Connectivity: 71%
The following nameservers are available and responding correctly for DNS queries for your domain cehrd.gov.np.
Nameserver | IP address(es) | SOA serial |
---|---|---|
mechi.nitc.gov.np. | 202.45.144.2 | 2024092701 |
We detected the following errors or warnings about your DNS configuration. These caused your DNS rating to be lowered. Resolving these will grant a higher DNS Spy rating for your domain.
- The nameserver IPs are on the same /24 subnet.
- No IPv6 reachable nameservers were found. Users on IPv6-only networks are unable to reach you.
We could not find any recommendations at this time.
Good news, we detected the following achievements in your DNS configuration. Each of these checks has increased your DNS Spy score.
- All nameservers reply with the same SOA serial number.
- All nameservers are online.
- Nameservers are available over IPv4.
Performance: 0%
We tested each nameserver and measured the following response times.
Nameserver | IP address(es) | Response time |
---|---|---|
mechi.nitc.gov.np. | 202.45.144.2 | 232ms |
We detected the following errors or warnings about your DNS configuration. These caused your DNS rating to be lowered. Resolving these will grant a higher DNS Spy rating for your domain.
- Nameserver mechi.nitc.gov.np. (202.45.144.2) replied, but took too long (232ms). This will severely impact performance.
We could not find any recommendations at this time.
We could not find any recommendations at this time.
Resilience & Security: 0%
These are the locations and providers of your nameservers.
Nameserver | Location | ISP |
---|---|---|
mechi.nitc.gov.np. | IPv4: NP | AS45353 - NITC-AS-AP NITC: IT Agency of Government of Nepal, NP |
We detected the following errors or warnings about your DNS configuration. These caused your DNS rating to be lowered. Resolving these will grant a higher DNS Spy rating for your domain.
- Consider adding more than 1 nameserver for increased redundancy.
- All IPv4 nameservers are hosted by the same provider (AS45353 - NITC-AS-AP NITC: IT Agency of Government of Nepal, NP). Consider spreading the nameservers across multiple DNS providers for increased redundancy.
- No DNSSEC records found. Consider enabling DNSSEC, as it provides a way to validate DNS responses for data integrity.
- All the nameservers are being operated from a single domain (nitc.gov.np). If that domain gets compromised or goes offline, the DNS will be unavailable. Consider spreading the nameservers across multiple domains.
We detected some possible recommendations for you to consider. No penalties were given for these, but resolving them can give you a higher DNS score.
- All IPv4 nameservers appear to be hosted in the same country (NP). You might want to consider spreading the nameservers geographically.
- No CAA records found. Consider adding CAA records, as it adds increased security by limiting which Certificate Authorities can issue certificates for this domain. (more info)
We could not find any recommendations at this time.
DNS records: 81%
Our scans detected the following publicly available DNS records.
Record | TTL | Value | |
---|---|---|---|
A | cehrd.gov.np | 5m | 103.69.124.8 |
MX | cehrd.gov.np | 5m |
10 mx2.nepal.gov.np. 5 mx1.nepal.gov.np. |
NS | cehrd.gov.np | 5m |
bagmati.nitc.gov.np. koshi.nitc.gov.np. mechi.nitc.gov.np. |
SOA | cehrd.gov.np | 5m | mechi.nitc.gov.np. admin.nitc.gov.np. 2024092701 7200 900 604800 3600 |
TXT | cehrd.gov.np | 5m | "v=spf1 a mx a:mx1.nepal.gov.np a:mx2.nepal.gov.np ip4:202.45.146.101 ip4:202.45.146.102 -all" |
CNAME | mail.cehrd.gov.np | 5m | mail.nepal.gov.np. |
A | www.cehrd.gov.np | 5m | 103.69.124.8 |
We detected the following errors or warnings about your DNS configuration. These caused your DNS rating to be lowered. Resolving these will grant a higher DNS Spy rating for your domain.
- Consider giving the MX record for "cehrd.gov.np" a longer TTL, as those don't change often (1h+).
- Consider giving the NS records for "cehrd.gov.np" a longer TTL, as those don't change often (1h+).
- The active nameservers do not match your NS records. Please correct the NS records.
We detected some possible recommendations for you to consider. No penalties were given for these, but resolving them can give you a higher DNS score.
- No DMARC records have been found. Consider configuring DMARC for improved e-mail authentication.
- No IPv6 record has been found on the zone apex (cehrd.gov.np). Consider enabling IPv6 in the infrastructure by adding an AAAA record on this domain.
Good news, we detected the following achievements in your DNS configuration. Each of these checks has increased your DNS Spy score.
- Multiple MX records found.
- MX records with different priorities found (main + fall-back mailservers).
- The MX records points to multiple mailservers.
- Your SOA serial number follows the best practice YYYYMMDDxx format.
- SPF records have been found.
- SPF records are set up restrictively.
- Found a root (apex) DNS record.
- Found a www DNS record.
- The DNS records appear to be RFC compliant.
Have a look at other public DNS scans.