Beim surfen im Internet bin ich immer wieder auf Domains gekommen, die einem bei der Eingabe einer ip, ermitteln, welche Domains unter dieser zu ereichen sind. Nun frage ich mich I gIanze Zeit wie man das erffassen kann. Ok, I kann eine Suchmaschine anfragen, aber es geht bestimmt auch anders. Hat jemand im Kreise der Freaks, der Fachleute, der Genies und der Ideengeber einen Vorschlag, wie man hierbei vorgehen könnte.

Daniel, der fragende...

In dem man die bekannten Tools mit einem netten selbstgebastelten Script benutz und die gewünschten Informationen ausgibt.

Wenn ich zum Beispiel example.com abfrage dann sehe ich

DNS INFO:

Start of Authority

mname: sns.dns.icann.org rname: noc.dns.icann.org
 serial: 2013103464
 refresh: 7200 retry: 3600
 expire: 1209600 minimum: 3600

Nameservers

a.iana-servers.net, b.iana-servers.net

TXT Records

$Id: example.com 1921 2013-10-21 04:00:39Z dknight $

v=spf1 -all

A Records
93.184.216.119
AAAA Records
2606:2800:220:6D:26BF:1447:1097:AA7

WEBSITE INFO

Den ALEXA RANK 9055
Und sofern möglich ein Vorschaubild der Webseite.

IP INFO

93.184.216.119 > 93.184.216.0/24 > AS15133 > EdgeCast Networks, Inc.
2606:2800:220:6d:26bf:1447:1097:aa7 > 2606:2800:0220::/48 > AS15133 > EdgeCast Networks, Inc.

WHOIS

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

Server Name: EXAMPLE.COM.RAFAELYALUFF.COM
   IP Address: 173.203.204.123
   Registrar: DOMAIN.COM, LLC
   Whois Server: whois.domain.com
   Referral URL: http://www.domain.com

Server Name: EXAMPLE.COM.FLORAMEIYUKWONG.COM
   IP Address: 173.203.204.123
   Registrar: GODADDY.COM, LLC
   Whois Server: whois.godaddy.com
   Referral URL: http://registrar.godaddy.com

Server Name: EXAMPLE.COM.AU
   Registrar: ENETICA PTY LTD
   Whois Server: whois.enetica.com.au
   Referral URL: http://www.enetica.com.au

Domain Name: EXAMPLE.COM
   Registrar: RESERVED-INTERNET ASSIGNED NUMBERS AUTHORITY
   Whois Server: whois.iana.org
   Referral URL: http://res-dom.iana.org
   Name Server: A.IANA-SERVERS.NET
   Name Server: B.IANA-SERVERS.NET
   Status: clientDeleteProhibited
   Status: clientTransferProhibited
   Status: clientUpdateProhibited
   Updated Date: 14-aug-2013
   Creation Date: 14-aug-1995
   Expiration Date: 13-aug-2014

Last update of whois database: Wed, 09 Apr 2014 10:11:41 UTC <<<

NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is
currently set to expire. This date does not necessarily reflect the expiration
date of the domain name registrant's agreement with the sponsoring
registrar.  Users may consult the sponsoring registrar's Whois database to
view the registrar's reported date of expiration for this registration.

TERMS OF USE: You are not authorized to access or query our Whois
database through the use of electronic processes that are high-volume and
automated except as reasonably necessary to register domain names or
modify existing registrations; the Data in VeriSign Global Registry
Services' ("VeriSign") Whois database is provided by VeriSign for
information purposes only, and to assist persons in obtaining information
about or related to a domain name registration record. VeriSign does not
guarantee its accuracy. By submitting a Whois query, you agree to abide
by the following terms of use: You agree that you may use this Data only
for lawful purposes and that under no circumstances will you use this Data
to: (1) allow, enable, or otherwise support the transmission of mass
unsolicited, commercial advertising or solicitations via e-mail, telephone,
or facsimile; or (2) enable high volume, automated, electronic processes
that apply to VeriSign (or its computer systems). The compilation,
repackaging, dissemination or other use of this Data is expressly
prohibited without the prior written consent of VeriSign. You agree not to
use electronic processes that are automated and high-volume to access or
query the Whois database except as reasonably necessary to register
domain names or modify existing registrations. VeriSign reserves the right
to restrict your access to the Whois database in its sole discretion to ensure
operational stability.  VeriSign may restrict or terminate your access to the
Whois database for failure to abide by these terms of use. VeriSign
reserves the right to modify these terms at any time.

The Registry database contains ONLY .COM, .NET, .EDU domains and
Registrars.% IANA WHOIS server

domain:       EXAMPLE.COM

organisation: Internet Assigned Numbers Authority

created:      1992-01-01
source:       IANA

Beim a.iana-servers.net gibt es folgende Einträge

DNS INFO

A Records
199.43.132.53
AAAA Records
2001:500:8C::53

Die IP 199.43.132.53 ergibt folgende Auskünfte

93.184.216.119

Announced By

Origin AS
Announcement
Description

AS15133 93.184.216.0/24  NETBLK-03-EU-93-184-216-0-24

Die Adresse hat 18 auf sie verweisende hosts.

WHOIS

inetnum:        93.184.216.0 - 93.184.216.255
netname:        EDGECAST-NETBLK-03
descr:          NETBLK-03-EU-93-184-216-0-24
country:        EU
admin-c:        DS7892-RIPE
tech-c:         DS7892-RIPE
status:         ASSIGNED PA
mnt-by:         MNT-EDGECAST
source:         RIPE # Filtered

person:         Derrick Sawyer
address:        2850 Ocean Park Blvd., Suite 200, Santa Monica CA 90405 USA
phone:          +18773343236
nic-hdl:        DS7892-RIPE
source:         RIPE # Filtered
mnt-by:         MNT-EDGECAST

DNS

The following A records are set to 93.184.216.119:
anlass.biz, atypon.org, beschwerdechor-weimar.de, example.com, example.net, example.org, feuer-zeug.com, frzg.biz, funken-flug.com, gamevm.org, goodenergyresearch.com, graffideo.com, icanhaz.biz, iover.org, reubeno.com, unicato-show.de, vodafone-au.com, vodafonechannel.com

RBL

Failed 0 out of 51 tests.

b.barracudacentral.org PASS
bl.deadbeef.com PASS
bl.emailbasura.org PASS
bl.spamcannibal.org PASS
bl.spamcop.net PASS
blackholes.five-ten-sg.com PASS
cbl.abuseat.org PASS
cdl.anti-spam.org.cn PASS
combined.njabl.org PASS
combined.rbl.msrbl.net PASS
dnsbl-1.uceprotect.net PASS
dnsbl-2.uceprotect.net PASS
dnsbl-3.uceprotect.net PASS
dnsbl.ahbl.org PASS
dnsbl.cyberlogic.net PASS
dnsbl.inps.de PASS
dnsbl.njabl.org PASS
dnsbl.sorbs.net PASS
drone.abuse.ch PASS
dul.dnsbl.sorbs.net PASS
dul.ru PASS
dyna.spamrats.com PASS
http.dnsbl.sorbs.net PASS
images.rbl.msrbl.net PASS
korea.services.net PASS
misc.dnsbl.sorbs.net PASS
noptr.spamrats.com PASS
pbl.spamhaus.org PASS
phishing.rbl.msrbl.net PASS
psbl.surriel.com PASS
rbl.spamlab.com PASS
rbl.suresupport.com PASS
sbl.spamhaus.org PASS
short.rbl.jp PASS
smtp.dnsbl.sorbs.net PASS
socks.dnsbl.sorbs.net PASS
spam.abuse.ch PASS
spam.dnsbl.sorbs.net PASS
spam.rbl.msrbl.net PASS
spam.spamrats.com PASS
spamrbl.imp.ch PASS
tor.ahbl.org PASS
ubl.unsubscore.com PASS
virbl.bit.nl PASS
virus.rbl.jp PASS
virus.rbl.msrbl.net PASS
web.dnsbl.sorbs.net PASS
wormrbl.imp.ch PASS
xbl.spamhaus.org PASS
zen.spamhaus.org PASS
zombie.dnsbl.sorbs.net PASS

Über die AS42 kann man genauso die 170 Peering-Partner abfragen.
Sehen ob die IPv6 und oder IPv4 Netze betreiben und verschiedenes mehr.

So hangelt man sich von Ergebnis zu Ergebnis, fragt eventuell noch weitere Daten darüber ab und hat am Ende hoffentlich die Daten die man haben wollte.