FREE — NO SIGNUP

Free DNS & Email Tools

Look up DNS records, verify domain expiry, and confirm your email authentication is configured correctly. The three tools every domain owner should know about.

Why this matters

DNS and email authentication are quietly the most fragile parts of any web setup. A single nameserver change can take a site dark. A missed WHOIS renewal lets a competitor or squatter grab your domain. A missing DMARC record lets attackers spoof your brand in phishing emails — and Google + Yahoo now actively reject mail from domains without it.

These three tools cover the basics: query any DNS record type for any domain in milliseconds, look up the registrar, expiry date, and nameservers from authoritative WHOIS / RDAP, and confirm your SPF and DMARC records are present and configured strictly enough to actually block spoofing.

Free tools in this category

DNS Lookup

Query A, AAAA, MX, NS, TXT, CNAME, and SOA records for any domain. Instant results.

Use this tool →
WHOIS Lookup

Domain registration details, expiry date, registrar, nameservers, RDAP data.

Use this tool →
SPF & DMARC Checker

Check email authentication. See if your domain is protected against spoofing and phishing.

Use this tool →

Want continuous monitoring instead of one-off?

Each tool above runs a one-off check. To get alerted whenever something changes, set up a continuous monitor:

Continuous version of DNS Lookup. Catches unauthorised record changes — a common signal of registrar compromise — within minutes.

NS records change rarely. When they do — registrar transfer, hijack, or planned migration — every other DNS record is affected. Continuous NS monitoring catches it instantly.

Auto-renew cron failed silently? WHOIS-driven monitoring alerts you 30 and 7 days before the registration lapses, so a squatter doesn't snap up your domain.

A removed or weakened DMARC record opens the door to brand-impersonation phishing. Continuous monitoring catches policy regressions the moment they happen.

Broken MX configuration silently drops email for days before anyone notices. Continuous MX checks confirm mail servers resolve and respond.

Or browse all 24 monitor types · run a one-off Website Health Score · see all free monitoring tools.

Stop running one-off checks. Start monitoring.
Free plan · 3 monitors · No credit card required
Start Free →

Frequently asked questions

Why should I check my DNS records when nothing has changed?
Because changes happen without you. Registrar account compromise, automation scripts, or a migrating provider can rewrite records overnight. A periodic DNS Lookup gives you a baseline; continuous DNS monitoring catches every change within minutes.
My DMARC is "p=none" — is that a problem?
p=none means monitoring-only — no enforcement. Recipients see DMARC failures but won't reject the email. The SPF & DMARC Checker flags this as a warning. Once you're confident your legitimate mail passes, move to p=quarantine and then p=reject for real spoofing protection. Google and Yahoo bulk-sender rules now expect this.
How accurate is the WHOIS Lookup?
It pulls from authoritative WHOIS / RDAP for each TLD. Some ccTLDs restrict registrant data — you'll see "redacted for privacy" instead of the registrant name. Expiry date, registrar, and nameservers are always returned where the registry exposes them.
Why don't my MX changes show up immediately?
DNS propagation. MX records have a TTL that resolvers cache — typically 1–24 hours. Until each resolver's cache expires, the old MX answer is served. Run the DNS Lookup against `8.8.8.8` (Google) vs `1.1.1.1` (Cloudflare) to compare propagation across providers.
Do I need both SPF and DMARC?
Yes. SPF tells receiving servers which IPs can send for your domain. DMARC tells receivers what to do when SPF or DKIM fails (quarantine or reject). Without DMARC, SPF alone won't block spoofing — receivers may still deliver. The two work together.