DNS & HTTP Analysis for sun.com

Details
Category: Tool Processing Reports

Processing Domain sun.com on 30/03/2019 18:07:04


  • This tool is available free to use at GENSupport
  • Help and Support for your DNS or HTTP issues available on our Forum
  • Whenever you see a clicking on it will take you to more help
  • The version that produced this report is 1.015b

Processing DNS Records

Basic Checks

Here we check the basic functioning and security of your DNS

  • Zone Queries 6 Record Types and 17 Records Found
  • Zone Transfer Failed
  • Zone Dump
    • TXT
      • _dmarc.sun.com. TTL 10800 "v=DMARC1;p=reject;rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.;ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.;fo=1"
      • sun.com. TTL 10800 "v=spf1 ip4:141.146.126.64/27 ip4:156.151.31.64/27 -all"
    • MX
      • sun.com. TTL 10800 5 aserp2020.oracle.com.
      • sun.com. TTL 10800 5 aserp2030.oracle.com.
      • sun.com. TTL 10800 5 aserp2040.oracle.com.
      • sun.com. TTL 10800 5 userp2020.oracle.com.
      • sun.com. TTL 10800 5 userp2030.oracle.com.
      • sun.com. TTL 10800 5 userp2040.oracle.com.
    • NS
      • sun.com. TTL 10800 ns1.p04.dynect.net.
      • sun.com. TTL 10800 ns2.p04.dynect.net.
      • sun.com. TTL 10800 ns3.p04.dynect.net.
      • sun.com. TTL 10800 ns4.p04.dynect.net.
      • sun.com. TTL 10800 orcldns1.ultradns.com.
      • sun.com. TTL 10800 orcldns2.ultradns.net.
    • A
      • sun.com. TTL 300 156.151.59.35
    • SOA
      • sun.com. TTL 900 ns1.p04.dynect.net. hostmaster.oracle.com. 2019010901 7200 600 1209600 900
    • CNAME
      • www.sun.com. TTL 10800 legacy-sun.oraclegha.com.

Nameservers

Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.

  • ns2.p04.dynect.net 204.13.250.4 Found and Match. (Missing from Zone Address Records )
  • orcldns1.ultradns.com 156.154.64.64 Found and Match. (Missing from Zone Address Records )
  • ns1.p04.dynect.net 208.78.70.4 Found and Match. (Missing from Zone Address Records )
  • ns3.p04.dynect.net 208.78.71.4 Found and Match. (Missing from Zone Address Records )
  • orcldns2.ultradns.net 156.154.65.64 Found and Match. (Missing from Zone Address Records )
  • ns4.p04.dynect.net 204.13.251.4 Found and Match. (Missing from Zone Address Records )

Processing TXT Records

DMARC Record:

The DMARC Record defines how MTA's should response when parsing DKIM and SPF records

  • v=dmarc1 (The Version of this record)
  • p=reject (The Policy to implement on FAIL)
  • rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
  • ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI for forensic reports)
  • fo=1 (Dictates what type of authentication/alignment vulnerabilities are reported)

SPF Record:

The SPF Record defines which IP addresses are permitted to send email on this domain's behalf

  • v=spf1 (The SPF Format Version Number)
  • ip4:141.146.126.64/27 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:156.151.31.64/27 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • -all (Permit servers listed in A records - Not a great idea)

Processing MX (Mail Exchanger) Records

These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion

  • Priority 5 handled by host aserp2020.oracle.com. [141.146.126.73] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 5 handled by host aserp2030.oracle.com. [141.146.126.74] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 5 handled by host aserp2040.oracle.com. [141.146.126.75] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 5 handled by host userp2020.oracle.com. [156.151.31.84] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 5 handled by host userp2030.oracle.com. [156.151.31.89] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 5 handled by host userp2040.oracle.com. [156.151.31.90] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open

Processing CNAME (Alias) Records

These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.

  • www.sun.com. legacy-sun.oraclegha.com.

Processing A (IPv4 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address

  • Host: sun.com. = IP: [156.151.59.35] Valid Reachable (131.186ms)

Processing AAAA (IPv6 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain

    Processing Domain Public Records

      Domain Name WHOIS Information - sun.com

      • Domain Name SUN.COM
      • Registry Domain ID 71533_DOMAIN_COM-VRSN
      • Registrar WHOIS Server whois.markmonitor.com
      • Registrar URL: http://www.markmonitor.com
      • Updated Date: 2019-02-16T10:22:11Z
      • Creation Date: 1986-03-19T05:00:00Z
      • Registry Expiry Date: 2020-03-20T04:00:00Z
      • Registrar MarkMonitor Inc.
      • Registrar IANA ID 292
      • Registrar Abuse Contact Email This email address is being protected from spambots. You need JavaScript enabled to view it.
      • Registrar Abuse Contact Phone +1.2083895740
      • Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
      • Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
      • Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
      • Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
      • Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
      • Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
      • Name Server NS1.P04.DYNECT.NET
      • Name Server NS2.P04.DYNECT.NET
      • Name Server NS3.P04.DYNECT.NET
      • Name Server NS4.P04.DYNECT.NET
      • Name Server ORCLDNS1.ULTRADNS.COM
      • Name Server ORCLDNS2.ULTRADNS.NET
      • DNSSEC unsigned
      • URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

      Website Hosting WHOIS Information - 156.151.59.35

      • NetRange 156.151.0.0 - 156.151.255.255
      • CIDR 156.151.0.0/16
      • NetHandle NET-156-151-0-0-1
      • Parent NET156 (NET-156-0-0-0-0)
      • NetType Direct Allocation
      • OriginAS AS792
      • Organization Oracle Corporation (ORACLE-4)
      • RegDate 1993-01-22
      • Updated 2017-01-13
      • Ref: https://rdap.arin.net/registry/ip/156.151.0.0
      • OrgName Oracle Corporation
      • OrgId ORACLE-4
      • Address 500 Oracle Parkway
      • Address: Attn: Domain Administrator
      • City Redwood Shores
      • StateProv CA
      • PostalCode 94065
      • Country US
      • RegDate 1988-04-28
      • Updated 2017-01-28
      • Ref: https://rdap.arin.net/registry/entity/ORACLE-4
      • OrgAbuseHandle NISAM-ARIN
      • OrgAbuseName Network Information Systems Abuse Management
      • OrgAbusePhone +1-650-506-2220
      • OrgAbuseEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
      • OrgAbuseRef: https://rdap.arin.net/registry/entity/NISAM-ARIN
      • OrgTechHandle ORACL1-ARIN
      • OrgTechName ORACLE NIS
      • OrgTechPhone +1-650-506-2220
      • OrgTechEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
      • OrgTechRef: https://rdap.arin.net/registry/entity/ORACL1-ARIN

    Processing Website

      Website Headers for www.sun.com

      We will obtain the headers from your website and parse them for validity

      • Web Server is Oracle-HTTP-Server
      • Request Response HTTP/1.1 301 Moved Permanently Moved Permanently
      • SSL is available and enabled
        • Certificate Name /C=US/ST=California/L=Redwood City/O=Oracle Corporation/OU=Oracle PEO ADC/CN=www.sun.com
          • Certificate Issued To
          • Country US
          • City California
          • Locality Redwood City
          • Organisation Oracle Corporation
          • Certificate Scope www.sun.com
          Certificate Issuer
          • Country US
          • Organisation DigiCert Inc
          • Certificate Scope DigiCert SHA2 Secure Server CA
          Certificate Validity
          • Valid From 180926000000Z
          • Valid To 200925120000Z
          Certificate Ciphers
          • SN RSA-SHA256
          • LN sha256WithRSAEncryption
          Certificate Extensions
          • Alternative Hostnames DNS:www.sun.com, DNS:sun.com, DNS:www-cdn.sun.com
          • Key Usage TLS Web Server Authentication, TLS Web Client Authentication
      • There was a redirect to http://www.oracle.com/us/sun/index.htm
      • There was a SECOND redirect https://www.oracle.com/sun/index.html

        • General

        • allow Valid methods for a specified resource Missing
        • connection Control options for the current connection [keep-alive]
        • x-powered-by Specifies Technology in use Missing

        Security

        • referrer-policy Modifies the algorithm used to populate the Referer Header Missing
        • x-xss-protection Prevents pages loading when XSS is detected [1]
        • feature-policy Allow or Deny the use of browser features Missing
        • p3p Platform for Privacy Preferences Missing
        • content-security-policy CSP Content Security Policy [frame-ancestors 'self' https://explore.oracle.com]
        • x-frame-options Can we open this response in an iframe [sameorigin]

        Cross Origin

        • access-control-allow-origin Missing
        • access-control-allow-credentials Missing
        • access-control-expose-headers Missing
        • access-control-max-age Missing
        • access-control-allow-methods Missing
        • access-control-allow-headers Missing

        Content

        • content-language The natural language or languages of the intended audience Missing
        • transfer-encoding The form of encoding used Missing
        • content-length The length of the response body [1204]
        • content-type The Media type of the Response Body [text/html; charset=utf-8]
        • date The date and time of generation [Sat, 30 Mar 2019 18:03:28 GMT]
        • content-disposition An opportunity to raise a File Download dialogue box Missing
        • content-encoding The type of encoding used on the data Missing
        • content-location An alternate location for the returned data Missing
        • content-range Where in a full body message this partial message belongs Missing
        • etag An identifier for a specific version of a resource Missing
        • vary how to match future request headers Missing
        • x-content-type-options Content Type Options Missing

        Cache

        • cache-control Tells caches whether they may cache this object Missing
        • expires Gives the date/time after which the response is considered stale Missing
        • last-modified The last modified date for the requested object Missing
        • pragma Implementation-specific fields for caching Missing
        • x-cache-action From an Intermediate cache Missing
        • x-cache-hits Intermediate Cache Hits count Missing
        • x-cache-age Intermediate Cache Content Age Missing
        • via Informs the client of proxies through which the response was sent Missing
        • age The Age this page has been cached in a proxy Missing

        Strict Transport Security (HSTS) Policy

        • strict-transport-security A HSTS Policy for the client with scope Missing

        Cookies and Fragments

        • set-cookie Cookie Data to store locally Missing

        Other

        • x-backend-server Identifies the backend server providing this response Missing
        • x-robots-tag Search engine Robot Directive Missing
        • gen= Used by some of the GEN Tools to verify zone ownership Missing
        • cf-cache-status Cloudflare Specific Header indicating cache status for this response Missing

        Not Profiled

        • location [https://www.oracle.com/sun/index.html]
        • status [301 Moved Permanently]
        • x-oracle-dms-rid [0:4]
        • x-oracle-dms-ecid [005XLDr8I899Lew70F2FUF0001ts00JDCF]
        • actual-object-ttl [-1]

      Robots.txt

      • You have a robots.txt file and it appears to be valid
        • Allow Entries (0) - Specific Allow
          • Disallow Entries (0) - Specific Disallow
            • Sitemap Entries (0) - Sitemaps
              • Other Entries (133)

          Processing Website Profile Data

            Website Render for www.sun.com

            Technology Profile sun.com

            We will check for fingerprints of common website technologies

              • Failed to succesfully profile the website, it is likely either custom or plain HTML.

            Meta Profile http://www.oracle.com/us/sun/index.htm

            We will check the entire body for metadata

            Processing Completed

            • Performance Profile
              • DNS Lookups : 0.39 seconds
              • DNS Folding/Unfolding : 0.00 seconds
              • DNS Nameserver Checks : 0.00 seconds
              • DNS TXT Records : 0.00 seconds
              • DNS MX Records : 0.87 seconds
              • DNS CNAME : 0.00 seconds
              • DNS Address : 0.15 seconds
              • WHOIS Lookups : 0.39 seconds
              • First CURL : 0.54 seconds
              • Second CURL : 0.06 seconds
              • SSL Lookup : 1.51 seconds
              • Header Parsing : 0.00 seconds
              • Robots.txt Parsing : 0.90 seconds
              • Website Profile : 0.56 seconds
              • Website META : 0.16 seconds

            The process is now completed and the results are shown above. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.