Useful Resources for Investigating DNS Abuse/Misuse

This page complements the ICANN DNS Abuse/Misuse Training Course. All of the tools and information gathering sites demonstrated during training (and more) can be accessed here. If you wish to set this as a default page in your browser, contact Dave Piscitello to request Google Drive access to a zip file containing the page and supporting files.

WHOIS Lookup

(Domain Registration)

DNS Lookup

(DNS Zone Data & More)


(IP and ASN Info)




Maintained by Dave Piscitello Contact
Link to Domain Tools

Domain Tools
whois and more

Link to Robtex

Robtex Swiss Army Knife
name server & IP info, reputation

Link to ARIN RWS

IP registration data

Link to MXToolbox

email header parser

Link to
web malware analysis

Link to 101Domains Whois Server

whois, ccTLD info

Link to BFK.DE DNS Logger

Passive DNS replication
DNS resolver info

Link to Domain Tool's Reverse IP

Domain Tool's Reverse IP
IP-to-domain query

Link to SiteVet

ASN reputation

Link to Virus Total

Virus Total
virus/malware analysis

Link to Domain Dossier Whois Server

Domain Dossier
Whois, IP tools

Link to nslookup.exe

nslookup.exe MSDOS command
DNS query tool

Link to DNSStuff tools

DNSStuff tools
Variety of DNS tools

Link to Return Path's Sender ScoreSender Score

email sender reputation

Link to Wepawet

ISEC Lab's Wepawet
web threat analysis

Link to Whois Software Informer

MSDOS Whois Clients

Link to dig Linux command

dig command
Linux, BSD

Link to Shadowserver IP-BGP

Shadowserver IP-BGP
ASN query tool

Link to Project Honeypot

Project Honeypot
malicious IP check

Link to Anubis

ISEC Lab's Anubis
malware binary analysis

Link to GNU jwhois page

GNU jwhois command
Linux, Windows

Link to host Linux command

host command
Linux, BSD

Link to Team Cymru IP-to-ASN Lookup

Team Cymru
IP-to-ASN Lookup

Link to Host Exploit

Host Exploit
hosting provider reputation

Link to malwr

malware analysis

Link to InterNIC whois page

InterNIC Whois
whois, registrar Whois

Link to Spamhaus DBL

domain block list

Link to Team Cymru IP-to-ASN Lookup

Team Cymru IP-to-ASN
ASN query tool

Link to ipTracker Online

ipTracker Online
email header analysis

Link to cURL

curl commands
copy URL without executing scripts

Link to ARIN WhoWas

historical IP whois

Link to DNSToolKit

whois, nslookup

Link to

Ping, trace, blacklist check, more

Link to DNS History

DNS history
historical domain whois

Link to GNU wget

wget command
get web page without executing scripts