다음을 통해 공유


Farsight DNSDB

Farsight Security DNSDB is the world's largest DNS intelligence database that provides a fact-based view of the configuration of the global Internet infrastructure. DNSDB leverages Farsight's Security Information Exchange (SIE) data-sharing platform and is engineered and operated by leading DNS experts. Farsight collects, filters, and verifies Passive DNS data from its global sensor array. DNSDB is the highest-quality and most comprehensive DNS intelligence data service of its kind.

This connector is available in the following products and regions:

Service Class Regions
Logic Apps Standard All Logic Apps regions except the following:
     -   Azure Government regions
     -   Azure China regions
     -   US Department of Defense (DoD)
Power Automate Premium All Power Automate regions except the following:
     -   US Government (GCC)
     -   US Government (GCC High)
     -   China Cloud operated by 21Vianet
     -   US Department of Defense (DoD)
Power Apps Premium All Power Apps regions except the following:
     -   US Government (GCC)
     -   US Government (GCC High)
     -   China Cloud operated by 21Vianet
     -   US Department of Defense (DoD)
Contact
Name Farsight Security Technical Support
URL https://service.farsightsecurity.com/
Email support@farsightsecurity.com
Connector Metadata
Publisher Farsight Security
Website https://www.farsightsecurity.com/
Privacy policy https://www.farsightsecurity.com/privacy-policy/
Categories Security;Data

Pre-requisites

You will need the following to proceed:

  • A Microsoft Power Apps or Power Automate plan with custom connector feature
  • An Azure subscription
  • Farsight DNSDB API Key

How to get credentials

Register for a free API key at https://www.farsightsecurity.com/solutions/dnsdb/ .

Support:

For all the support requests and general queries you can contact support@farsightsecurity.com or contact us

Creating a connection

The connector supports the following authentication types:

Default Parameters for creating connection. All regions Not shareable

Default

Applicable: All regions

Parameters for creating connection.

This is not shareable connection. If the power app is shared with another user, another user will be prompted to create new connection explicitly.

Name Type Description Required
Farsight DNSDB API Key securestring The Farsight DNSDB API Key for this api True

Throttling Limits

Name Calls Renewal Period
API calls per connection 100 60 seconds

Actions

Flexible Search

Flexible Search adds both Regular Expressions and Globbing support to the DNSDB API to expand the types of search queries and add more control to searches.

Ping

This request is for end to end connectivity tests to the DNSDB API endpoint, letting you know that there are no firewall blockages. This request does not require an API key. It returns just a JSON object {'ping': 'ok'}.

RData Lookup

The RData lookup queries DNSDB's Rdata index, which supports inverse lookups based on Rdata record values.

RData Lookup with RRType

The RData lookup queries DNSDB's Rdata index, which supports inverse lookups based on Rdata record values.

RRSet Lookup

The RRSet lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

RRSet Lookup with RRType

The RRSet lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

RRSet Lookup with RRType and Bailiwick

The RRSet lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

Service Limits

Retrieve service limits

Flexible Search adds both Regular Expressions and Globbing support to the DNSDB API to expand the types of search queries and add more control to searches.

Parameters

Name Key Required Type Description
method
method True string

flex search method (regex - regular expression search, glob - full wildcarding)

key
key True string

search key

value
value True string

Query value

time_first_before (Unix/Epoch time)
time_first_before number

Provide results before the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_before=1420070400' will only provide matching DNS records that were first observed before (or older than) January 1, 2015.

time_first_after (Unix/Epoch time)
time_first_after number

Provide results after the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_after=-31536000' will only provide results that were first observed within the last year.

time_last_before (Unix/Epoch time)
time_last_before number

Provide results before the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_before=1356998400' will only provide results for DNS records that were last observed before 2013.

time_last_after (Unix/Epoch time)
time_last_after number

Provide results after the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_after=-2678400' will only provide results that were last observed after 31 days ago.

limit
limit number

Limit for the number of results returned via these lookup methods. There is a built-in limit to the number of results that are returned via these lookup methods. The default limit is set at 10,000. This limit can be raised or lowered by setting the 'limit' query parameter. There is also a maximum number of results allowed; requesting a limit greater than the maximum will only return the maximum. See results_max below for information on that maximum. If '?limit=0' is used then DNSDB will return the maximum number of results allowed. If there are less results for the query than the requested limit, only the actual amount can be returned.

exclude
exclude string

The 'exclude' parameter is used to exclude (i.e. filter-out) results that match it. It is described below this table.

offset
offset number

How many rows to offset (e.g. skip) in the results. This implements an incremental result transfer feature, allowing you to view more of the available results for a single query. The rows are offset prior to the limit parameter being applied, therefore offset allows seeing additional results past a limit that matches the maximum number of results. Note that DNSDB recalculates the results for each query and the order of results might not be preserved. Therefore, this capability is not a valid way to walk all results over multiple queries - some results might be missing and some might be duplicated. The actual offset that can be used is limited or for certain API keys, offset is not allowed - see the offset_max rate_limit key below. The offset value must be a positive integer. The default is 0, which means do not offset the rows.

Returns

Ping

This request is for end to end connectivity tests to the DNSDB API endpoint, letting you know that there are no firewall blockages. This request does not require an API key. It returns just a JSON object {'ping': 'ok'}.

Returns

Name Path Type Description
ping
ping string

ping

RData Lookup

The RData lookup queries DNSDB's Rdata index, which supports inverse lookups based on Rdata record values.

Parameters

Name Key Required Type Description
type
type True string

Query type(name, raw) name: The VALUE is a DNS domain name in presentation format, or a left-hand ('c.example.com') or right-hand ('www.example.') wildcard domain name. Note that left-hand wildcard queries are somewhat more expensive than right-hand wildcard queries.,ip: The VALUE is one of an IPv4 or IPv6 single address, with a prefix length, or with an address range. If a prefix is provided, the delimiter between the network address and prefix length is a single comma (',') character rather than the usual slash ('/') character to avoid clashing with the HTTP URI path name separator., raw: The VALUE is an even number of hexadecimal digits specifying a raw octet string.

value
value True string

Query value

time_first_before (Unix/Epoch time)
time_first_before number

Provide results before the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_before=1420070400' will only provide matching DNS records that were first observed before (or older than) January 1, 2015.

time_first_after (Unix/Epoch time)
time_first_after number

Provide results after the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_after=-31536000' will only provide results that were first observed within the last year.

time_last_before (Unix/Epoch time)
time_last_before number

Provide results before the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_before=1356998400' will only provide results for DNS records that were last observed before 2013.

time_last_after (Unix/Epoch time)
time_last_after number

Provide results after the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_after=-2678400' will only provide results that were last observed after 31 days ago.

limit
limit number

Limit for the number of results returned via these lookup methods. There is a built-in limit to the number of results that are returned via these lookup methods. The default limit is set at 10,000. This limit can be raised or lowered by setting the 'limit' query parameter. There is also a maximum number of results allowed; requesting a limit greater than the maximum will only return the maximum. See results_max below for information on that maximum. If '?limit=0' is used then DNSDB will return the maximum number of results allowed. If there are less results for the query than the requested limit, only the actual amount can be returned.

aggr
aggr boolean

Aggregated results group identical rrsets across all time periods and is the classic behavior from querying the DNSDB. This means you could get the total number of times an rrset has been observed, but not when it was observed. Unaggregated results ungroup identical rrsets, allowing you to see how the domain name was resolved in the DNS across the full-time range covered in DNSDB (subject to time fencing). This can give a more accurate impression of record request volume across time because it will reveal the distinct timestamps of records whose values are repeated. You can answer questions like, 'Was a domain parked for a long time, mostly unused, until it was repurposed for serving malware or relaying spam, but then was abandoned again?' It allows you to see if a record was observed heavily in the last week vs. having been observed constantly for years. This is a boolean value. Use True, the default, for the aggregated results or False for unaggregated results.

humantime
humantime boolean

A boolean value that is True if time values (in time_first, time_last, zone_time_first, zone_time_last) should be returned in human readable (RFC3339 compliant) format or False if Unix-style time values in seconds since the epoch should be returned. False is the classic behavior from querying the DNSDB and is the default value for this option.

offset
offset number

How many rows to offset (e.g. skip) in the results. This implements an incremental result transfer feature, allowing you to view more of the available results for a single query. The rows are offset prior to the limit parameter being applied, therefore offset allows seeing additional results past a limit that matches the maximum number of results. Note that DNSDB recalculates the results for each query and the order of results might not be preserved. Therefore, this capability is not a valid way to walk all results over multiple queries - some results might be missing and some might be duplicated. The actual offset that can be used is limited or for certain API keys, offset is not allowed - see the offset_max rate_limit key below. The offset value must be a positive integer. The default is 0, which means do not offset the rows.

Returns

RData Lookup with RRType

The RData lookup queries DNSDB's Rdata index, which supports inverse lookups based on Rdata record values.

Parameters

Name Key Required Type Description
type
type True string

Query type(name, raw) name: The VALUE is a DNS domain name in presentation format, or a left-hand ('c.example.com') or right-hand ('www.example.') wildcard domain name. Note that left-hand wildcard queries are somewhat more expensive than right-hand wildcard queries.,ip: The VALUE is one of an IPv4 or IPv6 single address, with a prefix length, or with an address range. If a prefix is provided, the delimiter between the network address and prefix length is a single comma (',') character rather than the usual slash ('/') character to avoid clashing with the HTTP URI path name separator., raw: The VALUE is an even number of hexadecimal digits specifying a raw octet string.

value
value True string

Query value

rrtype
rrtype True string

Query rrtype

time_first_before (Unix/Epoch time)
time_first_before number

Provide results before the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_before=1420070400' will only provide matching DNS records that were first observed before (or older than) January 1, 2015.

time_first_after (Unix/Epoch time)
time_first_after number

Provide results after the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_after=-31536000' will only provide results that were first observed within the last year.

time_last_before (Unix/Epoch time)
time_last_before number

Provide results before the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_before=1356998400' will only provide results for DNS records that were last observed before 2013.

time_last_after (Unix/Epoch time)
time_last_after number

Provide results after the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_after=-2678400' will only provide results that were last observed after 31 days ago.

limit
limit number

Limit for the number of results returned via these lookup methods. There is a built-in limit to the number of results that are returned via these lookup methods. The default limit is set at 10,000. This limit can be raised or lowered by setting the 'limit' query parameter. There is also a maximum number of results allowed; requesting a limit greater than the maximum will only return the maximum. See results_max below for information on that maximum. If '?limit=0' is used then DNSDB will return the maximum number of results allowed. If there are less results for the query than the requested limit, only the actual amount can be returned.

aggr
aggr boolean

Aggregated results group identical rrsets across all time periods and is the classic behavior from querying the DNSDB. This means you could get the total number of times an rrset has been observed, but not when it was observed. Unaggregated results ungroup identical rrsets, allowing you to see how the domain name was resolved in the DNS across the full-time range covered in DNSDB (subject to time fencing). This can give a more accurate impression of record request volume across time because it will reveal the distinct timestamps of records whose values are repeated. You can answer questions like, 'Was a domain parked for a long time, mostly unused, until it was repurposed for serving malware or relaying spam, but then was abandoned again?' It allows you to see if a record was observed heavily in the last week vs. having been observed constantly for years. This is a boolean value. Use True, the default, for the aggregated results or False for unaggregated results.

humantime
humantime boolean

A boolean value that is True if time values (in time_first, time_last, zone_time_first, zone_time_last) should be returned in human readable (RFC3339 compliant) format or False if Unix-style time values in seconds since the epoch should be returned. False is the classic behavior from querying the DNSDB and is the default value for this option.

offset
offset number

How many rows to offset (e.g. skip) in the results. This implements an incremental result transfer feature, allowing you to view more of the available results for a single query. The rows are offset prior to the limit parameter being applied, therefore offset allows seeing additional results past a limit that matches the maximum number of results. Note that DNSDB recalculates the results for each query and the order of results might not be preserved. Therefore, this capability is not a valid way to walk all results over multiple queries - some results might be missing and some might be duplicated. The actual offset that can be used is limited or for certain API keys, offset is not allowed - see the offset_max rate_limit key below. The offset value must be a positive integer. The default is 0, which means do not offset the rows.

Returns

RRSet Lookup

The RRSet lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

Parameters

Name Key Required Type Description
type
type True string

Query type(name, raw) name: The VALUE is a DNS owner name in presentation format or wildcards as described below. We sometimes call this just an rrset search, raw: The VALUE is an even number of hexadecimal digits specifying a raw octet string.

value
value True string

Query value

time_first_before (Unix/Epoch time)
time_first_before number

Provide results before the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_before=1420070400' will only provide matching DNS records that were first observed before (or older than) January 1, 2015.

time_first_after (Unix/Epoch time)
time_first_after number

Provide results after the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_after=-31536000' will only provide results that were first observed within the last year.

time_last_before (Unix/Epoch time)
time_last_before number

Provide results before the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_before=1356998400' will only provide results for DNS records that were last observed before 2013.

time_last_after (Unix/Epoch time)
time_last_after number

Provide results after the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_after=-2678400' will only provide results that were last observed after 31 days ago.

limit
limit number

Limit for the number of results returned via these lookup methods. There is a built-in limit to the number of results that are returned via these lookup methods. The default limit is set at 10,000. This limit can be raised or lowered by setting the 'limit' query parameter. There is also a maximum number of results allowed; requesting a limit greater than the maximum will only return the maximum. See results_max below for information on that maximum. If '?limit=0' is used then DNSDB will return the maximum number of results allowed. If there are less results for the query than the requested limit, only the actual amount can be returned.

aggr
aggr boolean

Aggregated results group identical rrsets across all time periods and is the classic behavior from querying the DNSDB. This means you could get the total number of times an rrset has been observed, but not when it was observed. Unaggregated results ungroup identical rrsets, allowing you to see how the domain name was resolved in the DNS across the full-time range covered in DNSDB (subject to time fencing). This can give a more accurate impression of record request volume across time because it will reveal the distinct timestamps of records whose values are repeated. You can answer questions like, 'Was a domain parked for a long time, mostly unused, until it was repurposed for serving malware or relaying spam, but then was abandoned again?' It allows you to see if a record was observed heavily in the last week vs. having been observed constantly for years. This is a boolean value. Use True, the default, for the aggregated results or False for unaggregated results.

humantime
humantime boolean

A boolean value that is True if time values (in time_first, time_last, zone_time_first, zone_time_last) should be returned in human readable (RFC3339 compliant) format or False if Unix-style time values in seconds since the epoch should be returned. False is the classic behavior from querying the DNSDB and is the default value for this option.

offset
offset number

How many rows to offset (e.g. skip) in the results. This implements an incremental result transfer feature, allowing you to view more of the available results for a single query. The rows are offset prior to the limit parameter being applied, therefore offset allows seeing additional results past a limit that matches the maximum number of results. Note that DNSDB recalculates the results for each query and the order of results might not be preserved. Therefore, this capability is not a valid way to walk all results over multiple queries - some results might be missing and some might be duplicated. The actual offset that can be used is limited or for certain API keys, offset is not allowed - see the offset_max rate_limit key below. The offset value must be a positive integer. The default is 0, which means do not offset the rows.

Returns

RRSet Lookup with RRType

The RRSet lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

Parameters

Name Key Required Type Description
type
type True string

Query type(name, raw) name: The VALUE is a DNS owner name in presentation format or wildcards as described below. We sometimes call this just an rrset search, raw: The VALUE is an even number of hexadecimal digits specifying a raw octet string.

value
value True string

Query value

rrtype
rrtype True string

Query rrtype

time_first_before (Unix/Epoch time)
time_first_before number

Provide results before the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_before=1420070400' will only provide matching DNS records that were first observed before (or older than) January 1, 2015.

time_first_after (Unix/Epoch time)
time_first_after number

Provide results after the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_after=-31536000' will only provide results that were first observed within the last year.

time_last_before (Unix/Epoch time)
time_last_before number

Provide results before the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_before=1356998400' will only provide results for DNS records that were last observed before 2013.

time_last_after (Unix/Epoch time)
time_last_after number

Provide results after the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_after=-2678400' will only provide results that were last observed after 31 days ago.

limit
limit number

Limit for the number of results returned via these lookup methods. There is a built-in limit to the number of results that are returned via these lookup methods. The default limit is set at 10,000. This limit can be raised or lowered by setting the 'limit' query parameter. There is also a maximum number of results allowed; requesting a limit greater than the maximum will only return the maximum. See results_max below for information on that maximum. If '?limit=0' is used then DNSDB will return the maximum number of results allowed. If there are less results for the query than the requested limit, only the actual amount can be returned.

aggr
aggr boolean

Aggregated results group identical rrsets across all time periods and is the classic behavior from querying the DNSDB. This means you could get the total number of times an rrset has been observed, but not when it was observed. Unaggregated results ungroup identical rrsets, allowing you to see how the domain name was resolved in the DNS across the full-time range covered in DNSDB (subject to time fencing). This can give a more accurate impression of record request volume across time because it will reveal the distinct timestamps of records whose values are repeated. You can answer questions like, 'Was a domain parked for a long time, mostly unused, until it was repurposed for serving malware or relaying spam, but then was abandoned again?' It allows you to see if a record was observed heavily in the last week vs. having been observed constantly for years. This is a boolean value. Use True, the default, for the aggregated results or False for unaggregated results.

humantime
humantime boolean

A boolean value that is True if time values (in time_first, time_last, zone_time_first, zone_time_last) should be returned in human readable (RFC3339 compliant) format or False if Unix-style time values in seconds since the epoch should be returned. False is the classic behavior from querying the DNSDB and is the default value for this option.

offset
offset number

How many rows to offset (e.g. skip) in the results. This implements an incremental result transfer feature, allowing you to view more of the available results for a single query. The rows are offset prior to the limit parameter being applied, therefore offset allows seeing additional results past a limit that matches the maximum number of results. Note that DNSDB recalculates the results for each query and the order of results might not be preserved. Therefore, this capability is not a valid way to walk all results over multiple queries - some results might be missing and some might be duplicated. The actual offset that can be used is limited or for certain API keys, offset is not allowed - see the offset_max rate_limit key below. The offset value must be a positive integer. The default is 0, which means do not offset the rows.

Returns

RRSet Lookup with RRType and Bailiwick

The RRSet lookup queries DNSDB's RRset index, which supports forward lookups based on the owner name of an RRset.

Parameters

Name Key Required Type Description
type
type True string

Query type(name, raw) name: The VALUE is a DNS owner name in presentation format or wildcards as described below. We sometimes call this just an rrset search, raw: The VALUE is an even number of hexadecimal digits specifying a raw octet string.

value
value True string

Query value

rrtype
rrtype True string

Query rrtype

bailiwick
bailiwick True string

Query bailiwick

time_first_before (Unix/Epoch time)
time_first_before number

Provide results before the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_before=1420070400' will only provide matching DNS records that were first observed before (or older than) January 1, 2015.

time_first_after (Unix/Epoch time)
time_first_after number

Provide results after the defined timestamp for when the DNS record was first observed. For example, the URL parameter 'time_first_after=-31536000' will only provide results that were first observed within the last year.

time_last_before (Unix/Epoch time)
time_last_before number

Provide results before the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_before=1356998400' will only provide results for DNS records that were last observed before 2013.

time_last_after (Unix/Epoch time)
time_last_after number

Provide results after the defined timestamp for when the DNS record was last observed. For example, the URL parameter 'time_last_after=-2678400' will only provide results that were last observed after 31 days ago.

limit
limit number

Limit for the number of results returned via these lookup methods. There is a built-in limit to the number of results that are returned via these lookup methods. The default limit is set at 10,000. This limit can be raised or lowered by setting the 'limit' query parameter. There is also a maximum number of results allowed; requesting a limit greater than the maximum will only return the maximum. See results_max below for information on that maximum. If '?limit=0' is used then DNSDB will return the maximum number of results allowed. If there are less results for the query than the requested limit, only the actual amount can be returned.

aggr
aggr boolean

Aggregated results group identical rrsets across all time periods and is the classic behavior from querying the DNSDB. This means you could get the total number of times an rrset has been observed, but not when it was observed. Unaggregated results ungroup identical rrsets, allowing you to see how the domain name was resolved in the DNS across the full-time range covered in DNSDB (subject to time fencing). This can give a more accurate impression of record request volume across time because it will reveal the distinct timestamps of records whose values are repeated. You can answer questions like, 'Was a domain parked for a long time, mostly unused, until it was repurposed for serving malware or relaying spam, but then was abandoned again?' It allows you to see if a record was observed heavily in the last week vs. having been observed constantly for years. This is a boolean value. Use True, the default, for the aggregated results or False for unaggregated results.

humantime
humantime boolean

A boolean value that is True if time values (in time_first, time_last, zone_time_first, zone_time_last) should be returned in human readable (RFC3339 compliant) format or False if Unix-style time values in seconds since the epoch should be returned. False is the classic behavior from querying the DNSDB and is the default value for this option.

offset
offset number

How many rows to offset (e.g. skip) in the results. This implements an incremental result transfer feature, allowing you to view more of the available results for a single query. The rows are offset prior to the limit parameter being applied, therefore offset allows seeing additional results past a limit that matches the maximum number of results. Note that DNSDB recalculates the results for each query and the order of results might not be preserved. Therefore, this capability is not a valid way to walk all results over multiple queries - some results might be missing and some might be duplicated. The actual offset that can be used is limited or for certain API keys, offset is not allowed - see the offset_max rate_limit key below. The offset value must be a positive integer. The default is 0, which means do not offset the rows.

Returns

Service Limits

Retrieve service limits

Returns

Definitions

RRSet_Results

Name Path Type Description
Count
count number

The number of times the RRset was observed via passive DNS replication.

Time First
time_first number

The first time that the RRset was observed.

Time Last
time_last number

The most recent time that the RRset was observed.

Zone Time First
zone_time_first number

The first time that the RRset was observed via zone file import.

Zone Time Last
zone_time_last number

The last time that the RRset was observed via zone file import.

RRName
rrname string

The owner name of the RRset in DNS presentation format.

RRType
rrtype string

The resource record type of the RRset, either using the standard DNS type mnemonic, or an RFC 3597 generic type, i.e. the string TYPE immediately followed by the decimal RRtype number.

Bailiwick
bailiwick string

The closest enclosing zone delegated to a nameserver which served the RRset, or the name of the zone containing the RRset if FromZoneFile is True.

RData
rdata array of string

An array of one or more Rdata values. The Rdata values are converted to the standard presentation format based on the rrtype value. If the encoder lacks a type-specific presentation format for the RRset's rrtype, then the RFC 3597 generic Rdata encoding will be used.

RData_Results

Name Path Type Description
Count
count number

The number of times the resource record was observed via passive DNS replication.

Time First
time_first number

The first time that the resource record was observed.

Time Last
time_last number

The most recent time that the resource record was observed.

Zone Time First
zone_time_first number

The first time that the resource record was observed via zone file import.

Zone Time Last
zone_time_last number

The last time that the resource record was observed via zone file import.

RRName
rrname string

The owner name of the resource record in DNS presentation format.

RRType
rrtype string

The resource record type of the resource record, either using the standard DNS type mnemonic, or an RFC 3597 generic type, i.e. the string TYPE immediately followed by the decimal RRtype number.

RData
rdata array of string

The record data value. The Rdata value is converted to the standard presentation format based on the rrtype value. If the encoder lacks a type-specific presentation format for the resource record's type, then the RFC 3597 generic Rdata encoding will be used.

Flex_Results

Name Path Type Description
RData
rdata string

The record data value.

RRName
rrname string

The owner name of the RRset in DNS presentation format.

RRType
rrtype string

The resource record type of the RRset/resource record, either using the standard DNS type mnemonic, or an RFC 3597 generic type, i.e. the string TYPE immediately followed by the decimal RRtype number.

RAW_RDATA
raw_rdata string

The record data value as pairs of hex digits specifying a raw octet string. This value is used for pivoting from flexible search into standard search to get more details on rdata.

RateLimit_Results

Name Path Type Description
Limit
limit number

The maximum number of API lookups that may be performed. This is the initial quota.

Remaining
remaining number

For time-based quotas: the remaining number of API lookups that may be performed until the reset time.For block-based quotas: the remaining number of API lookups in the block quota.

Reset
reset number

For time-based quotas: UNIX epoch timestamp with second granularity indicating the next point in time when the quota limit will be reset. Usually this is at 00:00 (midnight) UTC.For block-based quotas: the value will be 'n/a'

Expires
expires number

Only present for block-based quota: UNIX epoch timestamp with second granularity indicating when the quota will expire.

ResultsMax
results_max number

Returns the maximum number of results that can be returned by these lookup methods. This overrides a 'limit' query parameter if provided. For example, if '?limit=20000' is appended to the URL path but results_max=1000 then only up to 1000 results will be returned.

OffsetMax
offset_max number

The maximum value that the offset query parameter can be. If it is higher then an HTTP 416 'Requested Range Not Satisfiable' response code will be returned with message 'Error: offset value greater than maximum allowed.' If the value is 'n/a' then the offset parameter is not allowed for this API key, and similar 416 error will be generated.

BurstSize
burst_size number

The maximum number of API lookups that may be performed within this burst_window number of seconds.

BurstWindow
burst_window number

The number of seconds over which a burst of queries is measured.