DNS Deep Resolver

Enter any domain to map its complete DNS infrastructure. Queries 8+ APIs in parallel: RIPE Stat DNS chain, Robtex passive DNS, Cert Spotter & crt.sh CT logs, and Google/Cloudflare/Quad9 DNS-over-HTTPS resolvers for multi-provider record comparison.

Last updated:

What is deep DNS analysis?

Standard DNS lookups only show you what a domain currently resolves to from a single nameserver. Deep DNS analysis goes further by mapping the complete delegation chain from root servers through TLD servers to authoritative nameservers, querying passive DNS databases for historical resolution data, checking Certificate Transparency logs for all certificates ever issued, and comparing results across multiple DNS-over-HTTPS providers to detect discrepancies like DNS poisoning, censorship, or geo-based load balancing.

Key Terminology

Delegation Chain
The complete path DNS queries follow from the root zone (.) through the TLD servers (.com, .org) down to the authoritative nameservers for a domain. Each step "delegates" authority to the next level. Breaks in this chain can cause DNS resolution failures.
Passive DNS (pDNS)
Historical DNS data collected by sensors that observe real DNS traffic on the internet. Unlike active lookups, passive DNS shows what domains resolved to weeks, months, or years ago — invaluable for tracking infrastructure changes and past hosting relationships.
DNS-over-HTTPS (DoH)
A protocol that encrypts DNS queries inside HTTPS connections. Google (8.8.8.8), Cloudflare (1.1.1.1), and Quad9 (9.9.9.9) all offer public DoH endpoints. Comparing results across these providers can reveal DNS manipulation.

🔗 DNS Deep Resolver — Frequently Asked Questions

Why compare DNS results across multiple resolvers?

Different DNS resolvers can return different results due to caching, geographic load balancing, DNS poisoning, or censorship. Comparing Google, Cloudflare, and Quad9 simultaneously reveals discrepancies that could indicate DNS manipulation, split-horizon configurations, or CDN-based geo-routing.

What is passive DNS?

Passive DNS is historical DNS data collected by observing real DNS traffic. Unlike active queries that only show current records, passive DNS reveals what a domain resolved to in the past — exposing former hosting providers, IP changes, and infrastructure shifts over time.

Domain Recon

Complete domain reconnaissance.

CT Monitor

Certificate transparency logs.

Subdomain Scanner

Passive subdomain enumeration.

Email Security

SPF/DKIM/DMARC analysis.