VIRGIN
Result Summary
+/– (help)
cpc1-watf1-0-0-cust543.15-2.cable.virginmedia.com / 82.0.170.32
Recorded at 19:26 EST (00:26 UTC next day), Feb 22 2011. Permalink. Referrer. Client/server transcript.
________________________________________
Summary of Noteworthy Events –
Major Abnormalities
• Your DNS resolver returns results even when no such server exists
Minor Aberrations
• Certain TCP protocols are blocked in outbound traffic
• The measured time to set up a TCP connection was somewhat high
• Network packet buffering may be excessive
Address-based Tests +
NAT detection (?): NAT Detected
Local Network Interfaces (?): OK
DNS-based host information (?): OK
Reachability Tests –
TCP connectivity (?): Note
Direct TCP access to remote FTP servers (port 21) is allowed.
Direct TCP access to remote SSH servers (port 22) is allowed.
Direct TCP access to remote SMTP servers (port 25) is allowed.
Direct TCP access to remote DNS servers (port 53) is allowed.
Direct TCP access to remote HTTP servers (port 80) is allowed.
Direct TCP access to remote POP3 servers (port 110) is allowed.
Direct TCP access to remote RPC servers (port 135) is blocked.
This is probably for security reasons, as this protocol is generally not designed for use outside the local network.
Direct TCP access to remote NetBIOS servers (port 139) is blocked.
This is probably for security reasons, as this protocol is generally not designed for use outside the local network.
Direct TCP access to remote IMAP servers (port 143) is allowed.
Direct TCP access to remote SNMP servers (port 161) is allowed.
Direct TCP access to remote HTTPS servers (port 443) is allowed.
Direct TCP access to remote SMB servers (port 445) is blocked.
This is probably for security reasons, as this protocol is generally not designed for use outside the local network.
Direct TCP access to remote SMTP/SSL servers (port 465) is allowed.
Direct TCP access to remote secure IMAP servers (port 585) is allowed.
Direct TCP access to remote authenticated SMTP servers (port 587) is allowed.
Direct TCP access to remote IMAP/SSL servers (port 993) is allowed.
Direct TCP access to remote POP/SSL servers (port 995) is allowed.
Direct TCP access to remote OpenVPN servers (port 1194) is allowed.
Direct TCP access to remote PPTP Control servers (port 1723) is allowed.
Direct TCP access to remote SIP servers (port 5060) is allowed.
Direct TCP access to remote BitTorrent servers (port 6881) is allowed.
Direct TCP access to remote TOR servers (port 9001) is allowed.
UDP connectivity (?): OK
Basic UDP access is available.
The applet was able to send fragmented UDP traffic.
The applet was able to receive fragmented UDP traffic.
Direct UDP access to remote DNS servers (port 53) is allowed.
Direct UDP access to remote NTP servers (port 123) is allowed.
Direct UDP access to remote OpenVPN servers (port 1194) is allowed.
Direct UDP access to remote MSSQL servers (port 1434) is allowed.
Traceroute (?): OK
It takes 20 network hops for traffic to pass from our server to your system, as shown below. For each hop, the time it takes to traverse it is shown in parentheses.
1. None (0 ms)
2. ec2-75-101-160-178.compute-1.amazonaws.com (0 ms)
3. None (0 ms)
4. *
5. *
6. *
7. ge-4-1-0.mpr1.iad10.us.mfnx.net (1 ms)
8. xe-3-0-0.cr1.dca2.us.above.net (3 ms)
9. xe-1-0-0.cr2.dca2.us.above.net (18 ms)
10. xe-2-2-0.cr2.lga5.us.above.net (7 ms)
11. ge-1-2-0.mpr2.lga5.us.above.net (7 ms)
12. so-0-1-0.mpr2.ams5.nl.above.net (89 ms)
13. xe-3-2-0.mpr1.lhr2.uk.above.net (88 ms)
14. so-5-3-0.mpr1.lhr3.uk.above.net (89 ms)
15. xe-2-0-0.mpr2.lhr3.uk.above.net (102 ms)
16. None (93 ms)
17. popl-bb-1b-as1-0.network.virginmedia.net (94 ms)
18. watf-core-1b-ge-000-0.network.virginmedia.net (94 ms)
19. watf-cam-1b-ge-wan32.network.virginmedia.net (95 ms)
20. watf-cmts-01-ge02.network.virginmedia.net (95 ms)
Path MTU (?): OK
The path between your network and our system supports an MTU of at least 1500 bytes, and the path between our system and your network has an MTU of 1500 bytes.
Network Access Link Properties –
Network latency measurements (?): Latency: 110ms Loss: 0.5%
The round-trip time (RTT) between your computer and our server is 110 msec, which is good.
We recorded a packet loss of 0.5%. This loss rate is within the range commonly encountered and not usually inducing significant performance problems. Of the packet loss, at least 0.5% of the packets appear to have been lost on the path from your computer to our servers.
TCP connection setup latency (?): 9100ms
The time it takes for your computer to set up a TCP connection with our server is 9100 msec, which is quite high. This may be due to a variety of factors, including a significant distance between your computer and our server, a particularly slow or poor network link, or problems in your network.
Network background health measurement (?): no transient outages
During most of Netalyzr's execution, the applet continuously measures the state of the network in the background, looking for short outages. During testing, the applet observed no such outages.
Network bandwidth measurements (?): Upload 1.0 Mbit/sec, Download 9.6 Mbit/sec
Your Uplink: We measured your uplink's sending bandwidth at 1.0 Mbit/sec. This level of bandwidth works well for many users.
During this test, the applet observed 5 reordered packets.
Your Downlink: We measured your downlink's receiving bandwidth at 9.6 Mbit/sec. This level of bandwidth works well for many users.
During this test, the applet observed 1895 reordered packets.
Network buffer measurements (?): Uplink 530 ms, Downlink 380 ms
We estimate your uplink as having 530 msec of buffering. This level can in some situations prove somewhat high, and you may experience degraded performance when performing interactive tasks such as web-surfing while simultaneously conducting large uploads. Real-time applications, such as games or audio chat, may also work poorly when conducting large uploads at the same time.
We estimate your downlink as having 380 msec of buffering. This level may serve well for maximizing speed while minimizing the impact of large transfers on other traffic.
HTTP Tests +
Address-based HTTP proxy detection (?): OK
Header-based HTTP proxy detection (?): OK
HTTP proxy detection via malformed requests (?): OK
Filetype-based filtering (?): OK
HTTP caching behavior (?): OK
JavaScript-based tests (?): OK
DNS Tests –
Restricted domain DNS lookup (?): OK
We can successfully look up a name which resolves to the same IP address as our webserver. This means we are able to conduct many of the tests on your DNS server.
Unrestricted domain DNS lookup (?): OK
We can successfully look up arbitrary names from within the Java applet. This means we are able to conduct all test on your DNS server.
Direct DNS support (?): OK
All tested DNS types were received OK
Direct EDNS support (?): OK
EDNS-enabled requests for small responses are answered successfully.
EDNS-enabled requests for medium-sized responses are answered successfully.
EDNS-enabled requests for large responses are answered successfully.
DNS resolver address (?): OK
The IP address of your ISP's DNS Resolver is 62.253.181.23, which resolves to winn-dnsfep-3.server.virginmedia.net.
DNS resolver properties (?): Lookup latency 170ms
Your ISP's DNS resolver requires 170 msec to conduct an external lookup. It takes 160 msec for your ISP's DNS resolver to lookup a name on our server.
Your resolver correctly uses TCP requests when necessary.
Your resolver is using QTYPE=A for default queries.
Your resolver is not automatically performing IPv6 queries.
Your DNS resolver does not use EDNS.
Your DNS resolver can successfully accept large responses.
Your resolver does not use 0x20 randomization, but will pass names in a case-sensitive manner.
We were unable to detect a DNS proxy associated with your NAT.
Your ISP's DNS server cannot use IPv6.
No transport problems were discovered which could affect the deployment of DNSSEC.
DNS glue policy (?): OK
Your ISP's DNS resolver does not accept generic additional (glue) records — good.
Your ISP's DNS resolver does not accept additional (glue) records which correspond to nameservers.
Your ISP's DNS resolver does not follow CNAMEs.
DNS resolver port randomization (?): OK
Your ISP's DNS resolver properly randomizes its local port number.
The following graph shows DNS requests on the x-axis and the detected source ports on the y-axis.
DNS lookups of popular domains (?): OK
80 of 80 popular names were resolved successfully. Show all names.
Name IP Address Reverse Name/SOA
www.abbey.co.uk
165.160.15.20 X (pdns1.cscdns.net)
ad.doubleclick.net
74.125.230.155 X (ns1.google.com)
www.alliance-leicester.co.uk
194.130.105.121 X (alice.ioko365.com)
www.amazon.com
72.21.214.128 X (dns-external-master.amazon.com)
www.ameritrade.com
216.105.251.204 X (mike.lynn.tdameritrade.com)
www.bankofamerica.com
171.161.148.173 wwwao-prodtx.bankofamerica.com
www.bankofscotland.co.uk
195.171.171.21 X (ns0.bt.net)
bit.ly
168.143.172.53 X (ns1.dn.net)
www.capitalone.com
208.80.48.112 X (chia.arin.net)
www.careerbuilder.com
208.82.6.22 X (smokey.careerbuilder.com)
www.chase.com
159.53.64.105 X (ns1.jpmorganchase.com)
chaseonline.chase.com
159.53.64.54 resources-cdc2.chase.com
www.citi.com
192.193.219.58 citibank.com
www.citibank.com
192.193.219.58 citibank.com
www.citimortgage.com
192.193.218.222 citimortgage.com
www.desjardins.com
142.195.132.100
www.desjardins.com
www.dnssec-failed.org
68.87.64.48 cmportal.comcast.net
www.e-gold.com
209.200.169.10 unknown.prolexic.com
www.ebay.com
66.211.181.15 hp-core.ebay.com
encrypted.google.com
74.125.230.139 X (ns1.google.com)
www.etrade.com
198.93.34.21
www.etrade.com
www.f-secure.com
84.53.178.10 X (ns1-2.akam.net)
www.facebook.com
69.63.190.14 www-11-02-ash2.facebook.com
www.fdic.gov
167.176.17.84
www.fdic.gov
www.friendfinder.com
208.88.180.81 X (ii53-30.friendfinderinc.com)
www.google.com
74.125.230.145 X (ns1.google.com)
www.google-analytics.com
209.85.143.101 dy-in-f101.1e100.net
www.halifax.co.uk
212.140.245.97 halifax.co.uk
www.hsbc.co.uk
193.108.74.126 X (ns3.hsbc.com)
www.irs.gov
84.53.178.40 X (ns1-2.akam.net)
www.jpmorganchase.com
159.53.64.105 X (ns1.jpmorganchase.com)
mail.google.com
74.125.230.151 X (ns1.google.com)
mail.live.com
64.4.20.169 dp2.mail.live.com
mail.yahoo.com
217.146.187.123 l1.login.vip.ird.yahoo.com
www.mbna.com
209.135.59.10 X (ns1.usi.net)
www.mbna.net
209.135.59.10 X (ns1.usi.net)
www.meebo.com
74.114.28.110 X (ns1.meebo.com)
messenger.yahoo.com
98.139.200.98 myc1.msg.vip.bf1.yahoo.com
www.microsoft.com
65.55.12.249 wwwco2vip.microsoft.com
www.nationwide.co.uk
155.131.31.81 X (ns0.nationet.net)
www.networksolutions.com
205.178.187.13
www.networksolutions.com
www.newegg.com
216.52.208.185 X (pdns1.ultradns.net)
online.citibank.com
199.67.181.11 citibankonline.com
online.wellsfargo.com
151.151.13.132 psaltery-on.wellsfargo.com
www.orange.fr
193.252.148.241 vip1.dyn.hpo.s1.fti.net
partner.googleadservices.com
74.125.230.156 X (ns1.google.com)
www.paypal.com
64.4.241.49 node-64-4-241-4[...]orks.paypal.com
www.postbank.de
62.153.105.37 X (ns1.postbank.de)
www.rbs.co.uk
155.136.80.222 X (ns0-08.dns.pipex.net)
www.schwab.com
162.93.217.34 X (d0002cdc.schwab.com)
search.yahoo.com
74.6.238.254 syc.search.vip.ac2.yahoo.com
www.secureworks.com
206.55.100.29 atl1www01.secureworks.net
smartzone.comcast.net
76.96.26.12 webmail3.emeryv[...]ail.comcast.net
www.smithbarney.com
192.193.20.126 X (ns.citicorp.com)
www.sterlingsavingsbank.com
12.19.55.215 sterlingsavingsbank.com
www.tdameritrade.com
216.105.251.204 X (mike.lynn.tdameritrade.com)
www.torproject.org
38.229.70.16 vescum.torproject.org
us.etrade.com
12.153.224.21 us.etrade.com
www.usbank.com
170.135.216.181 sweeps.usbank.com
www.verisign.com
69.58.181.89 www-ilg.verisign.net
www.visa.com
84.53.178.40 X (ns1-2.akam.net)
www.wachovia.com
169.200.89.101 X (sls-ns1.wachovia.com)
www.wamu.com
159.53.116.2 X (ns1.jpmorganchase.com)
www.wellsfargo.com
151.151.88.133
www.wellsfargo.com
westernunion.com
206.201.228.250
www.wuagentlink.com
windowsupdate.microsoft.com
65.54.221.118 X (msnhst.microsoft.com)
wireless.att.com
135.209.168.22 origin-b2b-al[...]eless.att.com
www.yahoo.com
87.248.112.181 ir1.fp.vip.ird.yahoo.com
11 popular names have a mild anomaly. The ownership suggested by the reverse name lookup does not match our understanding of the original name. The most likely cause is the site's use of a Content Delivery Network. Show all names.
Name IP Address Reverse Name/SOA
www.barclays.co.uk
212.140.250.32 X (ns0.bt.net)
www.bing.com
84.53.178.35 X (ns1-2.akam.net)
www.cnn.com
157.166.255.19 X (ns1.timewarner.net)
www.deutsche-bank.de
160.83.8.24 X (ns2.db.com)
www.lloydstsb.com
141.92.130.226 X (ns0.bt.net)
www.nordea.fi
193.88.186.178 X (ns01.tdchosting.dk)
www.sears.com
2.18.185.99 X (ns-pri.ripe.net)
www.sparkasse.de
212.34.69.3 rev-212.34.69.3.rev.izb.net
www.ticketmaster.com
2.18.180.199 X (ns-pri.ripe.net)
tinyurl.com
216.218.139.84
www.trendmicro.com
2.17.249.214 X (ns-pri.ripe.net)
One popular name has a mild anomaly: we are unable to find a reverse name associated with the IP address provided by your ISP's DNS server. This is most likely due to a slow responding DNS server or misconfiguration on the part of the domain owner. Show all names.
Name IP Address Reverse Name/SOA
www.bankofthewest.com
204.44.2.241 X
DNS external proxy (?): OK
Your host ignores external DNS requests.
DNS results wildcarding (?): Warning
Your ISP's DNS server returns IP addresses even for domain names which should not resolve. Instead of an error, the DNS server returns an address of 81.200.64.50, which resolves to advancedsearch.virginmedia.com. You can inspect the resulting HTML content here.
There are several possible explanations for this behavior. The most likely cause is that the ISP is attempting to profit from customer's typos by presenting advertisements in response to bad requests, but it could also be due to an error or misconfiguration in the DNS server.
The big problem with this behavior is that it can potentially break any network application which relies on DNS properly returning an error when a name does not exist.
The following lists your DNS server's behavior in more detail.
• www.{random}.com is mapped to 81.200.64.50.
• www.{random}.org is mapped to 81.200.64.50.
• fubar.{random}.com is correctly reported as an error.
•
www.yahoo.cmo [sic] is mapped to 81.200.64.50.
• nxdomain.{random}.netalyzr.icsi.berkeley.edu is correctly reported as an error.
IPv6 Tests +
DNS support for IPv6 (?): OK
IPv6 Connectivity (?): Not Executed
IPv6 TCP connectivity (?): Not Executed
IPv6 and Your Web Browser (?): No IPv6 Support
IPv6 Path MTU (?): Not Executed
IPv6 Traceroute (?): Not Executed
Host Properties +
System clock accuracy (?): OK
Browser properties (?): OK
Uploaded Data (?): OK
---------- Post added at 12:45 ---------- Previous post was at 12:43 ----------
I realise that this is a lot of reading for you helpful lot but it is all gobbledygook to me, so my heartfelt thanks in anticipation.