App StoreApp Store
Google PlayGoogle Play
Temp Mail Logo

Temp Mail safeguards your privacy while keeping your inbox free from spam.

🗄 A · AAAA · MX · TXT · CNAME · NS · SOA · CAA · SRV · PTR

DNS Lookup Tool

Free DNS record lookup tool — query any DNS record type for any domain instantly. Check A, AAAA, MX, TXT, CNAME, NS, SOA, CAA, SRV, and PTR records using encrypted DNS over HTTPS via Cloudflare and Google.

✓ 10 record types✓ DNS over HTTPS✓ TTL display✓ Cloudflare + Google DoH✓ No signup
DNS Record Lookup
Try:
Record types to query
|
🔍
Enter a domain above and click Look Up to query its DNS records
What this tool does

Free DNS lookup tool — query and check DNS records for any domain online

This DNS lookup tool lets you query any of the ten major DNS record types for any domain name — instantly, in your browser, with no software to install. It uses DNS over HTTPS (DoH) to send encrypted queries to Cloudflare's resolver (cloudflare-dns.com) with automatic fallback to Google's (dns.google), ensuring both privacy and reliability. Unlike traditional DNS tools that use plaintext UDP queries, DoH prevents network observers from seeing the domains you're looking up.

DNS (Domain Name System) is the internet's phonebook — it translates human-readable domain names into IP addresses and configuration data. Every record has a TTL (Time To Live) value in seconds controlling how long it's cached by resolvers. Lowering TTL before making DNS changes speeds up propagation; raising it afterward reduces query load on your nameservers. This tool displays TTL for every record so you know exactly how fresh the cached data is.

Common use cases: verifying MX records after setting up email, confirming TXT records for SPF or DMARC configuration, checking whether a CNAME alias is resolving correctly, looking up NS records to confirm nameserver delegation, or diagnosing why a domain isn't resolving as expected after a DNS change.

All 10 DNS record types explained
A
IPv4 Address
Maps a domain to a 32-bit IPv4 address. The most fundamental DNS record — every website serving IPv4 traffic needs one.
AAAA
IPv6 Address
Maps a domain to a 128-bit IPv6 address. Essential for modern dual-stack networks and future-proofing your infrastructure.
MX
Mail Exchange
Specifies which mail servers handle email for the domain. Lower priority number = tried first. Supports automatic failover with multiple MX records.
TXT
Text / SPF / DKIM
Stores arbitrary text. Used for SPF (authorized senders), DKIM (signing keys), DMARC (policy), and domain ownership verification.
CNAME
Canonical Name
Aliases one domain to another. The browser resolves the target domain's A/AAAA records. Cannot be used at the root domain.
NS
Name Server
Delegates a domain zone to authoritative name servers. Set by your domain registrar and controls where DNS records are managed.
SOA
Start of Authority
Zone metadata: primary NS, admin email, serial number, and refresh/retry/expire intervals. Every DNS zone must have exactly one SOA.
CAA
CA Authorisation
Restricts which Certificate Authorities can issue SSL/TLS certificates for the domain, preventing fraudulent certificate issuance.
SRV
Service Record
Defines server location for specific services (VoIP, XMPP, etc.) with priority, weight, port, and target host.
PTR
Pointer / rDNS
Reverse DNS — maps an IP address back to a hostname. Used by mail servers for anti-spam checks and network diagnostics.
Examples

Real DNS records explained -- what each type looks like in practice

These examples show what each DNS record type looks like and what the value means when you look it up.

A Recordexample.com -- maps domain to IPv4 address
Query: example.com (A) Result: 93.184.216.34 TTL: 3600 seconds Host: IANA / Example Domain

An A record is the most basic DNS record, pointing a domain to an IPv4 address. When you type a URL in your browser the first DNS lookup it performs is an A record query. The TTL of 3600 seconds means resolvers cache this result for one hour before re-querying the authoritative nameserver.

MX Recordgmail.com -- routes email to Google mail servers
Query: gmail.com (MX) Result: 10 alt1.gmail-smtp-in.l.google.com 20 alt2.gmail-smtp-in.l.google.com 30 alt3.gmail-smtp-in.l.google.com Note: Lower priority number = higher preference

MX records tell sending servers where to deliver email for a domain. Multiple records with different priority values provide failover -- if the primary server (priority 10) is unreachable, the sender tries priority 20, then 30. All major mail providers publish multiple MX records for redundancy and reliability.

TXT Recordexample.com -- SPF policy defines authorised senders
Query: example.com (TXT) Result: v=spf1 include:_spf.google.com include:sendgrid.net ~all Type: SPF (Sender Policy Framework)

TXT records are used for email authentication (SPF, DKIM, DMARC), domain ownership verification, and third-party service configuration. This SPF record authorises Google and SendGrid to send email on behalf of the domain. The ~all softfail means all other senders should be treated with suspicion by receiving servers.

CNAME Recordwww.example.com -- alias pointing to root domain
Query: www.example.com (CNAME) Result: example.com TTL: 300 seconds Note: Resolver then looks up A record for example.com

A CNAME creates an alias from one hostname to another. Here www.example.com resolves by first following the CNAME to example.com, then looking up its A record. CNAMEs cannot be placed at the root domain itself -- only on subdomains like www, mail, or ftp.

NXDOMAINnonexistent.example.com -- name does not exist in DNS
Query: nonexistent-subdomain.example.com (A) Result: NXDOMAIN (Non-Existent Domain) Code: 3 Meaning: No DNS record of any type at this name

NXDOMAIN means the queried name does not exist in DNS at all. For email senders, NXDOMAIN on an MX lookup means the domain cannot receive email and any message sent will hard-bounce immediately. For websites it means the subdomain has not been configured in DNS.

FAQ

Frequently asked questions about DNS lookups

What is a DNS lookup?
A DNS lookup queries the Domain Name System to translate a human-readable domain name into the IP addresses and configuration data that computers use. Every time you visit a website, your browser performs DNS lookups automatically — typically A records for IPv4 and AAAA records for IPv6. This tool lets you perform those lookups manually so you can inspect and troubleshoot any domain's DNS configuration.
What are MX records used for?
MX (Mail Exchange) records tell the internet which mail servers handle email for a domain. When someone sends an email to you@example.com, their sending mail server performs a DNS lookup for the MX records of example.com to find the correct delivery destination. Lower priority numbers are preferred — if the primary server is unreachable, the next-lowest priority is tried automatically, providing failover.
What is a TXT record used for?
TXT records store arbitrary human-readable text associated with a domain. They are used for SPF (specifying which mail servers are authorized to send email for the domain), DKIM (publishing cryptographic public keys for email signing), DMARC (defining email authentication policy), and domain ownership verification for services like Google Search Console, GitHub, and Microsoft 365. TXT records can hold arbitrary text and are widely used for domain ownership verification, email authentication (SPF, DKIM, DMARC), and third-party service configuration.
What does TTL mean in a DNS record?
TTL (Time To Live) is the number of seconds a DNS record should be cached by resolvers before being re-fetched. A TTL of 300 means resolvers cache the answer for 5 minutes. Lower TTLs allow faster propagation of DNS changes (useful before migrations) but increase query volume on your nameservers. Typical values range from 60 seconds to 86400 (24 hours).
What is DNS over HTTPS (DoH)?
DNS over HTTPS (DoH) sends DNS queries encrypted over HTTPS instead of plaintext UDP port 53. This prevents ISPs, network observers, and attackers from seeing which domains you're looking up. This tool uses Cloudflare's DoH resolver (cloudflare-dns.com) as the primary and Google's resolver (dns.google) as a fallback, ensuring both privacy and reliability. DNS over HTTPS encrypts queries so your ISP and network observers cannot see which domains you are looking up.
What is a CNAME record?
A CNAME (Canonical Name) record creates an alias from one domain name to another. For example, www.example.com might CNAME to example.com, so the browser resolves example.com's A/AAAA records instead. CNAME records cannot coexist with other records at the same name (except DNSSEC), so they cannot be used at the root domain — use A/AAAA or ALIAS records there instead. Flattening a CNAME at the root using ALIAS or ANAME records is supported by many modern DNS providers as a CNAME-like workaround.
What is a CAA record?
CAA (Certificate Authority Authorization) records let domain owners specify which Certificate Authorities (CAs) are permitted to issue SSL/TLS certificates for their domain. This prevents unauthorized CAs from issuing fraudulent certificates. For example, a CAA record of '0 issue letsencrypt.org' means only Let's Encrypt can issue certificates for that domain. CAA records are a critical security control that prevents unauthorised certificate authorities from issuing TLS certificates for your domain.
What is a PTR record?
PTR (Pointer) records are the reverse of A records — they map an IP address back to a hostname. They are stored under special reverse DNS zones (e.g., 34.216.184.93.in-addr.arpa for IPv4). Mail servers commonly check PTR records during spam filtering to verify that the sending IP's reverse DNS matches the claimed domain. PTR records are essential for email deliverability -- many spam filters reject or heavily penalise mail from IPs without a valid reverse DNS entry.
Why might my DNS changes not show up immediately?
DNS changes propagate based on each record's TTL value. If your old record had a TTL of 86400 (24 hours), resolvers that cached it won't re-query until that TTL expires. To speed up future changes, lower the TTL of your records 24–48 hours before making changes, then raise it again once the change has propagated. Use this tool to check whether your records have updated at Cloudflare's and Google's resolvers.
What is the difference between an NS record and a SOA record?
NS (Name Server) records specify which servers are authoritative for a domain — the servers that hold the actual DNS records. SOA (Start of Authority) records contain zone metadata: the primary name server, the admin email address, a serial number (incremented on each change), and timing parameters that control how secondary nameservers sync. Every DNS zone must have exactly one SOA record.
Related Network & Email Tools

Need a disposable email address?Generate a free, instant throwaway — zero signup, zero trace.

Get Free Temp Mail ->