Passive DNS Replication
In the past, RUS-CERT was running a DNS replication server as a service to the CERT community.
The dns replication server has moved. Please find the new query portal here.
By using this web page, you can query the replication database and obtain information that is not readily available through traditional DNS queries.
Do not run automatic queries against this database.
You still may enter your query in the form below, the resuls will be delivered by the new server.
The following query types are supported:
- IP address: The result contains a list of A RRs for those IP addresses, CNAME RRs pointing to those A RRs, and A RRs whose domain starts with the IP address in reversed dotted quad notation (as found in DNSBLs). PTR records are also printed.
- Domain name: The result contains a list of RRs with that domain name. RRs which merely point to this domain are also included.
There is a hardcoded limit of 500 records returned per query. Appearance of new records is delayed by 20 minutes.
The information that is presented by this service is gathered from the public Domain Name Service (DNS) system. The data is based on network traffic that is fully anonymized before further processing (even though the information would only allow to associate a specific query with a certain DNS server). No personally identifiable information is collected during the process.
Details about the implementation are available from the dnslogger site.
RUS-CERT wishes to thank the anonymous donators who contribute to this distributed effort and enable RUS-CERT to provide this service.