myipcat.com — Tank myipcat
Home  /  Tools  /  DNS Propagation

DNS Propagation Checker

Query a DNS record from 7 public resolvers in parallel — Cloudflare, Google, AdGuard, NextDNS, DNS.SB, Alibaba, Tencent. See whether your record has propagated globally or if some operators are still serving stale answers.

A records are the most common — they map a domain to an IPv4 address. MX records show mail servers. TXT records are used for SPF/DKIM/DMARC and domain verification. NS records show authoritative name servers. Different record types reveal different aspects of your DNS setup.
Status

About this tool

What it does

Sends a DNS query for the same record to 7 different public DoH (DNS-over-HTTPS) resolvers simultaneously, then shows you what each one returned. If they all agree, your record has propagated. If they differ, you can see which operators are still serving an old or different answer.

The resolvers

  • Cloudflare 1.1.1.1 — Anycast global, no logging by policy
  • Google 8.8.8.8 — Anycast global, the world's most-used resolver
  • AdGuard — Cyprus-based, privacy-focused with optional filtering
  • NextDNS — Anycast, popular with self-hosters
  • DNS.SB — Germany-based, no logging
  • Alibaba Cloud — China, key for verifying records resolve from inside the GFW
  • Tencent — China, second major Chinese resolver

Including the two China-based resolvers catches a real-world propagation problem that Western-only checkers miss: your domain may resolve fine in the US/EU but be cached differently or filtered inside China.

How long does propagation take?

It depends on the TTL (time to live) of the old record. If the previous record had a TTL of 3600 seconds (1 hour), resolvers will keep using their cached copy until that hour expires — even if you've already updated your authoritative DNS. Common scenarios:

  • Same-day changes: Drop your TTL to 300 (5 minutes) at least 24 hours before the change. Then the new record propagates within 5-10 minutes.
  • Default TTLs (3600): Plan for ~1-2 hours globally, sometimes more.
  • Long TTLs (86400, one day): Up to 24 hours.
  • NS record changes (changing nameservers): 24-48 hours typically, occasionally longer at the registry level.

Common record types

  • A / AAAA — Domain → IP address. The fundamentals.
  • MX — Mail servers. Lower priority numbers are tried first. Critical for email delivery.
  • TXT — Text records. Used for SPF (v=spf1 ...), DKIM (k=rsa; p=...), DMARC (v=DMARC1; ...), and domain ownership verification (Google, Microsoft, Stripe, etc.).
  • NS — Authoritative name servers. Used to delegate DNS to a provider like Cloudflare or AWS Route 53.
  • CNAME — Alias. www.example.com → example.com. Cannot coexist with other records on the same name.
  • CAA — Restricts which certificate authorities can issue certs for your domain. Underused but recommended.
  • SRV — Service records. Used by SIP, XMPP, Microsoft Teams autodiscover, and similar protocols.
  • PTR — Reverse DNS. IP → hostname. (For raw IP lookups, use the IP Lookup tool.)
Why use this instead of dig or nslookup?

You absolutely should use dig when you have shell access. This tool is for the cases when you don't, or when you want to query multiple resolvers at once without scripting it. It's also a quick sanity check after making DNS changes — paste your domain, see all 7 resolvers report the new answer, done.