DNS Lookup

Enter any domain name and choose a record type to see its live DNS records — resolved directly from your browser over encrypted DNS-over-HTTPS. Inspect A and AAAA address records, MX mail routing, TXT entries for SPF and DMARC, NS name servers, CNAME aliases, SOA zone data, and CAA certificate restrictions. TTLs and one-click copy included.


Paste a URL and the hostname will be extracted automatically.

Record type

IPv4 address — maps the domain to one or more IPv4 addresses.


Use — Guide

How to use this tool

  1. Type or paste a domain name into the "Domain name" field — you can paste a full URL and the hostname will be extracted automatically (for example, https://example.com becomes example.com).
  2. Select the record type you want to look up: A for IPv4 addresses, AAAA for IPv6, MX for mail routing, TXT for SPF and DMARC entries, NS for name servers, CNAME for aliases, SOA for zone data, or CAA for certificate authority restrictions.
  3. Click "Look up" or press Enter — the query goes directly from your browser to Cloudflare's DNS-over-HTTPS endpoint (with Google as a fallback).
  4. Review the results: each record card shows the record type, name, TTL (how long the result is cached by resolvers) and the record data.
  5. Click the copy icon on any record to copy its value to the clipboard.
  6. To check a different record type for the same domain, select the new type and click "Look up" again — no need to re-enter the domain.

FAQ — Questions

Frequently asked questions

01What is DNS-over-HTTPS (DoH)?

DNS-over-HTTPS sends your DNS queries inside encrypted HTTPS traffic rather than as plain UDP packets. This prevents third parties (ISPs, network operators) from seeing which domains you are resolving. This tool queries Cloudflare's DoH endpoint (cloudflare-dns.com/dns-query) with Google's resolver as a fallback — entirely from your browser, with no queries touching our servers.

02Why do TXT, SPF and DMARC records matter?

TXT records carry machine-readable data attached to a domain. SPF (Sender Policy Framework), DKIM and DMARC are all published as TXT records and together they tell receiving mail servers which senders are authorised for your domain and what to do with messages that fail the checks. Misconfigured or missing email-security records are among the most common causes of phishing attacks impersonating legitimate businesses.

03Why might a DNS record not show up (propagation and TTL)?

When a record is added or changed, the update takes time to reach all resolvers worldwide — a process called DNS propagation. The TTL (Time to Live) shown with each record tells you how many seconds a resolver may cache the answer. A TTL of 3600 means changes may take up to an hour to propagate fully. If you just made a change and don't see it yet, wait for the old TTL to expire and try again.

04Is this lookup private?

Yes. Your queries are sent directly from your browser to Cloudflare's DNS-over-HTTPS endpoint over an encrypted HTTPS connection. Peritus Digital never sees the domains you look up — they go straight from your device to Cloudflare (and Google as a fallback) without passing through our servers.

DNS, email deliverability and beyond

Worried about your MX, SPF or DMARC records? Peritus Digital can fix them.

Misconfigured DNS is one of the top causes of email deliverability failures and phishing vulnerabilities. Our Newcastle team audits and corrects DNS zones, hardens email security records — SPF, DKIM, DMARC — and manages ongoing DNS health for Hunter Region businesses. If a lookup raised questions, let's answer them.