Country: US
RegDate: 2000-03-30
Updated: 2017-10-16
Ref: https://whois.arin.net/rest/org/GOGL
OrgTechHandle: ZG39-ARIN
OrgTechName: Google LLC
OrgTechPhone: +1-650-253-0000
OrgTechEmail: arin-contact@google.com
OrgTechRef: https://whois.arin.net/rest/poc/ZG39-ARIN
The way we can use this is to take an IP address we have located, such as a web server
or an email server, and determine who owns the whole block. In some cases, such as
the O’Reilly web server, the block belongs to a service provider, so we won’t be able to
get other targets from that block. However, when you find a block that belongs to a
specific company, you have several target IP addresses. These IP blocks will be useful
later, when we start doing some more active reconnaissance. In the meantime, you
can also use
dig
or
nslookup
to find the hostnames that belong to the IP addresses.
Finding the hostname from the IP requires the organization to have a reverse zone
configured. To look up the hostname from the IP address, there needs to be pointer
records (PTRs) for each IP address in the block that has a hostname associated with
it. Keep in mind, however, that a relationship doesn’t necessarily exist between the
reverse lookup and the forward lookup. If
www.foo.com
resolves to 1.2.3.42, that
doesn’t mean that 1.2.3.42 necessarily resolves back to
www.foo.com
. IP addresses may
point to systems that have many purposes and potentially multiple names to match
those purposes.