Back to all tools
DNS · EXTERNAL RESOLVER · REAL-TIME

DNS Lookup

Translate domain names into IP addresses and look up DNS records using an external resolver.

~/pingie - dns-lookup
ready
AIPv4 Address
AAAAIPv6 Address
MXMail Exchange
NSName Server
TXTText Record
CNAMECanonical Alias
SOAStart of Authority
PTRReverse Pointer
ANYAll Records

Type in a domain name to look up its DNS records.

The toolkit

Every network tool you'll ever need.

Purpose-built utilities for ports, IPs, DNS and email. Completely free, all powered by external probes.

DNS Lookup: Query Any Domain's DNS Records

When a browser or mail server needs to reach a domain, it queries the Domain Name System (DNS) to translate that domain into actionable data, such as an IP address or a mail server hostname. The DNS lookup tool on Pingie replicates that query process on demand, letting you inspect what public resolvers actually return for any domain at any moment.

The tool queries real DNS resolvers, including Google (8.8.8.8 and 8.8.4.4) and Cloudflare (1.1.1.1 and 1.0.0.1) as fallbacks, and returns the live record values alongside each record's TTL (Time to Live). TTL tells you how many seconds resolvers are allowed to cache that record before fetching a fresh copy.

What DNS Record Types You Can Inspect

DNS is not a single record but a structured set of record types, each serving a different function. The dns record lookup supports all of the following:

  • A : Maps a domain to an IPv4 address. This is the most common lookup for web hosting verification.
  • AAAA : Maps a domain to an IPv6 address.
  • MX : Lists the mail servers responsible for receiving email for the domain, along with their priority values.
  • NS : Shows the authoritative name servers that hold the DNS zone for the domain.
  • TXT : Returns text data attached to the domain, commonly used for SPF policies, DKIM public keys, and third-party domain verification strings.
  • CNAME : Reveals alias records that point one domain name to another canonical name.
  • SOA : Returns the Start of Authority record, which contains administrative details about the DNS zone such as the primary name server and the zone serial number.
  • PTR : Performs a reverse DNS lookup, mapping an IP address back to a hostname. PTR queries require an IP address as input, not a domain name.
  • ANY : Requests all available record types in one query. Note that many resolvers restrict ANY responses under RFC 8482, so results may be incomplete.

How to Run a Domain Name Lookup

The process takes four steps:

  1. Open the DNS Lookup tool from the tool menu on Pingie.
  2. Enter a domain name in the input field (for example, example.com ). For PTR lookups, enter an IP address instead.
  3. Select the record type you want to query from the dropdown: A, AAAA, MX, NS, TXT, CNAME, SOA, PTR, or ANY.
  4. Click "Lookup." The tool returns all matching records with their values and TTL in seconds.

Results reflect the current state of public DNS. If you recently updated a record, it may not appear until the previous record's TTL has expired and resolvers have fetched the new data.

When to Use a DNS Checker

A dns checker is useful in several distinct situations:

  • Verifying a new DNS configuration : After pointing a domain to a new host or CDN, check the A or CNAME record to confirm the change has propagated to public resolvers.
  • Troubleshooting email delivery : Inspect MX records to confirm the correct mail servers are listed. Check TXT records to verify SPF and DKIM are published correctly. For a deeper look at DKIM specifically, the DKIM checker validates the full DKIM signature against the published key.
  • Auditing DMARC policy : TXT records at the _dmarc subdomain hold DMARC policy strings. You can also use the dedicated DMARC checker for parsed validation.
  • Confirming NS delegation : When transferring a domain between registrars, NS records confirm which name servers are currently authoritative.
  • Investigating an IP address : PTR lookups reveal whether a hosting provider has configured reverse DNS, which matters for mail server reputation.
  • Checking TTL before a migration : Lowering TTL before a planned change reduces the window during which stale records are served to users.

How This Tool Differs From Command-Line Alternatives

Tools like dig and nslookup run DNS queries from the machine you are working on. That means results depend on your local resolver, your network's DNS configuration, and any split-horizon DNS policies in place. This tool queries from an external resolver, so you see what the public internet sees, not what your local network returns.

It also requires no software installation or command-line access, which matters when working on a shared machine or checking a domain from a mobile device.

FAQ

A DNS lookup is a query sent to a DNS resolver asking for the records associated with a domain name or IP address. The resolver checks its cache or contacts authoritative name servers to retrieve the answer. This tool sends that query on your behalf to public resolvers and returns the raw record values, types, and TTL values so you can inspect the current DNS state for any domain.

dig and nslookup query DNS from your local machine, so they use your network's configured resolver, which may cache old records or apply split-horizon DNS (returning different answers inside a corporate network versus outside). This tool queries from external public resolvers, specifically Google and Cloudflare, so results reflect what the public internet currently sees. Differences between the two usually indicate a caching lag or a network-specific DNS policy.

TTL stands for Time to Live and is measured in seconds. It tells DNS resolvers how long they may cache a record before discarding it and fetching a fresh copy from the authoritative name server. A TTL of 3600 means resolvers can serve that record for up to one hour. When you change a DNS record, the old value continues to circulate until every resolver's cached copy expires. Lowering TTL before a planned migration reduces how long stale records persist.

No, this is expected behavior. DNS resolvers cache records for the duration of their TTL. Until that timer expires, resolvers serve the previously cached value rather than fetching the updated record. Check the TTL shown in the results to estimate how long propagation will take. Once the TTL on the old record expires, resolvers will query the authoritative name server again and return the new value.

A DNS lookup retrieves raw record data from public resolvers without interpreting it. It returns the record value exactly as published. A DMARC checker specifically fetches the TXT record at the _dmarc subdomain and then parses the policy string, validates its syntax, and explains what each tag means. Use the DNS lookup to confirm a DMARC record exists and see its raw value; use the DMARC checker to validate that the policy is correctly formed.

Select PTR as the record type, then enter an IP address in the input field instead of a domain name. The PTR record type maps an IP address back to a hostname. This is useful for verifying that a mail server's IP has a correctly configured reverse DNS entry, which many receiving mail servers check as part of spam filtering. PTR records are managed by the IP address owner, typically the hosting provider, not the domain owner.

RFC 8482 allows resolvers to respond to ANY queries with a minimal answer rather than returning all record types. This change was introduced to reduce the potential for DNS amplification attacks, where a small query generates a large response that can be used in denial-of-service scenarios. If you need a complete picture of a domain's DNS records, query each record type individually (A, MX, TXT, NS, and so on) rather than relying on ANY.

An A record maps a domain name directly to an IPv4 address. A CNAME record maps a domain name to another domain name, which the resolver then resolves further to find an IP address. CNAMEs add an extra resolution step but allow multiple subdomains to follow a single canonical name. A records cannot coexist with CNAME records on the same name, which is why zone apex domains (like example.com) typically use A records rather than CNAMEs.

Pingie's privacy policy covers how query data is handled. DNS lookups query public information that is already openly accessible to anyone on the internet, so the domain names themselves are not private data. The tool does not require you to create an account or submit any personal information to perform a lookup.

SPF records are published as TXT records on the root domain (for example, example.com ). Select TXT as the record type and enter the domain to retrieve the SPF string. DKIM records are published as TXT records on a selector subdomain, typically in the format selector._domainkey.example.com . Enter that full subdomain and select TXT. To validate that a DKIM record is correctly structured rather than just viewing its raw value, use the DKIM checker .

Yes. Enter the full subdomain in the input field, such as mail.example.com or www.example.com , and select the record type you want to query. DNS records can be set independently at any subdomain level, so a query for example.com will not automatically return records for mail.example.com . Each subdomain must be queried separately.

The SOA (Start of Authority) record is the first record in a DNS zone and contains administrative metadata: the primary name server, the responsible party's email address (encoded as a domain), the zone serial number, and refresh and retry intervals. The serial number increments each time the zone is updated, so checking the SOA is a reliable way to confirm that a DNS zone change has been published by the authoritative name server, independent of resolver caching.