DNS & HTTP Analysis for leviton.com

Processing Domain leviton.com on 30/03/2019 20:26:00


  • This tool is available free to use at GENSupport
  • Help and Support for your DNS or HTTP issues available on our Forum
  • Whenever you see a clicking on it will take you to more help
  • The version of the data model that was used in this report is 1.002
  • The version that produced this report is 1.015b

Processing DNS Records

Basic Checks

Here we check the basic functioning and security of your DNS

  • Zone Queries 5 Record Types and 15 Records Found
  • Zone Transfer Failed
  • Zone Dump
    • TXT
      • _dmarc.leviton.com. TTL 3600 "v=DMARC1; p=quarantine; pct=100; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; fo=1"
      • leviton.com. TTL 3600 "48i2BzJ2rh5G7b5OjPJsD9l3m1DRb38MxXO8eHcAsiCd/ppgm79ATx7dwxjLClvCGn55AVR7jiU8Fz8ldCJ55g=="
      • leviton.com. TTL 3600 "MS=ms61494171"
      • leviton.com. TTL 3600 "logmein-verification-code=d4c59d1c-8914-4ba2-bdcf-deb46460938f"
      • leviton.com. TTL 3600 "ud7ctn2tdp2dh96ln70n7cegbr"
      • leviton.com. TTL 3600 "v=spf1 mx a ip4:85.158.142.1/32 ip4:195.245.230.4/32 ip4:209.123.84.0/24 ip4:52.70.248.144/32 ip4:213.201.211.128/28 a:smtp.shopify.com include:spf.protection.outlook.com include:aspmx.pardot.com include:amazonses.com include:mail.zendesk.com -all"
    • A
      • dns1.ladasdomains.com. TTL 1800 194.50.187.180
      • dns2.ladasdomains.com. TTL 1800 194.0.182.168
      • dns3.ladasdomains.com. TTL 1800 193.227.117.193
      • leviton.com. TTL 3600 209.123.84.234
    • MX
      • leviton.com. TTL 3600 0 leviton-com.mail.protection.outlook.com.
    • NS
      • leviton.com. TTL 3600 dns1.ladasdomains.com.
      • leviton.com. TTL 3600 dns2.ladasdomains.com.
      • leviton.com. TTL 3600 dns3.ladasdomains.com.
    • SOA
      • leviton.com. TTL 3600 dns1.ladasdomains.com. leviton.com.leviton.com. 2019031800 86400 7200 3600000 172800

Nameservers

Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.

  • dns3.ladasdomains.com 193.227.117.193 Found and Match. (Found in Address Records)
  • dns2.ladasdomains.com 194.0.182.168 Found and Match. (Found in Address Records)
  • dns1.ladasdomains.com 194.50.187.180 Found and Match. (Found in Address Records)

Processing TXT Records

DMARC Record:

The DMARC Record defines how MTA's should response when parsing DKIM and SPF records

  • v=dmarc1 (The Version of this record)
  • p=quarantine (The Policy to implement on FAIL)
  • pct=100 (The Percentage of Messages subject to filtering)
  • rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
  • ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI for forensic reports)
  • fo=1 (Dictates what type of authentication/alignment vulnerabilities are reported)

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • 48i2bzj2rh5g7b5ojpjsd9l3m1drb38mxxo8ehcasicd/ppgm79atx7dwxjlclvcgn55avr7jiu8fz8ldcj55g==

Microsoft Office 365 Verification Record

This record is used to identify this domain as an Office 365 domain

  • ms=ms61494171

Domain Verification for LogMeIn.com

LogMeIn provides a range of remote working, support and conferencing applications

  • logmein-verification-code=d4c59d1c-8914-4ba2-bdcf-deb46460938f

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • ud7ctn2tdp2dh96ln70n7cegbr

SPF Record:

The SPF Record defines which IP addresses are permitted to send email on this domain's behalf

  • v=spf1 (The SPF Format Version Number)
  • mx (Permit servers listed in MX records - Not a great idea)
  • a (Permit servers listed in A records - Not a great idea)
  • ip4:85.158.142.1/32 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:195.245.230.4/32 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:209.123.84.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:52.70.248.144/32 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:213.201.211.128/28 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • a:smtp.shopify.com (Permit servers listed in A records - Not a great idea)
  • include:spf.protection.outlook.com (The SPF Record listed here should be used - Additional look-ups required)
  • include:aspmx.pardot.com (The SPF Record listed here should be used - Additional look-ups required)
  • include:amazonses.com (The SPF Record listed here should be used - Additional look-ups required)
  • include:mail.zendesk.com (The SPF Record listed here should be used - Additional look-ups required)
  • -all (Permit servers listed in A records - Not a great idea)

Processing MX (Mail Exchanger) Records

These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion

  • Priority 0 handled by host leviton-com.mail.protection.outlook.com. [104.47.36.36] Valid
    • Email Handled By Microsoft Corporation
    • Port 25 (smtp) : Open

Processing CNAME (Alias) Records

These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.

    Processing A (IPv4 Address) Records

    These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address

    • Host: dns1.ladasdomains.com. = IP: [194.50.187.180] Valid Reachable (29.625ms)
    • Host: dns2.ladasdomains.com. = IP: [194.0.182.168] Valid Reachable (18.32ms)
    • Host: dns3.ladasdomains.com. = IP: [193.227.117.193] Valid Reachable (29.778ms)
    • Host: leviton.com. = IP: [209.123.84.234] Valid Unreachable TX:1 RX:0 LOSS:100%

    Processing AAAA (IPv6 Address) Records

    These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain

      Processing Domain Public Records

      • We have been unable to find the website IP from the zone
      • Performed an additional out-of-zone lookup to find website host [209.123.84.234]
      • Domain Name WHOIS Information - leviton.com

        • Domain Name LEVITON.COM
        • Registry Domain ID 2863962_DOMAIN_COM-VRSN
        • Registrar WHOIS Server whois.principiumstrategies.com
        • Registrar URL: http://www.principiumstrategies.com
        • Updated Date: 2018-06-02T07:00:15Z
        • Creation Date: 1995-07-18T04:00:00Z
        • Registry Expiry Date: 2019-07-17T04:00:00Z
        • Registrar Ladas Domains LLC d/b/a Principium Strategies
        • Registrar IANA ID 642
        • Registrar Abuse Contact Email This email address is being protected from spambots. You need JavaScript enabled to view it.
        • Registrar Abuse Contact Phone 8887249488
        • Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
        • Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
        • Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
        • Name Server DNS1.LADASDOMAINS.COM
        • Name Server DNS2.LADASDOMAINS.COM
        • Name Server DNS3.LADASDOMAINS.COM
        • DNSSEC unsigned
        • URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

        Website Hosting WHOIS Information - 209.123.84.234

        • NetRange 209.123.0.0 - 209.123.255.255
        • CIDR 209.123.0.0/16
        • NetHandle NET-209-123-0-0-1
        • Parent NET209 (NET-209-0-0-0-0)
        • NetType Direct Allocation
        • OriginAS AS8001
        • Organization Net Access Corporation (NAC)
        • RegDate 1997-08-05
        • Updated 2017-02-02
        • Ref: https://rdap.arin.net/registry/ip/209.123.0.0
        • OrgName Net Access Corporation
        • OrgId NAC
        • Address 2300 15th Street
        • Address Suite 300
        • City Denver
        • StateProv CO
        • PostalCode 80202
        • Country US
        • RegDate
        • Updated 2017-02-02
        • Ref: https://rdap.arin.net/registry/entity/NAC
        • ReferralServer: rwhois://whois.nac.net:43
        • OrgAbuseHandle ABUSE156-ARIN
        • OrgAbuseName Abuse Department
        • OrgAbusePhone +1-800-638-6336
        • OrgAbuseEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
        • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE156-ARIN
        • OrgNOCHandle NOC270-ARIN
        • OrgNOCName Network Operations Center
        • OrgNOCPhone +1-973-590-5080
        • OrgNOCEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
        • OrgNOCRef: https://rdap.arin.net/registry/entity/NOC270-ARIN
        • OrgTechHandle GALIN11-ARIN
        • OrgTechName Galinis, Joseph
        • OrgTechPhone +1-973-590-5121
        • OrgTechEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
        • OrgTechRef: https://rdap.arin.net/registry/entity/GALIN11-ARIN
        • RAbuseHandle ABUSE5526-ARIN
        • RAbuseName Abuse
        • RAbusePhone +1-720-230-7000
        • RAbuseEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
        • RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE5526-ARIN
        • RTechHandle GALIN11-ARIN
        • RTechName Galinis, Joseph
        • RTechPhone +1-973-590-5121
        • RTechEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
        • RTechRef: https://rdap.arin.net/registry/entity/GALIN11-ARIN
        • RNOCHandle NOC270-ARIN
        • RNOCName Network Operations Center
        • RNOCPhone +1-973-590-5080
        • RNOCEmail This email address is being protected from spambots. You need JavaScript enabled to view it.
        • RNOCRef: https://rdap.arin.net/registry/entity/NOC270-ARIN

      Processing Website

        Website Headers for www.leviton.com

        We will obtain the headers from your website and parse them for validity

        • Web Server is Apache/2.4.6 () OpenSSL/1.0.2k-fips
        • Request Response HTTP/1.1 302 Found Moved Temporarily
        • SSL is available and enabled
          • Certificate Name /OU=Domain Control Validated/CN=*.leviton.com
          • Certificate Issued To
            • Country
            • City
            • Locality
            • Organisation
            • Certificate Scope *.leviton.com
            Certificate Issuer
            • Country US
            • Organisation GoDaddy.com, Inc.
            • Certificate Scope Go Daddy Secure Certificate Authority - G2
            Certificate Validity
            • Valid From 180130190200Z
            • Valid To 210204154043Z
            Certificate Ciphers
            • SN RSA-SHA256
            • LN sha256WithRSAEncryption
            Certificate Extensions
            • Alternative Hostnames DNS:*.leviton.com, DNS:leviton.com
            • Key Usage TLS Web Server Authentication, TLS Web Client Authentication
        • There was a redirect to https://www.leviton.com/
        • There was a SECOND redirect http://www.leviton.com/en/
        • General

          • allow Valid methods for a specified resource Missing
          • connection Control options for the current connection Missing
          • x-powered-by Specifies Technology in use - Security Risk Missing
          • x-aspnet-version Specifies the ASP.net version - Security Risk Missing

          Security

          • referrer-policy Modifies the algorithm used to populate the Referer Header Missing
          • x-xss-protection Prevents pages loading when XSS is detected Missing
          • feature-policy Allow or Deny the use of browser features Missing
          • p3p Platform for Privacy Preferences Missing
          • content-security-policy CSP Content Security Policy Missing
          • x-frame-options Can we open this response in an iframe Missing

          Cross Origin

          • access-control-allow-origin Can we share the response with the given origin Missing
          • access-control-allow-credentials Tells Browsers whether to expose the response to frontend JavaScript Missing
          • access-control-expose-headers Indicates which headers can be exposed as part of the Response Missing
          • access-control-max-age Indicates how long the results of a preflight request can be stored Missing
          • access-control-allow-methods Methods allowed when accessing the resource in response to a preflight request Missing
          • access-control-allow-headers Indicates which headers can be used during the actual request Missing

          Content

          • content-language The natural language or languages of the intended audience Missing
          • transfer-encoding The form of encoding used Missing
          • content-length The length of the response body Missing
          • content-type The Media type of the Response Body [text/html; charset=iso-8859-1]
          • date The date and time of generation [Sat, 30 Mar 2019 20:20:52 GMT]
          • content-disposition An opportunity to raise a File Download dialogue box Missing
          • content-encoding The type of encoding used on the data Missing
          • content-location An alternate location for the returned data Missing
          • content-range Where in a full body message this partial message belongs Missing
          • etag An identifier for a specific version of a resource Missing
          • vary how to match future request headers Missing
          • x-content-type-options Content Type Options Missing

          Cache

          • cache-control Tells caches whether they may cache this object Missing
          • expires Gives the date/time after which the response is considered stale Missing
          • last-modified The last modified date for the requested object Missing
          • pragma Implementation-specific fields for caching Missing
          • x-cache-action From an Intermediate cache Missing
          • x-cache-hits Intermediate Cache Hits count Missing
          • x-cache-age Intermediate Cache Content Age Missing
          • via Informs the client of proxies through which the response was sent Missing
          • age The Age this page has been cached in a proxy Missing

          Strict Transport Security (HSTS) Policy

          • strict-transport-security A HSTS Policy for the client with scope Missing

          Cookies and Fragments

          • set-cookie Cookie Data to store locally [x-lbn=ffffffff090e0a5945525d5f4f58455e445a4a423660;path=/;secure;httponly]

          Other

          • x-backend-server Identifies the backend server providing this response Missing
          • x-robots-tag Search engine Robot Directive Missing
          • gen= Used by some of the GEN Tools to verify zone ownership Missing
          • cf-cache-status Cloudflare Specific Header indicating cache status for this response Missing

          Not Profiled

          • location [http://www.leviton.com/en/]

        Robots.txt

        • You have a robots.txt file and it appears to be valid
          • Allow Entries (0) - Specific Allow
            • Disallow Entries (6) - Specific Disallow
              • /
            • Sitemap Entries (0) - Sitemaps
              • Other Entries (6)

          Processing Website Profile Data

            Website Render for www.leviton.com

            Technology Profile leviton.com

            We will check for fingerprints of common website technologies

              • Failed to succesfully profile the website, it is likely either custom or plain HTML.

            Meta Profile https://www.leviton.com/

            We will check the entire body for metadata

            • p:domain_verify : 8c06b7292b410ad42c932dd9aa7fee6c
            • description : Leviton is the smart choice, delivering the most comprehensive range of solutions to meet the needs of today’s residential, commercial and industrial customers in more than 90 countries across the globe.
            • keywords : leviton, electrical, dimmers, gfci, afci, outlets, lighting controls, wiring devices, electrical wiring devices, networking, smart home, home automation, electric vehicle, evse, light switches, data center
            • viewport : width=device-width, initial-scale=1.0

          Processing Completed

          • Performance Profile
            • DNS Lookups : 0.78 seconds
            • DNS Folding/Unfolding : 0.00 seconds
            • DNS Nameserver Checks : 0.00 seconds
            • DNS TXT Records : 0.00 seconds
            • DNS MX Records : 0.13 seconds
            • DNS CNAME : 0.00 seconds
            • DNS Address : 10.13 seconds
            • WHOIS Lookups : 0.53 seconds
            • First CURL : 0.24 seconds
            • Second CURL : 0.44 seconds
            • SSL Lookup : 3.32 seconds
            • Header Parsing : 0.00 seconds
            • Robots.txt Parsing : 0.42 seconds
            • Website Profile : 6.33 seconds
            • Website META : 2.02 seconds

          The process is now completed and the results are shown above. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.