Docs
Understand how whoresolved.me captures resolver behavior and how to integrate it into your DNS debugging.
We log resolver IP/port, optional EDNS Client Subnet, ASN, and geolocation of the resolver. Client IPs are never stored.
How it works
Generate a unique wildcard subdomain and watch inbound resolver queries in real time. Each query is recorded with timestamp, resolver IP, optional ECS, ASN, and geo metadata.
- Generate a session:
POST /generateor click the button on the homepage. - Point a
digor your DNS client to the provided subdomain. - Polls from the browser keep the table and counters fresh.
Data captured
- Resolver IP (no client IPs)
- Resolver port (used internally, hidden in UI)
- EDNS Client Subnet (if supplied)
- ASN and Geo (city/country) via the configured GeoIP endpoint
Retention
Resolver sessions expire after the configured TTL. Resolver data remains in-memory only.
Passkey authentication
Passkeys are used for authentication (no passwords or social login). We store a user-chosen handle, display name, and WebAuthn credential material in SQLite for portability.
- Handles are user-defined aliases (no email required).
- Credentials are public-key only; private keys stay on your device.
- Login sessions are short-lived, HTTP-only cookies.
See docs/auth.md for the schema, access policy, and privacy checklist.