Query DNS data with DNS.NFUse DNS lookup, reverse tools, and API endpoints for fast diagnostics.
DNSRDNSREVERSEAPI
API & Documentation
Live reference for DNS.NF endpoints, record types, and usage examples. Base URL: https://api.dns.nf
DNS Lookup: 30 req/min per IP rDNS: 30s cooldown per client V1: Public (30 req/min) | V2: Internal (Token required) Passive DNS permanently stored in PostgreSQL
Feature Matrix
| Feature | Page | API | Description |
|---|---|---|---|
| DNS Lookup | /dns-lookup | /v1/dns/lookup | A/AAAA/CNAME/MX/NS/SOA/SRV/TXT/CAA records for domain targets |
| rDNS Scanner | /rdns | /v1/dns/rdns | IPv4/CIDR concurrent scan, PTR+CNAME match modes, scoring and hint labels |
| Reverse IP | /reverse-ip | /api/reverse-ip | Find public domains pointing to one IPv4, with source labels + JSON/CSV export |
| Reverse NS | /reverse-ns | /api/reverse-ns | Find domains sharing authoritative NS servers |
| Reverse MX | /reverse-mx | /api/reverse-mx | Find domains sharing MX mail servers |
| Subdomain Discovery | /subdomains | /api/subdomains | Public host/subdomain discovery with source labels + JSON/CSV export |
| DNSSEC | /dnssec | /api/dnssec | DS / DNSKEY / RRSIG / NSEC checks with 0–100 security score and strong/partial/weak status |
| DNS History | /dns-history | /v1/dns/history | Passive DNS records from CIRCL, Robtex, and local query history — permanently stored |
API Endpoints
| Method | Path | Query | Purpose | Limit / Rule |
|---|---|---|---|---|
| GET | /v1/dns/lookup | domain, type? | Standard DNS lookup for domain targets | 30 req/min per client IP |
| GET | /v1/dns/rdns | target (ipv4|cidr) | Concurrent reverse DNS scan with PTR/CNAME scoring | 30s cooldown per client |
| GET | /api/reverse-ip | ip | Find public domains pointing to an IPv4 | Public source dependent |
| GET | /api/reverse-ns | domain, limit? | Find domains sharing authoritative NS servers | Server-side capped and cached |
| GET | /api/reverse-mx | domain, limit? | Find domains sharing MX mail servers | Server-side capped and cached |
| GET | /api/subdomains | domain | Find public host records under target domain | Server-side capped and cached |
| GET | /api/dnssec | domain | DS/DNSKEY/RRSIG/NSEC checks with 0–100 security score | 30 req/min per client IP |
| GET | /v1/dns/history | domain, limit? | Passive DNS history from CIRCL, Robtex, and local records | 30 req/min per client IP |
| POST | /v1/dns/history | (JSON body) | Ingest passive DNS records (internal / V2 use) | Requires Bearer token |
| GET | /health | (none) | Health check endpoint | No auth; monitoring use |
V1 API: Public access, rate limited (30 req/min). V2 API: Internal use only, requires Bearer token, no rate limit.
Interactive Terminal Demo
cURL Example
Record Types And Meaning
| Type | Target | What It Means |
|---|---|---|
A | Domain | IPv4 address mapping |
AAAA | Domain | IPv6 address mapping |
CNAME | Domain | Alias target chain |
MX | Domain | Mail server routing and priority |
NS | Domain | Authoritative name servers |
PTR | IP/Domain(A/AAAA) | Reverse lookup hostname |
SOA | Domain | Zone authority metadata |
SRV | Domain | Service endpoint target/port/priority |
TXT | Domain | Text policies and verification strings |
CAA | Domain | Allowed certificate authorities |
SPF / DMARC / DKIM | TXT class | Auto-grouped under TXT in this system |
Response & Errors
| HTTP Code | Meaning |
|---|---|
200 | Success — response body contains code, data, cached, timestamp. |
400 | Bad Request — missing or invalid query parameters. |
404 | Not Found — no records found for the requested target. |
429 | Too Many Requests — rate limit exceeded (30 req/min for V1). |
500 | Internal Server Error — upstream lookup failure. |
All JSON responses share the same shape: { code: number, data: any, cached: boolean, timestamp: number }.
DNS.NF queries only publicly available DNS data and public datasets. Some results may be incomplete or delayed.