About D.NIX.
Domain Network Intelligence Exchange — what it is, why it exists, and who it's for.
01 — What is D.NIX.
One query. The complete chain.
D.NIX. — Domain Network Intelligence Exchange — is a free, comprehensive DNS and IP intelligence platform built for network engineers, security analysts, and infrastructure operators who need the full picture, not just a record lookup.
Enter any domain or IP address and get a structured report spanning DNS records, routing data, IP reputation, certificate transparency, WHOIS history, RPKI validity, and more — all correlated in a single view. What used to require six separate tools and manual cross-referencing now takes one query.
MX aspmx.l.google.com [10]
ASN AS13335 · CLOUDFLARENET
RIR Chain IANA → ARIN → Cloudflare Inc.
RPKI VALID (ROA matched)
FCrDNS PASS
DNSBL 0 / 42 blocklists
Cert CN *.cloudflare.com (Let's Encrypt)
Illustrative output. Actual results depend on live data sources at query time.
02 — Capabilities
What D.NIX. surfaces
A, AAAA, MX, NS, TXT, SOA, CAA, DMARC, DKIM, SPF — resolved and validated in a single pass.
Autonomous system details, prefix announcements, and upstream provider relationships from live routing tables.
Traces IP block ownership from IANA through the regional registry (ARIN, RIPE, APNIC, LACNIC, AFRINIC) to the end-org.
Checks Route Origin Authorisation status and IRR route objects — distinguishes cryptographic from policy-based validation.
Internet Exchange Point presence and peering policy data, giving you network reachability context beyond the record.
Cross-references against major DNS blocklists and reputation feeds so you know if a host is flagged before you connect.
Forward-confirmed reverse DNS check — validates that an IP's PTR record resolves back to the same address, a key deliverability signal.
Queries crt.sh CT log data to surface all certificates issued for a domain, exposing shadow subdomains and expired cert risks.
Full chain-of-trust validation including DNSKEY, DS, RRSIG, NSEC/NSEC3 — not just a signed/unsigned flag.
Derives the hardware MAC address from an IPv6 EUI-64 interface identifier — useful for device fingerprinting and network audits.
03 — Origin
Why D.NIX. exists
D.NIX. emerged from years of infrastructure work where diagnosing a routing anomaly, a deliverability failure, or a suspicious IP meant juggling half a dozen separate tools — BGP.he.net for routing, RIPE for allocation, MXToolbox for mail, SecurityTrails for history, and crt.sh for certificates, manually correlating results across browser tabs.
The insight was simple: these data sources are deeply correlated. An MX misconfiguration often has an FCrDNS failure as a symptom. A hijacked prefix often shows an RPKI mismatch. Treating them in isolation misses the causality. D.NIX. surfaces the connections, not just the raw records.
Six years of motivation. Two years of planning. One year of active development. General availability: March 2026.
04 — Principles
What we stand for
The full D.NIX. report — every data source, every check — is available without an account or paywall. Intelligence tools should be accessible to individual engineers, not just enterprise budgets.
Every data point is labelled with its source. You know exactly where the information came from — RIR WHOIS, RouteViews, crt.sh, PeeringDB — so you can verify it yourself if the result surprises you.
D.NIX. does fewer things than a general-purpose lookup tool, but does them with genuine depth. RPKI validation distinguishes ROA-valid from IRR-only. RIR allocation traces the full delegation chain, not just the org name.
FCrDNS verification, EUI-64 derivation, and CT log mining are not marketing features. They solve problems that actually surface in production network and security operations. The feature set is driven by operational need, not competitive checklists.
05 — Audience
Who uses D.NIX.
D.NIX. is built for anyone who works with DNS and IP infrastructure at a technical level.
- // Network engineers troubleshooting BGP, routing anomalies, or prefix leaks
- // Security analysts performing IP reputation triage and threat infrastructure mapping
- // Email deliverability engineers diagnosing SPF, DKIM, DMARC, and FCrDNS failures
- // Penetration testers enumerating attack surface via certificate transparency
- // NOC teams validating RPKI hygiene and IRR route object accuracy
- // System administrators auditing IPv6 EUI-64 address assignments
- // Threat intelligence analysts correlating ASN and IXP peering data
- // Developers and researchers who need a fast, comprehensive DNS sanity check
06 — Data & Accuracy
Data sources and limitations
D.NIX. queries authoritative third-party sources including DNS resolvers, RDAP/WHOIS registries, RIR databases (ARIN, RIPE, APNIC, LACNIC, AFRINIC), certificate transparency logs via crt.sh, BGP routing data via RouteViews and RIPE RIS, and IP intelligence from Team Cymru and PeeringDB.
All results are provided as-is for informational purposes only. We do not control the accuracy or availability of upstream data sources. Results must not be used as the sole basis for legal, security, or business decisions without independent verification. For full terms governing your use of D.NIX., please review our Terms of Service and Privacy Policy.
Run your first lookup
No account. No API key. Enter any domain or IP address and get the full intelligence report in seconds.
Start a Lookup API Documentation