Skip to main content
DNS Tool
Executive's DNS Intelligence Brief
Generated 20 Apr 2026, 03:57 UTC
Duration 13.1s
Version v26.46.24
Integrity 94e37b8b52e990694b260fde0dff57346efd0c8b1cc0efd79b0b2c01f593b739d9c7d3e864c439f98ec424a08f4c41c5dff36fee259a69a0de3c8d45ea61eb6b
Subject Domain
test

Executive's DNS Intelligence Brief

Board-level domain security assessment — test

20 Apr 2026, 03:57 UTC · 13.1s · SHA-3-512: 94e3✱✱✱✱ Verify ·Archived
Zone Health
DNS Security & Trust Posture
Risk Level: High Risk
1 not configured
Analysis Confidence
LOW
Significant disagreement between resolvers undermines confidence in the analysis results.
Email Spoofing
N/A — Registry
Brand Impersonation
N/A — Registry
DNS Tampering
Unsigned
Certificate Control
N/A — Registry
What Requires Attention
No urgent actions detected. Domain security posture is well-maintained.
The BIG Questions
Can DNS itself be tampered with? Possible DNSSEC is not deployed, DNS responses are not cryptographically verified
Domain Overview
Registrar Unknown
Email Provider Unknown
Web Hosting Unknown
DNS Hosting Unknown

Technical Findings

DNS Security
Can DNS itself be tampered with? Possible — DNSSEC is not deployed, DNS responses are not cryptographically verified
DNSSEC Partial
DNSSEC not configured - DNS responses are unsigned
NS Delegation Healthy
Delegation Consistency 2 Issues
NS Fleet Health 3 Issues Diversity: Poor
Priority Actions 1 total Achievable: Secure
Medium Enable DNSSEC

DNSSEC is not enabled for this domain. DNSSEC provides cryptographic authentication of DNS responses, preventing cache poisoning and DNS spoofing attacks.

Appendix — Additional Resources

Full technical details including raw DNS records, DKIM public keys, IP/ASN mappings, resolver consensus evidence, and verification commands are available in the Engineer's DNS Intelligence Report.

View Zone Health Report

Verify Report Integrity SHA-3-512 Has this report been tampered with? Verify below

Tamper-evident fingerprint binding this analysis to its data, domain, timestamp, and tool version.

94e37b8b52e990694b260fde0dff57346efd0c8b1cc0efd79b0b2c01f593b739d9c7d3e864c439f98ec424a08f4c41c5dff36fee259a69a0de3c8d45ea61eb6b
12 RFCs evaluated · DNS state at 20 Apr 2026, 03:57 UTC
Internet Archive — Permanent Record Wayback Machine

This analysis is permanently archived by the Internet Archive, providing independent third-party verification of DNS security posture at analysis time.

View Archived Snapshot