How can I find out who hosts a bunch of websites using a script?

Question

I want to determine where a bunch of websites are hosted: ViaWest, GoDaddy, Amazon Web Services, etc..

There's are free tools online that do this, but this will be slow to use for the number of sites I want to check (hundreds).

I want to script this. I've tried the following bash commands with no luck:

whois

finger

nmap

dig

None of them return the website's host, although they are helpful for things like IP addresses and nameservers. Any ideas?

I also looked into a script that would query the webhostinghero site, but it seemed like there should be an easier way. I have a list of urls and corresponding IPs, if that helps. Thanks in advance.

just record down all the ip address of those hosts' servers, and do a nslookup for each site you wanna check, ez — Steve, Oct 21 '15 at 19:15
@hek2mgl My company owns sites which it has acquired from all over the place, and we're working on consolidating them. — AlexJ, Oct 21 '15 at 20:14
Haven't found a command line tool for this, but looks like Selenium will do the trick. — AlexJ, Oct 21 '15 at 21:55

score 0 · Accepted Answer · edited May 23 '17 at 11:44

0

If you want to obtain bulk whois data, you must go through a company that has access to it, such as ARIN.

However, ARIN has this disclaimer:

ARIN provides access to a bulk copy of all objects in the ARIN Whois directory service to support the work of bona fide academic researchers, and to operators and researchers who are using the data to provide a clear benefit to the broader networking community. ARIN does not provide bulk copies of Whois data to operators who wish to incorporate this data into products, services, or internal systems with no clear benefit to the broader community.

Keep in mind that there is apparently no single, complete copy provided by any other company.
You can also look up the name servers using this C# project, and map values accordingly. Try turning that project into something using netcat. More on that here.

edited May 23 '17 at 11:44

Community

1
1

answered Oct 21 '15 at 19:23

Mark Buffalo

766
1
10
25

1

This may work for most sites, but not those that use services like CloudFlare (DDoS or transparent CDNs). – Mr. Llama Oct 21 '15 at 19:27
1

Looks like I can't access the information for my purposes according to the disclaimer, but I'll keep that resource in mind.. good to know it's available in bulk. Thanks! – AlexJ Oct 21 '15 at 20:18
The data may be available through... other methods. ;) – Mark Buffalo Oct 21 '15 at 20:25
But check out `#2`. You could actually tie host names to name servers, if you map it accordingly. If I recall correctly, there isn't a way to do it in C# by default, so `#2` may be sending packets manually. That's why I linked it. From there, you may be able to write a C/C++/C# program that runs on Linux and does the same thing. You could use `netcat`. – Mark Buffalo Oct 21 '15 at 20:28

How can I find out who hosts a bunch of websites using a script?

1 Answers1