Work in progress!

Follow IntoDNS on Twitter


Category Status Test name Information
Parent Info Domain NS records Nameserver records returned by the parent servers are:

sharon.ns.cloudflare.com.   ['108.162.192.221', '172.64.32.221', '173.245.58.221'] (NO GLUE)   [TTL=3600]
owen.ns.cloudflare.com.   ['172.64.33.219', '108.162.193.219', '173.245.59.219'] (NO GLUE)   [TTL=3600]

b0.org.afilias-nst.org was kind enough to give us that information.

Pass TLD Parent Check Good. b0.org.afilias-nst.org, the parent server I interrogated, has information for your TLD. This is a good thing as there are some other domain extensions like "co.us" for example that are missing a direct check.
Pass Your nameservers are listed Good. The parent server b0.org.afilias-nst.org has your nameservers listed. This is a must if you want to be found as anyone that does not know your DNS servers will first ask the parent nameservers.
Info DNS Parent sent Glue The parent nameserver b0.org.afilias-nst.org is not sending out GLUE for every nameservers listed, meaning he is sending out your nameservers host names without sending the A records of those nameservers. It's ok but you have to know that this will require an extra A lookup that can delay a little the connections to your site. This happens a lot if you have nameservers on different TLD (domain.com for example with nameserver ns.domain.org.)
Pass Nameservers A records Good. Every nameserver listed has A records. This is a must if you want to be found.
NS Info NS records from your nameserversNS records got from your nameservers listed at the parent NS are:

owen.ns.cloudflare.com  ['172.64.33.219', '108.162.193.219', '173.245.59.219']   [TTL=86400]
sharon.ns.cloudflare.com  ['108.162.192.221', '172.64.32.221', '173.245.58.221']   [TTL=86400]

Pass Recursive Queries Good. Your nameservers (the ones reported by the parent server) do not report that they allow recursive queries for anyone.
Pass Same Glue The A records (the GLUE) got from the parent zone check are the same as the ones got from your nameservers. You have to make sure your parent server has the same NS records for your zone as you do according to the RFC. This tests only nameservers that are common at the parent and at your nameservers. If there are any missing or stealth nameservers you should see them below!
Information Glue for NS records INFO: GLUE was not sent when I asked your nameservers for your NS records.This is ok but you should know that in this case an extra A record lookup is required in order to get the IPs of your NS records. The nameservers without glue are:
173.245.58.221
173.245.59.219
You can fix this for example by adding A records to your nameservers for the zones listed above.
Pass Mismatched NS records OK. The NS records at all your nameservers are identical.
Pass DNS servers responded Good. All nameservers listed at the parent server responded.
Pass Name of nameservers are valid OK. All of the NS records that your nameservers report seem valid.
Pass Multiple Nameservers Good. You have multiple nameservers. According to RFC2182 section 5 you must have at least 3 nameservers, and no more than 7. Having 2 nameservers is also ok by me.
Pass Nameservers are lame OK. All the nameservers listed at the parent servers answer authoritatively for your domain.
Pass Missing nameservers reported by parent OK. All NS records are the same at the parent and at your nameservers.
Pass Missing nameservers reported by your nameservers OK. All nameservers returned by the parent server b0.org.afilias-nst.org are the same as the ones reported by your nameservers.
Pass Domain CNAMEs OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass NSs CNAME check OK. RFC1912 2.4 and RFC2181 10.3 state that there should be no CNAMEs if an NS (or any other) record is present.
Pass Different subnets OK. Looks like you have nameservers on different subnets!
Pass IPs of nameservers are public Ok. Looks like the IP addresses of your nameservers are public. This is a good thing because it will prevent DNS delays and other problems like
Pass DNS servers allow TCP connection OK. Seems all your DNS servers allow TCP connections. This is a good thing and useful even if UDP connections are used by default.
Pass Different autonomous systems OK. It seems you are safe from a single point of failure. You must be careful about this and try to have nameservers on different locations as it can prevent a lot of problems if one nameserver goes down.
Pass Stealth NS records sent Ok. No stealth ns records are sent
SOA Info SOA recordThe SOA record is:
Primary nameserver: owen.ns.cloudflare.com
Hostmaster E-mail address: dns.cloudflare.com
Serial #: 2383581777
Refresh: 10000
Retry: 2400
Expire: 604800   1 weeks
Default TTL: 1800
Pass NSs have same SOA serial OK. All your nameservers agree that your SOA serial number is 2383581777.
Pass SOA MNAME entry OK. owen.ns.cloudflare.com That server is listed at the parent servers.
Warn SOA Serial Your SOA serial number is: 2383581777. This can be ok if you know what you are doing.
Pass SOA REFRESH OK. Your SOA REFRESH interval is: 10000. That is OK
Pass SOA RETRY Your SOA RETRY value is: 2400. Looks ok
Pass SOA EXPIRE Your SOA EXPIRE number is: 604800.Looks ok
Pass SOA MINIMUM TTL Your SOA MINIMUM TTL is: 1800. This value was used to serve as a default TTL for records without a given TTL value and now is used for negative caching (indicates how long a resolver may cache the negative answer). RFC2308 recommends a value of 1-3 hours. Your value of 1800 is OK.
MX Info MX RecordsYour MX records that were reported by your nameservers are:

1   aspmx.l.google.com   74.125.133.27 (no glue)
10   aspmx2.googlemail.com   192.178.213.27 (no glue)
10   aspmx3.googlemail.com   142.250.147.27 (no glue)
5   alt1.aspmx.l.google.com   192.178.213.27 (no glue)
5   alt2.aspmx.l.google.com   142.250.147.26 (no glue)

[These are all the MX records that I found. If there are some non common MX records at your nameservers you should see them below. ]
Pass Different MX records at nameservers Good. Looks like all your nameservers have the same set of MX records. This tests to see if there are any MX records not reported by all your nameservers and also MX records that have the same hostname but different IPs
Pass MX name validity Good. I did not detect any invalid hostnames for your MX records.
Pass MX IPs are public OK. All of your MX records appear to use public IPs.
Pass MX CNAME Check OK. No problems here.
Pass MX A request returns CNAME OK. No CNAMEs returned for A records lookups.
Pass MX is not IP OK. All of your MX records are host names.
Pass Number of MX records Good. Looks like you have multiple MX records at all your nameservers. This is a good thing and will help in preventing loss of mail.
Pass Mismatched MX A OK. I did not detect differing IPs for your MX records.
Pass Duplicate MX A records OK. You have some duplicate MX records (MX records with the same IPs). This is not that good but if you know what you are doing than it's ok.
Pass Reverse MX A records (PTR) Your reverse (PTR) record:
26.147.250.142.in-addr.arpa ->  rd-in-f26.1e100.net
27.213.178.192.in-addr.arpa ->  yugrqzs-in-f27.1e100.net
27.133.125.74.in-addr.arpa ->  wo-in-f27.1e100.net
27.147.250.142.in-addr.arpa ->  rd-in-f27.1e100.net
You have reverse (PTR) records for all your IPs, that is a good thing.
WWW Info WWW A Record Your www.newhopecs.org A record is:
www.newhopecs.org  [188.114.96.8]  [188.114.97.8] 
Pass IPs are public OK. All of your WWW IPs appear to be public IPs.
Pass WWW CNAME OK. No CNAME

Processed in 0.390 seconds.