2006

10.11.2031
expires in 2461 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:083BE056904246B1A1756AC95991C74A
Thumbprint:A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436
SHA256 / Certificate:Q0ig6URMeMsmXgWNXolEtNhPlmK9Jtslf4k0pEPHAWE=
SHA256 hex / Cert (DANE * 0 1):4348a0e9444c78cb265e058d5e8944b4d84f9662bd26db257f8934a443c70161
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:





6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016
10.05.2025
expires in 86 days


6.
CN=DigiCert Global Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US
07.12.2016

10.05.2025
expires in 86 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA256 With RSA-Encryption
Serial Number:0F5BC3A176CB789E2020C7893C8167B4
Thumbprint:FB20FA8A6A93B375F054814F9E00273EA51A6138
SHA256 / Certificate:bay7iUUTex2tQhGwQ2774G8SrONpBJc7Ra4ldAgj02k=
SHA256 hex / Cert (DANE * 0 1):6dacbb8945137b1dad4211b0436efbe06f12ace36904973b45ae25740823d369
SHA256 hex / PublicKey (DANE * 1 1):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SHA256 hex / Subject Public Key Information (SPKI):aff988906dde12955d9bebbf928fdcc31cce328d5b9384f21c8941ca26e20391
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:http://ocsp.digicert.com
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000
13.05.2025
expires in 89 days


7.
CN=Baltimore CyberTrust Root, OU=CyberTrust, O=Baltimore, C=IE
12.05.2000

13.05.2025
expires in 89 days




KeyalgorithmRSA encryption (2048 bit)
Signatur:SHA-1 with RSA Encryption
Serial Number:020000B9
Thumbprint:D4DE20D05E66FC53FE1A50882C78DB2852CAE474
SHA256 / Certificate:Fq9XqfZ2sKsSYJWqXrre8iqzERnWRKyVzUuT2/Pyaus=
SHA256 hex / Cert (DANE * 0 1):16af57a9f676b0ab126095aa5ebadef22ab31119d644ac95cd4b93dbf3f26aeb
SHA256 hex / PublicKey (DANE * 1 1):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SHA256 hex / Subject Public Key Information (SPKI):63d9af9b47b1064d49a10e7b7fd566dbc8caa399459bfc2829c571ad8c6ef34a
SPKI checked via https://v1.pwnedkeys.com/spki-hash:Good: Key isn't compromised
OCSP - Url:
OCSP - must staple:no
Certificate Transparency:no
Enhanced Key Usage:




 

10. Last Certificates - Certificate Transparency Log Check

1. Source CertSpotter - active certificates (one check per day)

No CertSpotter - CT-Log entries found

 

2. Source crt.sh - old and new certificates, sometimes very slow - only certificates with "not after" > of the last months are listed

Issuerlast 7 daysactivenum Certs
CN=Apple Server Authentication CA 2, OU=Apple Certification Authority, O=Apple Inc., C=US
0
0
1

CRT-IdIssuernot beforenot afterDomain namesLE-Duplicatenext LE
15045066585
leaf cert
CN=Apple Server Authentication CA 2, OU=Apple Certification Authority, O=Apple Inc., C=US
2024-09-27 20:32:20
2024-12-18 17:27:10
iphone-ld.apple.com
1 entries


 

11. Html-Content - Entries

No Html-Content entries found. Only checked if https + status 200/401/403/404

 

12. Html-Parsing via https://validator.w3.org/nu/


No https result http status 200 and Content-Type text/html or text/xml found, no Html-Parsing - Check

 

13. Nameserver - IP-Adresses

Required Root-climbing DNS-Queries to find ip addresses of all Name Servers: a.ns.apple.com, b.ns.apple.com, c.ns.apple.com, d.ns.apple.com

 

QNr.DomainTypeNS used
1
com
NS
c.root-servers.net (2001:500:2::c)

Answer: a.gtld-servers.net, b.gtld-servers.net, c.gtld-servers.net, d.gtld-servers.net, e.gtld-servers.net, f.gtld-servers.net, g.gtld-servers.net, h.gtld-servers.net, i.gtld-servers.net, j.gtld-servers.net, k.gtld-servers.net, l.gtld-servers.net, m.gtld-servers.net
2
a.ns.apple.com: 17.253.200.1, 2620:149:ae0::53
NS
e.gtld-servers.net (2001:502:1ca1::30)

Answer: b.ns.apple.com
17.253.207.1, 2620:149:ae7::53

Answer: c.ns.apple.com
204.19.119.1, 2620:171:800:714::1

Answer: d.ns.apple.com
204.26.57.1, 2620:171:801:714::1

 

14. CAA - Entries

DomainnameflagNameValue∑ Queries∑ Timeout
iphone-ld.origin-apple.com.akadns.net



1
0
origin-apple.com.akadns.net
0

no CAA entry found
1
0
iphone-ld.apple.com



1
0
com.akadns.net
0

no CAA entry found
1
0
akadns.net
0

no CAA entry found
1
0
apple.com
5
issue
entrust.net
1
0

5
iodef
mailto:contact_pki@apple.com
1
0

5
issue
pki.apple.com
1
0
com
0

no CAA entry found
1
0
net
0

no CAA entry found
1
0

 

15. TXT - Entries

DomainnameTXT EntryStatus∑ Queries∑ Timeout
apple.com
77a4a6de-da14-449c-83c4-85366e0f55f9
ok
1
0
apple.com
adobe-idp-site-verification=6bd5e74c-a3a0-4781-b2e1-e95399b5e11c
ok
1
0
apple.com
apple-domain-verification=X5Jt76bn3Dnmgzjj
ok
1
0
apple.com
atlassian-domain-verification=mLabq99iaT8kquJechF6l31FAYoNUe3WB7tLpLFUiUYVJCse9SKq83hOJzFkwqrh
ok
1
0
apple.com
cerner-client-id=22dd1d8a-5e8b-4e1e-80ef-39bcdfd42798
ok
1
0
apple.com
cerner-client-id=ce3abf18-ee87-43b9-9927-9eb24b4bac4a
ok
1
0
apple.com
cisco-ci-domain-verification=6f3bfb849796a518061f8e8c4356f687a138502d86db742791685059176547dd
ok
1
0
apple.com
Dynatrace-site-verification=7d881a7c-c13f-4146-9d27-2731459e2509__iqls0105tagglcsaul0m16ibrf
ok
1
0
apple.com
facebook-domain-verification=n6cqjfucq6plswmtfbwnbbeu1qiq3v
ok
1
0
apple.com
google-site-verification=8M6XjQCzydT62jk8HY3VXPAG-nKDllTRV-JpA3-Ktyw
ok
1
0
apple.com
google-site-verification=L5kkMdiFI8npvb6KlHui84fJaCw5G64DWhaDRIAT4_c
ok
1
0
apple.com
google-site-verification=zBSq1mG5ssu2If-C17UAz_MzSZDcx03MVxmeDwMNc5w
ok
1
0
apple.com
json:eyJ3aHkiOiJUaGlzIGlzIHRvIHRydW5jYXRlIFVEUCByZXNwb25zZXMgZm9yIFRYVCBxdWVyaWVzIHRvIGFwcGxlLmNvbSIsInBhZGRpbmciOiJpZW4wYWVHaGF0aG9oNmhhaHZpZWphaTNlYXkwYWh2YWhjaGFocXVhZWxlZTBZdWw0cGhpZXRoMHNvNXZpZXllZWNvaDRpZThzaGVlcGllVDNwYWVjaGVpVjZqb2h3aWVwaG82In0K
ok
1
0
apple.com
json:eyJ3aHkiOiJUaGlzIGlzIHRvIHRydW5jYXRlIFVEUCByZXNwb25zZXMgZm9yIFRYVCBxdWVyaWVzIHRvIGFwcGxlLmNvbSIsInBhZGRpbmciOiJxdWFoMGVpamFhNGVlajh0aWVkYWlnaG9jZWljaGFlOGVUb3ppZTVmdTVhaFRoMldlaU00aWsyaHVxdThpZXBoaWVxdW9oc2hlaXBhZWdoOUthZWw3b2NoaWVuZ2llem9lc2g1In0K
ok
1
0
apple.com
miro-verification=2494d255c4c50b1e521650a0659cbf3fa08b0072
ok
1
0
apple.com
v=spf1 include:_spf.apple.com include:_spf-txn.apple.com ~all
ok
1
0
apple.com
ValidationTokenValue=77a4a6de-da14-449c-83c4-85366e0f55f9
ok
1
0
apple.com
webexdomainverification.8C462=b728ec3f-dfc9-42f9-92cb-9ba8853cbee8
ok
1
0
apple.com
yahoo-verification-key=Ay+djyw0qWQgXKWGA/jstjYryTMrKb+PBXI5l8u5/jw=
ok
1
0
iphone-ld.apple.com


1
0
_acme-challenge.iphone-ld.apple.com

Name Error - The domain name does not exist
1
0
_acme-challenge.iphone-ld.apple.com.apple.com
v=spf1 redirect=_spf.apple.com
perhaps wrong
1
0
_acme-challenge.iphone-ld.origin-apple.com.akadns.net

Name Error - The domain name does not exist
1
0
_acme-challenge.iphone-ld.apple.com.iphone-ld.apple.com

Name Error - The domain name does not exist
1
0
_acme-challenge.iphone-ld.origin-apple.com.akadns.net.iphone-ld.origin-apple.com.akadns.net

Name Error - The domain name does not exist
1
0

 

16. DomainService - Entries

TypeDomainPrefValueDNS-errornum AnswersStatusDescription
SPF
TXT
iphone-ld.apple.com

32768TXT expected, but CNAME found. CNAME not allowed, only TXT queries are allowed. See RFC 7208, 4.4.

 

 

17. Cipher Suites

No results

 

18. Portchecks

No open Ports <> 80 / 443 found, so no additional Ports checked.

 

 

Permalink: https://check-your-website.server-daten.de/?i=9af13d9f-1ecd-4ede-8c1c-1fff2bf32612

 

Last Result: https://check-your-website.server-daten.de/?q=iphone-ld.apple.com - 2024-12-27 05:50:03

 

Do you like this page? Support this tool, add a link on your page:

 

<a href="https://check-your-website.server-daten.de/?q=iphone-ld.apple.com" target="_blank">Check this Site: iphone-ld.apple.com</a>

 

 

Do you really want to support this project? Donate: Check-your-website, IBAN DE98 1001 0010 0575 2211 07, SWIFT/BIC PBNKDEFF, Euro

 

QR-Code of this page - https://check-your-website.server-daten.de/?d=iphone-ld.apple.com