1. Somehow you get the IP address of the target maybe by playing a game with them (which can be p2p) or some other way of getting the IP address and then geolocating (this can partially be avoided by using a VPN
2. If someone is live-streaming outside in the real world you recognize where the person is.
I haven't heard of someone being SWATed by a nefarious actor inside a company and never really a domain probably because you either purchased some protection plan to avoid spam so that if someone looks you up on the domain they won't find any information and also most people don't self host things using their own domain.
With that said that doesn't mean it is impossible to occur.
For example Krebs on security has had SWATing attempts due to the content he posts. If you aren't live-streaming video games or doing IRL posts and or not reporting on bad actors you should consider other things to worry about.
A third requirement is living in a country with an overaggressive police force with more guns than some they know what to do with ready to shoot your dog or anything else that moves.
Not that it doesn't make sense to consider this situation when designing systems such as domain transfers, but this is the "Real Problem"™ IMO.
IP geolocation is not anywhere near precise enough to get you an address. It can give you a best-guess as to what city you are in (and even that is a guess), but not much better. If you aim to swat someone and you only know the IP you would contact the police who would contact the ISP to get your address connected to the internet subscription.
In this case what do you mean by "open source intelligence"? Like what would your actual steps be to go from my IP to actually knowing my name/address? A whois lookup would get you the ISP, a maxmind lookup would get you a guess at a city, but besides that what can you do?
1. Somehow you get the IP address of the target maybe by playing a game with them (which can be p2p) or some other way of getting the IP address and then geolocating (this can partially be avoided by using a VPN 2. If someone is live-streaming outside in the real world you recognize where the person is.
I haven't heard of someone being SWATed by a nefarious actor inside a company and never really a domain probably because you either purchased some protection plan to avoid spam so that if someone looks you up on the domain they won't find any information and also most people don't self host things using their own domain.
With that said that doesn't mean it is impossible to occur. For example Krebs on security has had SWATing attempts due to the content he posts. If you aren't live-streaming video games or doing IRL posts and or not reporting on bad actors you should consider other things to worry about.