DNSlurp API

Query DNS records across multiple servers with DNSSEC checking

About Back to UI

Endpoints

GET /api/lookup

Lookup DNS records. Returns fresh results - perfect for shareable links.

Query Parameters

Parameter	Type	Description
`domains` required	string	Comma-separated list of domains to query
`type`	string	Record type (see supported types below). Default: A
`servers`	string	Comma-separated DNS server IPs or DoH hostnames. Default: 8.8.8.8, 1.1.1.1

Try it

Example

# Single domain
curl "/api/lookup?domains=google.com&type=A&servers=8.8.8.8"

# Multiple domains
curl "/api/lookup?domains=google.com,cloudflare.com&type=MX"

# DNSSEC records
curl "/api/lookup?domains=cloudflare.com&type=DS"

# Shareable link (opens in browser)
https://your-domain.com/?d=example.com&t=A&s=8.8.8.8,1.1.1.1

POST /api/lookup

Lookup DNS records with full server configuration.

Request Body

Field	Type	Description
`domain` required	string	Domain name to query
`type`	string	Record type. Default: A
`servers`	array	Array of server objects: `{address, name, protocol}`

Try it

Example

curl -X POST /api/lookup \
  -H "Content-Type: application/json" \
  -d '{
    "domain": "google.com",
    "type": "A",
    "servers": [
      {"address": "8.8.8.8", "name": "Google", "protocol": "UDP"},
      {"address": "dns.google", "name": "Google DoH", "protocol": "DoH"}
    ]
  }'

GET /api/authoritative

Query authoritative nameservers directly. Finds the NS records for the domain and queries those servers, bypassing recursive resolvers and caches.

Query Parameters

Parameter	Type	Description
`domain` required	string	Domain name to query
`type`	string	Record type. Default: A

Try it

Response includes delegation chain

{
  "domain": "cloudflare.com",
  "type": "A",
  "authoritative": true,
  "chain": {
    "zone": "cloudflare.com",
    "nameservers": ["ns1.cloudflare.com", "ns2.cloudflare.com"],
    "nsIPs": {
      "ns1.cloudflare.com": ["173.245.59.31"]
    }
  },
  "results": [...]
}

POST /api/authoritative

Query authoritative nameservers directly (POST version).

Request Body

Field	Type	Description
`domain` required	string	Domain name to query
`type`	string	Record type. Default: A

GET /api/config

Get available DNS record types and default servers.

GET /health

Health check endpoint.

{"status": "ok", "timestamp": "2026-01-17T08:00:00.000Z"}

Supported Record Types

24 record types including full DNSSEC support.

Common

A AAAA CNAME MX NS TXT SOA PTR SRV

DNSSEC

DS DNSKEY RRSIG NSEC NSEC3 NSEC3PARAM

Security

CAA TLSA SSHFP

Modern

HTTPS SVCB

Other

NAPTR HINFO LOC RP

Response Format

All lookup responses include DNS header flags for DNSSEC validation.

{
  "domain": "example.com",
  "type": "A",
  "timestamp": "2026-01-17T08:00:00.000Z",
  "results": [
    {
      "server": "8.8.8.8",
      "serverName": "Google",
      "protocol": "UDP",
      "queryTime": 12,
      "authoritative": false,    // AA flag - server is authoritative
      "authenticated": true,     // AD flag - DNSSEC validated
      "truncated": false,        // TC flag - response was truncated
      "rcode": "NOERROR",         // Response code
      "records": [
        {
          "type": "A",
          "value": "93.184.216.34",
          "ttl": 300
        },
        {
          "type": "RRSIG",
          "value": "A 8 2 300 ...",
          "ttl": 300,
          "algorithm": 8,
          "keyTag": 12345
        }
      ]
    }
  ]
}

DNS Flags

Flag	Field	Description
AA	`authoritative`	Authoritative Answer - server is the authority for this zone
AD	`authenticated`	Authenticated Data - DNSSEC signatures verified
TC	`truncated`	Truncated - response was too large for UDP
-	`rcode`	Response code: NOERROR, NXDOMAIN, SERVFAIL, REFUSED, etc.

Protocols

Protocol	Example Server	Description
`UDP`	`8.8.8.8`	Standard DNS over UDP port 53
`DoH`	`dns.google`	DNS over HTTPS (JSON API)

DoH servers: dns.google, cloudflare-dns.com, dns.quad9.net

Rate Limits

To prevent abuse, API requests are rate limited per IP address.

Endpoint	Limit	Window
`/api/lookup`	20 requests	1 minute
`/api/authoritative`	10 requests	1 minute

Response Headers

Header	Description
`X-RateLimit-Limit`	Maximum requests allowed per window
`X-RateLimit-Remaining`	Requests remaining in current window
`X-RateLimit-Reset`	Seconds until window resets

When rate limited, the API returns HTTP 429 with a retryAfter field indicating seconds to wait.