Maybe it's just me, but isn't there something odd about a DNS query
coming back with 78 entries for the same host? It sends back an UDP
packet that gets truncated and the DNS resolver reverts to TCP to get
the full list.
This is often used for server pools (as I'm guessing you know).
It seems to cause problems with Windows clients and/or Windows DNS
servers. Seems like overkill.
The 78 addresses listed here are all in one bit of a /24. In the
seen, there are a few servers listed in several different locations,
network- (and location-) wise. I agree that this looks really
they use it as a cheap load balancer?