DNS tool v1.0.2 releases: display information about your domain

by do son · Published February 17, 2019 · Updated June 26, 2022

dt

DNS tool that displays information about your domain.

Features

common records scanning (use -scan)
validate DNSSEC chain (use -debug to see more info)
change query speed for scanning (default 10 queries per second)
diagnostic of your domain (similar to intodns.com, dnsspy.io)
For implemented checks see #1

Changelog v1.0.2

571912b Fix missing vendor
9f664f6 Update README
bbb2351 Update dependencies
384b1ec Add support for BIMI (#11)
9023c2c Add latest to install command

Installing

Binaries

Binaries can be found here

Building

Go 1.6.3+ is required. Make sure you have Go properly installed, including setting up your [GOPATH]

cd $GOPATH
go get github.com/42wim/dt
$ ls bin/
dt

Usage

Usage:
dt [FLAGS] domain

Example:
dt icann.org
dt -debug ripe.net
dt -debug -scan yourdomain.com

Flags:
-debug
enable debug
-json
output in JSON
-qps int
queries per seconds (per nameserver) (default 10)
-resolver string
use this resolver for initial domain lookup (default “8.8.8.8”)
-scan
scan domain for common records
-showfail
only show checks that fail or warn

Running

./dt ripe.net

NS                      |IP                     |LOC |ASN        |ISP                                      |rtt          |Serial     |DNSSEC |ValidFrom    |ValidUntil

a3.verisigndns.com.     |69.36.145.33           |US  |ASN 36617  |AGTLD - VeriSign Global Registry Service |6.312503ms   |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2001:502:cbe4::33      |US  |ASN 36622  |IGTLD - VeriSign Global Registry Service |12.844157ms  |1492613104 |valid   |10 hours ago |4 weeks from now

a1.verisigndns.com.     |209.112.113.33         |US  |ASN 36617  |AGTLD - VeriSign Global Registry Service |8.993407ms   |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2001:500:7967::2:33    |US  |ASN 36622  |IGTLD - VeriSign Global Registry Service |12.03051ms   |1492613104 |valid   |10 hours ago |4 weeks from now

a2.verisigndns.com.     |209.112.114.33         |US  |ASN 36619  |CGTLD - VeriSign Global Registry Service |103.03539ms  |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2620:74:19::33         |US  |ASN 36619  |CGTLD - VeriSign Global Registry Service |104.154197ms |1492613104 |valid   |10 hours ago |4 weeks from now

sns-pb.isc.org.         |192.5.4.1              |US  |ASN 3557   |ISC-AS - Internet Systems Consortium, In |5.563089ms   |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2001:500:2e::1         |US  |ASN 3557   |ISC-AS - Internet Systems Consortium, In |11.509454ms  |1492613104 |valid   |10 hours ago |4 weeks from now

sec3.apnic.net.         |202.12.28.140          |AU  |ASN 4777   |APNIC-NSPIXP2-AS Asia Pacific Network In |253.352975ms |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2001:dc0:1:0:4777::140 |AU  |ASN 4777   |APNIC-NSPIXP2-AS Asia Pacific Network In |266.28428ms  |1492613104 |valid   |10 hours ago |4 weeks from now

manus.authdns.ripe.net. |193.0.9.7              |NL  |ASN 197000 |RIPE-NCC-AUTHDNS-AS Reseaux IP Europeens |5.493287ms   |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2001:67c:e0::7         |NL  |ASN 197000 |RIPE-NCC-AUTHDNS-AS Reseaux IP Europeens |11.403502ms  |1492613104 |valid   |10 hours ago |4 weeks from now

tinnie.arin.net.        |199.212.0.53           |US  |ASN 393225 |ARIN-PFS-IAD - ARIN Operations, US       |94.890834ms  |1492613104 |valid   |10 hours ago |4 weeks from now

                        |2001:500:13::c7d4:35   |US  |ASN 53535  |ARIN-PFS-ANYCAST - ARIN Operations, US   |96.854587ms  |1492613104 |valid   |10 hours ago |4 weeks from now

DNSSEC

         OK: DNSKEY validated. Chain validated

NS

         OK  : NS of all nameservers are identical

         OK  : Multiple nameservers found

         OK  : Your nameservers are in different subnets.

         OK  : Nameservers are spread over multiple AS

         OK  : IPv4 and IPv6 nameservers found.

         OK  : All nameservers are authoritative.

         OK  : All nameservers report they are not allowing recursive queries.

         OK  : Your nameservers are also listed as NS at the parent nameservers

         OK  : Your parent nameservers are also listed as NS at your nameservers

         OK  : No CNAMEs found for your NS records

GLUE

         WARN: no glue records found for [2001:500:2e::1 192.5.4.1] in NS of parent net.

         WARN: no glue records found for [2620:74:19::33 2001:500:2e::1 199.212.0.53 2001:502:cbe4::33 2001:dc0:1:0:4777::140 209.112.113.33 69.36.145.33 202.12.28.140 2001:500:7967::2:33 $09.112.114.33 192.5.4.1 2001:500:13::c7d4:35] in NS of ripe.net.

SOA

         OK  : SOA of all nameservers are identical

         WARN: Serial is not in the recommended format of YYYYMMDDnn.

         OK  : MNAME manus.authdns.ripe.net. is listed at the parent servers.

         OK  : Your nameservers have public / routable addresses.

MX

         OK  : MX of all nameservers are identical

         OK  : Multiple MX records found

         OK  : Your MX records have public / routable addresses.

         OK  : Your MX records resolve to different ips.

         OK  : No CNAMEs found for your MX records

         OK  : All MX records have reverse PTR records

Web

         OK  : Found a www record

         OK  : Found a root record

         OK  : Didn't find a CNAME for the root record

         OK  : Your www record has a public / routable address.

Spam

         WARN: No DMARC records found. Along with DKIM and SPF, DMARC helps prevent spam from your domain.

         WARN: No SPF records found. Along with DKIM and DMARC, SPF helps prevent spam from your domain.

Source: https://github.com/42wim/

DNS tool v1.0.2 releases: display information about your domain

Search

Brilliantly

Content & Links