DNS Tools - Advanced
a specialized set of tools for querying DNS records

DNS Software Version

This tool may retrieve the software version of the subject DNS. Many DNS will not respond to this query. The example is from BIND DNS server.

Example DNS Software Version Query

DNS Verify

DNS Verify accepts an IPv4 address and does a reverse lookup on it to find the hostname. Then it takes the hostname and resolves it back to an IPv4 address. If the IP addresses match, the DNS records verified. There is a batch version of this tool included as part of the DNS Tools - Batch Queries tool.

DNS Verify Example

IP Drilldown for IPv4 addresses

IP Drilldown Example

[Start Queries]
IPv4 Drilldown
Starting Timestamp: 12/07/18 14:50:23
Processing IPv4 Address [216.138.234.220]

[Query in arpa namespace for 220.234.138.216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
220.234.138.216.in-addr.arpa PTR domain name = greywood.webnethost.net
[Query in Class C arpa namespace for 234.138.216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
234.138.216.in-addr.arpa SOA
SOA origin = dns1.datacentres.rogers.com
mail addr = support.datacentres.rogers.com
serial = 2018110146
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
min ttl = 3600 (1 hour)
234.138.216.in-addr.arpa NS nameserver = dns2.datacentres.rogers.com
234.138.216.in-addr.arpa NS nameserver = dns1.datacentres.rogers.com
234.138.216.in-addr.arpa NS nameserver = dns3.datacentres.rogers.com
[Query in Class B arpa namespace for 138.216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Authoritative answers can be found from:
216.in-addr.arpa SOA
SOA origin = z.arin.net
mail addr = dns-ops.arin.net
serial = 2017026222
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 691200 (8 days)
min ttl = 10800 (3 hours)
[Query in Class A arpa namespace for 216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
216.in-addr.arpa SOA
SOA origin = z.arin.net
mail addr = dns-ops.arin.net
serial = 2017026222
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 691200 (8 days)
min ttl = 10800 (3 hours)
216.in-addr.arpa NS nameserver = arin.authdns.ripe.net
216.in-addr.arpa NS nameserver = y.arin.net
216.in-addr.arpa NS nameserver = x.arin.net
216.in-addr.arpa NS nameserver = r.arin.net
216.in-addr.arpa NS nameserver = u.arin.net
216.in-addr.arpa NS nameserver = z.arin.net
216.in-addr.arpa DNSKEY
TTL = 21599 (5 hours 59 mins 59 secs)
This is the zone key for the specified zone
Key is a zone signing key
Protocol: 3
Algorithm: RSA/SHA-1
Key id: 53556
Public Key Length: 262 bytes
Key:
05 01 00 00 00 01 E3 A7 7D 77 4E 88 38 3B FA A1
97 F2 F8 B8 DA 94 8E 6A B9 35 8A E5 0F 2F DE D5
D2 E7 A1 7D D2 07 BA 31 FD 01 D2 65 35 55 A7 A0
2B 38 3A 04 04 B5 C0 FC 02 14 28 9E 28 37 CD A3
86 98 2A D9 DD E0 9A EA 6B F5 FB 01 8C 5A D5 E2
DB CF 4C 95 86 5D 56 1A DB AB 69 01 CA 01 57 20
54 14 44 DC 88 F8 09 3E 04 29 67 E3 54 75 C1 DC
F6 C9 F9 58 3C B3 CC 3E 22 E4 59 F3 FC 44 7D D5
6C D6 F2 46 27 F9 DA 2B 6B 53 B5 B2 7D D4 CB DF
F8 26 7D CD 63 40 63 1E 43 3A A8 0A 0C 90 89 A5
4E 0E B5 9C E8 D0 73 E4 34 4D B5 29 6F 3E 5E 0D
EC 3A C3 41 E9 6F 52 13 4D 07 B9 43 84 6D 8C C4
93 FB FB 0E 86 FF FC 08 E8 7B 85 9F D7 99 DC 45
F5 53 13 D9 34 D4 30 A2 D5 CD F8 57 73 C2 15 1D
E5 11 7D 79 DD 4C 05 A3 A9 7E 59 24 A5 2A CB AA
88 5D 99 52 78 0A 06 F7 88 B4 F2 18 16 21 A1 3F
A2 C9 00 01 F9 F9
216.in-addr.arpa DNSKEY
TTL = 21599 (5 hours 59 mins 59 secs)
This is the zone key for the specified zone
Protocol: 3
Algorithm: RSA/SHA-1
Key id: 12376
Public Key Length: 132 bytes
Key:
03 01 00 01 CE B2 E9 5E DF 18 F9 A4 B2 AB 1C 86
4A AD 96 9F CD 6B E7 63 63 2D 3D F1 25 98 89 86
48 E7 60 F6 49 5E D3 A9 85 3E BF 7D 77 D1 3F EA
A2 59 43 25 06 A0 F1 D4 2C 63 B7 2C 84 30 C2 C1
D6 94 AB 87 FF C4 B2 EA 47 BC FD B1 AE EF 63 B4
0D 5F D7 1F 72 A3 FA BF 9A 03 8C 58 EF 94 67 93
75 67 AA 36 EF A7 D9 84 98 5B 6C 4C 5B 8D 9A FB
19 93 96 68 9E 92 A0 19 D2 FA EC A0 20 66 EF 75
63 25 B5 9B
216.in-addr.arpa DNSKEY
TTL = 21599 (5 hours 59 mins 59 secs)
This is the zone key for the specified zone
Protocol: 3
Algorithm: RSA/SHA-1
Key id: 6788
Public Key Length: 134 bytes
Key:
05 01 00 00 00 01 B3 84 CB 5E 38 74 02 05 86 B4
C9 DA 64 1F 71 A6 DB 78 29 46 4A 5E AE 18 F3 20
08 D9 D7 F4 64 D9 6C 39 CD 6F 96 3F 20 EF BD 89
12 2F 43 41 A2 02 BF CB A5 77 2E 81 2C 0A 8A 17
57 EF D6 91 DE FA 95 CA E9 1A 61 EA 91 AD DF 9C
16 F5 25 C3 C1 F1 AD 8C E0 B2 E9 96 20 D8 7F F8
94 2F 2D C8 DC CC 63 90 46 AF 2F DF 78 4D 37 5B
64 B5 99 A5 E3 5D 16 D4 61 86 FD 7E 9E 47 7E A0
25 43 67 A9 6B 37
216.in-addr.arpa NSEC
TTL = 10799 (2 hours 59 mins 59 secs)
Next Domain Name: 0.216.in-addr.arpa
RR Types in Bitmap: NS SOA RRSIG NSEC DNSKEY
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
NS (Authoritative Name Server)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
A3 B4 99 74 7F 6B B0 20 1A 0E 9A 75 9A 37 6F 6F
9E 2E A9 2D 29 B9 32 B6 3B A8 FD 6A A9 34 92 74
61 DF B0 B5 F2 56 2B 5E B1 CD D1 87 72 25 71 C9
8D FF 7D 02 1B BF 6A BB 24 4D EC 99 3E 2F 83 24
48 90 92 C8 7F FC D0 0F 40 56 B2 52 4A 08 38 ED
1B 30 24 47 4E 8E A3 A3 A7 8E BD 98 6A 5D 4F 43
AB E1 2C AF D4 07 EF 37 BA AE 49 0B 3C 5D 75 F0
5C BC EA A7 9E CF B5 3A C4 4F 51 0B 06 DB 87 BF
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
SOA (Start of Authority)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
2C 41 A1 50 F2 4C 0D 75 4D 0E A4 79 FC DE 12 D8
B2 59 22 3F 92 6E E8 F9 39 58 8C A2 3E 53 5D 26
D1 AF DD CC 61 B7 1A 93 F1 40 EB 9A 6F FC 9D CD
D1 33 0D 9A B2 1D 86 09 E4 BE BB 42 60 2D BB 4D
4B F2 D4 23 E4 E3 E7 DB 59 C6 CD B5 9F 28 67 34
6D CE 1B 16 A2 92 13 5E 92 1A 7C 77 A9 3D E2 8E
AE F3 5E F1 A8 80 21 C7 89 1B C5 40 9E 11 06 24
F9 13 60 69 78 6E 6E D6 A6 22 4A 24 3A 60 1B AB
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
DNSKEY (DNS Public Key)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
40 E3 06 C2 FE 19 7F BE E5 AE 50 88 22 32 EB 86
83 08 A4 61 7C 15 BD 60 41 AC D7 E2 8B FE 28 9B
C4 45 C7 B7 D4 29 EC 88 7A 8C 27 F0 07 B7 D4 03
68 5A 7A 46 34 0A 22 13 7C 02 F0 B7 73 8D F4 E2
9A 9D 7C 00 65 C2 9F F7 90 BE 73 1C BB 9C 32 2F
0F 08 01 17 FD 77 ED 26 68 0F 4E 10 F0 0C 7B C9
A0 F4 30 4C 93 EC 8C 01 92 CC F5 5D C9 7D 6C 17
31 A6 DD 29 47 29 E2 45 D8 18 A5 2D E3 FF 81 8D
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
DNSKEY (DNS Public Key)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 53556
Signer's Name: 216.in-addr.arpa
Signature Length: 256 bytes
Signature:
A3 A9 6C 8A 25 AB CB D7 38 C8 CC B9 93 B2 BE 65
08 37 90 A4 8A CB 3B F1 7A 72 25 22 CF B2 67 D8
74 04 6B 10 50 17 41 F8 C5 B7 9C 59 49 AD 8A E1
09 4D BD 10 2D 1E 2B A1 FE C2 74 B7 E2 FC 6A 2C
58 DF F8 1D 57 A2 C7 AC D1 6F 2C 0D B7 AC 71 E2
57 1D 44 7F EA 65 9A D9 19 9D FB 1D AF 26 7A 4C
82 DD F4 92 B2 38 5D E5 4A CC DE 82 B5 F0 F2 5B
CB E1 60 96 D0 2A 24 28 31 9D 49 55 63 37 8F 8B
1B 21 43 9A A3 A1 CF 02 10 3E EA BF E7 23 91 8B
DF 73 FB F0 0A AE 26 77 42 B7 D6 84 D7 D9 48 FB
4A BA DA E0 62 97 48 16 7A 7A 93 AE 62 6C 6D B5
33 0B 3C 65 93 69 21 08 75 8A 37 66 5F 4E 83 DE
A2 E5 31 21 3F EE 42 18 DE 41 CF F8 91 83 F2 67
9D A4 D6 91 24 B6 70 2D 8D 2B C3 8F 0D F8 ED C3
50 C4 9B 3C 2D 49 0E 1F BC 96 CA 02 52 45 1F 64
12 14 40 A1 E6 B4 A7 D4 30 2D B3 B3 BE D9 9E AE
216.in-addr.arpa RRSIG
TTL = 10799 (2 hours 59 mins 59 secs)
NSEC (Next Secure)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 10800 (3 hours)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
76 EF 36 8F 0B 56 5A 06 D0 57 44 25 28 9D 22 D7
67 D8 E8 26 08 42 53 DF F2 90 36 94 D5 44 EA 64
B0 A6 DD 4D 8A 54 82 27 5A C3 5C 12 51 6A 97 3C
CF A3 17 03 4C A8 20 3F F9 2B 8C 78 FA B3 89 8C
64 49 9E 8B 29 CB FA 13 B3 8F 2D E7 40 C0 85 A0
F2 C0 93 ED 9D E4 01 D6 E5 4B 74 D6 20 75 8D D6
8E EA 68 21 EC AA E6 8B 99 F4 80 FF 40 69 6C 50
13 9B 32 47 A9 3A 17 1D A2 81 A1 D6 72 F8 81 57
[End Query Set]

ENUM

This tool accepts a fully qualified telephone number beginning with the country code and returns any records maintained by the end user in the ENUM registry in the public domain e164.arpa (or any other root you choose).

ENUM Example

[Start Query]
ENUM NAPTR (e164)
Starting Timestamp: 12/07/18 15:46:17
Processing Telephone Number [+420 222 745120]
ENUM Root Server: e164.arpa

[Query in ENUM NAPTR namespace for 0.2.1.5.4.7.2.2.2.0.2.4.e164.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
0.2.1.5.4.7.2.2.2.0.2.4.e164.arpa NAPTR order = 100, preference = 50
flags = "u"
services = "E2U+sip"
rule = "!^.*$!sip:hudba@nic.cz!"
replacement = (root)
0.2.1.5.4.7.2.2.2.0.2.4.e164.arpa NAPTR order = 100, preference = 50
flags = "u"
services = "sip+E2U"
rule = "!^.*$!sip:hudba@nic.cz!"
replacement = (root)

SPF/Domain Keys

This tool accepts a domain name and requests the SPF records and Domain Keys records (if available).

SPF/Domain Keys Example

[Start Query]
SPF/Domain Keys
Starting Timestamp: 12/07/18 15:54:45
Source DNS: 8.8.8.8
Target: facebook.com

Requesting SPF TXT record.
SPF (TXT) Record: v=spf1 redirect=_spf.facebook.com
SPF (TXT) Record from redirect: v=spf1 ip4:69.63.179.25 ip4:69.63.178.128/25 ip4:69.63.184.0/25 ip4:66.220.144.128/25 ip4:66.220.155.0/24 ip4:69.171.232.0/24 i

Requesting SPF resource record (RFC4408).
-No SPF resource records were found.

Requesting _domainkey.facebook.com TXT record.
Server Reply Code: No Such Name.

Requesting default._domainkey.facebook.com TXT record.
DomainKey Record: t=y; k=rsa; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALkZ4wTn2SQ3EW0vVBExi8izmZZ
njZH8JIY5Y964jzDORZku43o6ooFq6HLMjBxmcDYOrJFRdcsKDWtI0

[End Query]

DNS List Speed Test

This tool accepts a list of DNS IPs (hostnames are allowed, but not recommended), then it sends an identical forward or reverse resolve query of the input field to each DNS and shows the response time. It also shows the data that each DNS sends back.

DNS List Speed Test Example

Test of each DNS in the list using an 'A' record query for example.com

Starting Timestamp: 02/01/10 14:14:47

Testing DNS: 4.2.2.2
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
Server Response Time = 0.124 seconds

[separator]

Testing DNS: 208.200.248.8
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
Server Response Time = 0.047 seconds

[separator]

Testing DNS: 208.200.248.1
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
Server Response Time = 1.241 seconds

[separator]

Testing DNS: 192.168.0.151
This server failed to respond.
Server Response Time = 0.004 seconds

[separator]

Testing DNS: 204.122.16.4
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
NS Record: a.iana-servers.net
NS Record: b.iana-servers.net
Server Response Time = 0.286 seconds

[separator]

[End DNS List Processing]

IP or Hostname to ASN

This tool accepts an IPv4/IPv6 or hostname and finds the ASN (autonomous system number)

IP or Hostname to ASN Example

[Start Query]
IP/Hostname to ASN for [google.com]
IPv4 address: 172.217.14.206

ASN | IP/CIDR | Country Code | Registry | Date
15169 | 172.217.14.0/24 | US | arin | 2012-04-16

IPv6 Lookup Error:

Timestamp: 12/07/18 16:24:01
[End Query]

Get VOIP SRV Records

This tool accepts a hostname and finds the SRV records typically associated with VOIP.

VOIP SRV Records Example

[Start Query]
VOIP SRV Records for the domain [google.com]

Query: _h323cs._udp.google.com
Server Reply Code: No Such Name.

Query: _h323ls._udp.google.com
Server Reply Code: No Such Name.

Query: _h323rs._udp.google.com
Server Reply Code: No Such Name.

Query: _iax._udp.google.com
Server Reply Code: No Such Name.

Query: _jabber._tcp.google.com
Priority: 20
Weight: 0
Port: 5269
Target: alt4.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt2.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt1.xmpp-server.l.google.com

Priority: 5
Weight: 0
Port: 5269
Target: xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt3.xmpp-server.l.google.com


Query: _sip._udp.google.com
Server Reply Code: No Such Name.

Query: _sip._tcp.google.com
Server Reply Code: No Such Name.

Query: _sip._tls.google.com
Server Reply Code: No Such Name.

Query: _sips._tcp.google.com
Server Reply Code: No Such Name.

Query: _xmpp-server._tcp.google.com
Priority: 20
Weight: 0
Port: 5269
Target: alt3.xmpp-server.l.google.com

Priority: 5
Weight: 0
Port: 5269
Target: xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt4.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt1.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt2.xmpp-server.l.google.com

Timestamp: 12/07/18 16:57:00
[End Query]

Get Miscellaneous SRV Records

This tool accepts a hostname and finds miscellaneous SRV records. In this example LDAP is being advertised, nothing else.

Miscellaneous SRV Records Example

[Start Query]
Misc SRV Records for the domain [google.com]

Query: _ftp._tcp.google.com
Server Reply Code: No Such Name.

Query: _http._tcp.google.com
Server Reply Code: No Such Name.

Query: _kerberos._tcp.google.com
Server Reply Code: No Such Name.

Query: _ldap._tcp.google.com
Priority: 5
Weight: 0
Port: 389
Target: ldap.google.com


Query: _nfs._tcp.google.com
Server Reply Code: No Such Name.

Query: _nfs._udp.google.com
Server Reply Code: No Such Name.

Query: _nfs4._tcp.google.com
Server Reply Code: No Such Name.

Query: _nicname._tcp.google.com
Server Reply Code: No Such Name.

Query: _nntp._tcp.google.com
Server Reply Code: No Such Name.

Query: _pop3._tcp.google.com
Server Reply Code: No Such Name.

Query: _printer._tcp.google.com
Server Reply Code: No Such Name.

Query: _sftp._tcp.google.com
Server Reply Code: No Such Name.

Query: _smtp._tcp.google.com
Server Reply Code: No Such Name.

Query: _ssh._tcp.google.com
Server Reply Code: No Such Name.

Query: _telnet._tcp.google.com
Server Reply Code: No Such Name.

Query: _whois._tcp.google.com
Server Reply Code: No Such Name.

Timestamp: 12/08/18 08:33:23
[End Query]

IPv6 Address Validation

IPv6 address formatting is more complex than IPv4. This tool provides a way to 'validate' and check the syntax of the IPv6 address. It also shows the scope whether Link Local or Global or other. You can paste one or more from the clipboard or import a list from a text file.

IPv6 Address Validation Screenshot