Processing Domain roku.com on 31/03/2019 21:45:44

• This tool is available free to use at GENSupport
• Help and Support for your DNS or HTTP issues available on our Forum
• Whenever you see a clicking on it will take you to more help
• The version of the data model that was used in this report is 1.007
• The version that produced this report is 1.019b

Processing DNS Records

Basic Checks

Here we check the basic functioning and security of your DNS

• Zone Queries 6 Record Types and 16 Records Found
• Zone Transfer Failed
• Zone Dump
  • TXT
    • _dmarc.roku.com. TTL 300 "v=DMARC1; p=none; fo=1; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it."
    • roku.com. TTL 3600 "DHGdiaYxVM13aAPRw0QSJKXocxNDeUgq1cUgtzcRIC1qhXcXCXYLEDyI5xp9BgzvmxSsGVXyMT0GRJnGH27Eag=="
    • roku.com. TTL 3600 "MS=ms17547277"
    • roku.com. TTL 3600 "v=spf1 include:spf1.roku.com include:spf2.roku.com include:spf3.roku.com include:spf.protection.outlook.com include:mail.zendesk.com include:mailsenders.netsuite.com include:spf.ess.barracudanetworks.com ~all"
  • NS
    • roku.com. TTL 172800 ns-1104.awsdns-10.org.
    • roku.com. TTL 172800 ns-144.awsdns-18.com.
    • roku.com. TTL 172800 ns-1935.awsdns-49.co.uk.
    • roku.com. TTL 172800 ns-764.awsdns-31.net.
  • MX
    • roku.com. TTL 300 10 d120504a.ess.barracudanetworks.com.
    • roku.com. TTL 300 20 d120504b.ess.barracudanetworks.com.
  • A
    • roku.com. TTL 60 54.230.11.144
    • roku.com. TTL 60 54.230.11.212
    • roku.com. TTL 60 54.230.11.237
    • roku.com. TTL 60 54.230.11.94
  • SOA
    • roku.com. TTL 900 ns-144.awsdns-18.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
  • CNAME
    • www.roku.com. TTL 3600 d1eu36k905wd52.cloudfront.net.

Nameservers

Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.

• ns-1104.awsdns-10.org 205.251.196.80 Found and Match. (Missing from Zone Address Records )
• ns-144.awsdns-18.com 205.251.192.144 Found and Match. (Missing from Zone Address Records )
• ns-1935.awsdns-49.co.uk 205.251.199.143 Found and Match. (Missing from Zone Address Records )
• ns-764.awsdns-31.net 205.251.194.252 Found and Match. (Missing from Zone Address Records )

Processing TXT Records

DMARC Record:

The DMARC Record defines how MTA's should response when parsing DKIM and SPF records

• v=dmarc1 (The Version of this record)
• p=none (The Policy to implement on FAIL)
• fo=1 (Dictates what type of authentication/alignment vulnerabilities are reported)
• rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
• ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI for forensic reports)

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

• dhgdiayxvm13aaprw0qsjkxocxndeugq1cugtzcric1qhxcxcxyledyi5xp9bgzvmxssgvxymt0grjngh27eag==

Microsoft Office 365 Verification Record

This record is used to identify this domain as an Office 365 domain

• ms=ms17547277

SPF Record:

The SPF Record defines which IP addresses are permitted to send email on this domain's behalf

• v=spf1 (The SPF Format Version Number)
• include:spf1.roku.com (The SPF Record listed here should be used - Additional look-ups required)
• include:spf2.roku.com (The SPF Record listed here should be used - Additional look-ups required)
• include:spf3.roku.com (The SPF Record listed here should be used - Additional look-ups required)
• include:spf.protection.outlook.com (The SPF Record listed here should be used - Additional look-ups required)
• include:mail.zendesk.com (The SPF Record listed here should be used - Additional look-ups required)
• include:mailsenders.netsuite.com (The SPF Record listed here should be used - Additional look-ups required)
• include:spf.ess.barracudanetworks.com (The SPF Record listed here should be used - Additional look-ups required)
• ~all (Permit servers listed in A records - Not a great idea)

Processing MX (Mail Exchanger) Records

These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion

• Priority 10 handled by host d120504a.ess.barracudanetworks.com. [209.222.82.138] Valid
• Email Handled Third Party
• Port 25 (smtp) : Open
• Priority 20 handled by host d120504b.ess.barracudanetworks.com. [209.222.82.159] Valid
• Email Handled Third Party
• Port 25 (smtp) : Open

Processing CNAME (Alias) Records

These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.

• www.roku.com. d1eu36k905wd52.cloudfront.net.

Processing A (IPv4 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address

• Host: roku.com. = IP: [54.230.11.144] Valid Reachable (13.936ms)
• Host: roku.com. = IP: [54.230.11.212] Valid Reachable (15.064ms)
• Host: roku.com. = IP: [54.230.11.237] Valid Reachable (14.309ms)
• Host: roku.com. = IP: [54.230.11.94] Valid Reachable (13.793ms)

Processing AAAA (IPv6 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain

Processing Domain Public Records

Domain Name WHOIS Information - roku.com

• Domain Name ROKU.COM
• Registry Domain ID 115938155_DOMAIN_COM-VRSN
• Registrar WHOIS Server whois.corporatedomains.com
• Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
• Updated Date: 2019-03-30T05:42:24Z
• Creation Date: 2004-04-03T19:26:16Z
• Registry Expiry Date: 2020-04-03T18:26:16Z
• Registrar CSC Corporate Domains, Inc.
• Registrar IANA ID 299
• Registrar Abuse Contact Email This email address is being protected from spambots. You need JavaScript enabled to view it.
• Registrar Abuse Contact Phone 8887802723
• Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
• Name Server NS-1104.AWSDNS-10.ORG
• Name Server NS-144.AWSDNS-18.COM
• Name Server NS-1935.AWSDNS-49.CO.UK
• Name Server NS-764.AWSDNS-31.NET
• DNSSEC unsigned
• URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

Website Hosting WHOIS Information - 54.230.11.144

• Amazon.com, Inc. AMAZO-ZL4 (NET-54-230-0-0-1) 54.230.0.0 - 54.231.255.255
• Amazon Technologies Inc. AMAZON-2011L (NET-54-224-0-0-1) 54.224.0.0 - 54.239.255.255

Processing Website

Website Headers for www.roku.com

We will obtain the headers from your website and parse them for validity

• Web Server is nginx
• Request Response HTTP/1.1 200 OK OK
• SSL is available and enabled
• Certificate Name /CN=2019.1.7.roku.com

Certificate Issued To

• Country
• City
• Locality
• Organisation
• Certificate Scope 2019.1.7.roku.com

Certificate Issuer

• Country US
• Organisation Amazon
• Certificate Scope Amazon

Certificate Validity

• Valid From 190108000000Z
• Valid To 200208120000Z

Certificate Ciphers

• SN RSA-SHA256
• LN sha256WithRSAEncryption

Certificate Extensions

• Alternative Hostnames DNS:2019.1.7.roku.com, DNS:www.roku.com, DNS:my.roku.com, DNS:channelstore.roku.com, DNS:support.roku.com, DNS:roku.com
• Key Usage TLS Web Server Authentication, TLS Web Client Authentication
• There was a redirect to https://www.roku.com/

General

• allow Valid methods for a specified resource after a 405 Missing
• location For Redirects specifies the target Missing
• connection Control options for the current connection [keep-alive]
• x-powered-by Specifies Technology in use - Security Risk Missing
• x-aspnet-version Specifies the ASP.net version - Security Risk Missing
• accept-ranges To advertise its support of partial requests Missing

Security

• referrer-policy Modifies the algorithm used to populate the Referer Header Missing
• x-xss-protection Prevents pages loading when XSS is detected [1; mode=block]
• feature-policy Allow or Deny the use of browser features Missing
• p3p Platform for Privacy Preferences Missing
• content-security-policy CSP Content Security Policy Missing
• x-frame-options Can we open this response in an iframe [SAMEORIGIN]

Cross Origin

• access-control-allow-origin Can we share the response with the given origin Missing
• access-control-allow-credentials Tells Browsers whether to expose the response to frontend JavaScript Missing
• access-control-expose-headers Indicates which headers can be exposed as part of the Response Missing
• access-control-max-age Indicates how long the results of a preflight request can be stored Missing
• access-control-allow-methods Methods allowed when accessing the resource in response to a preflight request Missing
• access-control-allow-headers Indicates which headers can be used during the actual request Missing

Content

• content-language The natural language or languages of the intended audience Missing
• transfer-encoding The form of encoding used Missing
• content-length The length of the response body [36663]
• content-type The Media type of the Response Body [text/html; charset=utf-8]
• date The date and time of generation [Sun, 31 Mar 2019 21:42:09 GMT]
• content-disposition An opportunity to raise a File Download dialogue box Missing
• content-encoding The type of encoding/compression used on the Response Missing
• content-location An alternate location for the returned data Missing
• content-range Where in a full body message this partial message belongs Missing
• etag An identifier for a specific version of a resource Missing
• vary how to match future request headers [Accept-Encoding]
• x-content-type-options Types in Content-Type should NOT be changed [nosniff]

Cache

• cache-control Tells caches whether they may cache this object [private, no-cache, no-store, must-revalidate]
• expires Gives the date/time after which the response is considered stale [-1]
• last-modified The last modified date for the requested object Missing
• pragma Implementation-specific fields for caching [no-cache]
• x-cache-action From an Intermediate cache Missing
• x-cache-hits Intermediate Cache Hits count Missing
• x-cache-age Intermediate Cache Content Age Missing
• via Informs the client of proxies through which the response was sent [1.1 ac9160284436f682aa040d899a265c45.cloudfront.net (CloudFront)]
• age The Age this page has been cached in a proxy Missing
• x-served-by The Cache that served this response Missing
• x-cache Indicates if the cache served cached content [Miss from cloudfront]
• x-via-fastly Specific headers from Fastly Missing

Strict Transport Security (HSTS) Policy

• strict-transport-security A HSTS Policy for the client with scope [max-age=15552000; includeSubDomains]

Cookies and Fragments

• set-cookie Cookie Data to store locally [experiments=%7B%22HkTCp-OiZ%22%3A%7B%22b%22%3A%22A%22%2C%22n%22%3A%22ICS%20popup%20and%20receipt%20removal%22%2C%22v%22%3A2%7D%2C%22S1DTlby5z%22%3A%7B%22b%22%3A%22Google%22%2C%22n%22%3A%22Support%20Site%20-%20Google%20Search%20Link%22%2C%22v%22%3A6%7D%2C%22rkQy1uVlm%22%3A%7B%22b%22%3A%22Abo-ss%22%2C%22n%22%3A%22Support%20Logged-In%20State%22%2C%22v%22%3A5%7D%2C%22y9qyjozXO%22%3A%7B%22b%22%3A%22Control%22%2C%22n%22%3A%22Remove%20Email%20repeated%20fields%20in%20Account%20Creation%20Page%22%2C%22v%22%3A1%7D%2C%221S2PAw7F7%22%3A%7B%22b%22%3A%22Control%22%2C%22n%22%3A%22Support%20Site%20-%20RPES%20Order%20Management%20%26%20Automate%20RMA%22%2C%22v%22%3A1%7D%7D; Max-Age=31536000; Domain=.roku.com; Path=/; Expires=Mon, 30 Mar 2020 21:42:09 GMT; HttpOnly; Secure]

Other

• x-backend-server Identifies the backend server providing this response Missing
• x-robots-tag Search engine Robot Directive Missing
• gen= Used by some of the GEN Tools to verify zone ownership Missing
• cf-cache-status Cloudflare Specific Header indicating cache status for this response Missing

Not Profiled

• x-download-options [noopen]
• x-amz-cf-id [AFJcHHVJ5qG4qXA3wuIJ_Z42y5-gro8SePJk8tWlgpWzkeEBlLoG7A==]

Robots.txt

• You have a robots.txt file and it appears to be valid
  • Allow Entries (0) - Specific Allow
  • Disallow Entries (107) - Specific Disallow
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
    • /
  • Sitemap Entries (0) - Sitemaps
  • Other Entries (109)

Processing Website Profile Data

Website Render for www.roku.com



Technology Profile roku.com

We will check for fingerprints of common website technologies

• Failed to succesfully profile the website, it is likely either custom or plain HTML.

MOZ Rank Profile https://www.roku.com/

We will retrieve your Ranking Profile from Moz.com

• 81477 The number of external, equity links
• 90427 The number of internal and external equity and non-equity links
• 79 The Domain Authority (DA) ( 0->100 )
• 64 The Page Authority (PA) ( 0->100 )
• 6.400000095 The MozRank of the Domain ( 0->10 )

Alexa Rank Profile https://www.roku.com/

We will retrieve your Ranking Profile from Alexa.com

• 1762 The number of external in links
• 5856 Your Alexa Rank

Meta Profile https://www.roku.com/

We will check the entire body for metadata

• fragment : !
• viewport : width=device-width, height=device-height, initial-scale=1
• description : Roku provides the simplest way to stream entertainment to your TV. On your terms. With thousands of available channels to choose from.
• author : Roku
• copyright : 2019
• theme-color : #662d91
• twitter:card : summary
• twitter:url : http://www.roku.com
• twitter:title : Roku
• twitter:description : Roku provides the simplest way to stream entertainment to your TV. On your terms. With thousands of available channels to choose from.
• twitter:image : https://www.roku.com/assets/roku-logo-purple.png
• twitter:site : @RokuPlayer
• twitter:creator : @RokuPlayer
• msvalidate_01 : 1C2FDEE92DB61624816BA13C1E46EC67

Processing Completed

• Performance Profile
• DNS Lookups : 0.33 seconds
• DNS Folding/Unfolding : 0.00 seconds
• DNS Nameserver Checks : 0.00 seconds
• DNS TXT Records : 0.00 seconds
• DNS MX Records : 0.22 seconds
• DNS CNAME : 0.00 seconds
• DNS Address : 0.10 seconds
• WHOIS Lookups : 0.40 seconds
• First CURL : 0.38 seconds
• Second CURL : 0.51 seconds
• SSL Lookup : 0.65 seconds
• Header Parsing : 0.00 seconds
• Robots.txt Parsing : 0.32 seconds
• Website Profile : 9.32 seconds
• Website MozData : 0.21 seconds
• Website Alexa : 0.70 seconds
• Website META : 0.45 seconds

The process is now completed and the results are shown above. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.