DNSlytics and Mindflow have partnered to enable users to automate their incident management and better protect their information systems.

DNSlytics Overview

DNSlytics is an online investigation tool that enables you to see detailed information about every IP Address, Domain Name, and Provider. Below are most of the tools accessed via DNSlytics.

Monitor: A Brand Monitor Alert is triggered when DNSlytics discover a new domain containing a keyword (your trademark, brand name, product name, or any keyword string).

Domain: Find registered and dropped domain names based on one or more keywords (a city, brand, or trademark). Search through all top-level domains, including gTLDs, nTLDs, and ccTLDs. Find registered domain typos and misspellings for a given domain name through all top-level domains.

Lookup historical IP and DNS records for every domain name (A (IPv4), AAAA (IPv6), MX, NS, and SPF records). It returns a maximum of 2,500 historical records per DNS type. Whois lookup to see all the registration information related to a particular domain, IP address (IPv4 and IPv6), or AS number. 


Reverse: Every publisher receives one unique Adsense ID on all websites. This Reverse AdSense ID tool allows you to find all domains sharing the same AdSense ID. It shows a maximum of 2,500 connected domains.

Every publisher receives a unique Analytics ID to be used on several websites. The Reverse Analytics ID tool allows you to find all domains sharing the same Analytics ID. Maximum of 2,500 connected domains. 

Every IP address or subnet can host several domains. Use the Reverse IP tool to find domains sharing the same IP address or subnet. Maximum of 2,500 domains per IP address. For subnets, a maximum of 255 IP addresses. Both IPv4 and IPv6 addresses are supported.

Every domain name capable of receiving emails has one or more mail servers (MX). Use the Reverse MX tool to find domains sharing the same mail server. Maximum of 2,500 connected domains. For subnets, 255 IP addresses. IPv4 and IPv6 supported.

Every domain name has one or more name servers (NS). Use the Reverse NS tool to find domains sharing the same name server. It shows a maximum of 2,500 connected domains. For subnets, 255 IP addresses. IPv4 and IPv6 supported. 


DNS: A DNS Blackhole List (DNSBL) contains a set of IP addresses that are most often used for spamming activities. DNSlytics checks an IP address on more than 40 different blackhole lists in real-time. Mail servers can be configured to reject or flag messages sent from an IP listed on one or more blackhole lists.

Email: The Email Test tool validates the syntax of the email address, performs a DNS query for the domain, checks all SMTP servers, and checks to see if the email address is accepted. It does not send an email. 

IP Geo Lookup: IP addresses are assigned by international organizations like ARIN or RIPE. Every assignment is public information, and with other publicly available records, it is possible to do a rough calculation of the geographical location of an IP address. 

Ping: The standard ping works by sending ICMP packets to the host and listening for ICMP replies. The advanced ping works over TCP and makes a connection to port 80 or port 443. The tool estimates the round-trip time, detects packet loss, and prints a statistical summary. You can select the TCP ping function in the advanced options menu.

SPF Lookup: The Sender Policy Framework (SPF) allows the owner of a domain to specify the email sending policy, e.g., which IP addresses are allowed to send email from their domain. The receiving email server can check whether the sender complies with the domain stated sending policy and accept or reject the email. This tool displays the sending policy of a domain.

Traceroute: Traceroute (IPv4 or IPv6) is a tool to determine the route taken by packets across an IP network. This tool combines ICMP-based (like windows) and UDP-based (like Unix) traceroute.

By integrating with DNSlytics, Mindflow allows its users to view the technical details about the internet, offer diagnostic tools, and show information to track spammers, hackers, or other suspicious activities.

Benefits of DNSlytics

  • IP/DNS data is refreshed every 30 days
  • New domains added daily
  • All tools and reports are IPv6 ready
  • Flexible subscriptions available
  • Custom data exports

Automation Through Mindflow

Automation Use Case

Related Integrations