Log in
CaptainDNS

Propagation & diagnostics

Compare resolvers worldwide and inspect returned answers.

Email authentication

Tools to verify and validate your email authentication setup.

SPF syntax validator

Review include chains and DNS query limits before publishing changes.

SPF record inspector

Resolve the published TXT record, flag lookup limits and decode each mechanism.

DKIM syntax validator

Quickly check the syntax of your DKIM records.

DKIM record check

Resolve a selector and analyse the published DKIM TXT record.

DMARC syntax validator

Check rua/ruf destinations, alignment modes and the active policy before publishing.

DMARC record inspector

Resolve the published policy, surface diagnostics and confirm enforcement before switching to reject.

BIMI syntax validator

Validate BIMI tags, the logo fetch and the VMC certificate before publishing.

BIMI record inspector

Resolve the published BIMI record, inspect logo and VMC diagnostics in one place.

Email deliverability audit

Audit MX, SPF, DKIM and DMARC to confirm a domain is ready to send.

Mail header analyzer

Decode participants, authentication results and routing from raw headers.

DMARC record generator

Create compliant DMARC records with all policy and reporting options.

Text

Transform, encode and measure your content in seconds.

Text case converter

Convert any block of text to upper or lower case instantly.

Base64 encoder / decoder

Encode or decode any content in Base64 without leaving the browser.

Slug generator

Transform any sentence into an SEO-friendly slug in seconds.

Word & character counter

Measure the length of any text, with instant word and character counts.

Images

Preview and validate your BIMI logos before publishing.

BIMI logo lookup

Inspect a BIMI logo URL—format, metadata and live rendering—before rollout.

Certificates

Inspect CSRs, BIMI logos and VMC certificates before you deploy.

CSR parser

Inspect a CSR, extract subject details, fingerprints and requested SANs.

VMC inspector

Inspect a Verified Mark Certificate—issuer, validity and SAN coverage—before you publish BIMI.

IP

Look up addresses, owners, reverse records and ranges.

Reverse lookup

Resolve a PTR record and validate DNS consistency.

IP WhoIs

Identify the owner of an IP range and its contacts.

IPv4 netmask

Calculate network, broadcast and usable hosts for any IPv4 block.

My IP address

Detect your IPv4/IPv6 addresses and their geolocation.

DNS Toolbox

A complete suite of tools to explore and diagnose your DNS zones

A simple and powerful suite of tools to explore and diagnose your DNS zones: A/AAAA/MX/TXT lookups, latency, iterative traces root→TLD→authoritative, public resolvers, propagation, integrations, etc.

DNS Lookup

A/AAAA/MX/TXT/NS/etc. lookups over UDP, TCP, or DoH, with latency measurement and display of distinct answers per resolver.

Domain DNS audit

Assess parent vs zone consistency, authority and NS connectivity in one click.

Public resolvers (propagation)

Track the propagation of your DNS records across numerous public resolvers worldwide (Google, Cloudflare, Quad9, OpenDNS, ISPs...).

API & integrationsSoon

Expose your lookups and traces via API, integrate checks into your pipelines, and automate your DNS diagnostics.

Why a dedicated DNS page?

Accurate and comprehensive resolution

The CaptainDNS DNS page queries the right servers at the right time. It reads the answers exactly as they actually exist on the Internet. A, AAAA, CNAME, MX, TXT, NS, SOA, PTR, CAA, SVCB, HTTPS, SRV, DS, and DNSKEY are supported. Each answer comes with its TTL and data. You see what the authoritative server serves and what public resolvers return. No approximation. No stale local copy.

A lookup starts from your chosen resolver, then climbs from the root to the TLD and then to the authoritative server. This chain explains why two locations sometimes return different answers. A still‑valid cache serves the old value. A slow authoritative server responds late. The page shows these effects without jargon. You keep the exact view at the time of the query.

End‑to‑end latency and trace

Speed matters as much as accuracy. The page measures the latency of each query. It shows timings by resolver and by region when relevant. A rise highlights a busy entry point or a distant target. You connect a user's perception to a simple number. You know where to act.

The iterative trace completes the analysis. It details every hop of the resolution. Root. TLD. Authoritative. You spot a slow server, an occasional timeout, or a value served inconsistently. The trace serves as evidence when talking to a provider. It avoids endless debates. You start from observed facts.

Leveraging the DNS module's tools

Public resolvers and propagation

Comparing multiple resolvers helps you read the so‑called propagation. The system doesn't “propagate” anything in the strict sense. It caches based on TTL. As long as the period hasn't expired, some resolvers keep the old answer. The DNS page queries well‑known actors like Google, Cloudflare, Quad9, OpenDNS, or an ISP resolver. It can also query the authoritative server. You see the present as perceived from various points on the network.

This comparison prevents many surprises. You prepare a switchover. You reduce the TTL a few hours beforehand. You change the record at the right moment. You then track the appearance of the new value across several resolvers. You know when to communicate. You're not left waiting without a clear reference point.

History, API, and targeted checks

Keeping a record changes the game. The page stores lookups if you choose. You can retrieve the time, the question asked, the resolver used, and the answer served. You prove behavior instead of merely describing it. You compare before and after a migration. You revisit a specific value without digging through screenshots.

API integration enables automating checks. The idea is simple: replay a key lookup at regular intervals. Validate a zone before a deployment. Alert if the TTL exceeds a threshold or if a critical value disappears. These checks prevent silent incidents. They also shorten diagnosis time when a service slows down.

DNS lookup and iterative trace

DNS lookup remains the core of the module. You target a record type, choose the transport (UDP, TCP, or DoH) and run the query. The result is displayed with the relevant fields and the TTL. For an IPv6 address you read AAAA. For email, you validate MX and TXT. For the modern web, you check SVCB and HTTPS. For certificate security, you review CAA. Everything is in one place and follows the same format.

The iterative trace completes the diagnosis. It walks root → TLD → authoritative, highlighting latency at each hop and showing whether a resolver still caches an outdated value. Perfect for proving a sluggish name server, explaining inconsistent answers or backing an escalation with concrete evidence.

Concrete use cases

Preparing a migration becomes predictable. You lower the TTL the day before. You change A or CNAME at the scheduled time. You observe the response across multiple resolvers. You raise the TTL once things are stable. Latency tracking verifies that the new target responds within the expected times. You shut down the old server afterwards-not before.

Diagnosing an outage relies on simple evidence. The trace shows a slow authoritative server. The resolver comparison highlights a still‑valid cache. The detail of a CNAME reveals a target without A or AAAA. The latency graph shows a spike in a single region. You contact the right provider with the right information. Resolution speeds up.