Recon Report
test
ANALYSIS CONFIDENCE
LOW
38/100
ACC:23%
CUR:61
MAT:consistent
Registry Zone — Infrastructure Analysis
Top-level domain detected. Email and brand protocols skipped — running infrastructure-only analysis.
Active Recon Vectors
DNSSEC Chain
CAA Policy
NS Delegation
Nmap DNS
HTTPS / SVCB
CDS / CDNSKEY
Registrar
Resolver Consensus
Skipped: SPF, DKIM, DMARC, BIMI, MTA-STS, TLS-RPT, SMTP transport, CT subdomains, security.txt, AI surface, secret exposure
DNS Infrastructure Can you poison the DNS? Possible DNSSEC is not deployed, DNS responses are not cryptographically verified
> validating cryptographic chain of trust...
DNSSEC
No DNSSEC — DNS responses can be spoofed or poisoned
RFC 4033–4035 — DNSSEC
DNSSEC adds cryptographic signatures to DNS responses, preventing cache poisoning and response forgery. Without DNSSEC, an attacker can forge DNS answers.
NS Delegation
1 nameserver detected
— single point of failure
localhost
Intelligence Metadata Can you verify this independently?
SHA-3-512 Integrity Hash
94e37b8b52e990694b260fde0dff57346efd0c8b1cc0efd79b0b2c01f593b739d9c7d3e864c439f98ec424a08f4c41c5dff36fee259a69a0de3c8d45ea61eb6b
RFC References
12
Tool Version
v26.46.24
Posture Hash
7b7b2d429de21e42…