How to Do a DNS Lookup

May 16, 2026
Updated May 16, 2026 Security How-To Guides dns lookup check dns records nslookup online dig command free dns lookup online dns checker dns records explained website dns check domain name system

How to Do a DNS Lookup: Your Essential Guide

In the vast landscape of the internet, the Domain Name System (DNS) acts as its phonebook, translating human-readable domain names (like secably.com) into machine-readable IP addresses (like 192.0.2.1). A DNS lookup is the process of querying this system to retrieve information about a domain, such as its associated IP address, mail servers, or other critical records.

Understanding how to perform a DNS lookup is crucial for anyone involved in website management, network administration, or cybersecurity. Whether you're troubleshooting website access issues, verifying domain ownership, checking for misconfigurations, or investigating potential security threats, knowing how to check DNS records is a fundamental skill. This guide will walk you through the easiest and most effective methods, including using Secably's free online tool and command-line utilities like nslookup and dig.

For security professionals, a DNS lookup is often the first step in reconnaissance, helping to map out an organization's digital footprint. For webmasters, it's vital for ensuring your website is pointing to the correct server and that email services are configured properly. Let's dive in and learn how to master this essential task.

Want to check your site right now?

Website Vulnerability Scanner →  ·  Port Scanner

Quick Method: Use Secably's Free DNS Lookup Tool

The fastest, easiest, and most user-friendly way to perform a comprehensive DNS lookup is by using Secably's free online DNS Lookup tool. It requires no installation, no signup, and provides detailed results in a clear, understandable format.

Here's how to use it:

  1. Navigate to the Tool: Open your web browser and go to Secably's Free DNS Lookup page.
  2. Enter Your Target: In the designated input field, enter the domain name or IP address you wish to look up (e.g., example.com or 192.0.2.1).
  3. Initiate the Scan: Click the 'Scan' or 'Lookup' button.
  4. Review the Results: The tool will quickly query various DNS record types and display the results, typically within a few seconds.

Secably's DNS Lookup tool is designed for speed and simplicity, making it ideal for quick checks and for users who prefer a graphical interface over command-line tools. You'll get comprehensive information about A, AAAA, CNAME, MX, NS, SOA, TXT, and PTR records without any hassle. It's a perfect solution for an nslookup online or dig command equivalent without needing to open a terminal.

Manual Method: Command-Line Tools (nslookup, dig, host)

For advanced users, system administrators, and those who prefer direct interaction with their operating system, command-line tools offer powerful and flexible ways to perform DNS lookups. The most common tools are nslookup (available on Windows, macOS, and Linux), dig (primarily Linux and macOS), and host (Linux and macOS).

1. Using nslookup (Windows, macOS, Linux)

nslookup is a versatile tool for querying DNS servers. It can operate in interactive or non-interactive mode.

Non-Interactive Mode:

To perform a simple lookup for a domain's A record (IP address):

nslookup example.com

To query a specific DNS record type (e.g., MX for mail servers):

nslookup -type=mx example.com

To use a specific DNS server for the query (e.g., Google's 8.8.8.8):

nslookup example.com 8.8.8.8

Interactive Mode:

Type nslookup and press Enter. You'll get a prompt (>). Then you can type commands like:

server 8.8.8.8\nset type=mx\nexample.com\nexit

2. Using dig (Linux, macOS)

dig (Domain Information Groper) is a more advanced and preferred tool for DNS lookups on Unix-like systems, offering more detailed control and output.

To perform a standard lookup for a domain's A record:

dig example.com

To query a specific DNS record type (e.g., NS for name servers):

dig example.com NS

To get all available records for a domain:

dig example.com ANY

To use a specific DNS server for the query:

dig @8.8.8.8 example.com

To get a concise answer (short format):

dig +short example.com

3. Using host (Linux, macOS)

host is a simpler utility for performing DNS lookups, often used for quick checks.

To find the IP address of a domain:

host example.com

To find the mail servers (MX records) for a domain:

host -t mx example.com

To perform a reverse DNS lookup (find domain from IP):

host 192.0.2.1

Understanding Your DNS Lookup Results

Whether you use Secably's tool or command-line utilities, the output will contain various DNS record types. Interpreting these records is key to understanding your domain's configuration.

  • A Record (Address Record): Maps a domain name to an IPv4 address. This is the most common record, telling browsers where to find your website.
  • AAAA Record (IPv6 Address Record): Maps a domain name to an IPv6 address. Essential for modern internet connectivity.
  • CNAME Record (Canonical Name Record): An alias for another domain name. For example, www.example.com might be a CNAME pointing to example.com.
  • MX Record (Mail Exchange Record): Specifies the mail servers responsible for accepting email messages on behalf of a domain. Crucial for email delivery.
  • NS Record (Name Server Record): Indicates the authoritative DNS servers for a domain. These servers hold all the DNS records for your domain.
  • TXT Record (Text Record): Stores arbitrary text strings. Often used for SPF (Sender Policy Framework) and DKIM (DomainKeys Identified Mail) records for email authentication, or for domain verification by services.
  • SOA Record (Start of Authority Record): Contains administrative information about the zone, including the primary name server, the email of the domain administrator, and various timers.
  • PTR Record (Pointer Record): Used for reverse DNS lookups, mapping an IP address back to a domain name. Often used for email server validation.

When reviewing your results, pay attention to:

  • Correct IP Addresses: Ensure your A/AAAA records point to the intended server IP.
  • Proper Mail Servers: Verify MX records are configured correctly for your email provider.
  • Authoritative Name Servers: Check that NS records match those provided by your domain registrar.
  • Security Records: Look for SPF and DKIM entries within TXT records to ensure email deliverability and prevent spoofing.
  • TTL (Time To Live): This value indicates how long DNS resolvers should cache the record. Lower TTLs mean changes propagate faster, but can increase DNS server load.

Common Issues & Troubleshooting DNS Lookups

DNS lookups can sometimes reveal issues that prevent your website or services from functioning correctly. Here are some common problems and how to troubleshoot them:

  • DNS Propagation Delays: When you make changes to your DNS records, it takes time for these changes to update across the internet's DNS servers. This is known as propagation, and it can take anywhere from a few minutes to 48 hours. If you've just made a change, wait a bit and try again. Secably's tool queries multiple global servers, giving you a broader view.
  • Incorrect DNS Records: The most frequent issue. An A record pointing to the wrong IP, an MX record misconfigured, or a missing CNAME can break services. Double-check the records against your hosting provider's or service provider's documentation.
  • Local DNS Cache Issues: Your computer or local network router caches DNS information. If you've recently changed DNS records, your local cache might still hold old data.
    • Windows: Open Command Prompt as administrator and type ipconfig /flushdns.
    • macOS: Open Terminal and type sudo dscacheutil -flushcache; sudo killall -HUP mDNSResponder.
    • Linux: Restart your network manager or specific DNS service (e.g., sudo systemctl restart systemd-resolved).
  • Firewall Blocking DNS Queries: A local firewall or network security device might be blocking outgoing DNS queries (typically UDP port 53). Temporarily disable your firewall or check its rules if you're getting no response from command-line tools.
  • DNS Server Not Responding: If you're using a specific DNS server (e.g., in nslookup or dig), and it's down or unreachable, your query will fail. Try using a different public DNS server (like Google's 8.8.8.8 or Cloudflare's 1.1.1.1).
  • Domain Not Registered or Expired: If a domain is not registered or has expired, no DNS records will be found. Verify the domain's registration status with a WHOIS lookup.

When troubleshooting, always start with Secably's online tool to get a global perspective, then use command-line tools to test specific servers or record types if needed.

Free Security Tools

Scan your website, check open ports, find subdomains — no signup required.

See all tools →

Next Steps After Your DNS Lookup

Once you've performed a DNS lookup and understood the results, what's next? Your actions will depend on what you've discovered:

  • If Records Are Incorrect: Contact your domain registrar or hosting provider to correct the DNS records. Be precise about which records need updating (e.g., A, MX, CNAME).
  • If Records Are Correct but Issues Persist: The problem might lie elsewhere. It could be a server misconfiguration, a firewall issue on the server, or an application-level problem.
  • For Security Investigations: DNS lookups are just the beginning. If you've identified suspicious records (e.g., unexpected IP addresses, unusual TXT records), you'll want to dig deeper.

Secably offers a suite of free tools that can help you continue your investigation and ensure your digital assets are secure and functioning optimally:

  • Run a Full Vulnerability Scan: Identify security weaknesses in your website beyond just DNS, including common vulnerabilities and misconfigurations.
  • Check All Open Ports: Discover which ports are open on your server's IP address, revealing potential entry points for attackers.
  • Discover All Subdomains: Uncover hidden or forgotten subdomains that might expose additional attack surfaces or sensitive information.
  • Perform a WHOIS Lookup: Get registration details for a domain, including owner contact information and registration dates, which can be useful for verifying ownership or investigating suspicious domains.

Regularly checking your DNS records and performing broader security scans is a critical part of maintaining a healthy and secure online presence.

Is Secably's DNS Lookup tool free?

Yes, Secably's DNS Lookup tool is completely free to use for basic scans. There's no cost, no hidden fees, and no signup or account creation required to perform a lookup.

Is it safe to scan my own website or domain?

Absolutely. Scanning your own assets, including performing DNS lookups, is not only safe but highly recommended as a fundamental part of your security hygiene and troubleshooting process. It helps you ensure your configurations are correct and identify potential issues before they become problems.

How often should I do a DNS lookup?

We recommend performing a DNS lookup at least monthly, or more frequently if you've made any changes to your domain's DNS records, hosting provider, or email services. Regular checks help you quickly detect unauthorized changes or misconfigurations.

What is DNS propagation?

DNS propagation refers to the time it takes for DNS changes (like updating an A record) to be updated across all DNS servers worldwide. This process isn't instantaneous and can take anywhere from a few minutes to 48 hours, depending on the record's TTL (Time To Live) and the specific DNS server's caching policy.

Can I perform a reverse DNS lookup with these tools?

Yes, you can. Secably's DNS Lookup tool supports reverse lookups by entering an IP address. With command-line tools, you can use nslookup by typing the IP address, or host [IP_ADDRESS] to find the associated domain name (PTR record), if one is configured.

Scan your website for free

No signup needed. Get results in under 60 seconds.

Run Free Scan →

Scan for these vulnerabilities

Secably automatically detects the issues discussed in this article.

Start Free Scan