Oh Dear

The easy DNS lookup tool

Enter a domain and see every DNS record it has, with a plain-English explanation of what each one does. Handy when you're troubleshooting, learning how DNS fits together, or just curious.

Your intro to DNS

The basics, in plain English

DNS records are like a phone book for the internet. When you type example.com in your browser, DNS records tell your computer where to find that website. Think of them as instructions that map domain names to their actual locations on the internet.

Example: example.com → 93.184.216.34

There are different types of DNS records, each serving a specific purpose. Some point to IP addresses (A records), others handle email routing (MX records), or create aliases (CNAME records). All the different record types are explained in detail below.

Each DNS record has a TTL (Time To Live) value that tells computers how long to remember the information before checking for updates. When you change DNS records, it takes time for the changes to propagate across all DNS servers worldwide. This can range from minutes to up to 48 hours, depending on TTL values and how quickly ISPs and DNS resolvers refresh their caches.

TTL examples: 300 = 5 minutes, 3600 = 1 hour, 86400 = 24 hours

When you perform a DNS lookup, your computer contacts a DNS resolver (like Google's 8.8.8.8 or Cloudflare's 1.1.1.1), which then queries the domain's authoritative nameservers, the servers that actually store and serve the DNS records for that domain. This tool uses Google's public DNS resolver by default for reliable and fast lookups.

DNS record types

Learn about different DNS record types and what they do

🌐

A Record (IPv4 Address)

The A record maps a domain name to an IPv4 address. When you type a domain in your browser, the A record is what tells it which server to connect to, turning the human-readable name into the numbers computers actually route on. A domain can have several A records for load balancing and redundancy.

Example: example.com → 93.184.216.34
🌍

AAAA Record (IPv6 Address)

The AAAA record is the IPv6 version of the A record. IPv6 addresses are 128-bit instead of IPv4's 32-bit, so there are far more of them to hand out, which matters as the free IPv4 addresses run out. Most sites publish both A and AAAA records so IPv4 and IPv6 clients can each reach them.

Example: example.com → 2606:2800:220:1:248:1893:25c8:1946
🔗

CNAME Record (Canonical Name)

A CNAME record points one domain name at another (the canonical name). It saves you from copying A records around when several subdomains should resolve to the same place, so www.example.com can point to example.com. Two catches: a CNAME can't sit alongside other record types on the same name, and your root domain can't be a CNAME.

Example: www.example.com → example.com
📧

MX Record (Mail Exchange)

MX records say which mail servers receive email for your domain. Each one carries a priority number (lower wins) and a mail server hostname. When someone emails you, their server reads your MX records and tries delivery from the highest-priority server on down. Running several gives you a fallback when one server is unreachable.

Example: 10 mail.example.com
🗄️

NS Record (Name Server)

NS records say which name servers are authoritative for your domain, the ones other resolvers should ask for its records. They hook your domain into the wider DNS hierarchy, forming the chain of delegation from the root servers down to your zone. You'll usually run several for redundancy.

Example: ns1.example.com
📝

TXT Record (Text)

TXT records hold arbitrary text, which is why so many things lean on them: proving you own a domain, email security (SPF, DKIM, and DMARC), search-engine verification, and plenty more. A TXT record is made of one or more strings of up to 255 bytes that get joined together, so the value can run well past 255 bytes. DKIM keys often do.

Example: v=spf1 include:_spf.google.com ~all
👑

SOA Record (Start of Authority)

Every DNS zone has exactly one SOA record, holding the admin details for the zone. It names the primary name server and the zone administrator's email, plus the timing values that tell other servers how to treat the zone: the serial number (bumped on every change), the refresh and retry intervals, the expire time, and the negative-cache TTL (how long to remember a "no such record" answer).

Example: ns1.example.com admin.example.com 2023010101
🔄

PTR Record (Pointer)

A PTR record does the reverse of an A or AAAA record: it maps an IP address back to a domain name. Mail servers lean on them heavily, and plenty will reject mail from an IP with no matching PTR. They also show up in logging and security tooling. PTR records live in special reverse-DNS zones, usually managed by your ISP or hosting provider rather than in your own zone.

Example: 34.216.184.93.in-addr.arpa → example.com
🔒

CAA Record (Certificate Authority Authorization)

CAA records list which Certificate Authorities are allowed to issue SSL/TLS certificates for your domain. They're a guardrail against a CA you never intended handing out a certificate someone could use to impersonate you. Each record has flags, a tag (like "issue" or "iodef"), and a value. With no CAA records, any CA can issue; add them and only the ones you list can.

Example: 0 issue "letsencrypt.org"
🎯

SRV Record (Service)

SRV records point to a specific service rather than just a host: they carry the hostname and port, plus priority and weight for load balancing. You'll see them for things like VoIP (SIP), chat (XMPP), and Active Directory, and they can drive email client auto-config (IMAP/SMTP) per RFC 6186, though few providers use them for that. The full format is service, protocol, priority, weight, port, and target host.

Example: _sip._tcp.example.com 10 60 5060 sipserver.example.com