OSINT · Microsoft Intelligence
Resolve any domain, email address, or tenant GUID to its Microsoft 365 / Azure AD tenant. Surfaces tenant ID, namespace type, federation configuration, and live M365 signals — entirely from your browser, no API keys required.
Enter a domain, email, or tenant ID
Resolve a domain or email to its Azure AD tenant GUID — the unique identifier behind every Microsoft 365 organisation. Confirm whether a domain is Microsoft-managed.
Determine whether the tenant authenticates via Azure AD (Managed) or a federated Identity Provider such as ADFS or a third-party SSO — critical for red team pre-engagement recon.
Check whether the domain's MX records point to Exchange Online — confirming active Microsoft 365 mail usage and the cloud environment the tenant operates in.
Retrieve the DMARC policy and check for Microsoft domain verification tokens — quickly gauging how well the organisation has hardened its email sending infrastructure.
Identify whether the tenant is in the Microsoft commercial cloud, GCC, GCC-High, DoD, or Azure China — useful for compliance, data sovereignty, and supply-chain assessments.
Combine tenant GUID, namespace type, and mail infrastructure signals into a concise profile that informs targeted phishing simulations, M365 attack path analysis, and third-party risk reviews.
Responsible Use: MSTenantLookup queries only public, unauthenticated Microsoft endpoints and DNS records. It is designed for legitimate security research, penetration testing with authorisation, red team reconnaissance, and third-party risk assessments. Do not use this tool to facilitate unauthorised access to any Microsoft tenant or service. Lookups are rate-limited and logged anonymously for abuse prevention.