DNS lookup API: Intelligence & Security Analyzer
Pricing
Pay per event
DNS lookup API: Intelligence & Security Analyzer
A powerful DNS intelligence tool that performs multi-record lookups, global propagation checks, reverse DNS, SSL/TLS inspection, email security analysis, and rich metadata extraction all in one automated workflow
Pricing
Pay per event
Rating
0.0
(0)
Developer
njoylab
Actor stats
0
Bookmarked
1
Total users
1
Monthly active users
8 hours ago
Last modified
Categories
Share
DNS Intelligence & SSL Inspection Actor
A robust and comprehensive DNS intelligence Actor for the Apify platform that performs multi-record DNS queries, bulk domain processing, global propagation checks, reverse DNS lookups, SSL/TLS inspection, and advanced enrichment with email-security and metadata analysis — all with automatic retries and structured output.
Highlights
- Multi-record DNS lookup (A, AAAA, MX, TXT, NS, etc.)
- Global propagation and consistency check
- Reverse DNS and PTR record analysis
- SSL/TLS certificate fetch and expiry alert
- SPF/DMARC/DKIM parsing and email-security scoring
- JSON-structured output for easy integration
Features
Core Capabilities
- Comprehensive DNS Record Support: Query all major DNS record types including A, AAAA, MX, CNAME, TXT, NS, PTR, SOA, CAA, and SRV records
- Reverse DNS Lookup: Automatic IP → hostname resolution using PTR records for network reconnaissance and validation
- Bulk DNS Lookup Processing: Handle multiple domains simultaneously, saving time and computational resources
- Real-time DNS Propagation Checking: Verify DNS changes across multiple global DNS servers (Google DNS, Cloudflare, OpenDNS, Quad9, etc.)
- Automatic Retry Mechanisms: Built-in retry logic with exponential backoff for failed queries
- Rich Metadata: Include TTL values, response times, and detailed error information
- Structured JSON Output: Easy integration with existing workflows and data pipelines
Advanced Features
- DNS Enrichment & Email Security: Intelligent SPF/DMARC/DKIM parsing, MX provider detection, email security scoring (0-100), and actionable recommendations
- TLS/SSL Certificate Insights: Fetches live certificate metadata (issuer, SANs, expiry, cipher/protocol) and highlights risky configurations
- Quick Access Fields: Top-level convenience fields (mx_provider, spf_valid, dmarc_policy, has_dkim, etc.) for easy data access
- Configurable timeout settings
- Customizable retry attempts and delays
- Support for both domain names and IP addresses (including PTR lookups)
- Parallel processing for improved performance
- Detailed logging and error handling
- Propagation consistency analysis
- TTL categorization and analysis
Use Cases
This Actor is designed for:
- Cybersecurity Professionals: Conducting domain reconnaissance and security assessments
- Web Developers: Validating DNS configurations and troubleshooting connectivity issues
- IT Administrators: Monitoring network infrastructure and DNS health
- Digital Marketers: Researching competitor domains and infrastructure
- Data Analysts: Gathering DNS intelligence for various data analysis projects
- DevOps Teams: Automating DNS verification in CI/CD pipelines
Input Parameters
Required Parameters
- domains (array of strings): List of domain names or IP addresses to perform DNS lookups on. Minimum 1 domain required.
Optional Parameters
-
recordTypes (array): DNS record types to query. Default:
["A", "AAAA", "MX", "CNAME", "TXT", "NS"]- Available types: A, AAAA, MX, CNAME, TXT, NS, PTR, SOA, CAA, SRV
-
checkPropagation (boolean): Enable real-time DNS propagation checking across multiple global DNS servers. Default:
false -
propagationServers (array of strings): List of DNS servers for propagation checking. Default: Google DNS, Cloudflare, OpenDNS, Quad9
- Default servers:
["8.8.8.8", "1.1.1.1", "208.67.222.222", "9.9.9.9", "8.8.4.4"]
- Default servers:
-
performReverseLookup (boolean): Automatically perform reverse DNS lookup (IP → hostname) for IP addresses. Default:
true -
enableEnrichment (boolean): Enable intelligent analysis of DNS records including SPF/DMARC/DKIM parsing, MX provider detection, TTL categorization, and email security scoring. Default:
true -
enableSslInspection (boolean): Toggle the TLS/SSL certificate fetch step independently from the rest of the enrichment pipeline. Default:
true -
timeout (integer): Query timeout in milliseconds. Range: 1000-30000. Default:
5000 -
maxRetries (integer): Maximum retry attempts for failed queries. Range: 0-10. Default:
3 -
retryDelay (integer): Delay between retry attempts in milliseconds. Range: 100-10000. Default:
1000
Input Examples
Basic DNS Lookup
Reverse DNS Lookup (IP → Hostname)
DNS Propagation Check
Comprehensive Lookup with All Options
Bulk Domain Research
DNS Enrichment with Email & SSL Analysis
Output Format
The Actor outputs structured JSON data for each domain:
Standard Lookup Result
Reverse DNS Lookup Result
TLS/SSL Enrichment Block
When TLS inspection is enabled (via enableSslInspection) and the domain serves HTTPS traffic, the Actor augments the output with a structured TLS report under lookupResult.enrichment.ssl:
Propagation Check Result
DNS Enrichment Result
When enrichment is enabled, the output includes quick-access fields at the top level and detailed analysis in the enrichment object:
Quick Access Fields (available at top level when enrichment is enabled):
mx_provider: Email provider name (e.g., "Google Workspace", "Microsoft 365")spf_valid: SPF record validation status (true/false)spf_strict: Whether SPF has strict policy with-all(true/false)dmarc_policy: DMARC policy level ("none", "quarantine", or "reject")has_dkim: DKIM configuration presence (true/false)email_security_score: Overall email security score (0-100)
Detailed Enrichment Data (available in enrichment object):
- emailSecurity: Comprehensive email security analysis including SPF mechanisms, DMARC policies, DKIM selectors, MX analysis, scoring, and recommendations
- ttlAnalysis: TTL categorization for each record type (very-short, short, normal, long, very-long)
Performance Considerations
- Bulk Processing: The Actor processes domains sequentially to avoid overwhelming DNS servers
- Timeout Settings: Adjust timeout based on your network conditions (higher for unreliable networks)
- Retry Logic: Uses exponential backoff to handle transient failures gracefully
- Parallel Queries: Multiple record types are queried in parallel for each domain
Error Handling
The Actor includes robust error handling:
- Invalid domains are logged but don't stop execution
- Failed queries are retried automatically based on configuration
- Errors are captured and included in the output for debugging
- Each domain's results are independent (one failure doesn't affect others)
Best Practices
- Start Small: Test with a few domains before running bulk lookups
- Use Propagation Checking Wisely: Enable only when needed (e.g., after DNS changes)
- Adjust Timeouts: Increase timeout for domains with slow DNS servers
- Monitor Costs: Bulk lookups consume more compute units
- Filter Record Types: Only query needed record types to improve performance
DNS Record Types Reference
- A: IPv4 address records
- AAAA: IPv6 address records
- MX: Mail exchange servers
- CNAME: Canonical name (alias) records
- TXT: Text records (often used for verification, SPF, DKIM)
- NS: Nameserver records
- PTR: Pointer records (reverse DNS)
- SOA: Start of Authority records
- CAA: Certification Authority Authorization
- SRV: Service location records
Limitations
- Maximum 10 retry attempts per query
- Timeout range: 1-30 seconds
- Some DNS servers may rate-limit queries
- Propagation checking increases execution time
Note: This Actor respects DNS server rate limits and implements responsible querying practices. For high-volume DNS lookups, consider implementing additional delays between requests.
