Locating domain records

This article guides you through the process of finding and pinpointing domain records using the Silent Push platform.

Step 1: the search

There are a few different tools that can be used to search for domain records, the one we tend to recommend is Silent Push as it provides both current and historic records.

You'll need to create an account before accessing their domain tools but the free plan includes more than enough API calls per month for our needs. Once logged in you should see a search bar, enter a domain and press search, this will then find the domain and list records that are / have been active at some point.

Step 2: important records

Below is a list of the most important records, the first thing to check would be nameservers as these tell us which server is hosting the records, following that would be the A and CNAME records as these point the website to a server. Finally MX records give us hints as to where email accounts might be held, in this example they are with Google Workspace.

• A Records osamweb.com 77.95.113.55
• CNAME Records www osamweb.com
• MX Records osamweb.com aspmx.l.google.com
• Nameservers ns1.osamweb.com ns2.osamweb.com

Step 3: bringing it all together

Once we've captured the record information like above, we can then use Silent Push to assist us in pinpointing the exact company behind these addresses. For example if we go back to the search bar and enter the IP address 77.95.113.55 it returns the information for the server, from here the "IP Infrastructure" section tells us exactly who hosts that server.

This method can also be used for all other record types though results can vary, especially if a third party service provider is used by the hosting company as these results lead back to the infrastructure host not the hosting company.