By analyzing the DNS (Domain Name System) with OSINT methods, you can obtain very valuable information from a website, such as the IP address, MX Records (Email Providers) , TXT Records and among others. this is very useful. With tools like DNS Lookup and DNS Checker you can analyze and collect domain information. Personally, I use these 2 to view information from the email provider.
TXT records that are generally used to create verification texts for third-party services such as Google Console. and with these methods you will be able to know the names of third-party services and send an abuse report. Authorities may also request information from service providers connected to the website.
TXT records in DNS:
In the DNS Lookup you can see how the webmasters of the google.com domain have verification codes from third-party services such as Facebook, Apple, Google Console, Microsoft, DocuSing and among others.
This is useful when, for example, an evil website uses third-party services, you can send message by email to the third-party service team so that they can suspend the service for the crime that that website is committing. The mx records show the domains of the email providers, by analyzing the mx records you can know which is the email provider of a website.
nslookup.io mx records show that they use gmail as their email service provider. This information is useful because if an evil website is using a personalized email. You can send an email to the email provider’s abuse department, reporting the abuse and the email provider will suspend the service.
These 2 tools are very useful to obtain information about a domain. Without a doubt, knowing how to analyze DNS is a very important task when investigating and reporting abuse. In short, this is useful for conducting an investigation to make a report of abuse to a website provider.
