DNS Monitoring

DNS failures are catastrophic and immediate

Complete site outages, email blackouts, and security breaches

DNS hijacking redirects your customers to phishing sites that steal credentials and payment information. Attackers compromise your registrar account, change your A records, and suddenly example.com points to their malicious server. Your customers think they're on your site - they're not.

Accidental DNS changes during hosting migrations break everything. Change the wrong A record and your site becomes unreachable worldwide. Delete an MX record and all company email stops - no incoming messages, all external emails bounce, support tickets never arrive.

Wrong DNS settings persist for hours or days due to caching. Even after fixing DNS records, old (broken) values remain cached across the internet for the TTL period. The damage compounds: lost sales, customer support overload, email communication blackout, reputation damage.

We check all your DNS records every few hours - A, AAAA, MX, TXT, CNAME, NS - across all your nameservers. When any record changes, you'll know immediately, whether it was authorized or malicious.

Common DNS disasters

DNS hijacking redirects customers to phishing sites

Wrong A record after hosting migration breaks the site

Deleted MX record stops all company email delivery

Incorrect CNAME changes that break CDN or subdomains

Stopwatch illustration showing automated DNS monitoring checking records every few hours

Stop manually checking DNS records

Automated monitoring beats all alternatives

Most teams check DNS one of these ways: running dig/nslookup commands occasionally (requires remembering and technical knowledge), using free DNS lookup tools when something breaks, checking registrar dashboards manually, or discovering DNS issues when customers report the site is down.

Manual checking doesn't catch unauthorized changes in real-time. By the time you notice DNS hijacking, attackers have already redirected your traffic for hours. By the time you discover a wrong MX record, you've lost a day's worth of email.

Free DNS tools check DNS at a single moment when you remember to run them. They don't monitor continuously. They don't alert you. They don't show DNS history. You only find out something changed when you think to check - usually after problems start.

We check your DNS automatically every few hours from multiple locations. You'll get alerts within minutes of any DNS change - authorized migrations, accidental changes, or malicious hijacking. Fix issues before they cascade into complete outages.

Complete DNS records list showing all monitored record types including A, AAAA, MX, TXT, CNAME, NS, and SOA records

Check all nameservers and all record types

Comprehensive DNS monitoring that catches everything

Most DNS tools query a single nameserver and show you a snapshot. We're different: we check every authoritative nameserver for your domain, comparing results to catch inconsistencies. If one nameserver has different records than the others, you'll know immediately.

We monitor all DNS record types - A, AAAA, MX, TXT, CNAME, NS, SOA - not just your website's A record. This catches MX record changes that break email, TXT record modifications that break email authentication (SPF/DKIM), CNAME changes that break subdomains, and NS record changes that indicate potential hijacking.

DNS history shows exactly what changed and when. Compare current records to past snapshots. Prove when unauthorized changes happened. Roll back to previous configurations. See which records existed before a migration broke things.

Zero configuration required. Add your site to Oh Dear and we auto-detect all DNS records from all nameservers. We'll monitor everything automatically, alerting you the moment any record changes.

urlxyz.com is down

Component	Value
Url	https://urlxyz.com
Error description	Operation timed out after 5001 milliseconds with 0 bytes received

re-run check without leaving Slack!

Oh Dear01:45 P.M.

urlxyz.com seems down!

Error: HTTP/1.1 404 Not found
Downtime verified from Paris, France and Bangalore, India

Full report: https://ohdear.app/monitors/8716/history/runs/875879191

Check again

Initiate follow-up actions directly in Telegram!

Oh Dear01:45 P.M.

⚠️ urlxyz.comseems down!

Error: HTTP/1.1 404 Not found
Downtime verified from Paris, France and Bangalore, India

👀 Full Report

🔄 Check again

😴 Snooze

Access full reports straight from Discord!

Oh Dear01:45 P.M.

urlxyz.com has recovered after 2m. Full report: https://ohdear.app/monitors/87/history/runs/875879191
Paris, France - Today at 10:56

urlxyz.com seems down!
Error: HTTP/1.1 404 Not Found

act directly from within Microsoft Teams!

Oh Dear01:45 P.M.

urlxyz.com seems down!

Error: HTTP/500 Downtown verified from Paris, France and Frankfurt

View full report

Messages

now

Oh Dear!

urlxyz.com has recovered after 2m. full report: https://ohdear.app/monitors/83/checks/411

Messages

now

Oh Dear!

urlxyz.com seems down! Error: HTTP/500 Downtown verified from Paris, France and Frankfurt

Messages

now

Oh Dear!

Pushover has been successfully enabled. We'll notify you when something goes wrong.

Messages

now

Oh Dear!

urlxyz.com has recovered after 2m. full report: https:/ohdear.app/monitors/83/checks/411

Messages

now

Oh Dear!

urlxyz.com has recovered after 2m. full report: https:/ohdear.app/monitors/83/checks/411

Messages

now

Oh Dear!

Text messages for urlxyz.com have been successfully enabled. We'll notify you when something goes wrong.

CALLING WEBHOOK

$_TOKEN="your API token"
$ curl -X GET "https://notifyservicexyz.com/api/alert/urlxyzcom" \
-H "Authorization: Bearer $_TOKEN" \
-H "Accept: application/json" \
-H "Content-Type: application/json"

Opsgenie

now

Oh Dear!

urlxyz.com has recovered after 2m. full report: https://app.opsgenie.com/monitors/83/checks/411

Opsgenie

now

Oh Dear!

urlxyz.com seems down! Error: HTTP/500 Downtown verified from Paris, France and Frankfurt

Opsgenie

now

Oh Dear!

Opsgenie has been successfully enabled. We'll notify you when something goes wrong.

PagerDuty

now

Oh Dear!

urlxyz.com has recovered after 2m. full report: https://pagerduty.com/monitors/83/checks/411

PagerDuty

now

Oh Dear!

urlxyz.com seems down! Error: HTTP/500 Downtown verified from Paris, France and Frankfurt

PagerDuty

now

Oh Dear!

PagerDuty has been successfully enabled within Oh Dear. Notifications are enabled.

Choose how we let you know

when a DNS record changes or a failure is detected

Receive our notifications on your preferred platform. Via email, SMS, Slack, Discord, Opsgenie, Microsoft Teams, Pushover, webhooks,… we can notify you wherever your team is active.

Take notifications to the next level: only notify who needs notifying by assigning responsibilities to different team members.

Other Oh Dear service highlights showing domain expiration, uptime monitoring, and certificate monitoring features

What DNS monitoring checks (and what it doesn't)

Understanding the scope

DNS monitoring excels at tracking DNS record changes across all nameservers. We check every record type (A, AAAA, MX, TXT, CNAME, NS, SOA) and alert you immediately when any record changes - whether authorized or malicious.

What it checks: all DNS record types, all authoritative nameservers, DNS record history over time, nameserver consistency, and DNS resolution failures.

What it doesn't check: domain expiration (we have separate monitoring for that), whether your site is actually up (uptime monitoring handles that), SSL certificate validity (we monitor certificates separately), or DNS propagation speed (we check records as they exist at nameservers, propagation to resolvers varies).

Think of DNS monitoring as your early warning system for DNS changes. It catches unauthorized modifications, migration mistakes, and hijacking attempts. Combine it with uptime monitoring to know if DNS changes actually work.

Target audience for DNS monitoring including teams migrating hosting, companies concerned with security, teams with complex DNS, agencies managing domains, and high-value domains

Who needs DNS monitoring?

Anyone vulnerable to DNS hijacking or migration failures

Teams migrating hosting or CDN providers where DNS changes are critical and mistakes break everything. Wrong A records make your site unreachable. Wrong CNAME breaks your CDN.

Companies after security incidents needing to prevent DNS hijacking. If your registrar account was ever compromised, attackers can return and modify DNS to redirect your traffic.

Teams with complex DNS setups (multiple subdomains, email servers, CDNs). More DNS records mean more things that can break. MX records for email, TXT records for email security, CNAME for subdomains.

Agencies managing client domains who need to know immediately if a client or their registrar modifies DNS. Your reputation depends on client sites staying accessible.

Anyone using email where MX record changes mean complete email blackouts. No incoming customer emails, all outbound bounces, support tickets never arrive.

High-value domains attractive to hijackers. If your domain is worth stealing, attackers will try. DNS monitoring catches hijacking within hours, not days.

Stop worrying, start monitoring

Start a no-strings-attached 10-day free trial. You're all set in less than a minute.
(No credit card needed.)

Not convinced yet? Need help?
Get in touch via [email protected].

DNS records list with toggle controls for independently enabling or disabling monitoring of specific record types

Monitor only the records that matter

Prioritize critical records, ignore frequent changers

Not all DNS records are equally critical. A and AAAA records point your domain to your server - changes break your site. MX records control email delivery - changes stop all company email. TXT records handle email authentication (SPF, DKIM, DMARC) - changes get you marked as spam or rejected entirely.

Some legitimate services change DNS frequently. DDoS protection services like Cloudflare rotate IP addresses constantly. CDN providers modify CNAME records for traffic management. If you're behind these services, disable A/AAAA or CNAME monitoring to avoid alert fatigue while still catching critical MX or TXT changes.

You can toggle each record type independently per site. Monitor everything for critical domains. Disable noisy record types for sites behind dynamic services. Customize per your infrastructure needs.