{{ domain }}
{{ steps.length }} Hops
{{ error }}
#ZoneNameservers / IP
{{ idx + 1 }} {{ s.zone || 'root (.)' }} {{ s.ns }} 
{{ formattedJSON }}
Categories: DNS , Development , Networking , Visualization
Export to PDF Fullscreen

Domain Name System (DNS) tracing is the process of following the chain of authoritative nameservers that answer for a domain. Starting at the root zone, each delegation step passes responsibility to the next zone until the fully qualified domain is resolved. Understanding this path clarifies where resolution delays, misconfigurations, or security weaknesses may appear.

The DNS Trace Analyzer tool automates this investigation by issuing DNS-over-HTTPS queries directly from your browser and listing every zone and nameserver encountered. It removes guesswork by presenting live data in a structured table, letting you confirm delegation accuracy, identify stale glue records, or spot unexpected IP addresses without installing command-line utilities.

Use the results to troubleshoot unreachable websites, validate new DNS changes before propagation, or document infrastructure for compliance reviews. Because all lookups run client-side, sensitive domain data never leaves your workstation, ensuring privacy during diagnostics. Network engineers, web developers, and security auditors benefit equally, gaining clear insight into trust boundaries and time-to-live values across the delegation path. No data is transmitted or stored server-side.

Technical Details:

The tool issues standards-compliant queries and formats results for rapid inspection.

  • Client-side DNS-over-HTTPS resolver targeting Cloudflare’s endpoint
  • Automatic decomposition of the domain into progressive zones
  • Sequential NS lookups from root zone to target domain
  • Final A-record query to reveal authoritative IPv4 addresses
  • Spinner feedback during network operations to show progress
  • Responsive table displaying zone, nameserver list, and hop order
  • Zero server interaction; all data remains in your browser session
  • Supports internationalised domain names through standard punycode

Step-by-Step Guide:

Follow these steps to trace a domain from root to host.

  1. Type the target domain into the Domain field.
  2. Ensure you omit any trailing dot; the tool trims whitespace automatically.
  3. Press Trace to start the lookup Tip.
  4. Watch the spinner; queries run in sequence until every zone is resolved.
  5. Examine the populated table for zone delegation order and nameserver hosts.
  6. Look at the final row to verify A-record IP addresses or detect missing records.

FAQ:

Answers to common questions help you interpret results confidently.

Why does the tool use DNS-over-HTTPS?
DNS-over-HTTPS secures queries with TLS, preventing interception and ensuring the resolver’s response integrity.
Does the tool store or share my domain queries?
No. Queries run entirely in your browser; only the remote DNS resolver receives the domain name to answer.
How accurate are the displayed nameservers?
Results reflect real-time answers from Cloudflare’s resolver. If authoritative data changes, run the trace again for updates.
Can I trace subdomains?
Yes. Enter the full subdomain (for example, www.example.com) to include its A-record lookup in the final step.
What if a zone returns no NS records?
The table shows “—”. This indicates a misconfigured delegation. Verify the parent zone’s NS and glue records.
Embed this tool into your website using the following code: