Domain Ownership Verification — NS, MX & Auth DNS Snapshot
DNS snapshot for ownership verification — nameserver delegation, mail routing, and auth records
How to Use This Tool
- Enter the domain whose control you are verifying.
- lookupAllDnsRecords captures current public DNS for the name.
- nameservers array shows active delegation chain.
- summary.mailServers and emailAuth confirm mail infrastructure claims.
- summary.hasSpf and hasDmarc flag authentication record presence.
- Export JSON with queriedAt as verification evidence in tickets.
About This Tool
Domain ownership verification during transfers, acquisitions, and vendor proof-of-control workflows needs evidence that the party controlling DNS publishes expected nameservers, mail routes, and authentication records. VSPIC domain ownership verification calls the dns-history action with lookupAllDnsRecords, returning records, byType, nameservers, summary mailServers and auth flags, emailAuth SPF and DMARC strings, ipv4 and cnameTarget, queriedAt timestamp, and note that registrar WHOIS is separate from live DNS control proof.
Compare snapshot nameservers against registrar-declared NS, confirm MX matches claimed mail provider, and verify SPF includes reference authorized sending infrastructure. This tool documents public DNS at query time — pair with whois-lookup for registration holder metadata and TXT verification tokens when providers require specific challenge records.
Common use cases
- •View all DNS records of a domain after migration
- •Confirm DNS records after domain changes
- •Test for DNS leaks when using a VPN
- •Debug email delivery with MX and TXT records
Why use VSPIC for ?
- Live DNS proof of delegation and mail routing in one lookup.
- Nameserver list for registrar versus live DNS comparison.
- SPF and DMARC strings for sender authorization verification.
- Full record inventory for unexpected shadow records.
- queriedAt timestamp for verification audit trails.
- Free instant snapshot — no account required.
DNS control versus legal ownership
Legal domain ownership flows through registrar records, contracts, and dispute policies. Operational control often manifests in DNS — whoever publishes nameservers and MX typically operates the domain day to day. This verification snapshot captures that operational layer for due diligence.
A party can own registrar title while DNS points elsewhere during disputes — snapshot clarifies live delegation independent of WHOIS privacy.
Nameserver delegation verification
nameservers array is primary control signal. During transfers, verify NS matches buyer's DNS provider before payment release. Unexpected NS during acquisition may indicate seller retained DNS control or third-party encumbrance.
Compare queriedAt-stamped exports between contract signing and closing dates.
Mail routing as control evidence
summary.mailServers shows where mail delivers. Verification confirms claimed Google Workspace, Microsoft 365, or custom MX architecture. MX pointing at seller-controlled host after sale is red flag requiring remediation before handover.
Pair with mail-server-lookup for detailed MX resolution and priority analysis.
SPF and sending authorization
emailAuth.spf reveals which sending infrastructure the domain authorizes. Verification ensures SPF includes match buyer's declared mail providers and remove seller includes after acquisition.
hasDmarc false on active mail domains may indicate immature control — plan DMARC publication post-verification.
Unexpected records and shadow control
Full records array may reveal verification TXT, CNAME to third-party SaaS, or A records pointing at unknown hosts — shadow IT or retained seller access. Review byType for records not disclosed in diligence questionnaires.
Diff snapshot against seller-provided DNS documentation before closing.
Acquisition and transfer workflows
Capture pre-transfer and post-transfer snapshots. NS and MX should migrate to buyer infrastructure per schedule of controls. queriedAt proves timing if disputes arise.
Store JSON in data room with domain and transaction ID.
Relationship to whois-lookup and historical-whois-lookup
WHOIS and RDAP show registrant organization and dates. domain-ownership-verification shows live DNS control. Both layers belong in complete verification packets.
historical-whois-lookup adds registration timeline when available — DNS snapshot adds operational now.
Relationship to dns-security-audit and domain-risk-assessment
All three missing-tool pages call dns-history with identical JSON. domain-ownership-verification emphasizes control proof language; dns-security-audit emphasizes security posture; domain-risk-assessment emphasizes risk framing.
API action is the same — choose page by workflow vocabulary.
API action dns-history
GET /ip-tools/api/extended?action=dns-history&domain=example.com. Parse nameservers, summary, emailAuth, records, queriedAt for automated verification pipelines.
Integrate with M&A checklists — fail step when NS mismatch against expected provider list.
Important notes & limitations
- DNS snapshot does not replace registrar auth codes or legal title proof.
- WHOIS registrant data requires separate whois-lookup.
- Cannot verify private DNS zones not published to public internet.
- One resolver path — geo-steering may show regional variance.
- Verify only domains you are authorized to investigate.
Frequently Asked Questions
Yes. VSPIC offers this domain ownership verification at no cost with no account required. Results load in real time.
We do not permanently store your queries on our servers. Some tools run entirely in your browser; others fetch public data for the request only.
Yes. Open the page in any modern phone or tablet browser. Results work on Wi‑Fi and mobile data.
No. It documents live public DNS control signals. Legal title requires registrar records and contracts.
WHOIS shows registration metadata. This snapshot shows nameservers, MX, and records the domain publishes now.
Yes. Enter the delegated hostname — results reflect that name's public DNS view.
TXT records appear in records and byType. Match specific tokens against provider challenge requirements manually.
Same dns-history API. This page targets ownership verification workflows; domain-risk-assessment targets risk assessment language.
dns-history with the domain parameter.
Next step for your check
Continue with whois lookup on VSPIC.
Related Tools
Explore more free VSPIC tools for IP, DNS, security, and network diagnostics.
WHOIS Lookup
Retrieve domain and IP registration WHOIS records
Use Free →Historical Whois Lookup
Historical Whois Lookup — free online tool
Use Free →DNS Security Audit
DNS Security Audit — free online tool
Use Free →Mail Server Lookup
Mail Server Lookup — free online tool
Use Free →DNS Lookup Tool — DNS Checker
Free DNS lookup tool and DNS checker — query A, AAAA, MX, TXT, NS, CNAME, and SOA records for any domain.
Use Free →Reverse DNS Lookup
Resolve IP addresses to hostnames via PTR records
Use Free →
Trusted by Users Who Value Privacy
Always Free
No premium plan ever
100% Private
Files processed in browser
Instant Results
Convert in seconds
Works Everywhere
Any device, any OS