DNS & HTTP Analysis for linkedin.com

Details
Category: Tool Processing Reports

Processing Domain linkedin.com on 12/12/2019 16:06:21


  • This tool is available free to use at GENSupport
  • Help and Support for your DNS or HTTP issues available on our Forum
  • Whenever you see a clicking on it will take you to more help
  • The version of the data model that was used in this report is 1.008
  • The version that produced this report is 1.023b

Processing DNS Records

Basic Checks

Here we check the basic functioning and security of your DNS

  • Zone Queries 6 Record Types and 28 Records Found
  • Zone Transfer Failed
  • Zone Dump
    • TXT
      • _dmarc.linkedin.com. TTL 3600 "v=DMARC1; p=reject; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; pct=100"
      • linkedin.com. TTL 300 "448e0dc03e935ecf66d81f1ce3c26b2f2fea13756c031ffc4be91749107f3a79"
      • linkedin.com. TTL 300 "docusign=11f01284-dffc-40f9-8d56-57e5261ede3f"
      • linkedin.com. TTL 300 "google-site-verification=VE9BWhjbPPNmbr3ZJcwn5hLTsz7c5KPt3zXdYyaSnSQ"
      • linkedin.com. TTL 300 "google-site-verification=xAGz495k8RbGclhamQx1TkZSHDxOaEd95fOjc8xpbTA"
      • linkedin.com. TTL 300 "v=spf1 ip4:199.101.162.0/25 ip4:108.174.3.0/24 ip4:108.174.6.0/24 ip4:108.174.0.0/24 ip6:2620:109:c00d:104::/64 ip6:2620:109:c006:104::/64 ip6:2620:109:c003:104::/64 ip6:2620:119:50c0:207::/64 ip4:199.101.161.130 mx mx:docusign.net ~all"
    • AAAA
      • linkedin.com. TTL 300 2620:109:c002:0:0:0:6cae:a0a
      • mail-a.linkedin.com. TTL 86400 2620:119:50c0:207:0:0:0:215
      • mail-c.linkedin.com. TTL 86400 2620:109:c006:104:0:0:0:215
      • mail-d.linkedin.com. TTL 86400 2620:109:c003:104:0:0:0:215
    • A
      • linkedin.com. TTL 3600 108.174.10.10
      • mail-a.linkedin.com. TTL 86400 108.174.0.215
      • mail-c.linkedin.com. TTL 86400 108.174.3.215
      • mail-d.linkedin.com. TTL 86400 108.174.6.215
    • MX
      • linkedin.com. TTL 3600 10 mail-c.linkedin.com.
      • linkedin.com. TTL 3600 10 mail-d.linkedin.com.
      • linkedin.com. TTL 3600 15 mail-a.linkedin.com.
      • linkedin.com. TTL 3600 20 mail.linkedin.com.
    • NS
      • linkedin.com. TTL 86400 dns1.p09.nsone.net.
      • linkedin.com. TTL 86400 dns2.p09.nsone.net.
      • linkedin.com. TTL 86400 dns3.p09.nsone.net.
      • linkedin.com. TTL 86400 dns4.p09.nsone.net.
      • linkedin.com. TTL 86400 ns1.p43.dynect.net.
      • linkedin.com. TTL 86400 ns2.p43.dynect.net.
      • linkedin.com. TTL 86400 ns3.p43.dynect.net.
      • linkedin.com. TTL 86400 ns4.p43.dynect.net.
    • CNAME
      • www-src.linkedin.com. TTL 300 2-01-2c3e-003c.cdx.cedexis.net.
      • www.linkedin.com. TTL 300 www-src.linkedin.com.

Nameservers

Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.

  • ns1.p43.dynect.net 208.78.70.43 Found and Match. (Missing from Zone Address Records )
  • dns3.p09.nsone.net 198.51.44.73 Found and Match. (Missing from Zone Address Records )
  • ns4.p43.dynect.net 204.13.251.43 Found and Match. (Missing from Zone Address Records )
  • ns3.p43.dynect.net 208.78.71.43 Found and Match. (Missing from Zone Address Records )
  • dns2.p09.nsone.net 198.51.45.9 Found and Match. (Missing from Zone Address Records )
  • dns1.p09.nsone.net 198.51.44.9 Found and Match. (Missing from Zone Address Records )
  • dns4.p09.nsone.net 198.51.45.73 Found and Match. (Missing from Zone Address Records )
  • ns2.p43.dynect.net 204.13.250.43 Found and Match. (Missing from Zone Address Records )
  • All Name Servers SHOULD BE on Different Subnets

Processing 6 TXT Records

DMARC Record:

The DMARC Record defines how MTA's should response when parsing DKIM and SPF records

  • v=dmarc1 (The Version of this record)
  • p=reject (The Policy to implement on FAIL)
  • rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
  • ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI for forensic reports)
  • pct=100 (The Percentage of Messages subject to filtering)

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • 448e0dc03e935ecf66d81f1ce3c26b2f2fea13756c031ffc4be91749107f3a79

Docusign Record

Docusign is a company offering document signing services but since a data breach and other security concerns this is rarely used today and you should consider removing it

  • docusign=11f01284-dffc-40f9-8d56-57e5261ede3f

Google Domain Verification Record

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=ve9bwhjbppnmbr3zjcwn5hltsz7c5kpt3zxdyyasnsq

Google Domain Verification Record

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=xagz495k8rbgclhamqx1tkzshdxoaed95fojc8xpbta

SPF Record:

The SPF Record defines which IP addresses are permitted to send email on this domain's behalf

  • v=spf1 (The SPF Format Version Number)
  • ip4:199.101.162.0/25 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:108.174.3.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:108.174.6.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:108.174.0.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip6:2620:109:c00d:104::/64 (The IPv6 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip6:2620:109:c006:104::/64 (The IPv6 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip6:2620:109:c003:104::/64 (The IPv6 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip6:2620:119:50c0:207::/64 (The IPv6 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:199.101.161.130 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • mx (Permit servers listed in MX records -extra lookup, some server's won't bother)
  • mx:docusign.net (Permit servers listed in MX records -extra lookup, some server's won't bother)
  • ~all (Permit other hosts but take note)

Processing 4 MX (Mail Exchanger) Records

These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion

  • Priority 10 handled by host mail-c.linkedin.com. [108.174.3.215] Valid
    • Email Handled Locally
    • Forward DNS 108.174.3.215 mail-c.linkedin.com
      • Reverse DNS mail-c.linkedin.com 108.174.3.215
    • Port 25 (smtp) : Open
      • Not Listed in any blacklists
  • Priority 10 handled by host mail-d.linkedin.com. [108.174.6.215] Valid
    • Email Handled Locally
    • Forward DNS 108.174.6.215 mail-d.linkedin.com
      • Reverse DNS mail-d.linkedin.com 108.174.6.215
    • Port 25 (smtp) : Open
      • Not Listed in any blacklists
  • Priority 15 handled by host mail-a.linkedin.com. [108.174.0.215] Valid
    • Email Handled Locally
    • Forward DNS 108.174.0.215 mail-a.linkedin.com
      • Reverse DNS mail-a.linkedin.com 108.174.0.215
    • Port 25 (smtp) : Open
      • Not Listed in any blacklists
  • Priority 20 handled by host mail.linkedin.com. [108.174.6.215] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open

Processing 2 CNAME (Alias) Records

These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.

  • www-src.linkedin.com. 2-01-2c3e-003c.cdx.cedexis.net.
  • www.linkedin.com. www-src.linkedin.com.

Processing 4 A (IPv4 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address

  • Host: linkedin.com. = IP: [108.174.10.10] Valid Reachable (89.543ms)
  • Host: mail-a.linkedin.com. = IP: [108.174.0.215] Valid Reachable (166.189ms)
  • Host: mail-c.linkedin.com. = IP: [108.174.3.215] Valid Reachable (89.321ms)
  • Host: mail-d.linkedin.com. = IP: [108.174.6.215] Valid Reachable (118.659ms)

Processing AAAA (IPv6 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain

  • Host: linkedin.com. = IP: [2620:109:c002:0:0:0:6cae:a0a] Valid
  • Host: mail-a.linkedin.com. = IP: [2620:119:50c0:207:0:0:0:215] Valid
  • Host: mail-c.linkedin.com. = IP: [2620:109:c006:104:0:0:0:215] Valid
  • Host: mail-d.linkedin.com. = IP: [2620:109:c003:104:0:0:0:215] Valid

Processing Domain Public Records

    Domain Name WHOIS Information - linkedin.com

    • Domain Name LINKEDIN.COM
    • Registry Domain ID 91818680_DOMAIN_COM-VRSN
    • Registrar WHOIS Server whois.markmonitor.com
    • Registrar URL: http://www.markmonitor.com
    • Updated Date: 2017-02-02T18:17:30Z
    • Creation Date: 2002-11-02T15:38:11Z
    • Registry Expiry Date: 2020-11-02T15:38:11Z
    • Registrar MarkMonitor Inc.
    • Registrar IANA ID 292
    • Registrar Abuse Contact Email This email address is being protected from spambots. You need JavaScript enabled to view it.
    • Registrar Abuse Contact Phone +1.2083895740
    • Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
    • Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
    • Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
    • Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
    • Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
    • Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
    • Name Server DNS1.P09.NSONE.NET
    • Name Server DNS2.P09.NSONE.NET
    • Name Server DNS3.P09.NSONE.NET
    • Name Server DNS4.P09.NSONE.NET
    • Name Server NS1.P43.DYNECT.NET
    • Name Server NS2.P43.DYNECT.NET
    • Name Server NS3.P43.DYNECT.NET
    • Name Server NS4.P43.DYNECT.NET
    • DNSSEC unsigned
    • URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

    Website Hosting WHOIS Information - 108.174.10.10

    • NetRange 108.174.0.0 - 108.174.15.255
    • CIDR 108.174.0.0/20
    • NetHandle NET-108-174-0-0-1
    • Parent NET108 (NET-108-0-0-0-0)
    • NetType Direct Assignment
    • OriginAS AS20049
    • Organization LinkedIn Corporation (LINKE-1)
    • RegDate 2012-01-11
    • Updated 2012-02-08
    • Ref: https://rdap.arin.net/registry/ip/108.174.0.0
    • OrgName LinkedIn Corporation
    • OrgId LINKE-1
    • Address 1000 W Maude Ave
    • City Sunnyvale
    • StateProv CA
    • PostalCode 94085
    • Country US
    • RegDate 2006-12-15
    • Updated 2018-07-31
    • Ref: https://rdap.arin.net/registry/entity/LINKE-1
    • OrgAbuseHandle ABUSE3328-ARIN
    • OrgAbuseName Abuse Desk
    • OrgAbusePhone +1-650-687-3600
    • OrgAbuseEmail abuse@linkedin.com
    • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3328-ARIN
    • OrgTechHandle ZAL2-ARIN
    • OrgTechName Ali, Zaid
    • OrgTechPhone +1-650-212-2050
    • OrgTechEmail zaid@zaidali.com
    • OrgTechRef: https://rdap.arin.net/registry/entity/ZAL2-ARIN
    • OrgTechHandle HOSTM905-ARIN
    • OrgTechName Hostmaster
    • OrgTechPhone +1-650-687-0505
    • OrgTechEmail hostmaster@linkedin.com
    • OrgTechRef: https://rdap.arin.net/registry/entity/HOSTM905-ARIN
    • OrgNOCHandle HOSTM905-ARIN
    • OrgNOCName Hostmaster
    • OrgNOCPhone +1-650-687-0505
    • OrgNOCEmail hostmaster@linkedin.com
    • OrgNOCRef: https://rdap.arin.net/registry/entity/HOSTM905-ARIN
    • RAbuseHandle ABUSE3328-ARIN
    • RAbuseName Abuse Desk
    • RAbusePhone +1-650-687-3600
    • RAbuseEmail abuse@linkedin.com
    • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3328-ARIN
    • RTechHandle ZAL2-ARIN
    • RTechName Ali, Zaid
    • RTechPhone +1-650-212-2050
    • RTechEmail zaid@zaidali.com
    • RTechRef: https://rdap.arin.net/registry/entity/ZAL2-ARIN
    • RNOCHandle HOSTM905-ARIN
    • RNOCName Hostmaster
    • RNOCPhone +1-650-687-0505
    • RNOCEmail hostmaster@linkedin.com
    • RNOCRef: https://rdap.arin.net/registry/entity/HOSTM905-ARIN
    • RTechHandle HOSTM905-ARIN
    • RTechName Hostmaster
    • RTechPhone +1-650-687-0505
    • RTechEmail hostmaster@linkedin.com
    • RTechRef: https://rdap.arin.net/registry/entity/HOSTM905-ARIN

Processing Website

    Website Headers for www.linkedin.com

    We will obtain the headers from your website and parse them for validity

    • Web Server is Play
    • Server header does not contain version information
    • Request Response HTTP/1.1 200 OK OK
    • SSL is available and enabled
        • /C=US/ST=California/L=Mountain View/O=LinkedIn Corporation/CN=www.linkedin.comUSCalifornia
      • Locality Mountain View
      • Organisation LinkedIn Corporation
      • Certificate Scope www.linkedin.com
      Certificate Issuer
      • Country US
      • Organisation DigiCert Inc
      • Certificate Scope DigiCert SHA2 Secure Server CA
      Certificate Validity
      • Valid From 191121000000Z
      • Valid To 200901120000Z
      Certificate Ciphers
      • SN RSA-SHA256
      • LN sha256WithRSAEncryption
      Certificate Extensions
      • Alternative Hostnames DNS:linkedin.com, DNS:www.linkedin.com, DNS:media.licdn.com, DNS:static.licdn.com, DNS:exp1.www.linkedin.com, DNS:exp2.www.linkedin.com, DNS:exp3.www.linkedin.com, DNS:exp4.www.linkedin.com, DNS:exp5.www.linkedin.com
      • Key Usage TLS Web Server Authentication, TLS Web Client Authentication
  • There was no redirection

    • General

    • allow Valid methods for a specified resource after a 405 : Missing
    • location For Redirects specifies the target : Missing
    • connection Control options for the current connection [keep-alive]
    • x-powered-by Specifies Technology in use - Security Risk : Missing
    • x-aspnet-version Specifies the ASP.net version - Security Risk : Missing
    • accept-ranges To advertise its support of partial requests : Missing
    • link Used to express typed relationship with another resource : Missing
    • upgrade HTTP/2 (The latest and faster version of HTTP is available : Missing

    Security

    • referrer-policy Modifies the algorithm used to populate the Referer Header : Missing
    • x-xss-protection Prevents pages loading when XSS is detected [1; mode=block]
    • feature-policy Allow or Deny the use of browser features : Missing
    • p3p Platform for Privacy Preferences : Missing
    • content-security-policy CSP Content Security Policy [default-src *; connect-src 'self' static.licdn.com media.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media-exp1.licdn.com media-exp2.licdn.com https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com s.c.exp1.licdn.com s.c.exp2.licdn.com m.c.exp1.licdn.com m.c.exp2.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob:; img-src data]
    • x-frame-options Can we open this response in an iframe [sameorigin]

    Cross Origin

    • access-control-allow-origin Can we share the response with the given origin : Missing
    • access-control-allow-credentials Tells Browsers whether to expose the response to frontend JavaScript : Missing
    • access-control-expose-headers Indicates which headers can be exposed as part of the Response : Missing
    • access-control-max-age Indicates how long the results of a preflight request can be stored : Missing
    • access-control-allow-methods Methods allowed when accessing the resource in response to a preflight request : Missing
    • access-control-allow-headers Indicates which headers can be used during the actual request : Missing

    Content

    • content-language The natural language or languages of the intended audience : Missing
    • transfer-encoding The form of encoding used : Missing
    • content-length The length of the response body [82601]
    • content-type The Media type of the Response Body [text/html; charset=utf-8]
    • date The date and time of generation [Thu, 12 Dec 2019 16:02:03 GMT]
    • content-disposition An opportunity to raise a File Download dialogue box : Missing
    • content-encoding The type of encoding/compression used on the Response : Missing
    • content-location An alternate location for the returned data : Missing
    • content-range Where in a full body message this partial message belongs : Missing
    • etag An identifier for a specific version of a resource : Missing
    • vary how to match future request headers : Missing
    • x-content-type-options Types in Content-Type should NOT be changed [nosniff]

    Cache

    • cache-control Tells caches whether they may cache this object [no-cache, no-store]
    • expires Gives the date/time after which the response is considered stale [Thu, 01 Jan 1970 00:00:00 GMT]
    • last-modified The last modified date for the requested object : Missing
    • pragma Implementation-specific fields for caching [no-cache]
    • x-cache-action From an Intermediate cache : Missing
    • x-cache-hits Intermediate Cache Hits count : Missing
    • x-cache-age Intermediate Cache Content Age : Missing
    • via Informs the client of proxies through which the response was sent : Missing
    • age The Age this page has been cached in a proxy : Missing
    • x-served-by The Cache that served this response : Missing
    • x-cache Indicates if the cache served cached content : Missing
    • x-via-fastly Specific headers from Fastly : Missing

    Strict Transport Security (HSTS) Policy

    • strict-transport-security A HSTS Policy for the client with scope [max-age=2592000]

    Cookies and Fragments

    • set-cookie Cookie Data to store locally [lidc="b=OGST05:g=1631:u=1:i=1576166523:t=1576252923:s=AQGBEkB2r8GHIHSZA7VrLd9MdkL-MJdc"; Expires=Fri, 13 Dec 2019 16:02:03 GMT; domain=.linkedin.com; Path=/]

    Other

    • x-backend-server Identifies the backend server providing this response : Missing
    • x-robots-tag Search engine Robot Directive : Missing
    • gen Used by some of the GEN Tools to verify zone ownership : Missing
    • cf-cache-status Cloudflare Specific Header indicating cache status for this response : Missing
    • x-aspnetmvc-version ASP MVC Version Number - Security Risk : Missing

    Not Profiled

    • x-fs-txn-id [2ad9c420b890]
    • x-fs-uuid [6772fb391aabdf1590acc692d42a0000]
    • expect-ct [max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"]
    • x-li-fabric [prod-lor1]
    • x-li-pop [prod-tln1]
    • x-li-proto [http/1.1]
    • x-li-uuid [Z3L7ORqr3xWQrMaS1CoAAA==]

Robots.txt

  • You have a robots.txt file and it appears to be valid
    • Allow Entries (162) - Specific Allow
      • Disallow Entries (1670) - Specific Disallow
        • Sitemap Entries (0) - Sitemaps
          • Other Entries (37)

        Processing Website Profile Data

          Website Render for www.linkedin.com

          Technology Profile linkedin.com

          We will check for fingerprints of common website technologies

            • Failed to succesfully profile the website, it is likely either custom or plain HTML.

          MOZ Rank Profile http://www.linkedin.com/

          We will retrieve your Ranking Profile from Moz.com

          • 316702239 The number of external, equity links
          • 355825842 The number of internal and external equity and non-equity links
          • 97 The Domain Authority (DA) ( 0->100 )
          • 97 The Page Authority (PA) ( 0->100 )
          • 9.699999809 The MozRank of the Domain ( 0->10 )

          Google Safe Browsing http://www.linkedin.com/

          We will retrieve Safe Browsing Status from Google

          • This site is NOT listed as being unsafe by Google

          PhishTank Lookup http://www.linkedin.com/

          We will check PhishTank to see if your site is listed

          • This site is NOT listed as being unsafe by PhishTank

          Alexa Rank Profile http://www.linkedin.com/

          We will retrieve your Ranking Profile from Alexa.com

          • The number of external in links
          • Un-Ranked Your Alexa Rank

          Meta Profile http://www.linkedin.com/

          We will check the entire body for metadata

          • pagekey : d_homepage-guest-home
          • locale : en_US
          • description : 500 million+ members | Manage your professional identity. Build and engage with your professional network. Access knowledge, insights and opportunities.
          • viewport : width=device-width, initial-scale=1
          • litmsprofilename : homepage-guest-frontend
          • twitter:card : summary
          • twitter:site : @linkedin
          • twitter:title : LinkedIn: Log In or Sign Up
          • twitter:description : 500 million+ members | Manage your professional identity. Build and engage with your professional network. Access knowledge, insights and opportunities.
          • linkedin:pagetag : basic
          • robots : noarchive

        Processing Completed

        • Performance Profile
          • DNS Lookups : 0.20 seconds
          • DNS Folding/Unfolding : 0.00 seconds
          • DNS Nameserver Checks : 0.00 seconds
          • DNS TXT Records : 0.00 seconds
          • DNS MX Records : 0.84 seconds
          • DNS CNAME : 0.00 seconds
          • DNS Address : 0.50 seconds
          • WHOIS Lookups : 0.38 seconds
          • First CURL : 0.29 seconds
          • SSL Lookup : 0.55 seconds
          • Header Parsing : 0.00 seconds
          • Robots.txt Parsing : 0.18 seconds
          • Website Profile : 0.29 seconds
          • Website MozData : 0.12 seconds
          • Safe Browsing : 0.10 seconds
          • PhishTank : 0.04 seconds
          • Website Alexa : 0.49 seconds
          • Website META : 0.49 seconds

        The process is now completed and the results are shown above. The raw processing data is available HERE. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.