What’s in their stack?

Companies publish more than they think in public DNS. Enter a domain and see the SaaS tools it has verified, the services allowed to send its mail, and who runs its infrastructure - useful before a sales call, a partnership, or a competitive teardown.

35+ tools fingerprinted TXT · SPF · MX · NS Public records only No signup

Queries go straight from your browser to public DNS (dns.google). Orbit’s servers never see what you type.

Look up a company

Enter the company’s primary domain, not a product subdomain.

Verification records

SaaS tools make companies prove domain ownership with TXT records - and those records stay published for years. 35+ services fingerprinted.

SPF includes

Every service authorized to send mail as the company: ESPs, CRMs, support desks.

MX + NS hosts

The mail suite and DNS/CDN provider, read straight off the hostnames.

The findings.

Run a lookup above. Every hit shows the exact record it came from.

Results land here, grouped by category: work suite, mail senders, sales and marketing, collaboration, payments, and infrastructure.

Sources & methodology.

Every number this tool shows, and where it comes from.

Why this works. When a company adopts Google Workspace, Stripe, Atlassian, Notion, or dozens of other tools, the vendor requires a TXT record on the company’s domain to prove ownership. Those records are public by design, rarely cleaned up, and readable by anyone. SPF includes go further: they name every service authorized to send mail as the domain.

How the queries run. Your browser asks Google Public DNS over HTTPS (dns.google/resolve) for the domain’s TXT, MX, and NS records - three queries, all public data, none of it touching Orbit’s servers. Reference: Google Public DNS over HTTPS.

The fingerprint set. 35+ TXT verification tokens, 17 SPF include patterns, and provider maps for MX and NS hostnames. Unrecognized verification-shaped records are surfaced too, so you can see there’s more even when we can’t name it.

What DNS cannot reveal. Tools that never touch the domain root: most website tech (frameworks, analytics, A/B tools), anything verified on a subdomain you didn’t query, tools adopted without domain verification (most self-serve SaaS), and anything behind a proxy like Cloudflare. Absence of evidence here is not evidence of absence.

Ethics note. This reads records the company itself chose to publish on the public internet - the same data any mail server reads on every delivery. It is not a people-lookup and returns nothing about individuals.

Fingerprint set last reviewed 2026-07-03.

Keep measuring.

The rest of the toolkit runs in your browser too.

Go deeper than DNS, verified

The Intelligence module runs real company research - registries, archives, corroborated sources with confidence labels - behind a verification gate. DNS fingerprints are the free sample.

No credit card required. Cancel anytime.