What is a DNS lookup?
DNS lookup is a free online tool intended for testing DNS record using the technique of checking and retrieving all relevant information for a domain by analyzing DNS records from the DNS server.
This is a comprehensive, unique DNS domain lookup tool that tests and checks a domain for possible DNS issues, finds DNS errors and reports the results including E-Mail and WWW test.
While with our IP Lookup, during a domain lookup, many DNS components can be found in addition to the IP components, this comprehensive DNS lookup is unique in that it calculates the resulting values and then displays the status of the resulting DNS values, as well as advice on what passed and what failed.
DNS record types, in this test, are divided into six groups with 71 DNS tests in total, including an explanation of the results with each test:
DNS Parent Group check the parent DNS servers from given domain for 5 DNS record:
Missing Direct Parent check -(Does direct parent zone exists? SOA of parent zone?)
Glue at parent nameservers - (Is there glue for nameservers or not?)
NS records at parent servers - (Information about NS record at parent servers)
DNS servers have A records - (Do the DNS servers have A records on the zone's parent servers?)
Parent nameservers have your nameservers listed - (Are the nameservers listed in parent nameservers?)
NS (Nameserver) check then name servers from given domain for 18 DNS record:
NS records at your nameservers - (What are NS records on your name server?)
Mismatched NS records - (Are NS records at all your nameservers identical?)
All nameservers respond - (Are the nameservers responding?)
Recursive queries - (Do nameservers allow recursive queries or not?)
Zone Transfer - (Is Zone Transfer allowed by any of your nameservers or not?)
No NS A records at nameservers - (Do nameservers include corresponding A records when asked for your NS records?)
Nameserver name validity - (Are the the NS records that your nameservers report valid or not?)
Number of nameservers - (How many nameservers does a domain have? A minimum of two is required. RFC2182 section 5 recommends at least 3 nameservers and no more than seven.)
Lame nameservers - (Do the nameservers listed at the parent servers answer authoritatively for domain?)
Missing (stealth) nameservers - (Are there stealth nameservers?)
Missing nameservers 2 - (Are all namservers listed at parent servers listed as NS records at your nameservers?)
Same Glue - (Are the A records got from the parent zone check the same as the ones got from your nameservers?)
No CNAMEs for domain - (Are there CNAMEs for domain or not?)
TCP Allowed - (Do nameservers allow TCP connection?)
Stealth NS record leakage - (Did DNS servers leak NS record in non-NS request?)
Nameservers on separate class C - (Are the nameservers on different Class C?)
All NS IPs public - (Do NS records appear to use public IPs?)
Glue for NS record - (Do nameservers for NS records return the A records for the NS records or not?)
SOA (Start of Authority) checks and provides information for SOA for a given domain for 9 DNS record:
SOA record - (Information about the SOA record)
SOA MNAME entry - (Is the SOA MNAME listed as the primary name server on the parent domain name server?)
SOA RNAME entry - (Domain DNS contact E-mail address?
NS agreement on SOA Serial # - ( Do all domain nameservers agree about domain SOA serial number?)
SOA Serial - (Is SOA serial number in the recommended format of YYYYMMDDnn?)
SOA REFRESH - (What is SOA REFRESH intervar?)
SOA RETRY - (What is SOA RETRY interval?)
SOA EXPIRE - (What is SOA EXPIRE interval?)
SOA MINIMUM TTL - (Is the set SOA MINIMUM TTL OK?)
MX (Mail Exchanger) tests everything related to the MX (mail exchange) for a given domain and has 12 MX records to test
(You will be able to get more information about the mail exchange for any domain.)
MX Glue - (Does MX record send glue record or not?)
MX records are not CNAMEs - (Does the MX record return a CNAME or not?}
MX is host name, not IP - (Are All of domain MX records host names?)
Different MX records at nameservers - ( Does all domain nameservers have the same set of MX records?)
MX Glues match - (Does the MX Glue returned by the nameserver for the MX record match the A record of the hostname's MX?)
Duplicate MX records - (Are there duplicate MX records pointing to the same IP address?)
MX A lookups have no CNAMEs - (CNAMEs are prohibited in MX records. Are CNAMEs returned for A records lookups from your MX records?)
MX Record - (Information about the number of MX records)
Multiple MX records - (Do domains have multiple MX records or not?)
Reverse MX A records (PTR) - (What are the reverse PTR records for a domain's MX records?)
All MX IPs public - (Do all of the domain's MX records use a public IP)
MAIL (Email) test how works mail servers for given domain and have 3 DNS test.
(You will be able to test, verify, find and identify any problems with mail servers for a given domain.)
SPF record - (Information about the SPF record)
Sender ID record(spfv2.0) - (Is SenderID framework implemented?)
Domain Key Test - (Information about Domain keys)
DMARC - (Information about DMARC policy)
WWW (World Wide Web) test WWW part of given domain and have 4 DNS & IP test.
WWW A record - (What is domain WWW A record?)
IPs are public - (Are all WWW IP's public?)
HTTP Service - (Can connect to http service at port 80 or not?)
Server - (http service information about the server, at port 80, used by the domain)
Server Header- (Server type information via the http response header)
HTTP Connection - (keep-alive or close)
Secure Header HSTS - (HTTP Strict Transport Security Policy)
Secure Header X-Frame-Options - (XFO enables content to be found or not within iframes via the browser)
Secure Header X-Content-Type-Options - (The browser must interpret the file exactly as it is specified in the Content-Type HTTP header)
Secure Header Content-Security-Policy - (CSP prevents cross-site scripting and other types of cross-site injection)
Secure Header X-Permitted-Cross-Domain-Policies - (gives a web client permission to handle data across domains.)
Secure Header Referrer-Policy - (what kind of information will be sent in the Referrer header)
Secure Header Clear-Site-Data - (control over browsing data)
Secure Header Cross-Origin-Embedder-Policy - (Whether or not the document can be downloaded from multiple sources)
Secure Header Cross-Origin-Opener-Policy - (allows you to secure a document)
Secure Header Cross-Origin-Resource-Policy - (against XSSI, cross-site scripting injection, attacks)
Secure Header Cache-Control - (instructions for cashing)
Secure Header Permissions-Policy - (controls who can access features)
Secure Header Feature-Policy - (keep-alive or close)
Secure Header X-XSS-Protection (Deprecated) - (sets up a scripting filter in your browser)
Secure Header HTTP Public Key Pinning (Deprecated) - (prevent spoofing of incorrectly issued or otherwise fraudulent certificates)
Secure Header Expect-CT (Deprecated) - (evaluate the connection with the host for compliance with certificate transparency)
SSL / HTTPS Service - (Testing the server for an encrypted connection on port 443 and checking the domain for the SSL certificate.)
IPv6 - (Does the domain have IPv6 support or not?)
0 Comments