DNS Monitor

Run live DNS record, propagation, and IP checks immediately, then compare them against your expected routing, mail policy, and certificate controls in one full audit.

Live DNS audit

Expected-vs-actual checks

Email auth and DNSSEC

Run a DNS audit now See record output Create free account

Tool Context

DNS Monitor sits in Core Monitoring

DNS Monitor verifies live routing, resolver propagation, email authentication records, and certificate controls against the setup you expect to see.

Core Monitoring

DNS, SSL, performance, API, and related health checks.

Core Monitoring

DNS, SSL, performance, API, and related health checks.

Deep Validation

Security, content, synthetic journeys and sitemap quality.

Operations and Reporting

Workspace-first alerts, incidents, and stakeholder reporting workflows.

Suggested workflow

Three steps

1
Choose domain
2
Optionally enter expected values
3
Run a full audit and review live differences

Quick Navigate

Related tools

8 links

SSL Monitor

Try + unlock more

Watch certificate validity and expiry windows.

Performance Monitor

Try + unlock more

Measure response timing, first-byte latency, and delivery behavior.

DNS Monitor

Try now

Verify A, MX, NS and related DNS records.

API Monitor

Try + unlock more

Validate API availability, response codes and latency.

Security Monitor

Try now

Check security posture and scan for vulnerabilities.

Content Validator

Try now

Validate critical content and regex-driven checks.

Synthetic Monitor

Ops workflow

Monitor multi-step HTTP workflows and scripted checks.

Sitemap Parser

Try now

Parse XML sitemaps and audit indexed URL sets.

Launch Access

Guests can try the tools, while signed-in workspaces keep the durable state

Guest access

Guests can run live DNS audits with tighter daily caps and no saved workspace state.

Logged-in workspace

Logged-in accounts get higher daily usage and a workspace that can keep related results together.

Full DNS audit now includes expected-vs-actual comparison, email-auth checks, TTL visibility, DNSSEC, CAA, and SOA details.

View launch pricing

Live DNS Audit

Check current DNS state

Use the full audit when you want more than raw records. It compares live answers with your expected routing, surfaces SPF, DMARC, and DKIM clues, and shows TTL, CAA, SOA, and DNSSEC signals in the same pass.

Domain

Use the apex domain or a specific subdomain. Full audit works best when you also add any expected A, MX, NS, TXT, or CNAME values you want the live result checked against.

Routing and IPs

A, AAAA, CNAME, and live IP resolution in one pass.

Resolver spread

Checks public resolvers for uneven propagation.

Mail auth

Reviews SPF, DMARC, DKIM discovery, and MX readiness.

Controls and TTL

Shows DNSSEC, CAA, SOA, and TTL visibility where available.

Expected setup (optional)

Add the values you expect to see so SynapWatch can flag missing, partial, or mismatched live answers in the full audit.

Comparison-ready

Traffic routing

Use these fields when you want SynapWatch to compare live routing against the addresses and targets you expect.

Expected A recordsExpected AAAA recordsExpected CNAME targetsExpected NS hosts

Mail and ownership

Add mail-routing and TXT clues when you want the full audit to validate SPF, MX, DKIM selector usage, and ownership fragments.

Expected MX hostsTXT fragments to findDKIM selectors (optional)

Optional comparison inputs still emptyComma-separated values accepted

Current summary

Live DNS signal snapshot

Run any DNS check to populate the live summary. Full audit also unlocks health interpretation, email-auth checks, TTL visibility, DNSSEC, CAA, SOA, export, and expected-vs-actual comparison.

Total records

Resolver coverage

IPv4 addresses

IPv6 addresses

Email auth

DNSSEC

Latest audit

No audit yet

Expected setup

No expected values entered

Export state

Run full audit to export

Health interpretation

What the live DNS footprint suggests

Run a full audit to generate strengths, risks, and next-step recommendations from the live DNS answer.

Record snapshot

This section shows the raw live answers from the resolver path, with explicit notes when a lookup returned empty, timed out, or failed.

Run a records check to inspect A, AAAA, MX, TXT, NS, and CNAME entries.

IP lookup

Use this section when you only need the current IPv4 and IPv6 answers without reading through the wider full audit.

Run an IP lookup to capture the current IPv4 and IPv6 resolution.

Propagation

Resolver cards highlight whether public recursive resolvers agree on the same answer or still show partial, timed-out, or missing responses.

Run a propagation check to compare public resolver views.

Expected vs actual

Full audit compares the live answer against the values you entered above and separates clean matches from partial or mismatched results.

Run a full audit to compare live DNS answers against the expected A, AAAA, MX, NS, CNAME, and TXT fragments you entered above.

Email authentication

Mail-focused checks summarize SPF, DMARC, DKIM discovery, and MX readiness so you can confirm whether the domain is prepared for sending and receiving mail.

Run a full audit to evaluate SPF, DMARC, DKIM discovery, and MX readiness for this domain.

Advanced records and controls

TTL visibility, certificate-authority controls, SOA timers, and recursive DNSSEC signals are grouped here so the full audit stays readable without hiding the advanced details.

Run a full audit to inspect TTL visibility, CAA certificate controls, SOA timers, and recursive DNSSEC signals.