Purpose of the DNS Tools - Advanced

This toolset provides specialized methods for accessing and reviewing certain types of DNS records from any accessible DNS.

About DNS Tools - Advanced

DNS Tools - Advanced are a collection of powerful specialized tools for querying DNS servers. Use the tools to troubleshoot DNS settings or determine other name resolution problems.

Related Tool Links: DNS Tools - Core

DNS Tools - Advanced Screenshot

DNS Tools - Advanced Screenshot

11 specialized DNS Tools

Authoritative DNS Serial Check

Authoritative DNS Serial Check accepts a domain name and finds the authoritative name servers (primary and secondary), then it queries each name server for the current serial number for the zone defining the domain, then it presents and analyzes the results.

Example Authoritative DNS Serial Check Query

[Start Query]
Authoritative DNS Serial Check
Starting Timestamp: 12/07/18 13:41:53
Query: netscantools.com

NS: ns2.webnethost.com -- Serial: 2017122801
NS: ns1.webnethost.com -- Serial: 2017122801

Analysis: All serial numbers are identical, no problems detected.

[End Query]

DNS Software Version

This tool may retrieve the software version of the subject DNS. Many DNS will not respond to this query. The example is from BIND DNS server.

Example DNS Software Version Query

[Start Query]
DNS Software Version and Authors
Starting Timestamp: 12/07/18 14:21:09
Subject DNS: vt1.sampledomainsomewhere.com

DNS Version: 9.10.5-P3
DNS Author: Bob Halley
DNS Author: James Brister
DNS Author: Scott Mann
DNS Author: JINMEI Tatuya
DNS Author: Jeremy C. Reed
DNS Author: Curtis Blackburn
DNS Author: Mark Andrews
DNS Author: Andreas Gustafsson
DNS Author: Ben Cottrell
DNS Author: David Lawrence
DNS Author: Michael Sawyer
DNS Author: Matt Nelson
DNS Author: Damien Neil
DNS Author: Danny Mayer
DNS Author: Francis Dupont
DNS Author: Brian Wellington
DNS Author: Michael Graff
DNS Author: Evan Hunt
DNS Author: John H. DuBois III

[End Query]

DNS Verify

DNS Verify accepts an IPv4 address and does a reverse lookup on it to find the hostname. Then it takes the hostname and resolves it back to an IPv4 address. If the IP addresses match, the DNS records verified. There is a batch version of this tool included as part of the DNS Tools - Batch Queries tool.

DNS Verify Example

[Start Query]
DNS Verification
Starting Timestamp: 12/07/18 14:41:05
Source DNS: 8.8.8.8

Requesting PTR record for 209.198.126.125

PTR Record: us2.blzservices.com

Requesting A record for us2.blzservices.com

A Record: 209.198.126.125

Analysis: IP to Hostname to IP DNS Verification was SUCCESSFUL.

[End Query]

IP Drilldown for IPv4 addresses

IP Drilldown is a tool for determining all the responsible name servers (and also the company names) of an IPv4 address. It uses the selected DNS to query in ARPA namespace for each class D, C, B and A.

IP Drilldown Example

[Start Queries]
IPv4 Drilldown
Starting Timestamp: 12/07/18 14:50:23
Processing IPv4 Address [216.138.234.220]

[Query in arpa namespace for 220.234.138.216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
220.234.138.216.in-addr.arpa PTR domain name = greywood.webnethost.net
[Query in Class C arpa namespace for 234.138.216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
234.138.216.in-addr.arpa SOA
SOA origin = dns1.datacentres.rogers.com
mail addr = support.datacentres.rogers.com
serial = 2018110146
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
min ttl = 3600 (1 hour)
234.138.216.in-addr.arpa NS nameserver = dns2.datacentres.rogers.com
234.138.216.in-addr.arpa NS nameserver = dns1.datacentres.rogers.com
234.138.216.in-addr.arpa NS nameserver = dns3.datacentres.rogers.com
[Query in Class B arpa namespace for 138.216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Authoritative answers can be found from:
216.in-addr.arpa SOA
SOA origin = z.arin.net
mail addr = dns-ops.arin.net
serial = 2017026222
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 691200 (8 days)
min ttl = 10800 (3 hours)
[Query in Class A arpa namespace for 216.in-addr.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
216.in-addr.arpa SOA
SOA origin = z.arin.net
mail addr = dns-ops.arin.net
serial = 2017026222
refresh = 1800 (30 mins)
retry = 900 (15 mins)
expire = 691200 (8 days)
min ttl = 10800 (3 hours)
216.in-addr.arpa NS nameserver = arin.authdns.ripe.net
216.in-addr.arpa NS nameserver = y.arin.net
216.in-addr.arpa NS nameserver = x.arin.net
216.in-addr.arpa NS nameserver = r.arin.net
216.in-addr.arpa NS nameserver = u.arin.net
216.in-addr.arpa NS nameserver = z.arin.net
216.in-addr.arpa DNSKEY
TTL = 21599 (5 hours 59 mins 59 secs)
This is the zone key for the specified zone
Key is a zone signing key
Protocol: 3
Algorithm: RSA/SHA-1
Key id: 53556
Public Key Length: 262 bytes
Key:
05 01 00 00 00 01 E3 A7 7D 77 4E 88 38 3B FA A1
97 F2 F8 B8 DA 94 8E 6A B9 35 8A E5 0F 2F DE D5
D2 E7 A1 7D D2 07 BA 31 FD 01 D2 65 35 55 A7 A0
2B 38 3A 04 04 B5 C0 FC 02 14 28 9E 28 37 CD A3
86 98 2A D9 DD E0 9A EA 6B F5 FB 01 8C 5A D5 E2
DB CF 4C 95 86 5D 56 1A DB AB 69 01 CA 01 57 20
54 14 44 DC 88 F8 09 3E 04 29 67 E3 54 75 C1 DC
F6 C9 F9 58 3C B3 CC 3E 22 E4 59 F3 FC 44 7D D5
6C D6 F2 46 27 F9 DA 2B 6B 53 B5 B2 7D D4 CB DF
F8 26 7D CD 63 40 63 1E 43 3A A8 0A 0C 90 89 A5
4E 0E B5 9C E8 D0 73 E4 34 4D B5 29 6F 3E 5E 0D
EC 3A C3 41 E9 6F 52 13 4D 07 B9 43 84 6D 8C C4
93 FB FB 0E 86 FF FC 08 E8 7B 85 9F D7 99 DC 45
F5 53 13 D9 34 D4 30 A2 D5 CD F8 57 73 C2 15 1D
E5 11 7D 79 DD 4C 05 A3 A9 7E 59 24 A5 2A CB AA
88 5D 99 52 78 0A 06 F7 88 B4 F2 18 16 21 A1 3F
A2 C9 00 01 F9 F9
216.in-addr.arpa DNSKEY
TTL = 21599 (5 hours 59 mins 59 secs)
This is the zone key for the specified zone
Protocol: 3
Algorithm: RSA/SHA-1
Key id: 12376
Public Key Length: 132 bytes
Key:
03 01 00 01 CE B2 E9 5E DF 18 F9 A4 B2 AB 1C 86
4A AD 96 9F CD 6B E7 63 63 2D 3D F1 25 98 89 86
48 E7 60 F6 49 5E D3 A9 85 3E BF 7D 77 D1 3F EA
A2 59 43 25 06 A0 F1 D4 2C 63 B7 2C 84 30 C2 C1
D6 94 AB 87 FF C4 B2 EA 47 BC FD B1 AE EF 63 B4
0D 5F D7 1F 72 A3 FA BF 9A 03 8C 58 EF 94 67 93
75 67 AA 36 EF A7 D9 84 98 5B 6C 4C 5B 8D 9A FB
19 93 96 68 9E 92 A0 19 D2 FA EC A0 20 66 EF 75
63 25 B5 9B
216.in-addr.arpa DNSKEY
TTL = 21599 (5 hours 59 mins 59 secs)
This is the zone key for the specified zone
Protocol: 3
Algorithm: RSA/SHA-1
Key id: 6788
Public Key Length: 134 bytes
Key:
05 01 00 00 00 01 B3 84 CB 5E 38 74 02 05 86 B4
C9 DA 64 1F 71 A6 DB 78 29 46 4A 5E AE 18 F3 20
08 D9 D7 F4 64 D9 6C 39 CD 6F 96 3F 20 EF BD 89
12 2F 43 41 A2 02 BF CB A5 77 2E 81 2C 0A 8A 17
57 EF D6 91 DE FA 95 CA E9 1A 61 EA 91 AD DF 9C
16 F5 25 C3 C1 F1 AD 8C E0 B2 E9 96 20 D8 7F F8
94 2F 2D C8 DC CC 63 90 46 AF 2F DF 78 4D 37 5B
64 B5 99 A5 E3 5D 16 D4 61 86 FD 7E 9E 47 7E A0
25 43 67 A9 6B 37
216.in-addr.arpa NSEC
TTL = 10799 (2 hours 59 mins 59 secs)
Next Domain Name: 0.216.in-addr.arpa
RR Types in Bitmap: NS SOA RRSIG NSEC DNSKEY
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
NS (Authoritative Name Server)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
A3 B4 99 74 7F 6B B0 20 1A 0E 9A 75 9A 37 6F 6F
9E 2E A9 2D 29 B9 32 B6 3B A8 FD 6A A9 34 92 74
61 DF B0 B5 F2 56 2B 5E B1 CD D1 87 72 25 71 C9
8D FF 7D 02 1B BF 6A BB 24 4D EC 99 3E 2F 83 24
48 90 92 C8 7F FC D0 0F 40 56 B2 52 4A 08 38 ED
1B 30 24 47 4E 8E A3 A3 A7 8E BD 98 6A 5D 4F 43
AB E1 2C AF D4 07 EF 37 BA AE 49 0B 3C 5D 75 F0
5C BC EA A7 9E CF B5 3A C4 4F 51 0B 06 DB 87 BF
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
SOA (Start of Authority)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
2C 41 A1 50 F2 4C 0D 75 4D 0E A4 79 FC DE 12 D8
B2 59 22 3F 92 6E E8 F9 39 58 8C A2 3E 53 5D 26
D1 AF DD CC 61 B7 1A 93 F1 40 EB 9A 6F FC 9D CD
D1 33 0D 9A B2 1D 86 09 E4 BE BB 42 60 2D BB 4D
4B F2 D4 23 E4 E3 E7 DB 59 C6 CD B5 9F 28 67 34
6D CE 1B 16 A2 92 13 5E 92 1A 7C 77 A9 3D E2 8E
AE F3 5E F1 A8 80 21 C7 89 1B C5 40 9E 11 06 24
F9 13 60 69 78 6E 6E D6 A6 22 4A 24 3A 60 1B AB
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
DNSKEY (DNS Public Key)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
40 E3 06 C2 FE 19 7F BE E5 AE 50 88 22 32 EB 86
83 08 A4 61 7C 15 BD 60 41 AC D7 E2 8B FE 28 9B
C4 45 C7 B7 D4 29 EC 88 7A 8C 27 F0 07 B7 D4 03
68 5A 7A 46 34 0A 22 13 7C 02 F0 B7 73 8D F4 E2
9A 9D 7C 00 65 C2 9F F7 90 BE 73 1C BB 9C 32 2F
0F 08 01 17 FD 77 ED 26 68 0F 4E 10 F0 0C 7B C9
A0 F4 30 4C 93 EC 8C 01 92 CC F5 5D C9 7D 6C 17
31 A6 DD 29 47 29 E2 45 D8 18 A5 2D E3 FF 81 8D
216.in-addr.arpa RRSIG
TTL = 21599 (5 hours 59 mins 59 secs)
DNSKEY (DNS Public Key)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 86400 (1 day)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 53556
Signer's Name: 216.in-addr.arpa
Signature Length: 256 bytes
Signature:
A3 A9 6C 8A 25 AB CB D7 38 C8 CC B9 93 B2 BE 65
08 37 90 A4 8A CB 3B F1 7A 72 25 22 CF B2 67 D8
74 04 6B 10 50 17 41 F8 C5 B7 9C 59 49 AD 8A E1
09 4D BD 10 2D 1E 2B A1 FE C2 74 B7 E2 FC 6A 2C
58 DF F8 1D 57 A2 C7 AC D1 6F 2C 0D B7 AC 71 E2
57 1D 44 7F EA 65 9A D9 19 9D FB 1D AF 26 7A 4C
82 DD F4 92 B2 38 5D E5 4A CC DE 82 B5 F0 F2 5B
CB E1 60 96 D0 2A 24 28 31 9D 49 55 63 37 8F 8B
1B 21 43 9A A3 A1 CF 02 10 3E EA BF E7 23 91 8B
DF 73 FB F0 0A AE 26 77 42 B7 D6 84 D7 D9 48 FB
4A BA DA E0 62 97 48 16 7A 7A 93 AE 62 6C 6D B5
33 0B 3C 65 93 69 21 08 75 8A 37 66 5F 4E 83 DE
A2 E5 31 21 3F EE 42 18 DE 41 CF F8 91 83 F2 67
9D A4 D6 91 24 B6 70 2D 8D 2B C3 8F 0D F8 ED C3
50 C4 9B 3C 2D 49 0E 1F BC 96 CA 02 52 45 1F 64
12 14 40 A1 E6 B4 A7 D4 30 2D B3 B3 BE D9 9E AE
216.in-addr.arpa RRSIG
TTL = 10799 (2 hours 59 mins 59 secs)
NSEC (Next Secure)
Algorithm: RSA/SHA-1
Labels = 3
Original TTL = 10800 (3 hours)
Signature Expiration = Fri Dec 21 13:41:06 2018
Time Signed = Fri Dec 07 12:41:06 2018
Key Tag = 12376
Signer's Name: 216.in-addr.arpa
Signature Length: 128 bytes
Signature:
76 EF 36 8F 0B 56 5A 06 D0 57 44 25 28 9D 22 D7
67 D8 E8 26 08 42 53 DF F2 90 36 94 D5 44 EA 64
B0 A6 DD 4D 8A 54 82 27 5A C3 5C 12 51 6A 97 3C
CF A3 17 03 4C A8 20 3F F9 2B 8C 78 FA B3 89 8C
64 49 9E 8B 29 CB FA 13 B3 8F 2D E7 40 C0 85 A0
F2 C0 93 ED 9D E4 01 D6 E5 4B 74 D6 20 75 8D D6
8E EA 68 21 EC AA E6 8B 99 F4 80 FF 40 69 6C 50
13 9B 32 47 A9 3A 17 1D A2 81 A1 D6 72 F8 81 57
[End Query Set]


ENUM

This tool accepts a fully qualified telephone number beginning with the country code and returns any records maintained by the end user in the ENUM registry in the public domain e164.arpa (or any other root you choose).

ENUM Example

[Start Query]
ENUM NAPTR (e164)
Starting Timestamp: 12/07/18 15:46:17
Processing Telephone Number [+420 222 745120]
ENUM Root Server: e164.arpa

[Query in ENUM NAPTR namespace for 0.2.1.5.4.7.2.2.2.0.2.4.e164.arpa]

DNS Name: 8.8.8.8
IP Address: 8.8.8.8

Non-authoritative answer:
0.2.1.5.4.7.2.2.2.0.2.4.e164.arpa NAPTR order = 100, preference = 50
flags = "u"
services = "E2U+sip"
rule = "!^.*$!sip:hudba@nic.cz!"
replacement = (root)
0.2.1.5.4.7.2.2.2.0.2.4.e164.arpa NAPTR order = 100, preference = 50
flags = "u"
services = "sip+E2U"
rule = "!^.*$!sip:hudba@nic.cz!"
replacement = (root)

SPF/Domain Keys

This tool accepts a domain name and requests the SPF records and Domain Keys records (if available).

SPF/Domain Keys Example

[Start Query]
SPF/Domain Keys
Starting Timestamp: 12/07/18 15:54:45
Source DNS: 8.8.8.8
Target: facebook.com

Requesting SPF TXT record.
SPF (TXT) Record: v=spf1 redirect=_spf.facebook.com
SPF (TXT) Record from redirect: v=spf1 ip4:69.63.179.25 ip4:69.63.178.128/25 ip4:69.63.184.0/25 ip4:66.220.144.128/25 ip4:66.220.155.0/24 ip4:69.171.232.0/24 i

Requesting SPF resource record (RFC4408).
-No SPF resource records were found.

Requesting _domainkey.facebook.com TXT record.
Server Reply Code: No Such Name.

Requesting default._domainkey.facebook.com TXT record.
DomainKey Record: t=y; k=rsa; p=MHwwDQYJKoZIhvcNAQEBBQADawAwaAJhALkZ4wTn2SQ3EW0vVBExi8izmZZ
njZH8JIY5Y964jzDORZku43o6ooFq6HLMjBxmcDYOrJFRdcsKDWtI0

[End Query]

DNS List Speed Test

This tool accepts a list of DNS IPs (hostnames are allowed, but not recommended), then it sends an identical forward or reverse resolve query of the input field to each DNS and shows the response time. It also shows the data that each DNS sends back.

DNS List Speed Test Example

Test of each DNS in the list using an 'A' record query for example.com

Starting Timestamp: 02/01/10 14:14:47

Testing DNS: 4.2.2.2
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
Server Response Time = 0.124 seconds

[separator]

Testing DNS: 208.200.248.8
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
Server Response Time = 0.047 seconds

[separator]

Testing DNS: 208.200.248.1
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
Server Response Time = 1.241 seconds

[separator]

Testing DNS: 192.168.0.151
This server failed to respond.
Server Response Time = 0.004 seconds

[separator]

Testing DNS: 204.122.16.4
Server Reply Code: No Error.
Server can do recursion.
A Record: 192.0.32.10
NS Record: a.iana-servers.net
NS Record: b.iana-servers.net
Server Response Time = 0.286 seconds

[separator]

[End DNS List Processing]

IP or Hostname to ASN

This tool accepts an IPv4/IPv6 or hostname and finds the ASN (autonomous system number)

IP or Hostname to ASN Example

[Start Query]
IP/Hostname to ASN for [google.com]
IPv4 address: 172.217.14.206

ASN | IP/CIDR | Country Code | Registry | Date
15169 | 172.217.14.0/24 | US | arin | 2012-04-16

IPv6 Lookup Error:

Timestamp: 12/07/18 16:24:01
[End Query]

Get VOIP SRV Records

This tool accepts a hostname and finds the SRV records typically associated with VOIP.

VOIP SRV Records Example

[Start Query]
VOIP SRV Records for the domain [google.com]

Query: _h323cs._udp.google.com
Server Reply Code: No Such Name.

Query: _h323ls._udp.google.com
Server Reply Code: No Such Name.

Query: _h323rs._udp.google.com
Server Reply Code: No Such Name.

Query: _iax._udp.google.com
Server Reply Code: No Such Name.

Query: _jabber._tcp.google.com
Priority: 20
Weight: 0
Port: 5269
Target: alt4.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt2.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt1.xmpp-server.l.google.com

Priority: 5
Weight: 0
Port: 5269
Target: xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt3.xmpp-server.l.google.com


Query: _sip._udp.google.com
Server Reply Code: No Such Name.

Query: _sip._tcp.google.com
Server Reply Code: No Such Name.

Query: _sip._tls.google.com
Server Reply Code: No Such Name.

Query: _sips._tcp.google.com
Server Reply Code: No Such Name.

Query: _xmpp-server._tcp.google.com
Priority: 20
Weight: 0
Port: 5269
Target: alt3.xmpp-server.l.google.com

Priority: 5
Weight: 0
Port: 5269
Target: xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt4.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt1.xmpp-server.l.google.com

Priority: 20
Weight: 0
Port: 5269
Target: alt2.xmpp-server.l.google.com

Timestamp: 12/07/18 16:57:00
[End Query]

Get Miscellaneous SRV Records

This tool accepts a hostname and finds miscellaneous SRV records. In this example LDAP is being advertised, nothing else.

Miscellaneous SRV Records Example

[Start Query]
Misc SRV Records for the domain [google.com]

Query: _ftp._tcp.google.com
Server Reply Code: No Such Name.

Query: _http._tcp.google.com
Server Reply Code: No Such Name.

Query: _kerberos._tcp.google.com
Server Reply Code: No Such Name.

Query: _ldap._tcp.google.com
Priority: 5
Weight: 0
Port: 389
Target: ldap.google.com


Query: _nfs._tcp.google.com
Server Reply Code: No Such Name.

Query: _nfs._udp.google.com
Server Reply Code: No Such Name.

Query: _nfs4._tcp.google.com
Server Reply Code: No Such Name.

Query: _nicname._tcp.google.com
Server Reply Code: No Such Name.

Query: _nntp._tcp.google.com
Server Reply Code: No Such Name.

Query: _pop3._tcp.google.com
Server Reply Code: No Such Name.

Query: _printer._tcp.google.com
Server Reply Code: No Such Name.

Query: _sftp._tcp.google.com
Server Reply Code: No Such Name.

Query: _smtp._tcp.google.com
Server Reply Code: No Such Name.

Query: _ssh._tcp.google.com
Server Reply Code: No Such Name.

Query: _telnet._tcp.google.com
Server Reply Code: No Such Name.

Query: _whois._tcp.google.com
Server Reply Code: No Such Name.

Timestamp: 12/08/18 08:33:23
[End Query]

IPv6 Address Validation

IPv6 address formatting is more complex than IPv4. This tool provides a way to 'validate' and check the syntax of the IPv6 address. It also shows the scope whether Link Local or Global or other. You can paste one or more from the clipboard or import a list from a text file.

IPv6 Address Validation Screenshot

IPv6 Address Validation Screenshot

A video of DNS Tools - Advanced in action!

None currently available.

Try the NetScanTools Pro demo free for 30 days

DEMO Version End User License Agreement (EULA)
How to Uninstall

Download NetScanTools Pro Demo


This tool provides a way to get information from Domain Name Servers (DNS).