All systems operational status.ollavpn.com
Trust · Resources · Contact
FREE TOOL · LIVE LOOKUP · NO SIGNUP

DNS Lookup

Pull every public DNS record for any domain in one shot — A, AAAA, MX, TXT, NS, CNAME. Useful for verifying a setup, debugging mail delivery, checking SPF or DKIM, or just satisfying curiosity about where a site really lives.

If lookups feel slow or you suspect a DNS leak on your network, a VPN with in-tunnel DNS fixes it.

Try OllaVPN Free
TL;DR

DNS is the phone book of the internet. Every domain has records that say where to route different kinds of traffic — web (A/AAAA), email (MX), verification tokens (TXT), nameservers (NS), and aliases (CNAME).

This tool pulls all of them for any domain in one request. Useful when you're debugging a deployment, verifying that DKIM is set up, or just want to see what's actually attached to a site.

If you're worried about DNS leaks on your own network, a VPN with in-tunnel DNS resolves the lookups inside the encrypted tunnel — your ISP can't see what you query.

What a DNS lookup actually does

It asks the global Domain Name System where a particular name resolves and what records are attached to it.

When you type a URL into your browser, the very first thing that has to happen is a translation: example.com is a name, but routers only speak IP addresses. DNS is the system that does the translation. Your device asks a resolver (usually your ISP's, sometimes Cloudflare's 1.1.1.1 or Google's 8.8.8.8), the resolver chases the answer through the global DNS hierarchy, and an IP address comes back.

What this tool does is run that same lookup directly against the authoritative source, then surface not just the IP but every other public record attached to the domain. It's the same data your browser, mail server, or anti-spam scanner queries — just made visible.

Record types you'll see

Six types cover 95 percent of real-world DNS, and each is for a specific job.

A records map a name to an IPv4 address. AAAA records do the same for IPv6. CNAME records are aliases — they say "look up this other name instead and use whatever it returns." MX records list the mail servers that handle email for the domain, with priority numbers (lower is preferred). TXT records hold arbitrary text — verification tokens, SPF rules, DKIM keys, DMARC policy, and a surprising amount of random metadata. NS records say which nameservers are authoritative for the domain.

Less common but worth knowing: SRV records map service-specific lookups (used heavily by SIP, Matrix, and Microsoft Active Directory). CAA records say which certificate authorities can issue certs for the domain. PTR records do reverse lookups (IP to name). The tool above returns the main six and any others that exist.

Why one domain returns multiple IPs

Modern infrastructure runs everything redundantly, and DNS is how clients pick a healthy endpoint.

You'll often see a domain with two, three, or even ten A records. Each is a different IP, usually pointing at the same site but hosted on a different server or in a different data centre. Your browser picks one (usually round-robin or based on its own heuristics) and connects. If that IP goes down, the next lookup picks a different one and the site keeps working.

Cloudflare-fronted sites take this further. Cloudflare returns the IP of whichever of its data centres is closest to whoever is asking. You'll see different IPs from different locations on the planet, all serving the same site. This is one reason "why does my IP change" questions are sometimes about Cloudflare's behaviour rather than the site itself.

DNS leaks — what they are and how to test

A DNS leak is when your queries escape the VPN tunnel and go to your ISP instead.

A correctly configured VPN routes both your traffic and your DNS through the encrypted tunnel. A misconfigured one leaks DNS — your traffic goes through the VPN but your DNS queries still go to your ISP's resolver, exposing every domain you visit even though the content is encrypted.

This isn't a leak of contents (HTTPS already encrypts that), but it is a leak of which sites you visit, which is enough for tracking, profiling, or censorship enforcement. The fix is a VPN with in-tunnel DNS as the default, which is what our free plan does. Our deeper write-up at /blog/what-is-a-dns-leak covers how to test for one.

TTL and caching, explained

DNS answers are cached by every resolver in the chain, for a duration the record specifies.

Every DNS record has a TTL (time-to-live) value — usually 300 seconds (5 minutes), but anywhere from 30 seconds to a day is normal. After a resolver gets the answer, it caches it for that long, which is why DNS feels instant most of the time. Your browser hits the resolver, the resolver returns the cached answer in under a millisecond.

The flip side: when a site moves to a new IP, the change takes the longest TTL of any cached record to propagate. People say "DNS hasn't propagated yet" to mean "your resolver still has the old answer cached." Hard-flushing your local DNS cache or temporarily switching to a different resolver (1.1.1.1, 8.8.8.8) usually shortens the wait.

Frequently asked questions

What does a DNS lookup actually do?

It asks the global DNS for the records attached to a domain. The most common are A (IPv4 address), AAAA (IPv6 address), MX (mail servers), TXT (anything from SPF rules to verification tokens), NS (which nameservers serve the domain), and CNAME (an alias pointing one name at another). The tool above queries them all in one shot.

Why does the same domain return different IPs at different times?

Large sites use multiple IPs and rotate which ones are returned based on geography, load, and provider routing. Cloudflare-fronted sites in particular return whichever IP is closest to whoever is asking. This is normal and is part of how the modern internet stays fast.

What is a TXT record used for?

Everything. TXT records were originally for arbitrary notes, then became the home for SPF (which mail servers can send for the domain), DKIM (email signing keys), DMARC (email policy), and ownership verification tokens from Google, Apple, Microsoft, Atlassian, and dozens of others.

What is the difference between A and CNAME?

An A record points the domain straight at an IPv4 address. A CNAME points it at another domain, which is then resolved through its own DNS. CNAMEs are good for pointing subdomains at services but can't be used at the root domain in most cases.

What is an MX record?

MX (Mail Exchange) records say which servers handle email for the domain. The number in front is a priority (lower is preferred). If you see MX records pointing at Google, Microsoft, or Cloudflare's email infrastructure, that's the email host.

Does a VPN change DNS lookups?

Yes. With a VPN on, DNS queries get resolved by the VPN provider's resolver instead of your ISP's. This is how a VPN prevents DNS leaks — by making sure the lookups happen inside the encrypted tunnel rather than over your normal connection.

How fast are DNS lookups?

Usually 10 to 80 milliseconds, depending on whether the answer is cached. The first lookup for a domain might take 200 to 500 ms because the resolver has to chase the answer up the DNS hierarchy. After that, it's cached for the TTL the record specifies.

Do you log the domains I look up?

Standard web-server access logs are kept briefly for security and abuse detection, then rotated. We don't tie lookups to your identity, don't sell or share the data, and don't track you across sessions.

Related