DNS & HTTP Analysis for stc.com.sa

Processing Domain stc.com.sa on 29/01/2023 16:03:00


  • This tool is available free to use at GENSupport
  • Help and Support for your DNS or HTTP issues available on our Forum
  • Whenever you see a clicking on it will take you to more help
  • The version of the data model that was used in this report is 1.008
  • The version that produced this report is 1.023b

Processing DNS Records

Basic Checks

Here we check the basic functioning and security of your DNS

  • Zone Queries 8 Record Types and 25 Records Found
  • Zone Transfer Failed
  • Zone Dump
    • RRSIG
      • _dmarc.stc.com.sa. TTL 3600 TXT 5 4 3600 20230202034933 20230129032358 52545 stc.com.sa. DHuYJnNCBLR9jb8cZDx+u0iBIgX8p2YFlynDfilaywlwoRjVvGxWygWKm6ZDaipoVQXx4dZQzgA3PAGBnzkggf5CT0K8DvSGMJqckA4DHCwU/yUFU2H6qAs4xoM6i+Ut3XH/ZuAWWDgkLvISdQDHEOgUXcQkVAtvt9J/2tkfhks=
      • stc.com.sa. TTL 300 A 5 3 300 20230202071239 20230129062554 52545 stc.com.sa. Zc0lVXJUXFLUvEN+cuJX3QSww41ic2JlJqWuvyhSFQC94lR/1CT9hBawnoaGb66JgA641+EX/IGFtlxLbrdLk+/1dRsWArFrtvILk85TVZbTSeixxpr/X2vyXANXAnwxKvWmdreFDj0jNbRbuYCacYIv+bahgEtQP8cAuFLy4x0=
      • stc.com.sa. TTL 300 TXT 5 3 300 20230202051842 20230129043531 52545 stc.com.sa. RaO6MTlXp1juOA0uekktJ8koA+sbKtpcrxYJr2VbPG3YDk7Apjrex0KegRSKyv0LpkAJ15OrOavAFSVDTxBGX3ffEGiX8OzPEjAblYRmTkLFdAgtwM/zzbVc0y7cLeQf2FTPZizVGUAKjzGyI4jjdYW7+mMXrqLeIoWbQW0oyRQ=
      • stc.com.sa. TTL 3600 MX 5 3 3600 20230202071332 20230129064537 52545 stc.com.sa. DF+6RVy9BTgBnrZBwyAlSLqYpdad/KMxPviX/gnN9OpskI11k18DoWdmtVrGnkMK9gtQyyp9DH1XMybicI7k9pRdUt2pmw8ggYXy//dhLAQ1OKSyskkIYh25n2Jy2HuChfuCZxQ1cLAtwITz45WhVaHSC2E1cwa7SPjQ6l8I6tY=
      • stc.com.sa. TTL 3600 NS 5 3 3600 20230202061653 20230129052631 52545 stc.com.sa. Rh0w5FoTXiB0E6q6U6rkRuQzfGtNBdVYGIQKsxELNFaEzbPuIzQNugknAloZs/T0eaDkbYPq0JrHGTGR63LrJ6Ht/l+yNnu68+NsXyH0Xjnr4eaZxhqE3rccpQTBdoEc0hMgSEZg2BzTtuv5CqbEceTbUCx8QuDij/rhwiJL3B4=
      • stc.com.sa. TTL 3600 NSEC 5 3 3600 20230202051842 20230129043531 52545 stc.com.sa. SGQW5tuYp+xIoAxhQtrnq7OOQ9Lt8XiXRZDDOkE9NnEDdOkeP4yVTGOXcBNAvsuTKGeNaSw5ZXXE3Kx/qLnKNnU6cbBR1TITNUxKzoVUUEZXMADdI6Tia9j+IaZloAxOor5B6cYX70rpLEMn6Ox0mDLNjjqYedl/Kq9DK4QTu2w=
      • stc.com.sa. TTL 3600 SOA 5 3 3600 20230202094559 20230129084559 52545 stc.com.sa. Cm2mnCGcyPDbOGhiaBr22rwsTJ4mVilsxrM+tbzoPJ5SLUpcKrNQDiA+rwWra5FvYqj9JXJxKjxheIXGtIFs25Lc9E/jh5ElTmlkJX589NYdqwJU+MyA2QK9NKRXPmyb9aiOA2FGrUM/J6D4l6vQ3ZXPJI0NAIDjDVD+xl2hbz4=
      • www.stc.com.sa. TTL 300 CNAME 5 4 300 20230202074034 20230129064726 52545 stc.com.sa. dG/PfamT9nfSY1Cv9Jz/Q98jOOitwgqdL4u7inZmOTeUK3W6JfoOt5j0LbMR4GBPZ0dVRDGeSyPP9FA8zBEd4bu82Pw5vgGOYI4AEmoy1yzS/y8jEPmA3ouhXfWgJO1mXK8lNd9kcNhwVSa2lhk/VsNBaDbUquVBzdkT8xZQdwo=
    • TXT
      • _dmarc.stc.com.sa. TTL 3600 "v=DMARC1; p=reject; sp=none; fo=1; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.;pct=100"
      • stc.com.sa. TTL 300 "cisco-ci-domain-verification=30c011c5411ca57e19e1b1ea3f1631cc7f598ac8a550091d0b3cf60a7df331bd"
      • stc.com.sa. TTL 300 "facebook-domain-verification=gzggav8st4juhzl69i5968pusxigyu"
      • stc.com.sa. TTL 300 "google-site-verification=gHUWJgP6QWdyL9BYs43V1ACyTc8gqbfxZ3FILwf7GZE"
      • stc.com.sa. TTL 300 "v=spf1 mx ip4:212.118.156.88 ip4:212.118.156.89 ip4:212.118.156.90 ip4:212.118.156.91 ip4:212.118.156.100 ip4:212.118.131.82 ip4:212.118.131.84 a:esgrybm04.stc.com.sa a:esgrybm03.stc.com.sa a:esgdmmbm02.stc.com.sa a:esgdmmbm04.stc.com.sa -all"
    • A
      • stc.com.sa. TTL 300 94.97.1.89
    • MX
      • stc.com.sa. TTL 3600 10 imssvip1.stc.com.sa.
      • stc.com.sa. TTL 3600 20 emailedge1.stc.com.sa.
      • stc.com.sa. TTL 3600 20 emailedge2.stc.com.sa.
      • stc.com.sa. TTL 3600 30 imssvipdr1.stc.com.sa.
      • stc.com.sa. TTL 3600 40 emailedgedr1.stc.com.sa.
      • stc.com.sa. TTL 3600 40 emailedgedr2.stc.com.sa.
    • NS
      • stc.com.sa. TTL 3600 inetns7.stc.com.sa.
      • stc.com.sa. TTL 3600 inetns8.stc.com.sa.
    • NSEC
      • stc.com.sa. TTL 3600 3amali.stc.com.sa. A NS SOA MX TXT RRSIG NSEC DNSKEY CAA
    • SOA
      • stc.com.sa. TTL 3600 grid-master.stc.com.sa. iba-net.stc.com.sa. 2001160299 300 30 1209600 3600
    • CNAME
      • www.stc.com.sa. TTL 300 www.stc.com.sa.edgekey.net.

Nameservers

Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.

  • inetns7.stc.com.sa 212.118.131.228 Found and Match. (Missing from Zone Address Records )
  • inetns7.stc.com.sa Found and Match. (Missing from Zone Address Records )
  • inetns8.stc.com.sa 94.97.1.32 Found and Match. (Missing from Zone Address Records )
  • inetns8.stc.com.sa Found and Match. (Missing from Zone Address Records )
  • All Name Servers SHOULD BE on Different Subnets

Processing 5 TXT Records

DMARC Record:

The DMARC Record defines how MTA's should response when parsing DKIM and SPF records

  • v=dmarc1 (The Version of this record)
  • p=reject (The Policy to implement on FAIL)
  • sp=none (The Policy to implement for subdomains on FAIL)
  • fo=1 (Dictates what type of authentication/alignment vulnerabilities are reported)
  • rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
  • ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI for forensic reports)
  • pct=100 (The Percentage of Messages subject to filtering)

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • cisco-ci-domain-verification=30c011c5411ca57e19e1b1ea3f1631cc7f598ac8a550091d0b3cf60a7df331bd

Facebook Domain Verification Record

This record is used by Facebook to validate domain ownership when creating company pages

  • facebook-domain-verification=gzggav8st4juhzl69i5968pusxigyu

Google Domain Verification Record

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=ghuwjgp6qwdyl9bys43v1acytc8gqbfxz3filwf7gze

SPF Record:

The SPF Record defines which IP addresses are permitted to send email on this domain's behalf

  • v=spf1 (The SPF Format Version Number)
  • mx (Permit servers listed in MX records -extra lookup, some server's won't bother)
  • ip4:212.118.156.88 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:212.118.156.89 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:212.118.156.90 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:212.118.156.91 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:212.118.156.100 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:212.118.131.82 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:212.118.131.84 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • a:esgrybm04.stc.com.sa (Permit servers listed in A records -extra lookup, some server's won't bother)
  • a:esgrybm03.stc.com.sa (Permit servers listed in A records -extra lookup, some server's won't bother)
  • a:esgdmmbm02.stc.com.sa (Permit servers listed in A records -extra lookup, some server's won't bother)
  • a:esgdmmbm04.stc.com.sa (Permit servers listed in A records -extra lookup, some server's won't bother)
  • -all (Permit ONLY the hosts listed)

Processing 6 MX (Mail Exchanger) Records

These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion

  • Priority 10 handled by host imssvip1.stc.com.sa. [212.118.156.100] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 20 handled by host emailedge1.stc.com.sa. [212.118.156.90] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 20 handled by host emailedge2.stc.com.sa. [212.118.156.91] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 30 handled by host imssvipdr1.stc.com.sa. [212.118.131.80] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 40 handled by host emailedgedr1.stc.com.sa. [212.118.131.81] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 40 handled by host emailedgedr2.stc.com.sa. [212.118.131.83] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open

Processing 1 CNAME (Alias) Records

These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.

  • www.stc.com.sa. www.stc.com.sa.edgekey.net.

Processing 1 A (IPv4 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address

  • Host: stc.com.sa. = IP: [94.97.1.89] Valid

Processing AAAA (IPv6 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain

    Processing Domain Public Records

      Domain Name WHOIS Information - stc.com.sa

      • % SaudiNIC Whois server.
      • % Rights restricted by copyright.
      • % http //nic.sa/en/view/whois-cmd-copyright
      • Domain Name stc.com.sa
      • Registrant
      • Saudi Telecom Company شركة الاتصالات السعودية
      • Address ******* *******************
      • ***** *************
      • Unknown
      • Administrative Contact
      • Ahmad ***** ***** ***** *****
      • Address ***** *****
      • ***** *****
      • *****
      • Technical Contact
      • Ahmad ***** ***** ***** *****
      • Address ***** *****
      • ***** *****
      • *****
      • Name Servers
      • inetns7.stc.com.sa (212.118.131.228)
      • inetns8.stc.com.sa (94.97.1.32, 2001:16a0:6000:4000:1::14)
      • DNSSEC Yes
      • DS Records
      • 7417 5 1 902430F696BF623501307275B9BD7EE588C6EDCA
      • 7417 5 2 95C6EF2CDD49B40CD61F139D4A038E57400B491A1E8111648F29C40995FAF4EF

      Website Hosting WHOIS Information - 94.97.1.89

      • NetRange 94.0.0.0 - 94.255.255.255
      • CIDR 94.0.0.0/8
      • NetHandle NET-94-0-0-0-1
      • Parent ()
      • NetType Allocated to RIPE NCC
      • OriginAS
      • Organization RIPE Network Coordination Centre (RIPE)
      • RegDate 2007-07-30
      • Updated 2009-05-18
      • Ref: https://rdap.arin.net/registry/ip/94.0.0.0
      • ResourceLink: https://apps.db.ripe.net/search/query.html
      • ResourceLink whois.ripe.net
      • OrgName RIPE Network Coordination Centre
      • OrgId RIPE
      • Address P.O. Box 10096
      • City Amsterdam
      • StateProv
      • PostalCode 1001EB
      • Country NL
      • RegDate
      • Updated 2013-07-29
      • Ref: https://rdap.arin.net/registry/entity/RIPE
      • ReferralServer: whois://whois.ripe.net
      • ResourceLink: https://apps.db.ripe.net/search/query.html
      • OrgTechHandle RNO29-ARIN
      • OrgTechName RIPE NCC Operations
      • OrgTechPhone +31 20 535 4444
      • OrgTechEmail hostmaster@ripe.net
      • OrgTechRef: https://rdap.arin.net/registry/entity/RNO29-ARIN
      • OrgAbuseHandle ABUSE3850-ARIN
      • OrgAbuseName Abuse Contact
      • OrgAbusePhone +31205354444
      • OrgAbuseEmail abuse@ripe.net
      • OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3850-ARIN
      • inetnum 94.97.0.0 - 94.97.255.255
      • country SA
      • admin-c STCR1-RIPE
      • tech-c STCR2-RIPE
      • status ASSIGNED PA
      • mnt-by SAUDINET-STC
      • created: 2009-02-09T08:32:57Z
      • last-modified: 2019-02-17T17:17:14Z
      • source RIPE
      • role Saudi Telecom Co. Registry Admin-C contact
      • address STC complex, murslat, Riyadh
      • address: P.O.Box: 295997
      • address Riyadh 11351
      • address Saudi Arabia
      • phone +966-11-4525020
      • fax-no +966114433639
      • abuse-mailbox registry@stc.com.sa
      • admin-c AR5383-RIPE
      • tech-c AR5383-RIPE
      • mnt-by SAUDINET-STC
      • nic-hdl STCR1-RIPE
      • created: 2003-12-29T20:33:34Z
      • last-modified: 2015-11-04T06:35:37Z
      • role Saudi Telecom Co. Registry Tech-C contact
      • address Murslat Campus, Riyadh
      • address: P.O.Box: 295997
      • address Riyadh 11351
      • address Saudi Arabia
      • phone +966114525020
      • fax-no +966114433639
      • abuse-mailbox registry@stc.com.sa
      • admin-c STCR1-RIPE
      • tech-c STCR1-RIPE
      • mnt-by SAUDINET-STC
      • nic-hdl STCR2-RIPE
      • created: 2003-12-29T20:56:08Z
      • last-modified: 2015-11-04T06:37:15Z
      • route 94.97.1.0/24
      • origin AS25019
      • mnt-by SAUDINET-STC
      • created: 2016-05-08T11:46:31Z
      • last-modified: 2016-05-08T11:46:31Z
      • source RIPE

    Processing Website

      Website Headers for www.stc.com.sa

      We will obtain the headers from your website and parse them for validity

      • Web Server Header is Missing
      • Request Response HTTP/1.1 302 Moved Temporarily Moved Temporarily
      • SSL is available and enabled
        • /CN=www.stc.com.sa
        • Locality
        • Organisation
        • Certificate Scope www.stc.com.sa
        Certificate Issuer
        • Country US
        • Organisation Let's Encrypt
        • Certificate Scope R3
        Certificate Validity
        • Valid From 221206062448Z
        • Valid To 230306062447Z
        Certificate Ciphers
        • SN RSA-SHA256
        • LN sha256WithRSAEncryption
        Certificate Extensions
        • Alternative Hostnames DNS:cdn.stc.com.sa, DNS:eapi.stc.com.sa, DNS:www.stc.com.sa
        • Key Usage TLS Web Server Authentication, TLS Web Client Authentication
    • There was a redirect to https://www.stc.com.sa/
    • There was a SECOND redirect https://www.stc.com.sa/content/stc/sa/ar/personal/home.html
    • General

      • allow Valid methods for a specified resource after a 405 : Missing
      • location For Redirects specifies the target [https://www.stc.com.sa/content/stc/sa/ar/personal/home.html]
      • connection Control options for the current connection [keep-alive]
      • x-powered-by Specifies Technology in use - Security Risk : Missing
      • x-aspnet-version Specifies the ASP.net version - Security Risk : Missing
      • accept-ranges To advertise its support of partial requests : Missing
      • link Used to express typed relationship with another resource : Missing
      • upgrade HTTP/2 (The latest and faster version of HTTP is available : Missing

      Security

      • referrer-policy Modifies the algorithm used to populate the Referer Header : Missing
      • x-xss-protection Prevents pages loading when XSS is detected : Missing
      • feature-policy Allow or Deny the use of browser features : Missing
      • p3p Platform for Privacy Preferences : Missing
      • content-security-policy CSP Content Security Policy : Missing
      • x-frame-options Can we open this response in an iframe : Missing

      Cross Origin

      • access-control-allow-origin Can we share the response with the given origin : Missing
      • access-control-allow-credentials Tells Browsers whether to expose the response to frontend JavaScript : Missing
      • access-control-expose-headers Indicates which headers can be exposed as part of the Response : Missing
      • access-control-max-age Indicates how long the results of a preflight request can be stored : Missing
      • access-control-allow-methods Methods allowed when accessing the resource in response to a preflight request : Missing
      • access-control-allow-headers Indicates which headers can be used during the actual request : Missing

      Content

      • content-language The natural language or languages of the intended audience : Missing
      • transfer-encoding The form of encoding used : Missing
      • content-length The length of the response body [0]
      • content-type The Media type of the Response Body [text/html; charset=iso-8859-1]
      • date The date and time of generation [Sun, 29 Jan 2023 16:05:08 GMT]
      • content-disposition An opportunity to raise a File Download dialogue box : Missing
      • content-encoding The type of encoding/compression used on the Response : Missing
      • content-location An alternate location for the returned data : Missing
      • content-range Where in a full body message this partial message belongs : Missing
      • etag An identifier for a specific version of a resource : Missing
      • vary how to match future request headers : Missing
      • x-content-type-options Types in Content-Type should NOT be changed : Missing

      Cache

      • cache-control Tells caches whether they may cache this object [max-age=0, no-cache, no-store]
      • expires Gives the date/time after which the response is considered stale [Sun, 29 Jan 2023 16:05:08 GMT]
      • last-modified The last modified date for the requested object : Missing
      • pragma Implementation-specific fields for caching [no-cache]
      • x-cache-action From an Intermediate cache : Missing
      • x-cache-hits Intermediate Cache Hits count : Missing
      • x-cache-age Intermediate Cache Content Age : Missing
      • via Informs the client of proxies through which the response was sent : Missing
      • age The Age this page has been cached in a proxy : Missing
      • x-served-by The Cache that served this response : Missing
      • x-cache Indicates if the cache served cached content : Missing
      • x-via-fastly Specific headers from Fastly : Missing

      Strict Transport Security (HSTS) Policy

      • strict-transport-security A HSTS Policy for the client with scope [max-age=16070400; includeSubDomains]

      Cookies and Fragments

      • set-cookie Cookie Data to store locally [CWS=801641738.64288.0000; path=/; Httponly; Secure]

      Other

      • x-backend-server Identifies the backend server providing this response : Missing
      • x-robots-tag Search engine Robot Directive : Missing
      • gen Used by some of the GEN Tools to verify zone ownership : Missing
      • cf-cache-status Cloudflare Specific Header indicating cache status for this response : Missing
      • x-aspnetmvc-version ASP MVC Version Number - Security Risk : Missing

    Robots.txt

    • You do not appear to have a robots.txt file. This is ok

    Processing Website Profile Data

      Website Render for www.stc.com.sa

      Technology Profile stc.com.sa

      We will check for fingerprints of common website technologies

        • Name : Adobe Experience Manager
        • Confidence : low
        • Version :

      MOZ Rank Profile https://www.stc.com.sa/

      We will retrieve your Ranking Profile from Moz.com

      • 24438 The number of external, equity links
      • 61725 The number of internal and external equity and non-equity links
      • 62 The Domain Authority (DA) ( 0->100 )
      • 57 The Page Authority (PA) ( 0->100 )
      • 5.699999809 The MozRank of the Domain ( 0->10 )

      Google Safe Browsing https://www.stc.com.sa/

      We will retrieve Safe Browsing Status from Google

      • This site is NOT listed as being unsafe by Google

      PhishTank Lookup https://www.stc.com.sa/

      We will check PhishTank to see if your site is listed

      • This site is NOT listed as being unsafe by PhishTank

      Alexa Rank Profile https://www.stc.com.sa/

      We will retrieve your Ranking Profile from Alexa.com

      • The number of external in links
      • Un-Ranked Your Alexa Rank

      Meta Profile https://www.stc.com.sa/

      We will check the entire body for metadata

      • viewport : width=device-width, initial-scale=1
      • format-detection : telephone=no
      • google-site-verification : cspjH9j7_FIYNZMkqM5T3Bhx5ejxbF6KzqbmlMkm_cQ

    Processing Completed

    • Performance Profile
      • DNS Lookups : 122.14 seconds
      • DNS Folding/Unfolding : 0.00 seconds
      • DNS Nameserver Checks : 0.00 seconds
      • DNS TXT Records : 0.00 seconds
      • DNS MX Records : 1.29 seconds
      • DNS CNAME : 0.00 seconds
      • DNS Address : 0.06 seconds
      • WHOIS Lookups : 4.55 seconds
      • First CURL : 0.31 seconds
      • Second CURL : 0.27 seconds
      • SSL Lookup : 0.73 seconds
      • Header Parsing : 0.00 seconds
      • Robots.txt Parsing : 0.21 seconds
      • Website Profile : 3.86 seconds
      • Website MozData : 0.29 seconds
      • Safe Browsing : 0.10 seconds
      • PhishTank : 0.08 seconds
      • Website Alexa : 1.19 seconds
      • Website META : 0.49 seconds

    The process is now completed and the results are shown above. The raw processing data is available HERE. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.