DNS Lookup Record Check ⇒ Knouned.com

DNS lookup record results for the domain Knouned.com

The DNS record types tested in our free DNS domain lookup test are divided into 6 large groups with a total of 71 tests:

DNS Parent Group - 5 tests
NS (Nameserver) - 17 tests
SOA (Start of Authority) - 9 tests
MX (Mail Exchanger) - 12 tests
MAIL (Email) - 4 tests
WWW (World Wide Web) - 24 tests

For ease of summarization, review and understanding, we have divided the test results of our DNS lookup record check in four statuses:

PASS status - No problem was found in the DNS record
FAIL status - We found a DNS record error that requires your attention
WARN status - We found a minor DNS record error
INFO status - Only information about a given DNS record for educational purposes without any detected errors

Below is an overview of the record results of our comprehensive DNS lookup check for a domain Knouned.com:

DNS Group

DNS Status

DNS Test Name

DNS Record Information

PARENT

PASS

Missing Direct Parent check

OK. Your direct parent zone exists, SOA of parent zone com is a.gtld-servers.net which is good. Some domains (usually third or fourth level domains, such as example.co.us or subdomain.example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion.

PASS

Glue at parent nameservers

OK. The parent servers have glue for your nameservers. That means they send out the IP address of your nameservers, as well as their host names

INFO

NS records at parent servers

Your NS record at parent servers are:

ns27.domaincontrol.com	[IP Address=97.74.103.14]	[TTL=172800]
ns28.domaincontrol.com	[IP Address=173.201.71.14]	[TTL=172800]

These were obtained from g.gtld-servers.net. However these were obtained from authority section and not answer section. It is better if they were obtained from answer section.

PASS

DNS servers have A records

OK. All your DNS servers either have A records at the zone parent servers

PASS

Parent nameservers have your nameservers listed

OK. When someone uses DNS to look up your domain, the first step (if it doesn't already know about your domain) is to go to the parent servers. If you aren't listed there, you can't be found. But you are listed there.

DNS Group

DNS Status

DNS Test Name

DNS Record Information

INFO

NS records at your nameservers

Your NS records at your nameservers are:

ns27.domaincontrol.com		[TTL=3600]
ns28.domaincontrol.com		[TTL=3600]

PASS

Mismatched NS records

OK. NS records at all your nameservers are identical.

PASS

All nameservers respond

All your nameservers responding.

PASS

Recursive queries

None of your nameservers allow recursive queries

PASS

Zone Transfer

Zone transfer not allowed by any of your nameservers

PASS

No NS A records at nameservers

OK. Your nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records.

PASS

Nameserver name validity

OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names).

PASS

Number of nameservers

You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7.

PASS

Lame nameservers

OK. All the nameservers listed at the parent servers answer authoritatively for your domain.

PASS

Missing (stealth) nameservers

You have no stealth servers.

PASS

Missing nameservers 2

All nameservers listed at parent servers are listed as NS records at your nameservers

PASS

No CNAMEs for domain

OK. There are no CNAMEs for Knouned.com. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.

PASS

TCP Allowed

All your nameservers allow TCP connection

PASS

Stealth NS record leakage

Your DNS servers doesn't leak NS record in non-NS request.

PASS

Nameservers on separate class C's

OK. You have nameservers on different Class C (technically, /24) IP ranges. You must have nameservers at geographically and topologically dispersed locations. RFC2182 3.1 goes into more detail about secondary nameserver location.

PASS

All NS IPs public

OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays.

FAIL

Glue for NS record

Your nameservers for your NS records didn't return the A records for the NS records.

DNS Group	DNS Status	DNS Test Name	DNS Record Information
SOA
	INFO	SOA record	Your SOA record [TTL=3600] is: Primary Name server: ns27.domaincontrol.com Hostmaster E-mail address: dns.jomax.net Serial #:2023091800 Refresh: 28800 Retry: 7200 Expire: 604800 Default: 600
	PASS	SOA MNAME entry	SOA MNAME ns27.domaincontrol.com is listed as a primary nameserver at your parent nameserver
	PASS	SOA RNAME entry	OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: [email protected] (techie note: we have changed the initial '.' to an '@' for display purposes).
	PASS	NS agreement on SOA Serial #	OK. All your nameservers agree that your SOA serial number is 2009050102. That means that all your nameservers are using the same data (unless you have different sets of data with the same serial number, which would be very bad)! Note that the DNS report only checks the NS records listed at the parent servers (not any stealth servers).
	PASS	SOA Serial	Your SOA serial number is: 2023091800. This appears to be in the recommended format of YYYYMMDDnn.
	INFO	SOA REFRESH	OK. Your SOA REFRESH interval is: 28800. RFC 1912 recommends 1200 to 43200 seconds, low (1200) if the data is volatile or 43200 (12 hours) if it's not. If you are using NOTIFY you can set for much higher values, for instance, 1 or more days (> 86400 seconds).
	WARN	SOA RETRY	OK. Your SOA RETRY interval is: 7200. Typical values would be 180 (3 minutes) to 900 (15 minutes) or higher.
	WARN	SOA EXPIRE	OK. Your SOA EXPIRE interval is: 604800 .RFC 1912 recommends 1209600 to 2419200 seconds (2-4 weeks) to allow for major outages of the zone master.
	PASS	SOA MINIMUM TTL	OK. Your SOA MINIMUM TTL is: 600. That is OK

DNS Group	DNS Status	DNS Test Name	DNS Record Information
MX
	FAIL	MX Record	No MX records found. You may ignore results of any other MX tests.
	FAIL	Reverse MX A records (PTR)	There are no A records for your MXs, so the test cannot be performed.

DNS Group	DNS Status	DNS Test Name	DNS Record Information
MAIL
	WARN	SPF record	No SPF framework implemented
	WARN	Sender ID record(spfv2.0)	SenderID framework not implemented
	WARN	Domain Key Test	Domain keys not implemenetd for _domainkey.Knouned.com. Separate domainkey records may exist for subdomains and selectors under this domain. this cannot be tested.
	WARN	DMARC	DMARC policy not found. Not enabled.

DNS Group	DNS Status	DNS Test Name	DNS Record Information
WWW
	INFO	WWW A record	Your WWW A record is: www.Knouned.com > Knouned.com > 15.197.148.33 Your WWW is CNAME record and your CNAME entry returns A record which is good.
	PASS	IPs are public	OK. All of your WWW IP addresses appear to be public IP addresses.
	PASS	HTTP Service	OK: We can connect to http service on port 80.
	INFO	Server	http service on port 80 returns server information as Openresty
	PASS	Server Header	http response header returns information about server as: Openresty
	PASS	Connection	http connection header return connection as: Keep-alive
	WARN	Secure Header HSTS	The server did not implement the HSTS (HTTP Strict Transport Security) policy. The header over the HTTPS connection was not found.
	WARN	Secure Header X-Frame-Options	XFO clickjacking protection response header was not found. XFO enables content to be found or not within iframes via the browser.
	PASS	Secure Header X-Content-Type-Options	The secure X-Content-Type-Options header is set as: Nosniff The browser must interpret the file exactly as it is specified in the Content-Type HTTP header
	WARN	Secure Header Content-Security-Policy	CSP is not defined in the policy. The return secure header does not send any feedback that the CSP has been set
	WARN	Secure Header X-Permitted-Cross-Domain-Policies	X-Permitted-Cross-Domain-Policies was not found in the response header
	WARN	Secure Header Referrer-Policy	The Referrer-Policy HTTP header is not set, as it is not in the Referrer header.
	INFO	Secure Header Clear-Site-Data	Clear-Site-Data was not found in the response header
	INFO	Secure Header Cross-Origin-Embedder-Policy	COEP response header was not found in the HTTP request
	INFO	Secure Header Cross-Origin-Opener-Policy	COOP response header was not found in the HTTP request
	WARN	Secure Header Cross-Origin-Resource-Policy	CORP policy not found in response header
	PASS	Secure Header Cache-Control	Cache-Control policy header is found in HTTP responses as: No-cache Cache-Control belongs to the security header group that contains instructions for cashing
	WARN	Secure Header Permissions-Policy	Permissions-Policy header was not found in the HTTP responses.
	INFO	Secure Header Feature-Policy	Feature-Policy header was not found in the HTTP responses.
	INFO	Secure Header X-XSS-Protection (Deprecated)	X-XSS-Protection header was not found in the HTTP responses.
	INFO	Secure Header HTTP Public Key Pinning (Deprecated)	HPKP header was not found in the HTTP responses.
	INFO	Secure Header Expect-CT (Deprecated)	Expect-CT header was not found in the HTTP responses.
	PASS	SSL / HTTPS Protocol	Domain use encrypted SSL / HTTPS connection on port 443. Check Knouned.com SSL Certificate.
	FAIL	IPv6	Your domain has no IPv6 support

Click below to Copy url to clipboard for easy sharing of results:

DNS Domain Queries: 2fast.cc, Funbrain.com, Pupo.ch, Guarumo.com, 303t2.com, Bluntreport.com, Plannet.com, Usa-watch.ru, Thesneakdiss.com, Accountsecuritycheck.eu,