About 3rd Party Tracer

Advanced Third-Party Service Discovery Tool

← Back to Application

🔍 Project Overview

3rd Party Tracer is a powerful client-side web application designed to analyze DNS records and identify third-party services associated with any domain. Built with pure HTML, JavaScript, and CSS, it provides comprehensive insights into an organization's digital footprint and cloud service dependencies.

The tool leverages multiple data sources and advanced DNS analysis techniques to discover and categorize third-party services, helping organizations understand their cloud service relationships and potential security implications.

🚀 Key Features

  • Comprehensive DNS Analysis: DoH queries, multiple record types, Certificate Transparency logs
  • Service Detection: Cloud providers, email services, CDN, DNS services, security providers
  • Security Analysis: Subdomain takeover detection, DMARC policy analysis, risk assessment
  • Rich Visualization: Categorized services, historical records, CNAME mapping, statistics
  • Client-Side Only: No server dependencies, works offline, privacy-focused
  • Real-Time Analysis: Live DNS queries and subdomain discovery

🛠️ Technology Stack

Frontend HTML5, CSS3, Vanilla JavaScript
DNS DNS over HTTPS (DoH)
APIs Certificate Transparency, Threat Intelligence
Architecture Client-side only, no server dependencies

📋 How It Works

1. DNS Record Analysis

The tool starts by querying various DNS record types to understand the domain's configuration:

  • TXT Records: Service ownership proofs and configurations
  • SPF Records: Authorized email service providers
  • DMARC Records: Email security and reporting services
  • MX Records: Email hosting providers
  • A/CNAME Records: Direct IP mappings and service redirects

2. Subdomain Discovery

Leverages multiple sources for comprehensive subdomain enumeration:

  • Certificate Transparency Logs: Historical SSL certificate data
  • Threat Intelligence Platforms: Passive DNS and security data
  • DNS Enumeration APIs: Additional coverage and validation

3. Service Classification

Each discovered subdomain is analyzed and categorized using:

  • IP-based Classification: ASN data for cloud provider identification
  • CNAME Target Analysis: Service identification through redirects
  • Pattern Matching: Regex patterns for known service providers
  • Vendor Consolidation: Prevents duplicate entries

4. Security Assessment

Comprehensive security analysis including:

  • Subdomain Takeover Detection: CNAME resolution validation
  • DMARC Policy Evaluation: Detailed tag parsing and analysis
  • Infrastructure Risk Assessment: IP range analysis and ASN data
  • Cloud Service Dependency Mapping: Service relationship visualization

🔗 APIs & Data Sources

This tool integrates with several APIs and data sources to provide comprehensive analysis. We extend our gratitude to these services for making their data publicly available.

DNS over HTTPS Providers
dns.google/resolve
Google's public DNS service providing encrypted DNS queries over HTTPS. Used for secure DNS resolution without ISP interference.
Cloudflare DNS
cloudflare-dns.com/dns-query
Cloudflare's DNS over HTTPS service providing fast and secure DNS resolution with global CDN coverage.
crt.sh Certificate Transparency
crt.sh/?q=%25.{domain}&output=json
Certificate Transparency log search service operated by Comodo. Provides historical SSL certificate data for subdomain discovery.
Cert Spotter API
api.certspotter.com/v1/issuances
Certificate Transparency log aggregation service by SSLMate. Provides comprehensive SSL certificate data for domain analysis.
OTX AlienVault
otx.alienvault.com/api/v1/indicators
AlienVault's Open Threat Exchange platform providing threat intelligence and passive DNS data for security analysis.
HackerTarget API
api.hackertarget.com/hostsearch
HackerTarget's DNS enumeration service providing subdomain discovery and host information for security research.
IPinfo.io
ipinfo.io/{ip}/json
IP geolocation and ASN data service providing detailed information about IP addresses for service classification.
DNS.pub
doh.pub/dns-query
Public DNS over HTTPS service providing encrypted DNS queries as a backup DNS resolver.
Alibaba DNS
dns.alidns.com/resolve
Alibaba Cloud's DNS service providing global DNS resolution with extensive coverage in Asia-Pacific regions.

🔒 Privacy & Security

3rd Party Tracer is designed with privacy and security in mind:

  • Client-Side Only: No data is sent to our servers - all processing happens in your browser
  • DNS over HTTPS: All DNS queries are encrypted using DoH protocols
  • No Tracking: No analytics, cookies, or user tracking mechanisms
  • Open Source: Transparent code available for security review
  • No API Keys Required: Uses only public APIs and services

🎯 Use Cases

  • Security Research: Identify potential attack vectors and service dependencies
  • Asset Discovery: Map organizational digital footprint and cloud services
  • Compliance Auditing: Document third-party service usage for regulatory requirements
  • Penetration Testing: Reconnaissance phase for security assessments
  • Cloud Migration Planning: Understand current service dependencies before migration
  • Vendor Risk Assessment: Identify and evaluate third-party service providers

🤝 Contributing

We welcome contributions from the security research community! Whether it's bug reports, feature requests, or code contributions, your input helps make this tool better for everyone.

To contribute:

  • Fork the repository on GitHub
  • Create a feature branch for your changes
  • Test thoroughly with multiple domains
  • Submit a pull request with detailed description

📞 Support & Contact

For questions, issues, or feature requests:

📄 License

This project is licensed under the MIT License. See the LICENSE file for details.

🙏 Acknowledgments

Special thanks to:

  • Certificate Transparency Initiative: For making SSL certificate data publicly accessible
  • DNS over HTTPS Providers: Google, Cloudflare, and others for secure DNS services
  • Threat Intelligence Platforms: OTX AlienVault and HackerTarget for security data
  • IP Geolocation Services: IPinfo.io for ASN and location data
  • Open Source Community: For inspiration and collaboration