About DNS Lookup
DNS Lookup is a browser based network tool that displays DNS records showing publicly for the domain name being queried.
DNS Lookup allows you to use public DNS server (Google, Cloudflare, Quad9, OpenDNS, Level3, Verisign, Comodo, Norton, Yandex, NTT, SDNS, CFIEC, Alidns, 114DNS, Hinet, etc.), Specify name server, Authoritative name server, Top-level domain name server, Root name server and other DNS servers for query. These DNS server IP addresses support IPv4 and IPv6.
Enable Advanced Mode displays the authority, additional, DNS message header, and DNS server response information for the DNS query. This can help to understand more comprehensive DNS Lookup information.
Enable DNSSEC (Domain Name System Security Extensions), DNSSEC creates a secure domain name system by adding cryptographic signatures to existing DNS records. By checking its associated signature, you can verify that a requested DNS record comes from its authoritative name server and wasn’t altered en-route, opposed to a fake record injected in a man-in-the-middle attack.
List of DNS record types
|Returns a 32-bit IPv4 address, most commonly used to map hostnames to an IP address of the host, but it is also used for DNSBLs, storing subnet masks in RFC 1101, etc.
|Returns a 128-bit IPv6 address, most commonly used to map hostnames to an IP address of the host.
|AFS database record
|Location of database servers of an AFS cell. This record is commonly used by AFS clients to contact AFS cells outside their local domain. A subtype of this record is used by the obsolete DCE/DFS file system.
|Certification Authority Authorization
|DNS Certification Authority Authorization, constraining acceptable CAs for a host/domain.
|Stores PKIX, SPKI, PGP, etc.
|Canonical name record
|Alias of one name to another: the DNS lookup will continue by retrying the lookup with the new name.
|Used in conjunction with the FQDN option to DHCP.
|Alias for a name and all its subnames, unlike CNAME, which is an alias for only the exact name. Like a CNAME record, the DNS lookup will continue by retrying the lookup with the new name.
|DNS Key record
|The key record used in DNSSEC. Uses the same format as the KEY record.
|The record used to identify the DNSSEC signing key of a delegated zone
|Key record that can be used with IPsec.
|Specifies a geographical location associated with a domain name
|Mail exchange record
|Maps a domain name to a list of message transfer agents for that domain.
|Naming Authority Pointer
|Allows regular-expression-based rewriting of domain names which can then be used as URIs, further domain names to lookups, etc.
|Name server record
|Delegates a DNS zone to use the given authoritative name servers.
|Next Secure record
|Part of DNSSEC—used to prove a name does not exist. Uses the same format as the (obsolete) NXT record.
|Next Secure record version 3
|An extension to DNSSEC that allows proof of nonexistence for a name without permitting zonewalking.
|Parameter record for use with NSEC3.
|Pointer to a canonical name. Unlike a CNAME, DNS processing stops and just the name is returned. The most common use is for implementing reverse DNS lookups, but other uses include such things as DNS-SD.
|Information about the responsible person(s) for the domain. Usually an email address with the @ replaced by a.
|Signature for a DNSSEC-secured record set. Uses the same format as the SIG record.
|Start of [a zone of] authority record
|Specifies authoritative information about a DNS zone, including the primary name server, the email of the domain administrator, the domain serial number, and several timers relating to refreshing the zone.
|Generalized service location record, used for newer protocols instead of creating protocol-specific records such as MX.
|SSH Public Key Fingerprint
|Resource record for publishing SSH public host key fingerprints in the DNS System, in order to aid in verifying the authenticity of the host. RFC 6594 defines ECC SSH keys and SHA-256 hashes. See the IANA SSHFP RR parameters registry for details.
|TLSA certificate association
|A record for DANE. RFC 6698 defines "The TLSA DNS resource record is used to associate a TLS server certificate or public key with the domain name where the record is found, thus forming a 'TLSA certificate association'".
|Originally for arbitrary human-readable text in a DNS record. Since the early 1990s, however, this record more often carries machine-readable data, such as specified by RFC 1464, opportunistic encryption, Sender Policy Framework, DKIM, DMARC, DNS-SD, etc.
|Uniform Resource Identifier
|Can be used for publishing mappings from hostnames to URIs.