1

I'm trying to get all of the domains associated with a given ip address using Unix commands or php.

I've tried dig or nslookup but they give a hostname but not all the domains.

If you enter a given ip into senderscore.org it will give a report with all the domains associated with that ip. How are they doing that? Is it a Unix command or some php function they use for that?

Any thoughts or advice would be appreciated.

setenson mile
  • 41
  • 7

1 Answers1

1

You never will be able to get all domains, which points to a ip address, by using a simple command. This is because dns just resolves from record to ip and because dns is a decentralise infrastructure. So everbody who own a domain, can add a A-Record for every ip.

You can use gethostbyaddr ( $ip_address ); in php or # whois ip on linux cli, but you will always just get the reverse record, if there is one defined.

skroczek
  • 2,289
  • 2
  • 16
  • 23
  • It's strange then how senderscore.org are able to get the various domain names... for instance entering 38.101.248.35 gives xc.org, pobox.com, org.au, hub.xc.org, crossnet.org.au, 3rdriver.com. Is there any script or series of commands that can achieve this? – setenson mile Mar 06 '15 at 21:58
  • 2
    I think they build theirs own reverse lookup database. I don't know where they get the list of domains, but if you consequently collect domains and save their ip you can build your own reverse lookup table. But I don't think it will ever be complete. – skroczek Mar 06 '15 at 22:42