View on GitHub

DNSViz: A DNS visualization tool

tp-link.com.cn

Updated: 2020-04-02 08:26:43 UTC (1490 days ago) Update now
« Previous analysis | Next analysis »
DNSSEC options (hide)
  1. |?|
  2. |?|
  3. |?|
  4. |?|
  5. |?|
  6. |?|
  7. |?|
Notices
DNSSEC Authentication Chain

RRset statusRRset status

Insecure (5)
  • tp-link.com.cn/A
  • tp-link.com.cn/MX
  • tp-link.com.cn/NS
  • tp-link.com.cn/SOA
  • tp-link.com.cn/TXT
Secure (4)
  • com.cn/SOA
  • com.cn/SOA
  • com.cn/SOA
  • com.cn/SOA

DNSKEY/DS/NSEC statusDNSKEY/DS/NSEC status

Secure (10)
  • ./DNSKEY (alg 8, id 20326)
  • ./DNSKEY (alg 8, id 33853)
  • ./DNSKEY (alg 8, id 48903)
  • NSEC3 proving non-existence of tp-link.com.cn/DS
  • cn/DNSKEY (alg 8, id 38388)
  • cn/DNSKEY (alg 8, id 57724)
  • cn/DS (alg 8, id 57724)
  • com.cn/DNSKEY (alg 8, id 43326)
  • com.cn/DNSKEY (alg 8, id 46387)
  • com.cn/DS (alg 8, id 46387)

Delegation statusDelegation status

Insecure (1)
  • com.cn to tp-link.com.cn
Secure (2)
  • . to cn
  • cn to com.cn

NoticesNotices

Errors (6)
  • cn zone: The server(s) were not responsive to queries over UDP. (203.119.27.1)
  • cn/DNSKEY: No response was received from the server over UDP (tried 4 times). (66.198.183.65, UDP_-_EDNS0_512_D_K)
  • com.cn zone: The server(s) were not responsive to queries over UDP. (203.119.27.1)
  • com.cn/DNSKEY: No response was received from the server over UDP (tried 4 times). (203.119.29.1, UDP_-_EDNS0_512_D_K)
  • tp-link.com.cn zone: The server(s) were not responsive to queries over TCP. (120.52.19.144, 219.138.102.207)
  • tp-link.com.cn/SOA: No response was received from the server over TCP (tried 3 times). (120.52.19.144, 219.138.102.207, TCP_-_EDNS0_4096_D)
Warnings (8)
  • . to cn: Authoritative AAAA records exist for ns.cernet.net, but there are no corresponding AAAA glue records.
  • . to cn: The glue address(es) for ns.cernet.net (202.112.0.44) differed from its authoritative address(es) (103.137.60.44).
  • com.cn/DNSKEY (alg 8, id 43326): No response was received from the server over UDP (tried 6 times) until the COOKIE EDNS option was removed (however, this server appeared to respond legitimately to other queries with the COOKIE EDNS option present). (203.119.29.1, UDP_-_EDNS0_4096_D_K)
  • com.cn/DNSKEY (alg 8, id 46387): No response was received from the server over UDP (tried 6 times) until the COOKIE EDNS option was removed (however, this server appeared to respond legitimately to other queries with the COOKIE EDNS option present). (203.119.29.1, UDP_-_EDNS0_4096_D_K)
  • com.cn/DS (alg 8, id 46387): No response was received from the server over UDP (tried 6 times) until the COOKIE EDNS option was removed (however, this server appeared to respond legitimately to other queries with the COOKIE EDNS option present). (203.119.29.1, UDP_-_EDNS0_4096_D_K)
  • com.cn/DS (alg 8, id 46387): No response was received from the server over UDP (tried 6 times) until the COOKIE EDNS option was removed (however, this server appeared to respond legitimately to other queries with the COOKIE EDNS option present). (203.119.29.1, UDP_-_EDNS0_4096_D_K)
  • com.cn/DS (alg 8, id 46387): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (195.219.8.90, UDP_-_EDNS0_4096_D_K)
  • com.cn/DS (alg 8, id 46387): No response was received until the UDP payload size was decreased, indicating that the server might be attempting to send a payload that exceeds the path maximum transmission unit (PMTU) size. (195.219.8.90, UDP_-_EDNS0_4096_D_K)

DNSKEY legend

Full legend
SEP bit setSEP bit set
Revoke bit setRevoke bit set
Trust anchorTrust anchor
Download: png | svg
Warning JavaScript is required to make the graph below interactive.
DNSSEC authentication graph