DNS & IP Record Check for Theideasnet.com

This tool gives you a detailed look at Theideasnet.com DNS setup. It checks various parts of the DNS records to ensure everything is functioning smoothly and securely.

DNS Record Group Breakdown:

Our DNS & IP record check is organized into 6 main groups, each focusing on different aspects of your domain's DNS configuration. Each group tests key components to ensure optimal domain performance:

  1. DNS Parent Group - 5 tests
  2. NS (Nameserver) - 17 tests
  3. SOA (Start of Authority) - 9 tests
  4. MX (Mail Exchanger) - 12 tests
  5. MAIL (Email) - 4 tests
  6. WWW (World Wide Web) - 24 tests
Test Status Summary:

To help you better understand the results, our team has categorized the outcomes into four statuses:

  1. PASS - No issues found in the DNS record.
  2. FAIL - We detected a DNS record error that needs your attention.
  3. WARN - A minor DNS record issue was found.
  4. INFO - Informational data about the DNS record with no errors detected.

To ensure the integrity and security of Theideasnet.com DNS data, use our DNSSEC check tool. This test provides a deeper analysis, focusing on digital signatures, security, and integrity of the DNS records.

Below is an overview of the results from our comprehensive DNS lookup for the domain Theideasnet.com:

DNS Group DNS Check DNS Record Type DNS Data Information
PARENT
PASS Missing Direct Parent check OK. Your direct parent zone exists, SOA of parent zone com is a.gtld-servers.net which is good. Some domains (usually third or fourth level domains, such as example.co.us or subdomain.example.co.us) do not have a direct parent zone ('co.us' in this example), which is legal but can cause confusion.
FAIL Glue at parent nameservers The parent servers do not have glue for your nameservers
INFO NS records at parent servers Your NS record at parent servers are:
nsg1.namebrightdns.com[IP Address=35.174.11.199][TTL=172800]
nsg1.namebrightdns.com[IP Address=44.204.40.33][TTL=172800]
nsg1.namebrightdns.com[IP Address=54.242.86.101][TTL=172800]
nsg2.namebrightdns.com[IP Address=3.228.17.177][TTL=172800]
nsg2.namebrightdns.com[IP Address=98.84.163.240][TTL=172800]
nsg2.namebrightdns.com[IP Address=98.84.39.7][TTL=172800]

These were obtained from l.gtld-servers.net. However these were obtained from authority section and not answer section. It is better if they were obtained from answer section.
PASS DNS servers have A records OK. All your DNS servers either have A records at the zone parent servers
FAIL Parent nameservers have your nameservers listed Your nameservers not listed in parent servers: ns2.namebrightdns.com, ns1.namebrightdns.com
DNS Group DNS Status DNS Record Type DNS Data Information
NS
INFO NS records at your nameservers Your NS records at your nameservers are:
nsg2.namebrightdns.com[TTL=10800]
nsg1.namebrightdns.com[TTL=10800]
PASS Mismatched NS records OK. NS records at all your nameservers are identical.
PASS All nameservers respond All your nameservers responding.
PASS Recursive queries None of your nameservers allow recursive queries
PASS Zone Transfer Zone transfer not allowed by any of your nameservers
PASS No NS A records at nameservers OK. Your nameservers do include corresponding A records when asked for your NS records. This ensures that your DNS servers know the A records corresponding to all your NS records.
PASS Nameserver name validity OK. All of the NS records that your nameservers report seem valid (no IPs or partial domain names).
PASS Number of nameservers You have 2 nameservers. You must have at least 2 nameservers (RFC2182 section 5 recommends at least 3 nameservers), and preferably no more than 7.
PASS Lame nameservers OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
PASS Missing (stealth) nameservers You have no stealth servers.
PASS Missing nameservers 2 All nameservers listed at parent servers are listed as NS records at your nameservers
PASS No CNAMEs for domain OK. There are no CNAMEs for Theideasnet.com. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
PASS TCP Allowed All your nameservers allow TCP connection
PASS Stealth NS record leakage Your DNS servers doesn't leak NS record in non-NS request.
PASS Nameservers on separate class C's OK. You have nameservers on different Class C (technically, /24) IP ranges. You must have nameservers at geographically and topologically dispersed locations. RFC2182 3.1 goes into more detail about secondary nameserver location.
PASS All NS IPs public OK. All of your NS records appear to use public IPs. If there were any private IPs, they would not be reachable, causing DNS delays.
FAIL Glue for NS record Your nameservers for your NS records didn't return the A records for the NS records.
DNS Group DNS Status DNS Record Type DNS Data Information
SOA
INFO SOA record Your SOA record [TTL=10800] is:
Primary Name server: ns1.namebrightdns.com
Hostmaster E-mail address: dns.namebright.com
Serial #:2025051301
Refresh: 28800
Retry: 5000
Expire: 1209600
Default: 10800
FAIL SOA MNAME entry SOA MNAME ns1.namebrightdns.com is not listed as a primary nameserver at your parent nameserver
PASS SOA RNAME entry OK. Your SOA (Start of Authority) record states that your DNS contact E-mail address is: [email protected] (techie note: we have changed the initial '.' to an '@' for display purposes).
PASS NS agreement on SOA Serial # OK. All your nameservers agree that your SOA serial number is 2009050102. That means that all your nameservers are using the same data (unless you have different sets of data with the same serial number, which would be very bad)! Note that the DNS report only checks the NS records listed at the parent servers (not any stealth servers).
PASS SOA Serial Your SOA serial number is: 2025051301. This appears to be in the recommended format of YYYYMMDDnn.
INFO SOA REFRESH OK. Your SOA REFRESH interval is: 28800. RFC 1912 recommends 1200 to 43200 seconds, low (1200) if the data is volatile or 43200 (12 hours) if it's not. If you are using NOTIFY you can set for much higher values, for instance, 1 or more days (> 86400 seconds).
WARN SOA RETRY OK. Your SOA RETRY interval is: 5000. Typical values would be 180 (3 minutes) to 900 (15 minutes) or higher.
INFO SOA EXPIRE OK. Your SOA EXPIRE interval is: 1209600 .RFC 1912 recommends 1209600 to 2419200 seconds (2-4 weeks) to allow for major outages of the zone master.
PASS SOA MINIMUM TTL OK. Your SOA MINIMUM TTL is: 10800. That is OK
DNS Group DNS Status DNS Record Type DNS Data Information
MX
FAIL MX Record No MX records found. You may ignore results of any other MX tests.
FAIL Reverse MX A records (PTR) There are no A records for your MXs, so the test cannot be performed.
DNS Group DNS Status DNS Record Type DNS Data Information
MAIL
PASS SPF record v=spf1 -all
this domain never sends out email
WARN Sender ID record(spfv2.0) SenderID framework not implemented
WARN Domain Key Test Domain keys not implemenetd for _domainkey.Theideasnet.com. Separate domainkey records may exist for subdomains and selectors under this domain. this cannot be tested.
WARN DMARC DMARC policy not found. Not enabled.
DNS Group DNS Status DNS Record Type DNS Data Information
WWW
INFO WWW A record Your WWW A record is:
www.Theideasnet.com. Resolved IP: 18.119.154.66
You have separate A record for www.
WA & DA Score for www.Theideasnet.com
PASS IPs are public OK. All of your WWW IP addresses appear to be public IP addresses.
PASS HTTP Service OK: We can connect to http service on port 80.
INFO Server http service on port 80 returns server information as
Cloudflare
PASS Server Header http response header returns information about server as:
Cloudflare
PASS Connection http connection header return connection as: Keep-alive
WARN Secure Header HSTS The server did not implement the HSTS (HTTP Strict Transport Security) policy. The header over the HTTPS connection was not found.
PASS Secure Header X-Frame-Options XFO response header that protects against clickjacking is found as: SAMEORIGIN
XFO enables content to be found or not within iframes via the browser.
WARN Secure Header X-Content-Type-Options The X-Content-Type-Options secure header is not set
WARN Secure Header Content-Security-Policy CSP is not defined in the policy. The return secure header does not send any feedback that the CSP has been set
WARN Secure Header X-Permitted-Cross-Domain-Policies X-Permitted-Cross-Domain-Policies was not found in the response header
PASS Secure Header Referrer-Policy Referrer-Policy is found in response header as: Same-origin
The Referrer-Policy HTTP header determines what information will be sent in the Referrer header.
INFO Secure Header Clear-Site-Data Clear-Site-Data was not found in the response header
INFO Secure Header Cross-Origin-Embedder-Policy COEP response header was not found in the HTTP request
INFO Secure Header Cross-Origin-Opener-Policy COOP response header was not found in the HTTP request
WARN Secure Header Cross-Origin-Resource-Policy CORP policy not found in response header
PASS Secure Header Cache-Control Cache-Control policy header is found in HTTP responses as: Max-age=15
Cache-Control belongs to the security header group that contains instructions for cashing
WARN Secure Header Permissions-Policy Permissions-Policy header was not found in the HTTP responses.
INFO Secure Header Feature-Policy Feature-Policy header was not found in the HTTP responses.
INFO Secure Header X-XSS-Protection (Deprecated) X-XSS-Protection header was not found in the HTTP responses.
INFO Secure Header HTTP Public Key Pinning (Deprecated) HPKP header was not found in the HTTP responses.
INFO Secure Header Expect-CT (Deprecated) Expect-CT header was not found in the HTTP responses.
FAIL SSL / HTTPS Protocol Domain do not use encrypted SSL / HTTPS connection on port 443.
View SSL Certificate: Theideasnet.com.
FAIL IPv6 Your domain has no IPv6 support
Click below to copy URL to clipboard for easy sharing of results: