Docs
Understand how whoresolved.me captures resolver behavior and how to integrate it into your DNS debugging.
We log resolver IP/port, optional EDNS Client Subnet, ASN, and geolocation of the resolver. Client IPs are never stored.
How it works
Generate a unique wildcard subdomain and watch inbound resolver queries in real time. Each query is recorded with timestamp, resolver IP, optional ECS, ASN, and geo metadata.
- Generate a session:
POST /generateor click the button on the homepage. - Point a
digor your DNS client to the provided subdomain. - Polls from the browser keep the table and counters fresh.
Data captured
- Resolver IP (no client IPs)
- Resolver port (used internally, hidden in UI)
- EDNS Client Subnet (if supplied)
- ASN and Geo (city/country) via the configured GeoIP endpoint
Retention
Sessions expire after the configured TTL. Data is in-memory only.