DNS Lookup
This task involves retrieving information about a specific domain's DNS records. DNS (Domain Name System) is a system that translates human-readable domain names into IP addresses, enabling computers to communicate. There are different types of DNS records, such as A (address), MX (mail exchange), NS (name server), CNAME (canonical name), and TXT (text).
Use cases
-
OSINT Investigation: Extracting DNS records can be valuable in Open Source Intelligence (OSINT) investigations. For instance, A and AAAA records can reveal IP addresses linked to a domain, providing insights into server locations. MX records can offer clues about the domain's email provider, while TXT records may unintentionally disclose internal information used for administrative purposes.
-
Infrastructure Understanding: Analyzing a domain's DNS setup can offer insights into how its online infrastructure is constructed and managed. This understanding can be valuable for various purposes, including security assessments and network optimization.
Query
curl --location --request GET 'https://huntapi.com/api/v1/website/check?include_features=["dns"]' \
--header 'Content-Type: application/json' \
--header 'x-api-key: <token>'
curl --location --request GET 'https://huntapi.com/api/v1/website/check?include_features=["dns"]' \
--header 'Content-Type: application/json' \
--header 'x-api-key: <token>'
Response
{
"dns": {
"a": {
"family": 4,
"address": "199.232.xxx.xxx"
},
"mx": [],
"ns": [],
"ptr": [],
"soa": [
"www.prd.xxx.xxxxx.com"
],
"srv": [],
"txt": [],
"aaaa": [
"199.232.xxx.xxx"
],
"cname": []
}
}
{
"dns": {
"a": {
"family": 4,
"address": "199.232.xxx.xxx"
},
"mx": [],
"ns": [],
"ptr": [],
"soa": [
"www.prd.xxx.xxxxx.com"
],
"srv": [],
"txt": [],
"aaaa": [
"199.232.xxx.xxx"
],
"cname": []
}
}