DNS & HTTP Analysis for itv.com

Details
Category: Tool Processing Reports

Processing Domain itv.com on 29/03/2019 15:47:00


  • This tool is available free to use at GENSupport
  • Help and Support for your DNS or HTTP issues available on our Forum
  • The version that produced this report is 1.004b

Processing DNS Records

Basic Checks

Here we check the basic functioning and security of your DNS

  • Zone Queries 6 Record Types and 17 Records Found
  • Zone Transfer Failed
  • Zone Dump
    • TXT
      • _dmarc.itv.com. TTL 300 "v=DMARC1; p=none; pct=100; fo=1; ri=3600; rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it.; ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it."
      • itv.com. TTL 300 "amazonses:I2ixfd0fX41CAHbGjOhnFQS02QouC6Tdoo67zi9Ax1o="
      • itv.com. TTL 300 "facebook-domain-verification=0j0ot2w8nvh75t05vmjww3tbe9fbjq"
      • itv.com. TTL 300 "google-site-verification=XOJnWX_HDhsouZKfvrP3dUUHoxLMrOhKzMugRfhwEbM"
      • itv.com. TTL 300 "google-site-verification=gy158zX4W62wB7zWa_d-TLtrvltIhVCUUP78TxGUHDw"
      • itv.com. TTL 300 "google-site-verification=sMNe8oonqcORpl07cQh8gLnHTwsH-fVAHuHIIs_c03Q"
      • itv.com. TTL 300 "google-site-verification=y8ofqZeKaLhUPlLVuPHRGcv17-F0ayz1mhk4y0_y0Xw"
      • itv.com. TTL 300 "have-i-been-pwned-verification=dc8541ee076ea0f94a8fa7a0f99debec"
      • itv.com. TTL 300 "k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUDfb2i2luVslE8dnxOA4tbw7AZsKGC3aunxeUDfzMDbx3qRJoXh6JiGIT9lDj6AsZin9zAY7kJgQvGAsYCgeY5RQwmPOTbUc+olME/TC2aFeoR45fbUDagr25ltHQVoudI2sBjcUB28afjC7rXv2d/x4NUWwzcSqed18GMkvMjQIDAQAB"
      • itv.com. TTL 300 "v=spf1 a include:spf.usa.net include:_spf.google.com include:spf.mtasv.net include:es._spf.adp.com include:amazonses.com ip4:193.35.11.46 ip4:193.35.8.46 ip4:195.217.60.32/27 ip4:193.128.122.0/24 ip4:62.190.134.65/26 ip4:154.46.89.129/25 ~all"
    • A
      • itv.com. TTL 300 52.48.32.52
    • MX
      • itv.com. TTL 300 10 mx.usa.net.
      • itv.com. TTL 300 20 mx.ct.mbox.net.
    • NS
      • itv.com. TTL 300 pdns1.cscdns.net.
      • itv.com. TTL 300 pdns2.cscdns.net.
    • SOA
      • itv.com. TTL 300 pdns1.cscdns.net. hostmaster.cscdns.net. 2005065934 28800 7200 604800 300
    • CNAME
      • www.itv.com. TTL 300 www.itv.com.edgekey.net.

Nameservers

Here we check the setup of your nameservers. All nameservers on your domain should be listed in the zone and returned in an ANY query along with corresponding A and/or AAAA records resolving their address.

  • pdns1.cscdns.net 209.112.114.33 Found and Match. ( Missing from Zone Address Records )
  • pdns2.cscdns.net 69.36.145.33 Found and Match. ( Missing from Zone Address Records )

Processing TXT Records

DMARC Record:

The DMARC Record defines how MTA's should response when parsing DKIM and SPF records

  • v=dmarc1 (The Version of this record)
  • p=none (The Policy to implement on FAIL)
  • pct=100 (The Percentage of Messages subject to filtering)
  • fo=1 (Dictates what type of authentication/alignment vulnerabilities are reported)
  • ri=3600 (The number of seconds elapsed between sending aggregate reports)
  • rua=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI of aggregate reports)
  • ruf=mailto:This email address is being protected from spambots. You need JavaScript enabled to view it. (Reporting URI for forensic reports)

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • amazonses:i2ixfd0fx41cahbgjohnfqs02qouc6tdoo67zi9ax1o=

Facebook Domain Verification Record:

This record is used by Facebook to validate domain ownership when creating company pages

  • facebook-domain-verification=0j0ot2w8nvh75t05vmjww3tbe9fbjq

Google Domain Verification Record:

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=xojnwx_hdhsouzkfvrp3duuhoxlmrohkzmugrfhwebm

Google Domain Verification Record:

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=gy158zx4w62wb7zwa_d-tltrvltihvcuup78txguhdw

Google Domain Verification Record:

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=smne8oonqcorpl07cqh8glnhtwsh-fvahuhiis_c03q

Google Domain Verification Record:

This record is used by Google to validate domain ownership when setting up Google Analytics etc

  • google-site-verification=y8ofqzekalhupllvuphrgcv17-f0ayz1mhk4y0_y0xw

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • have-i-been-pwned-verification=dc8541ee076ea0f94a8fa7a0f99debec

Unknown Record:

We cannot identify this record. If you know what it is and its no longer needed then remove it

  • k=rsa; p=migfma0gcsqgsib3dqebaquaa4gnadcbiqkbgqcudfb2i2luvsle8dnxoa4tbw7azskgc3aunxeudfzmdbx3qrjoxh6jigit9ldj6aszin9zay7kjgqvgasycgey5rqwmpotbuc+olme/tc2afeor45fbudagr25lthqvoudi2sbjcub28afjc7rxv2d/x4nuwwzcsqed18gmkvmjqidaqab

SPF Record:

The SPF Record defines which IP addresses are permitted to send email on this domain's behalf

  • v=spf1 (The SPF Format Version Number)
  • a
  • include:spf.usa.net (The SPF Record listed here should be used - whilst convenient places additional load on DNS and should be avoided)
  • include:_spf.google.com (The SPF Record listed here should be used - whilst convenient places additional load on DNS and should be avoided)
  • include:spf.mtasv.net (The SPF Record listed here should be used - whilst convenient places additional load on DNS and should be avoided)
  • include:es._spf.adp.com (The SPF Record listed here should be used - whilst convenient places additional load on DNS and should be avoided)
  • include:amazonses.com (The SPF Record listed here should be used - whilst convenient places additional load on DNS and should be avoided)
  • ip4:193.35.11.46 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:193.35.8.46 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:195.217.60.32/27 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:193.128.122.0/24 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:62.190.134.65/26 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ip4:154.46.89.129/25 (The IPv4 Address of a permitted sender - make sure this scopes your outgoing mail server)
  • ~all (Permit other hosts but take note)

Processing MX (Mail Exchanger) Records

These Records determine the servers (mail servers) responsible for handling your incomming email. Each service is given a priority and they will be used in that order. If all the priorities are the same then they will be used in a round-robin fashion

  • Priority 10 handled by host mx.usa.net. [165.212.65.113] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open
  • Priority 20 handled by host mx.ct.mbox.net. [165.212.182.250] Valid
    • Email Handled Third Party
    • Port 25 (smtp) : Open

Processing CNAME (Alias) Records

These records are aliases making one hostname relate to another. These are often used to match hosts back to clusters or internal referencs that may change.

  • www.itv.com. www.itv.com.edgekey.net.

Processing A (IPv4 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain. The www record is the most common one and will be used to identify your website address

  • Host: itv.com. = IP: [52.48.32.52] Valid Unreachable TX:1 RX:0 LOSS:100%

Processing AAAA (IPv6 Address) Records

These records define the IP Addresse(s) of the servers responsible for hosting your webiste and other resouces on your domain

    Processing Domain Public Records

      Domain Name WHOIS Information - itv.com

      • Domain Name ITV.COM
      • Registry Domain ID 1926795_DOMAIN_COM-VRSN
      • Registrar WHOIS Server whois.corporatedomains.com
      • Registrar URL: http://www.cscglobal.com/global/web/csc/digital-brand-services.html
      • Updated Date: 2018-10-27T05:38:32Z
      • Creation Date: 1994-11-01T05:00:00Z
      • Registry Expiry Date: 2019-10-31T04:00:00Z
      • Registrar CSC Corporate Domains, Inc.
      • Registrar IANA ID 299
      • Registrar Abuse Contact Email This email address is being protected from spambots. You need JavaScript enabled to view it.
      • Registrar Abuse Contact Phone 8887802723
      • Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
      • Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
      • Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
      • Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
      • Name Server PDNS1.CSCDNS.NET
      • Name Server PDNS2.CSCDNS.NET
      • DNSSEC unsigned
      • URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/

      Website Hosting WHOIS Information - 52.48.32.52

      • Amazon Data Services Ireland Limited AMAZON-DUB (NET-52-48-0-0-1) 52.48.0.0 - 52.51.255.255
      • Amazon Technologies Inc. AT-88-Z (NET-52-32-0-0-1) 52.32.0.0 - 52.63.255.255

    Processing Website

      Website Headers for www.itv.com

      We will obtain the headers from your website and parse them for validity

      • Web Server is nginx
      • Request Response HTTP/1.1 200 OK OK
      • SSL is available and enabled
        • Certificate Name /C=GB/L=LONDON/O=ITV PLC/CN=www.itv.com
          • Certificate Issued To
          • Country GB
          • City
          • Locality LONDON
          • Organisation ITV PLC
          • Certificate Scope www.itv.com
          Certificate Issuer
          • Country US
          • Organisation DigiCert Inc
          • Certificate Scope GeoTrust RSA CA 2018
          Certificate Validity
          • Valid From 190128000000Z
          • Valid To 200428120000Z
          Certificate Ciphers
          • SN RSA-SHA256
          • LN sha256WithRSAEncryption
          Certificate Extensions
          • Alternative Hostnames DNS:www.itv.com, DNS:itv.com, DNS:mediaplayer.itv.com, DNS:toots.itv.com, DNS:www.signedstories.com, DNS:lpes.itv.com, DNS:secure-mercury.itv.com, DNS:secure.pes.itv.com, DNS:www.itvstatic.com, DNS:news.images.itv.com, DNS:presscentre.itvstatic.com, DNS:magni.itv.com, DNS:mp.adverts.itv.com, DNS:cpt.itv.com, DNS:hbbtv.itv.com, DNS:old-origin-api.itv.com, DNS:nps.itv.com, DNS:cdn.itv.com, DNS:failover.www.itv.com, DNS:prs.api.itv.com, DNS:hubimages.itv.com
          • Key Usage TLS Web Server Authentication, TLS Web Client Authentication
      • There was a redirect to https://www.itv.com/
      • Valid methods for a specified resource (Allow) Missing
      • Control options for the current connection (Connection) : keep-alive
      • Specifies Technology in use (X-Powered-By) Missing

        • Security Related

        • modifies the algorithm used to populate the Referer header (Referrer-Policy) Missing
        • stops pages when they detect XSS (X-XSS-Protection) Missing
        • Allow and Deny the use of browser features (Feature-Policy) Missing
        • Platform for Privacy Preferences (P3P) Missing

        Cross Origin Resource Sharing

        • (Access-Control-Allow-Origin) Missing
        • (Access-Control-Allow-Credentials) Missing
        • (Access-Control-Expose-Headers) Missing
        • (Access-Control-Max-Age) Missing
        • (Access-Control-Allow-Methods) Missing
        • (Access-Control-Allow-Headers) Missing

        Content Headers

        • The natural language or languages of the intended audience (Content-Language) Missing
        • The form of encoding used (Transfer-Encoding) Missing
        • The length of the response body (Content-Length) Missing
        • The Media type of the body of the request (Content-Type) : text/html; charset=UTF-8
        • The date and time of generation (Date) : Fri, 29 Mar 2019 15:43:31 GMT
        • An opportunity to raise a File Download dialogue box (Content-Disposition) Missing
        • The type of encoding used on the data (Content-Encoding) Missing
        • An alternate location for the returned data (Content-Location) Missing
        • Where in a full body message this partial message belongs (Content-Range) Missing
        • An identifier for a specific version of a resource (ETag) Missing
        • how to match future request headers (Vary) Missing

        Caching Control

        • Tells caches whether they may cache this object (Cache-Control) : max-age=30, public, s-maxage=60, stale-if-error=10800
        • Gives the date/time after which the response is considered stale (Expires) : Fri, 29 Mar 2019 15:44:07 GMT
        • The last modified date for the requested object (Last-Modified) Missing
        • Implementation-specific fields for caching (Pragma) Missing
        • From an Intermediate cache (X-Cache-Action) Missing
        • Intermediate Cache Hits count (X-Cache-Hits) : 1
        • Intermediate Cache Age (X-Cache-Age) Missing
        • Informs the client of proxies through which the response was sent (Via) Missing
        • The Age this page has been cached in a proxy (Age) Missing

        Strict Transport Security (HSTS) Policy

        • A HSTS Policy for the client with scope (Strict-Transport-Security) Missing

        Cookies and Fragments

        • Cookie Data (Set-Cookie) Missing

        Robots.txt

        • You have a robots.txt file and it appears to be valid
          • Allow Entries (0) - Specific Allow
            • Disallow Entries (75) - Specific Disallow
              • /lifestyle/food/shadowmastermodules/
              • /thylacinus/
              • /griffin/
              • /_app/
              • /_data/
              • /error404/
              • /error500/
              • /bestofitv/shadowmodulemaster/
              • /sport/formula1/mastershadowmodules/
              • /sport/formula1/shadowmodulemaster2/
              • /sport/formula1/shadowmodulemaster3/
              • /sport/formula1/shadowmodulemaster4/
              • /sport/boxing/boxingmodulemaster/
              • /sport/rugbyworldcup/shadowmodulemaster/
              • /sport/--shadowmastermodules--.html
              • /sport/shadowmastermodules2/
              • /sport/shadowmastermodules2/videonews/
              • /also3template/
              • /drama/mastershadowmodules/
              • /also1template/
              • /entertainment/shadowmodulemaster/
              • /search/
              • /search?q=
              • /also2/
              • /lifestyle/thismorning/thismorningmodulesmaster/
              • /lifestyle/loosewomen/mastermodulefolder.html
              • /lifestyle/cooks/mastermodulefolder.html
              • /lifestyle/jeremykyle/mastermodule21kyle/
              • /lifestyle/60minutemakeover/shadowmodulemaster/
              • /lifestyle/mastermodulefolder/
              • /lifestyle/beenherebefore/shadowmastermodule/
              • /deleteme/
              • /help/helpmastershadows/
              • /news/mastermodule11news/
              • /news/newsmanual
              • /news/newsfeeds
              • /tvguide/tvguidepl/
              • /error404/
              • /adtest/
              • /itvplayer/ps3/
              • /documents/pdf/
              • /beta/
              • /food/taxonomy/
              • /food/recipe/*?filters=
              • /food/recipe/*&filters=
              • /news/search/
              • /news/border/search/
              • /news/tyne-tees/search/
              • /news/calendar/search/
              • /news/granada/search/
              • /news/central/search/
              • /news/anglia/search/
              • /news/london/search/
              • /news/meridian/search/
              • /news/wales/search/
              • /news/west/search/
              • /news/westcountry/search/
              • /takemeout/previously/
              • /takemeout/the-gossip/
              • /takemeout/dating-tips/
              • /takemeout/quizzes/
              • /termsandconditions
              • /presscentre/search/
              • /onlineentry/
              • /search-results/
              • /itvsearch/
              • /cookies/
              • /termsconditions/
              • /interstitial/
              • /hub/user/
              • /itvplayer/
              • /hub/mywaitrose
              • /mywaitrose
              • /tvguide
              • /hub/assets/js/robotstxt-*.js$
            • Sitemap Entries (1) - Sitemaps
              • https://www.itv.com/hub/sitemap.xml
            • Other Entries (1)
              • user-agent: *

      Processing Website Profile Data

        Website Render for www.itv.com

        Technology Profile itv.com

        We will check for fingerprints of common website technologies

          • Failed to succesfully profile the website, it is likely either custom or plain HTML.

        Meta Profile https://www.itv.com/

        We will check the entire body for metadata

        • viewport : width=device-width, initial-scale=1
        • msvalidate_01 : D6B9DFC873D76421AFC4AC2D89962652
        • description : ITV Hub - the new home of ITV Player, ITV on demand and live TV. It's all of ITV in one place so you can sneak peek upcoming Premieres, watch Box Sets, series so far, ITV Hub exclusives and even live telly. Catch up on all the stuff you love anytime, anywhere on ITV Hub.
        • google-site-verification : y8ofqZeKaLhUPlLVuPHRGcv17-F0ayz1mhk4y0_y0Xw
        • twitter:card : summary
        • twitter:site : @itvhub
        • twitter:title : ITV Hub
        • twitter:description : ITV Hub - the new home of ITV Player, ITV on demand and live TV. It's all of ITV in one place so you can sneak peek upcoming Premieres, watch Box Sets, series so far, ITV Hub exclusives and even live telly. Catch up on all the stuff you love anytime, anywhere on ITV Hub.
        • twitter:image : https://hubimages.itv.com/promotional/21343646-2b59-44b1-9164-3ccea9bba554?q=80&format=jpg&w=1366&h=769&bg=false&blur=0

        Feature Profile https://www.itv.com/

        We will check for common HTML, Javascript and CSS Features

        • DocType html (201767)
        • Document Validated No
        • Tawk.to No
        • FontAwesome No
        • Google Web Fonts No
        • T3 Framework No
        • Google Structured Data Yes
        • Google Analytics No
        • Mamoto Analytics No
        • JQuery No
        • RequireJS No
        • jQuery No

      Processing Completed

        The process is now completed and the results are shown above. Please take a moment to consider each test and its response. DNS, SMTP and HTTP are not simple protocols and it is way beyond the scope of this tool to suggest improvements, but you are welcome to request assistance via our Forum.