DNS & HTTP Analysis for secureserver.net
- Details
- Category: Tool Processing Reports
Processing Domain secureserver.net on 23/01/2020 12:54:36
- This tool is available free to use at GENSupport
- Help and Support for your DNS or HTTP issues available on our Forum
- Whenever you see a clicking on it will take you to more help
- The version of the data model that was used in this report is 1.008
- The version that produced this report is 1.023b
Processing DNS Records
Basic Checks
Here we check the basic functioning and security of your DNS
- Zone Queries 7 Record Types and 28 Records Found
- Zone Transfer Failed
- Zone Dump
- TXT
- _dmarc.secureserver.net. TTL 3600 "v=DMARC1; p=none; fo=1; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it., mailto:This email address is being protected from spambots. You need JavaScript enabled to view it."
- secureserver.net. TTL 60 "346ialadasm76nq2cnknil4d9j"
- secureserver.net. TTL 60 "91klftmshenjj63mda5gs9k2vq"
- secureserver.net. TTL 60 "IPROTA_D17772-XXX.TXT"
- secureserver.net. TTL 60 "MS=ms16109570"
- secureserver.net. TTL 60 "fng0c8fmqejpe7misd5vcmpnrk"
- secureserver.net. TTL 60 "g5a10ihs5emfg8o8s0e44pvktv"
- secureserver.net. TTL 60 "google-site-verification=GsYntSQyy_tSrRvMasP01vF3DBuaZMp1FHSkxva6E-I"
- secureserver.net. TTL 60 "google-site-verification=j69AKsEjg61mFSXTyJPzvpL1eYRp60akMqRxa4XAuLM"
- secureserver.net. TTL 60 "jmopedihhbdn45hsiqpofgqdkc"
- secureserver.net. TTL 60 "o1dr1dj6fdb2tdi7f8hcisd183"
- secureserver.net. TTL 60 "v=spf1 ip4:97.74.135.0/24 ip4:72.167.238.0/24 ip4:72.167.234.0/24 ip4:72.167.218.0/24 ip4:68.178.252.0/24 ip4:68.178.213.0/24 ip4:216.69.139.0/24 ip4:208.109.80.0/24 ip4:188.121.52.0/23 ip4:188.121.43.0/24 include:spf1.secureserver.net -all"
- A
- cns1.secureserver.net. TTL 86400 97.74.96.100
- cns2.secureserver.net. TTL 86400 173.201.64.100
- secureserver.net. TTL 600 208.109.192.71
- AAAA
- cns1.secureserver.net. TTL 86400 2603:5:2100:0:0:0:0:64
- cns2.secureserver.net. TTL 86400 2603:5:2200:0:0:0:0:64
- MX
- secureserver.net. TTL 3600 0 secureserver-net.mail.protection.outlook.com.
- NS
- secureserver.net. TTL 3600 a1-245.akam.net.
- secureserver.net. TTL 3600 a11-64.akam.net.
- secureserver.net. TTL 3600 a20-65.akam.net.
- secureserver.net. TTL 3600 a6-66.akam.net.
- secureserver.net. TTL 3600 a8-67.akam.net.
- secureserver.net. TTL 3600 a9-67.akam.net.
- secureserver.net. TTL 3600 cns1.secureserver.net.
- secureserver.net. TTL 3600 cns2.secureserver.net.
- SOA
- secureserver.net. TTL 3600 cns1.secureserver.net. dns.jomax.net. 2020022080 300 600 1209600 3600
- CNAME
- www.secureserver.net. TTL 300 wildcard-ipv6.secureserver.net.edgekey.net.
Nameservers
Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.
- cns2.secureserver.net 173.201.64.100 Found and Match. (Found in Address Records)
- a6-66.akam.net 23.211.133.66 Found and Match. (Missing from Zone Address Records )
- a9-67.akam.net 184.85.248.67 Found and Match. (Missing from Zone Address Records )
- a8-67.akam.net 2.16.40.67 Found and Match. (Missing from Zone Address Records )
- a20-65.akam.net 95.100.175.65 Found and Match. (Missing from Zone Address Records )
- a11-64.akam.net 84.53.139.64 Found and Match. (Missing from Zone Address Records )
- cns1.secureserver.net 97.74.96.100 Found and Match. (Found in Address Records)
- a1-245.akam.net 193.108.91.245 Found and Match. (Missing from Zone Address Records )
- All Name Servers on Different Subnets
Processing 12 TXT Records
DMARC Record:
The DMARC Record defines how MTA's should response when parsing DKIM and SPF records
- v=dmarc1 (The Version of this record)
- p=none (The Policy to implement on FAIL)
- fo=1 (Dictates what type of authentication/alignment vulnerabilities are reported)
- rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it., mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- 346ialadasm76nq2cnknil4d9j
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- 91klftmshenjj63mda5gs9k2vq
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- iprota_d17772-xxx.txt
Microsoft Office 365 Verification Record
This record is used to identify this domain as an Office 365 domain
- ms=ms16109570
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- fng0c8fmqejpe7misd5vcmpnrk
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- g5a10ihs5emfg8o8s0e44pvktv
Google Domain Verification Record
This record is used by Google to validate domain ownership when setting up Google Analytics etc
- google-site-verification=gsyntsqyy_tsrrvmasp01vf3dbuazmp1fhskxva6e-i
Google Domain Verification Record
This record is used by Google to validate domain ownership when setting up Google Analytics etc
- google-site-verification=j69aksejg61mfsxtyjpzvpl1eyrp60akmqrxa4xaulm
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- jmopedihhbdn45hsiqpofgqdkc
Unknown Record:
We cannot identify this record. If you know what it is and its no longer needed then remove it
- o1dr1dj6fdb2tdi7f8hcisd183
SPF Record:
The SPF Record defines which IP addresses are permitted to send email on this domain's behalf
- v=spf1 (The SPF Format Version Number)
- ip4:97.74.135.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:72.167.238.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:72.167.234.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:72.167.218.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:68.178.252.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:68.178.213.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:216.69.139.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:208.109.80.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:188.121.52.0/23 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- ip4:188.121.43.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
- include:spf1.secureserver.net (An Include - Additional look-ups required, some server's won't bother.)
- -all (Permit ONLY the hosts listed)
Processing 1 MX (Mail Exchanger) Records
These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion
- Priority 0 handled by host secureserver-net.mail.protection.outlook.com. [104.47.55.110] Valid
- Email Handled By Microsoft Corporation
- Port 25 (smtp) : Open
Processing 1 CNAME (Alias) Records
These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.
- www.secureserver.net. wildcard-ipv6.secureserver.net.edgekey.net.
Processing 3 A (IPv4 Address) Records
These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address
- Host: cns1.secureserver.net. = IP: [97.74.96.100] Valid Reachable (21.214ms)
- Host: cns2.secureserver.net. = IP: [173.201.64.100] Valid Reachable (20.66ms)
- Host: secureserver.net. = IP: [208.109.192.71] Valid Reachable (131.451ms)
Processing AAAA (IPv6 Address) Records
These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain
- Host: cns1.secureserver.net. = IP: [2603:5:2100:0:0:0:0:64] Valid
- Host: cns2.secureserver.net. = IP: [2603:5:2200:0:0:0:0:64] Valid
Processing Domain Public Records
Domain Name WHOIS Information - secureserver.net
- Domain Name SECURESERVER.NET
- Registry Domain ID 1099023_DOMAIN_NET-VRSN
- Registrar WHOIS Server whois.wildwestdomains.com
- Registrar URL: http://www.wildwestdomains.com
- Updated Date: 2018-09-05T20:59:16Z
- Creation Date: 1998-03-30T05:00:00Z
- Registry Expiry Date: 2021-11-01T11:59:59Z
- Registrar Wild West Domains, LLC
- Registrar IANA ID 440
- Registrar Abuse Contact Email This email address is being protected from spambots. You need JavaScript enabled to view it.
- Registrar Abuse Contact Phone 480-624-2505
- Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
- Domain Status: clientRenewProhibited https://icann.org/epp#clientRenewProhibited
- Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
- Domain Status: clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited
- Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
- Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
- Name Server A1-245.AKAM.NET
- Name Server A11-64.AKAM.NET
- Name Server A20-65.AKAM.NET
- Name Server A6-66.AKAM.NET
- Name Server A8-67.AKAM.NET
- Name Server A9-67.AKAM.NET
- Name Server CNS1.SECURESERVER.NET
- Name Server CNS2.SECURESERVER.NET
- DNSSEC unsigned
- URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
Website Hosting WHOIS Information - 97.74.96.100
- NetRange 97.74.0.0 - 97.74.255.255
- CIDR 97.74.0.0/16
- NetHandle NET-97-74-0-0-1
- Parent NET97 (NET-97-0-0-0-0)
- NetType Direct Allocation
- OriginAS AS26496
- Organization GoDaddy.com, LLC (GODAD)
- RegDate 2008-08-14
- Updated 2012-02-24
- Ref: https://rdap.arin.net/registry/ip/97.74.0.0
- OrgName GoDaddy.com, LLC
- OrgId GODAD
- Address 14455 N Hayden Road
- Address Suite 226
- City Scottsdale
- StateProv AZ
- PostalCode 85260
- Country US
- RegDate 2007-06-01
- Updated 2014-09-10
- Ref: https://rdap.arin.net/registry/entity/GODAD
- OrgTechHandle NOC124-ARIN
- OrgTechName Network Operations Center
- OrgTechPhone +1-480-505-8809
- OrgTechEmail noc@godaddy.com
- OrgTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
- OrgAbuseHandle ABUSE51-ARIN
- OrgAbuseName Abuse Department
- OrgAbusePhone +1-480-624-2505
- OrgAbuseEmail abuse@godaddy.com
- OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
- OrgNOCHandle NOC124-ARIN
- OrgNOCName Network Operations Center
- OrgNOCPhone +1-480-505-8809
- OrgNOCEmail noc@godaddy.com
- OrgNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
- RAbuseHandle ABUSE51-ARIN
- RAbuseName Abuse Department
- RAbusePhone +1-480-624-2505
- RAbuseEmail abuse@godaddy.com
- RAbuseRef: https://rdap.arin.net/registry/entity/ABUSE51-ARIN
- RNOCHandle NOC124-ARIN
- RNOCName Network Operations Center
- RNOCPhone +1-480-505-8809
- RNOCEmail noc@godaddy.com
- RNOCRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
- RTechHandle NOC124-ARIN
- RTechName Network Operations Center
- RTechPhone +1-480-505-8809
- RTechEmail noc@godaddy.com
- RTechRef: https://rdap.arin.net/registry/entity/NOC124-ARIN
Processing Website
Website Headers for www.secureserver.net
We will obtain the headers from your website and parse them for validity
- Web Server is nginx/1.11.3
- Server header exposes version - Security Risk
- Request Response HTTP/1.1 404 Not Found Not Found
- SSL is not available
- There was a redirect to https://www.secureserver.net/
General
- allow Valid methods for a specified resource after a 405 : Missing
- location For Redirects specifies the target : Missing
- connection Control options for the current connection [keep-alive]
- x-powered-by Specifies Technology in use - Security Risk [Slay]
- x-aspnet-version Specifies the ASP.net version - Security Risk : Missing
- accept-ranges To advertise its support of partial requests : Missing
- link Used to express typed relationship with another resource : Missing
- upgrade HTTP/2 (The latest and faster version of HTTP is available : Missing
Security
- referrer-policy Modifies the algorithm used to populate the Referer Header : Missing
- x-xss-protection Prevents pages loading when XSS is detected : Missing
- feature-policy Allow or Deny the use of browser features : Missing
- p3p Platform for Privacy Preferences : Missing
- content-security-policy CSP Content Security Policy : Missing
- x-frame-options Can we open this response in an iframe : Missing
Cross Origin
- access-control-allow-origin Can we share the response with the given origin : Missing
- access-control-allow-credentials Tells Browsers whether to expose the response to frontend JavaScript : Missing
- access-control-expose-headers Indicates which headers can be exposed as part of the Response : Missing
- access-control-max-age Indicates how long the results of a preflight request can be stored : Missing
- access-control-allow-methods Methods allowed when accessing the resource in response to a preflight request : Missing
- access-control-allow-headers Indicates which headers can be used during the actual request : Missing
Content
- content-language The natural language or languages of the intended audience : Missing
- transfer-encoding The form of encoding used : Missing
- content-length The length of the response body : Missing
- content-type The Media type of the Response Body [text/html; charset=utf-8]
- date The date and time of generation [Thu, 23 Jan 2020 12:50:14 GMT]
- content-disposition An opportunity to raise a File Download dialogue box : Missing
- content-encoding The type of encoding/compression used on the Response : Missing
- content-location An alternate location for the returned data : Missing
- content-range Where in a full body message this partial message belongs : Missing
- etag An identifier for a specific version of a resource : Missing
- vary how to match future request headers : Missing
- x-content-type-options Types in Content-Type should NOT be changed : Missing
Cache
- cache-control Tells caches whether they may cache this object [max-age=0, no-cache, no-store]
- expires Gives the date/time after which the response is considered stale [Thu, 23 Jan 2020 12:50:14 GMT]
- last-modified The last modified date for the requested object : Missing
- pragma Implementation-specific fields for caching [no-cache]
- x-cache-action From an Intermediate cache : Missing
- x-cache-hits Intermediate Cache Hits count : Missing
- x-cache-age Intermediate Cache Content Age : Missing
- via Informs the client of proxies through which the response was sent : Missing
- age The Age this page has been cached in a proxy : Missing
- x-served-by The Cache that served this response : Missing
- x-cache Indicates if the cache served cached content : Missing
- x-via-fastly Specific headers from Fastly : Missing
Strict Transport Security (HSTS) Policy
- strict-transport-security A HSTS Policy for the client with scope [max-age=15724800; includeSubDomains; preload]
Cookies and Fragments
- set-cookie Cookie Data to store locally [currency=USD; Max-Age=31536000; Domain=.secureserver.net; Path=/; Expires=Fri, 22 Jan 2021 12:50:14 GMT]
Other
- x-backend-server Identifies the backend server providing this response : Missing
- x-robots-tag Search engine Robot Directive : Missing
- gen Used by some of the GEN Tools to verify zone ownership : Missing
- cf-cache-status Cloudflare Specific Header indicating cache status for this response : Missing
- x-aspnetmvc-version ASP MVC Version Number - Security Risk : Missing
Not Profiled
- x-arc [101]
Robots.txt
- You have a robots.txt file and it appears to be valid
- Allow Entries (0) - Specific Allow
- Disallow Entries (1) - Specific Disallow
- Sitemap Entries (0) - Sitemaps
- Other Entries (1)
Processing Website Profile Data
Website Render for www.secureserver.net
Technology Profile secureserver.net
We will check for fingerprints of common website technologies
- Failed to succesfully profile the website, it is likely either custom or plain HTML.
MOZ Rank Profile https://www.secureserver.net/
We will retrieve your Ranking Profile from Moz.com
- 6677 The number of external, equity links
- 8385 The number of internal and external equity and non-equity links
- 93 The Domain Authority (DA) ( 0->100 )
- 67 The Page Authority (PA) ( 0->100 )
- 6.699999809 The MozRank of the Domain ( 0->10 )
Google Safe Browsing https://www.secureserver.net/
We will retrieve Safe Browsing Status from Google
PhishTank Lookup https://www.secureserver.net/
We will check PhishTank to see if your site is listed
Alexa Rank Profile https://www.secureserver.net/
We will retrieve your Ranking Profile from Alexa.com
Meta Profile https://www.secureserver.net/
We will check the entire body for metadata
Processing Completed
- Performance Profile
- DNS Lookups : 0.47 seconds
- DNS Folding/Unfolding : 0.00 seconds
- DNS Nameserver Checks : 0.00 seconds
- DNS TXT Records : 0.00 seconds
- DNS MX Records : 0.21 seconds
- DNS CNAME : 0.00 seconds
- DNS Address : 0.20 seconds
- WHOIS Lookups : 0.37 seconds
- First CURL : 0.14 seconds
- Second CURL : 0.72 seconds
- SSL Lookup : 0.26 seconds
- Header Parsing : 0.00 seconds
- Robots.txt Parsing : 0.23 seconds
- Website Profile : 2.88 seconds
- Website MozData : 0.29 seconds
- Safe Browsing : 0.09 seconds
- PhishTank : 0.05 seconds
- Website Alexa : 0.66 seconds
- Website META : 0.24 seconds
The process is now completed and the results are shown above. The raw processing data is available HERE. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.
