Weird permitted domain -- moscow-integration.dcc2.svc.ca2.internal.zone

Hello everyone,

I'm looking for some help or information regarding a domain I noticed in pi-hole earlier this week. For some reason pi-hole is permitting the domain moscow-integration.dcc2.svc.ca2.internal.zone and I cannot find any information regarding its origin or the application that is trying to access that domain.

My pi-hole is setup as the primary DNS on my router so all the traffic I see in the dashboard comes from either 192.168.1.1 or localhost so unfortunately I can't see what client is trying to hit that domain.

Would anyone have any idea/information regarding the moscow-integration.dcc2.svc.ca2.internal.zone domain? I have since blacklisted the domain on my pi-hole.

Thanks

Blocking this domain has no effect, since the domain does not exist on the internet. With or without blocking, the domain won't be resolved to an IP.

You have several options to show individual IP's on your Pi-hole, which would assist in determining the source of the queries.

You can also turn of clients one at a time until the requests stop, then the last client turned off is the source.

Thank you jfb, I really appreciate your response. I enabled the DHCP on my pi-hole and now I can see which client is trying to hit what domain. Oddly, the weird domain ( moscow-integration.dcc2.svc.ca2.internal.zone) appears to be coming from my wifes iphone... Will continue to investigate but this is a good start.

Thanks again.

1 Like