IP Tracker
Lookup, Trace, Track, Find an IP Location with IP tracking technology
and IP tracer tool from IP-Tracker.org
DNS lookup record results for the domain Opg.ca
The DNS record types tested in our free DNS domain lookup test are divided into 6 large groups with a total of 71 tests:
- DNS Parent Group - 5 tests
- NS (Nameserver) - 17 tests
- SOA (Start of Authority) - 9 tests
- MX (Mail Exchanger) - 12 tests
- MAIL (Email) - 4 tests
- WWW (World Wide Web) - 24 tests
For ease of summarization, review and understanding, we have divided the test results of our DNS lookup record check in four statuses:
- PASS status - No problem was found in the DNS record
- FAIL status - We found a DNS record error that requires your attention
- WARN status - We found a minor DNS record error
- INFO status - Only information about a given DNS record for educational purposes without any detected errors
|
|
Below is an overview of the record results of our comprehensive DNS lookup check for a domain Opg.ca:
| DNS Group | DNS Status | DNS Test Name | DNS Record Information | |||||
|---|---|---|---|---|---|---|---|---|
| PARENT | ||||||||
| PASS | Missing Direct Parent check | OK. Your direct parent zone exists, SOA of parent zone ca is prd-czp-05.corp.cira.ca which is good. Some domains (usually third or fourth level domains, such as example.co.us or subdomain.example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion. | ||||||
| PASS | Glue at parent nameservers | OK. The parent servers have glue for your nameservers. That means they send out the IP address of your nameservers, as well as their host names | ||||||
| INFO | NS records at parent servers | Your NS record at parent servers are:
These were obtained from j.ca-servers.ca. However these were obtained from authority section and not answer section. It is better if they were obtained from answer section. |
||||||
| PASS | DNS servers have A records | OK. All your DNS servers either have A records at the zone parent servers | ||||||
| FAIL | Parent nameservers have your nameservers listed | Your nameservers not listed in parent servers: ns1.bonfire.ca, ns2.bonfire.ca |
| DNS Group | DNS Status | DNS Test Name | DNS Record Information | |||||
|---|---|---|---|---|---|---|---|---|
| NS | ||||||||
| INFO | NS records at your nameservers | Your NS records at your nameservers are:
|
||||||
| PASS | Mismatched NS records | OK. NS records at all your nameservers are identical. | ||||||
| PASS | All nameservers respond | All your nameservers responding. | ||||||
| PASS | Recursive queries | None of your nameservers allow recursive queries | ||||||
| FAIL | Zone Transfer | Zone transfer allowed your nameservers:ns1.bonfiredev.ca ns2.bonfiredev.ca |
||||||
| PASS | No NS A records at nameservers | OK. Your nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records. | ||||||
| PASS | Nameserver name validity | OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names). | ||||||
| PASS | Number of nameservers | You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7. | ||||||
| PASS | Lame nameservers | OK. All the nameservers listed at the parent servers answer authoritatively for your domain. | ||||||
| FAIL | Missing (stealth) nameservers | FAIL: You have one or more missing (stealth) nameservers. The following nameserver(s) are listed (at your nameservers) as nameservers for your domain, but are not listed at the parent nameservers (therefore, they may or may not get used, depending on whether your DNS servers return them in the authority section for other requests, per RFC2181 5.4.1). You need to make sure that these stealth nameservers are working; if they are not responding, you may have serious problems! The report will not query these servers, so you need to be very careful that they are working properly. ns1.bonfire.ca ns2.bonfire.ca |
||||||
| FAIL | Missing nameservers 2 | ERROR: One or more of the nameservers listed at the parent servers are not listed as NS records at your nameservers. The problem NS records are: ns1.bonfiredev.ca, ns2.bonfiredev.ca |
||||||
| PASS | No CNAMEs for domain | OK. There are no CNAMEs for Opg.ca. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present. | ||||||
| PASS | TCP Allowed | All your nameservers allow TCP connection | ||||||
| FAIL | Stealth NS record leakage | Your DNS servers leak stealth information in non-NS requests: ns1.bonfire.ca ns2.bonfire.ca |
||||||
| FAIL | Nameservers on separate class C's | OK. You have atleast 2 nameservers on same Class C (technically, /24) IP ranges. You must have nameservers at geographically and topologically dispersed locations. RFC2182 3.1 goes into more detail about secondary nameserver location. | ||||||
| PASS | All NS IPs public | OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays. | ||||||
| PASS | Glue for NS record | OK. When we asked your nameservers for your NS records they also returned the A records for the NS records. This is a good thing as it will spare an extra A lookup needed to find those A records. |
| DNS Group | DNS Status | DNS Test Name | DNS Record Information |
|---|---|---|---|
| SOA | |||
| INFO | SOA record | Your SOA record [TTL=3600] is: Primary Name server: ns1.bonfire.ca Hostmaster E-mail address: admin.bonfire.ca Serial #:2023071301 Refresh: 10800 Retry: 3600 Expire: 1209600 Default: 3600 |
|
| FAIL | SOA MNAME entry | SOA MNAME ns1.bonfire.ca is not listed as a primary nameserver at your parent nameserver | |
| PASS | SOA RNAME entry | OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: [email protected] (techie note: we have changed the initial '.' to an '@' for display purposes). | |
| PASS | NS agreement on SOA Serial # | OK. All your nameservers agree that your SOA serial number is 2009050102. That means that all your nameservers are using the same data (unless you have different sets of data with the same serial number, which would be very bad)! Note that the DNS report only checks the NS records listed at the parent servers (not any stealth servers). | |
| PASS | SOA Serial | Your SOA serial number is: 2023071301. This appears to be in the recommended format of YYYYMMDDnn. | |
| INFO | SOA REFRESH | OK. Your SOA REFRESH interval is: 10800. RFC 1912 recommends 1200 to 43200 seconds, low (1200) if the data is volatile or 43200 (12 hours) if it's not. If you are using NOTIFY you can set for much higher values, for instance, 1 or more days (> 86400 seconds). | |
| WARN | SOA RETRY | OK. Your SOA RETRY interval is: 3600. Typical values would be 180 (3 minutes) to 900 (15 minutes) or higher. | |
| INFO | SOA EXPIRE | OK. Your SOA EXPIRE interval is: 1209600 .RFC 1912 recommends 1209600 to 2419200 seconds (2-4 weeks) to allow for major outages of the zone master. | |
| PASS | SOA MINIMUM TTL | OK. Your SOA MINIMUM TTL is: 3600. That is OK |
| DNS Group | DNS Status | DNS Test Name | DNS Record Information |
|---|---|---|---|
| MX | |||
| FAIL | MX Record | No MX records found. You may ignore results of any other MX tests. | |
| FAIL | Reverse MX A records (PTR) | There are no A records for your MXs, so the test cannot be performed. |
| DNS Group | DNS Status | DNS Test Name | DNS Record Information |
|---|---|---|---|
| PASS | TXT record | a9f0b5aad80eed5a4dd116dd8da77dfb5a121ed6 | |
| PASS | TXT record | dan-ownership-verification=6yu4e4ft | |
| WARN | Sender ID record(spfv2.0) | SenderID framework not implemented | |
| PASS | Domain Key Test | a9f0b5aad80eed5a4dd116dd8da77dfb5a121ed6 The interim sending domain policy this domain may sign some email with DomainKeys available under selectors |
|
| PASS | DMARC | a9f0b5aad80eed5a4dd116dd8da77dfb5a121ed6 | |
| PASS | DMARC | dan-ownership-verification=6yu4e4ft |
| DNS Group | DNS Status | DNS Test Name | DNS Record Information |
|---|---|---|---|
| WWW | |||
| INFO | WWW A record | Your WWW A record is: www.Opg.ca > Opg.ca > 158.51.123.93 Your WWW is CNAME record and your CNAME entry returns A record which is good. |
|
| PASS | IPs are public | OK. All of your WWW IP addresses appear to be public IP addresses. | |
| PASS | HTTP Service | OK: We can connect to http service on port 80. | |
| INFO | Server | http service on port 80 returns server information as Apache/2.4.6 (CentOS) PHP/5.4.16 |
|
| PASS | Server Header | http response header returns information about server as: Apache/2.4.6 (CentOS) PHP/5.4.16 PHP/5.4.16 |
|
| INFO | Connection | http connection header didn't return any information about HTTP connection | |
| WARN | Secure Header HSTS | The server did not implement the HSTS (HTTP Strict Transport Security) policy. The header over the HTTPS connection was not found. | |
| WARN | Secure Header X-Frame-Options | XFO clickjacking protection response header was not found. XFO enables content to be found or not within iframes via the browser. | |
| WARN | Secure Header X-Content-Type-Options | The X-Content-Type-Options secure header is not set | |
| WARN | Secure Header Content-Security-Policy | CSP is not defined in the policy. The return secure header does not send any feedback that the CSP has been set | |
| WARN | Secure Header X-Permitted-Cross-Domain-Policies | X-Permitted-Cross-Domain-Policies was not found in the response header | |
| WARN | Secure Header Referrer-Policy | The Referrer-Policy HTTP header is not set, as it is not in the Referrer header. | |
| INFO | Secure Header Clear-Site-Data | Clear-Site-Data was not found in the response header | |
| INFO | Secure Header Cross-Origin-Embedder-Policy | COEP response header was not found in the HTTP request | |
| INFO | Secure Header Cross-Origin-Opener-Policy | COOP response header was not found in the HTTP request | |
| WARN | Secure Header Cross-Origin-Resource-Policy | CORP policy not found in response header | |
| WARN | Secure Header Cache-Control | Cache-Control policy header not found in HTTP responses | |
| WARN | Secure Header Permissions-Policy | Permissions-Policy header was not found in the HTTP responses. | |
| INFO | Secure Header Feature-Policy | Feature-Policy header was not found in the HTTP responses. | |
| INFO | Secure Header X-XSS-Protection (Deprecated) | X-XSS-Protection header was not found in the HTTP responses. | |
| INFO | Secure Header HTTP Public Key Pinning (Deprecated) | HPKP header was not found in the HTTP responses. | |
| INFO | Secure Header Expect-CT (Deprecated) | Expect-CT header was not found in the HTTP responses. | |
| FAIL | SSL / HTTPS Protocol | Domain do not use encrypted SSL / HTTPS connection on port 443. Check Opg.ca SSL Certificate. |
|
| FAIL | IPv6 | Your domain has no IPv6 support |
Click below to Copy url to clipboard for easy sharing of results:
» DNS Domain Lookup Record Opg.ca »
» DNS Domain Lookup Record Opg.ca »
DNS Domain Queries:
Ironiptv.net,
Summoner.nl,
Dani.es,
Aprius.com,
Amdn.news,
Paradoxrpg.com,
Toeber.com,
Aaibank.biz,
Tanqs.io,
88u5.com,