All Dns servers are responding
One or more servers are not responding (timeout, refused, ...)
Analysis report on domain: red-fox.fr 
Resume
DNS servers IP are in different class C
IPs have the same C class.
DNS servers are synchronized
Name Servers responded with ns2.amenworld.com from IP 81.88.63.40 are not the same with SList.
SList: ns2.amenworld.com<br>81.88.63.40: ns1.amenworld.com, ns2.amenworld.com
SMTP server number
There is only one valid SMTP server.
Domain have at least 2 DNS servers
DNS require at least 2 name servers.
DMARC is configured for domain
The Domain does not have DMARC.
Domain have "AAAA" field
Host has no "AAAA" (IPv6) field.
X-XSS-Protection header is present
The X-XSS-Protection header was not found.
Content Type Options header is present
The X-Content-Type-Options header was not found.
Banner return server name
mail-fr.securemail.pro with IP [81.88.48.101] does not contain the name of the server.
scott18 cmsmtp smtp.register.it ESMTP server ready
DKIM is configured for domain
We do not detect any DKIM record for this domain.
Content Security Policy header is present
The Content-Security-Policy header was not found.
DNS
Dns servers for red-fox.fr
red-fox.fr was detected as domain
- Name
- ns2.amenworld.com
- IPs
Possible problem in Dns Tree
We have detected the following error on one or more server(s).
Consult Tree for more details.
- Refuse to respond or is in timeout state.
Query informations
- Server
-
i.root-servers.net
[ 192.36.148.17 ] - Duration
- 22 ms
- Type
- authority
- Headers
- RCODE : 0 AA : 0 TC : 0
Response
Query informations
Response
- Name
- ns1.amenworld.com
- IPs
- Name
- ns2.amenworld.com
- IPs
Query informations
- Server
-
e.ext.nic.fr
[ 193.176.144.22 ] - Duration
- 31 ms
- Type
- authority
- Headers
- RCODE : 0 AA : 0 TC : 0
Response
- Name
- ns1.amenworld.com
- IPs
- Name
- ns2.amenworld.com
- IPs
Query informations
- Server
-
f.ext.nic.fr
[ 194.146.106.46 ] - Duration
- 37 ms
- Type
- authority
- Headers
- RCODE : 0 AA : 0 TC : 0
Response
- Name
- ns1.amenworld.com
- IPs
- Name
- ns2.amenworld.com
- IPs
Query informations
- Server
-
g.ext.nic.fr
[ 194.0.36.1 ] - Duration
- 28 ms
- Type
- authority
- Headers
- RCODE : 0 AA : 0 TC : 0
Response
- Name
- ns1.amenworld.com
- IPs
- Name
- ns2.amenworld.com
- IPs
Query informations
- Server
-
ns1.amenworld.com
[ 107.162.197.147 ] - Duration
- 5004 ms
- Type
- timeout
- Headers
- RCODE : - AA : - TC : -
Server timeout
Query informations
- Server
-
ns2.amenworld.com
[ 81.88.63.40 ] - Duration
- 49 ms
- Type
- answer
- Headers
- RCODE : 0 AA : 1 TC : 0
Response
- Name
- ns1.amenworld.com
- IPs
- Name
- ns2.amenworld.com
- IPs
Name servers
- Name
- ns2.amenworld.com
- IPs
Mx Servers
- Name
- mail-fr.securemail.pro
- IPs
- Priority
- 10
- TTL
- 900 (15 minutes)
A and AAAA fields
- IPv4
- 81.88.57.68
- TTL
- 900 (15 minutes)
Text Fields
- Type
- Spf (TXT)
- TTL
- 900 (15 minutes)
- Name
- @
- Raw data
- v=spf1 include:spf.webapps.net ~all
- ALL
- ~all
Includes
- spf.webapps.net
-
v=spf1 include:spf1.webapps.net include:spf2.webapps.net ~all
SOA
- From
- ns2.amenworld.com
- Master server
- ns1.amenworld.com
- TTL
- 900 (15 minutes)
- Contact
- root@amen.fr
- Serial
- 2024042401
- Refresh
- 86400 (1 day)
- Retry
- 7200 (2 hours)
- Expire
- 2592000 (4 weeks)
- Minimum
- 300 (5 minutes)
Hosts found
- Name
- www.red-fox.fr
- Cname
-
onstatic-fr.setupdns.net
- TTL
- 900 (15 minutes)
- Name
- ftp.red-fox.fr
- Cname
-
red-fox.fr
81.88.57.68 - Cname
-
red-fox.fr
- TTL
- 900 (15 minutes)
- Name
- smtp.red-fox.fr
- Cname
-
smtp-fr.securemail.pro
- TTL
- 900 (15 minutes)
- Name
- mail.red-fox.fr
- Cname
-
mail-fr.securemail.pro
- TTL
- 900 (15 minutes)
DNSKEY
- TTL
- 300 (5 minutes)
- Flag
- 257 (KSK)
- Protocole
- 3
- Algorithme
- 13 (ECDSA Curve P-256 with SHA-256)
- Key
- w4Ak3mS33gzJomhqPo+polARFsz/wCYY4BUIu9mG46HrICnIkLa897CH+V7ZxjBXhCVQCY1EkDCd6ml17NFyZg==
RRSIG
- Numbers of Labels
- 2
- Created
- 18 Apr 2024 00:00
- Expire
- 09 May 2024 00:00
- Algorithme
- 13 (ECDSA Curve P-256 with SHA-256)
- Orig TTL
- 900 (15 minutes)
- TTL
- 300 (5 minutes)
- signature Name
- red-fox.fr
- signature
- tAIL71UINuxACkVJ0VRSMo0enk+jBssvWtJP9ZvPR4POBoId2U9LENu78cqEbdiD4TNZYUJ+FFPHd9JbSQCO7A==
DS
- Keyttag
- 60152
- Digest Type
- 2 (SHA-256)
- Algorithme
- 13 (ECDSA Curve P-256 with SHA-256)
- TTL
- 3600 (1 hour)
- Digest
- 525bf6731d0f4929e6a5c2177fae68afd8c20aba79b417eb3c11994fbf47b65c
All Dns servers are responding
One or more servers are not responding (timeout, refused, ...)
Every DNS servers should be accessible and accept public query.
0.001s
DNS servers IP are in different class C
IPs have the same C class.
The class C of each IP must be different so that the servers are not found on the same bay and therefore there is a risk of unavailability.
RFC0.000s
DNS servers are synchronized
Name Servers responded with ns2.amenworld.com from IP 81.88.63.40 are not the same with SList.
SList: ns2.amenworld.com
81.88.63.40: ns1.amenworld.com, ns2.amenworld.com
The synchronization of the DNS servers must be perfect in order to avoid any dns resolution error. The servers must therefore give the same answer when asked "what are the DNS servers for the domain?".
0.000s
Domain have at least 2 DNS servers
DNS require at least 2 name servers.
In order for the availability rate of DNS servers to be at its highest, it is vital and recommended by the RFC to have at least 2 servers.
RFC0.000s
BIND version is hidden
Passed
The Bind version should not be visible otherwise it will be possible to search for potential security vulnerabilities of the version.
0.029s
All servers return success
Passed
It's important that all servers returned a "success" code.
0.001s
Responses are not CNAME or A
Passed
SOA are synchronized
Passed
The SOA answered by the DNS servers must be identical for each servers. The most important information is the master server and the contact email address.
0.000s
SOA email is valid
Passed
SOA refresh is valid
Passed
SOA retry, refresh and expire values are correct
Passed
DNS servers are not open relay
Passed
DNS resolvers that allow queries from all IP addresses and are exposed to the Internet can be attacked and used to conduct Denial of Service (DoS) attacks on behalf of the hacker.
0.030s
Transfer zone is disable
Passed
An attacker can use a zone transfer that contains a malicious code or an inappropriate format that crashes a DNS server vulnerable to this type of attack, which results in a DoS that destabilizes the DNS services. It is possible to test it manually with this commands: #host -T axfr or #dig axfr.
documentation0.081s
Recursive query is disable
Passed
Having a dns server that allow recursive queries is a security risk, DDOS attack can be performed.
RFC documentation documentation0.029s
DNS servers IP are not private
Passed
Same MX are returned
Passed
It is extremely important that each DNS return the same MX records in order to avoid contacting an SMTP server that no longer exists.
0.031s
DNS servers IP are differents
Skipped
IPs for DNS servers must be different in order to have high availability.
0.000s
Domain
Whois
- Registrar
- AMEN / Agence des Médias Numériques
- Owner
- -
- Created at
- unknown
- Changed at
- unknown
- Expires at
- unknown
Reputation
Domain
- Whois server
- whois.afnic.fr
- Created at
- unknown
- Changed at
- unknown
- Expires at
- unknown
- Name servers
Registrar
- Id
- -
- Name
- AMEN / Agence des Médias Numériques
- Phone
- -
- afnic@amen.fr
- Url
- https://www.amen.fr/nom-de-domaine/
Google Safe Browsing
- Status
Web of Trust
- Status
Blacklists
- RFC Ignorant
- Rbl Jp
- RblDns
- Sorbs
- Spam Eating Monkey
- SpamHaus
- SuRbl
- Support Intelligence
- Swinog
- UriBl
Virus Total
- Detection ratio
- /
Scans
Domain is not blacklisted
Passed
A domain must not be blacklisted or it will be penalized for referencing and deliverability of emails.
0.000s
Domain is not listed in Google Safe Browsing
Passed
Google safe browsing categorizes a domain as bad if something suspicious is detected.
0.000s
Domain is not listed in VirusTotal
Passed
Virus Total analyze your domain or IP address with 66 antivirus.
0.000s
Domain have good reputation on Web of Trust
Passed
Web Of Trust rates thousands of websites and find threats if they exist.
0.000s
DNS servers are same in dns tree and whois
Skipped
The dns servers given in the domain whois must be the same as those returned by a dns resolution request.
0.000s
Mail servers
- Name
- mail-fr.securemail.pro
- IP
- 81.88.48.101
- Banner
SPF
Find more informations about this SPF entry into the DNS > Zone tab
- Raw data
- v=spf1 include:spf.webapps.net ~all
DKIM
Your domain has no DKIM selector found
Do you have one to analyse ?
- Name
- mail-fr.securemail.pro
- IP
- 81.88.48.101
- Banner
- Starttls
- yes
- Dane
- no
- Mail size
- 114.44 MB
- Expn
- no
- Vrfy
- no
Smtp simulation
- Connection to mail-fr.securemail.pro ...
- 220 scott18 cmsmtp smtp.register.it ESMTP server ready
- HELO nstools.fr
- 250 scott18 hello [178.170.40.38], pleased to meet you
- EHLO nstools.fr
- 250-scott18 hello [178.170.40.38], pleased to meet you
250-HELP
250-SIZE 120000000
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-STARTTLS
250 OK - QUIT
- 221 2.0.0 scott18 cmsmtp closing connection
Autodiscover
DNS Config parsing
- Name
- _autodiscover._tcp.red-fox.fr
- Priority
- 10
- Weight
- 10
- Port
- 443
- Target
- ms-fr.securemail.pro
- TTL
- 900 (15 minutes)
Autoconfig file not found
Autodiscover file not found
SMTP server number
There is only one valid SMTP server.
Domain should have at least 2 SMTP servers according to the RFC. Note: You can use a service like altospam to solve this problem. Click on the link below to learn more
altospam0.000s
DMARC is configured for domain
The Domain does not have DMARC.
Banner return server name
mail-fr.securemail.pro with IP [81.88.48.101] does not contain the name of the server.
scott18 cmsmtp smtp.register.it ESMTP server ready
Banner must contain the name of the server
0.000s
DKIM is configured for domain
We do not detect any DKIM record for this domain.
It is strongly recommended to configure DKIM. Note: You could use a service like Mailout to fix this problem. Click on below link to know more
mailout DKIM definition0.000s
MX servers are accessibles
Passed
Smtp servers that are listed in DNS area must be accessible, otherwise, there is a risk that emails may be lost
0.000s
MX IPs have reverse
Passed
When a sending server makes a connection to the recipient server, the recipient server notes the sending IP address and performs a reverse lookup, called a PTR lookup, named after the type of DNS record used. If the result of the reverse lookup matches the result of a forward DNS Lookup, then it's much more likely that the message is legitimate. If the IP address doesn't match, it's much more likely that the sending address was spoofed and therefore much more likely that it's unwanted and could be considered spam.
documentation0.000s
HELO command is accepted
Passed
EHLO command is accepted
Passed
STARTTLS command is accepted
Passed
STARTTLS turns an unencrypted connection into a secure connection. Note: You can use a service like altospam to solve this problem. Click on the link below to learn more
0.000s
EXPN command is refused
Passed
EXPN command is now considered to be a security risk, spammers being able to harvest valid e-mail addresses via each mailing list.
0.000s
VRFY command is refused
Passed
As the EXPN command, VRFY is used by spammers to verify an address.
0.000s
Banner return 2xx or 4xx code
Passed
The banner must return (2xx) a valid (4xx) or temporary code.
0.000s
SMTP server type is hidden
Passed
There is a risk to display the type and the version of the server, because people can find a breach for a specific version and use it
0.000s
MX records are FQDN
Passed
MX records are not CNAME
Passed
SPF is configured for domain
Passed
To avoid identity theft, it is strongly recommended to configure SPF.
0.000s
SPF record is TXT type
Passed
SPF record is no longer used, SPF must be into TXT record because many servers do not support SPF record. If SPF record exist, it should be the same as TXT
RFC0.000s
Domain have only 1 SPF record
Passed
To avoid issue with SPF, it is strongly recommended to configure only one.
0.000s
SPF version exists
Passed
SPF version at first position
Passed
SPF "all" exists
Passed
According to the RFC, the mecanism "all" must be specified in the SPF record, except if there is a Redirect tag.
RFC0.000s
SPF "all" at last position
Passed
The mecanism "All" has to be the last tag in SPF record. Be sure you don't have any dupplicates entry in your field.
RFC0.000s
IPv4 & IPv6 syntaxes are corrects in SPF
Passed
SPF haven't PTR
Passed
SPF "Redirect" at last position
Passed
The mecanism "Redirect" has to be the last tag in SPF record. Be sure you don't have any dupplicates entry in your field.
RFC0.000s
SPF records of type TXT & SPF are the same
Passed
SPF record has become obselete, if it is configured then it must be the same as the one present in the TXT record
0.000s
PTR must be just before All statement
Passed
The mecanism "PTR" has to be the last tag in SPF record. Be sure you don't have any dupplicates entry in your field.
0.000s
MX IPs are differents
Skipped
The IP of the SMTP servers must be different if it is no longer reachable.
0.000s
MX IPs are in different class C
Skipped
The class C of every IPs should be differents
0.000s
Domain have only 1 DMARC record
Skipped
To avoid issue with DMARC, it is strongly recommended to configure only one.
0.000s
DMARC version exist
Skipped
DMARC version at first position
Skipped
According to the RFC 7489 section 6.3, the DMARC version must be the first tag in the list.
RFC0.000s
DMARC procedure exists
Skipped
DMARC "p" field is valid
Skipped
According to the RFC 7489 section 6.3, the procedure value must be none, quarantine or reject.
RFC0.000s
DMARC "sp" field is valid
Skipped
According to the RFC 7489 section 6.3, the subdomain procedure value must be none, quarantine or reject.
RFC0.000s
DMARC "pct" field is valid
Skipped
DMARC "adkim" field is valid
Skipped
DMARC "aspf" field is valid
Skipped
DMARC "rf" field is valid
Skipped
DMARC "ri" field is valid
Skipped
DMARC "ruf" field is valid
Skipped
DMARC "rua" field is valid
Skipped
DKIM version exist
Skipped
DKIM Service Type is valid
Skipped
DKIM Testing flag is valid
Skipped
DKIM public key is valid
Skipped
DKIM public key is secure
Skipped
The size of the public key must be bigger than 1024 bits.
0.000s
Web
Website
- Url
- https://www.red-fox.fr/
- Https
- Title
- SSL Error
- Description
- Unknown
- First paragraph
-
There is no SSL certificate configured for this domain.
- Url
- http://www.red-fox.fr/
- Title
- Unknown
- Description
- Unknown
- Response time
- 0.12 second
- Server
- apache
- Powered by
- Unknown
- Encoding
- Unknown
- HSTS
Headers
- Accept-Ranges: bytes
- Connection: close
- Content-Language: fr
- Content-Length: 794
- Content-Type: text/html
- Date: Thu, 25 Apr 2024 19:48:43 GMT
- Last-Modified: Wed, 24 Apr 2024 04:59:05 GMT
- Server: Apache
- Vary: Host
- Url
- https://www.red-fox.fr/
- Title
- SSL Error
- Description
- Unknown
- Response time
- 0.123 second
- Server
- nginx
- Powered by
- Unknown
- Encoding
- Unknown
- HSTS
Headers
- Connection: close
- Content-Length: 537
- Content-Type: text/html
- Date: Thu, 25 Apr 2024 19:48:43 GMT
- ETag: "595f7d6a-219"
- Server: nginx
Domain have "AAAA" field
Host has no "AAAA" (IPv6) field.
It is highly recommended to have an IPv6 for the website.
0.000s
X-XSS-Protection header is present
The X-XSS-Protection header was not found.
The HTTP X-XSS-Protection response header is a feature of Internet Explorer, Chrome and Safari that stops pages from loading when they detect reflected cross-site scripting (XSS) attacks.
documentation0.000s
Content Type Options header is present
The X-Content-Type-Options header was not found.
The only defined value, "nosniff", prevents Internet Explorer from MIME-sniffing a response away from the declared content-type. This also applies to Google Chrome, when downloading extensions.
RFC0.000s
Content Security Policy header is present
The Content-Security-Policy header was not found.
The HTTP Content-Security-Policy response header allows web site administrators to control resources the user agent is allowed to load for a given page. With a few exceptions, policies mostly involve specifying server origins and script endpoints. This helps guard against cross-site scripting attacks (XSS).
documentation0.000s
Domain have "A" field
Passed
The domain must have an A field in order for the website to be accessible.
0.000s
Host "www" have "A" field
Passed
WWW host is not required for a website, but it's better to have one.
0.000s
Host "www" have "AAAA" field
Passed
If you configure a WWW host for your website, it is recommended to have an IPv6.
0.000s
HTTP port (80) is open
Passed
This test verifies the presence of a website for the given IP or domain. Then scans port 80.
If the domain or IP is pointing to a website then port 80 must be open so that it can be accessed from a browser.
Otherwise port 80 must be closed.
0.000s
HTTPS port (443) is open
Passed
This test verifies the presence of a website for the given IP or domain. Then scans port 443.
If the domain or IP is pointing to a website then port 443 must be open so that it can be accessed from a browser.
Otherwise port 443 must be closed.
0.000s
Web server version is hidden
Passed
To avoid giving details to malicious people, the version of the server should not be visible.
0.000s
Web application technology is hidden
Passed
To avoid giving details to malicious people, the technology that supports the application should not be visible.
0.000s
Cookies are secure
Skipped
Using "HttpOnly" instruction prevents someone to access to cookies via Javascript. The secure flag will allow you to prevent a cookie from ever being communicated in simple HTTP. (RFC 6265 section 8.3)
RFC0.000s