I Use This Tool...

[DaveX]

I love learning about online tools out there.

What do you use?

I'll start with these...

Namepros.com
Domaining.com
Namebio.com

 

[Jv1999]

Here are the ones I use on a regular basis, at least the ones I can remember right now.

Not listed in order of importance, just listed as I think of them.

NamePros (Of Course!)
G-whois
Domaining/com
InternetArchive
Namebio
ExpiredDomains/net
MailTester
ZFBot
Ahrefs
InfoZoom
ZoomInfo
CrunchBase
TMDN.org
DPMA.de
IPO.gov.uk
DomainIQ
EmailFormat
TldList
GoogleTranslate
DomainTools
USPTO/gov
DN Journal
GDAuctions
Namejet
Snapnames
Dropcatch
GoogleTrends
DomainSherpa
Spyfu

There are a few more, I am sure.

If I remember, I will add, if I can

Gwhois.org is gone fyi

 

[Timofey]

anything for bulk expiry date checker? like checking 50K domains at once

Foxwhois

 

[Future Sensors]

Domain Digger: Full Toolkit for Next-Level Domain Analysis

Discover in-depth details of any domain with just a few clicks.

• Comprehensive DNS Lookup: Access detailed DNS information.
• IP Details & Geolocation: Get precise IP information including location data.
• Smart Suggestions: Intelligent recommendations for efficient searches.
• Global DNS Lookup: Perform DNS lookups across different global servers.
• Multiple DNS Resolvers: Utilize various DNS resolvers for diverse insights.
• DNS Map Visualization: Visual representation of DNS data.
• Full & Quick WHOIS Lookup: Rapid and detailed WHOIS data retrieval.
• Certificate History: Track SSL/TLS certificate changes over time.
• Quick-access Bookmarklet: Bookmark for fast access.
• Light and Dark Mode: Choose your preferred theme for comfortable use.

https://digger.tools/

https://github.com/wotschofsky/domain-digger

 

[Ali Adil]

namepros sound perfect

 

[Future Sensors]

dnscap

https://github.com/DNS-OARC/dnscap

dnscap is a network capture utility designed specifically for DNS traffic. It produces binary data in pcap(3) and other formats. This utility is similar to tcpdump(1), but has a number of features tailored to DNS transactions and protocol options. DNS-OARC uses dnscap for DITL data collections.

Some of its features include:

• Understands both IPv4 and IPv6
• Captures UDP, TCP, and IP fragments
• Collect only queries, responses, or both (-s option)
• Collect for only certain source/destination addresses (-a -z -A -Z options)
• Periodically creates new pcap files (-t option)
• Spawns an upload script after closing a pcap file (-k option)
• Will start and stop collecting at specific times (-B -E options)

More information may be found here:

https://www.dns-oarc.net/tools/dnscap
https://www.dns-oarc.net/oarc/data/ditl

 

[Future Sensors]

DNS-OARC DNS Software Tools

https://www.dns-oarc.net/oarc/software

The DNS Operations, Analysis, and Research Center (DNS-OARC) brings together key operators, implementors, and researchers on a trusted platform so they can coordinate responses to attacks and other concerns, share information and learn together.

A key part of DNS-OARC's mission is to develop, maintain and host various software tools for DNS data collection, measurement and analysis. You can find a list of these tools below, with their source code and development management at OARC's site on Github.

Many of these tools have been developed in-house over time by OARC and its contributors. Others have been developed externally, and either donated to OARC by the original owner, or in some cases OARC has taken custodianship for the community of DNS tools which have become 'orphaned' from their original developers.
In keeping with OARC's nonprofit status and public benefit mission, all of the software for our tools is made available under open-source licenses - see below for OARC's open-source licensing policy.

Main Projects​

These are the main projects that we do active development on:

• dsc - DNS Statistics Collector (DSC) is a tool used for collecting and exploring statistics from busy DNS servers
• dsc-datatool - Tool for converting, exporting, merging and transforming DSC data
• dnscap - dnscap is a network capture utility designed specifically for DNS traffic
• dnsperf - DNS Performance Testing Tools
• packetq - A tool that provides a basic SQL-frontend to PCAP-files
• dnsjit - Engine for capturing, parsing and replaying DNS

LIBRARIES​

We also have a few libraries that we have developed and are used in our main projects:

• tinyframe - Minimalistic Frame Streams library
• dnswire - library for DNS encapsulations, for example DNSTAP

HELPERS​

These tools are used to develop and test our software and you're free to see if they can help you also:

• bad-packets - Collection of "bad" packets in PCAPs that can be used for testing software
• dumdumd - High performance UDP/TCP/DoT/DoH DNS "server" that... just drops/reflects everything you send to it

MAINTENANCE ONLY​

The following projects have been put in "maintenance only" and will not receive any further active development but we do still handle reported issues and/or funded feature requests:

• dnsmeter - Tool for testing performance of nameservers
• drool - drool is a tool to replay DNS traffic
• ripeatlas - Go bindings for RIPE Atlas API

DISCONTINUED​

These projects have been discontinued and will not receive any future updates or bug fixes, you are encouraged to stop using them.

• dsp - DNS Statistics Presenter (DSP) can be used to display statistics collected by DSC
• p5-Net-GetDNS - Perl bindings for getdns, a modern asynchronous DNS API

Funding Development​

OARC also develops new tools as the need or opportunity for these arises. Funding for this development can come collectively from OARC's Members as part of its wider mission, from external 3rd-party grants, or can be done under contract in response to the custom needs of a specific requirement.

OARC can develop new, or enhance features of existing, tools via a custom for-hire development contract. We can accept such work from either OARC Members, or other parties (subject to available resources). OARC Members will receive priority for such work, and at a discounted rate depending on their Membership tier.

OARC also has various potential tool projects we would like to develop, subject to available funding. A list of these projects can be found on each software projects page on GitHub, see links below.

• DSC projects
• dnscap projects
• drool projects
• PacketQ projects
• Services and other projects

If you are interested in having OARC do custom tool development work, please contact us at admin [at] dns-oarc.net, and we'll be happy to discuss your requirements. We'd also welcome patches to, contributions, or donations of relevant tool code.

Support​

If you are looking for support of existing OARC tools, we have a Mattermost channel for general support for all software at OARC Software and many of these also have mailing lists, and we recommend you post questions or requests for help on these in the first instance. For specific bug reports, we recommend raising these on the project's Github site.

OARC's Open-Source Software Licensing Policy​

• For publicly available software we use GNU General Public Licenses such as AGPL/GPL/LGPL depending on the software's function: a service, tool or library.
• For funded development we recommend using GNU General Public Licenses but it is up to the funding party to decide.
• Software for which the source-code is Members-only, or services that we run both publicly and Members only, we use the Mozilla Public License (MPL) version 2.0.

 

[Corey]

Coolors.com - The super fast color palettes generator!

Cheers
Corey

 

[NameMaxi.com]

There are so many great tools mentioned in this thread. While I might be a bit biased because I’m involved in building it, I’ve founded NameMaxi to be incredibly useful for domain investors who want to make smarter investments and sell their domains more effectively.

Here’s what we offer:

• Enhanced Domain Appraisals: We consolidate appraisals from multiple sources like GoDaddy and Estibot, and include keyword STR (Sell-Through Rate) stats for every domain, giving you a clearer picture of its true value.
• Advanced Name Generator: Our tool not only shows you the availability of domains across different TLDs but also provides AI-based suggestions. Whether it’s available names, registered but unavailable domains, or those listed for sale, you get a detailed overview of what’s trending and in demand.
• Comprehensive Categories: One of our standout features! We offer a detailed list of domains across all categories and TLDs, including NNN, CCC, one-word, two-word domains, and more. It’s a great way to see which three-letter domains are available and how they’re valued.
• Daily Sales and Price Drops: Stay on top of market trends with our daily updates on domain sales and price drops, so you never miss a good deal.

On top of that, we also offer auction listings from various platforms and tokenized domain listings, and we support Web3 domain holders with added visibility. And we’re constantly working on new features to make the platform even better!

 

[LeadNear]

I love learning about online tools out there.

What do you use?

I'll start with these...

Namepros.com
Domaining.com
Namebio.com

Visit Leadnear.com

 

[shanskde]

URL extractor, a little different. Imagine a coupon directory from 2004. Let's say it had 200 listings. Let's call it CouponDirectory.com

I want to input that site/name - CouponDirectory.com into some url extractor site/application/whatever

and I want it to spit out a list of all the urls listed on that site
url1
url2
url3
.......
url 200

I want to take that list of 200 urls (just the keywords, after I strip out the extension and stuff) put them into something like GoDaddy Bulk search and see which ones are now available to hand reg.

You can try this: domainextractor.online

 

[Future Sensors]

Domain ASN Mapper: Understanding Domain Infrastructure

The Domain ASN Mapper represents a critical foundational component of the Domain Reputation Measure project funded by RIPE NCC Community Projects. This component enables large-scale analysis of domain infrastructure by resolving DNS records and mapping them to Autonomous System Numbers (ASNs). This capability forms the backbone of our comprehensive domain reputation measurement system, providing essential data about domain infrastructure relationships that will inform reputation scoring in subsequent phases.

Blog

https://labs.ripe.net/author/sorous...n-mapper-understanding-domain-infrastructure/

GitHub

https://github.com/soshianse/Domain-Reputation-Measure

---

In today's digital landscape, domain reputation assessment has become increasingly critical for cybersecurity, brand protection, and risk management. Organisations need reliable mechanisms to evaluate the trustworthiness of domains they interact with. The Domain Reputation Measure project addresses this need by developing a comprehensive system that analyses multiple dimensions of domain infrastructure to produce actionable reputation scores.

In this direction, understanding the infrastructure underpinning the services and websites is a crucial component, which often requires disparate tools and manual correlation. To address this, we are introducing the Domain ASN Mapper, the first phase output of our broader Domain Reputation Measure project. This open-source tool provides a robust and automated way to map domain names to their corresponding IP addresses and originating ASNs using DNS resolution and BGP routing data. It serves as a foundational component for deeper analysis of domain infrastructure, stability, and ultimately, trustworthiness.

This article details the Domain ASN Mapper's functionality, technical implementation, relevance to the RIPE community, and outlines the future roadmap towards a domain reputation system.

The challenge: Visibility into domain infrastructure​

Assessing the trustworthiness or stability of an online entity often starts with checking its domain name. However, the name itself tells little about the underlying network infrastructure. The key questions that arise in providing this assessment include:

• Which networks (ASNs) host the domain's web/mail/name servers?
• Is the infrastructure geographically or topologically diverse?
• Has the underlying infrastructure changed recently or frequently?
• Are the associated networks known for hosting legitimate or malicious activity?

Answering these requires correlating DNS information with BGP routing data – a process the Domain ASN Mapper automates at scale.

Introducing the Domain ASN Mapper​

The Domain ASN Mapper is a Python-based tool that seamlessly connects domain names to the Autonomous System Numbers (ASNs) responsible for routing traffic to and from them. It is designed to simplify a multi-stage process that traditionally involves DNS lookups, BGP data analysis, and manual mapping.

Key capabilities: What the Domain ASN Mapper can do​

At its core, the Domain ASN Mapper automates a structured pipeline that resolves domains and maps them to their respective ASNs using publicly available BGP data. Specifically, it is engineered to:

• Accept a list of domain names as input, typically in a plain text file format
• Perform comprehensive DNS resolution for each domain. This includes:
  • A (IPv4) records
  • AAAA (IPv6) records
  • NS (Name Server) records
  • MX (Mail Exchanger) records
    (For NS and MX records, it also performs secondary resolution to obtain the IP addresses of referenced hostnames.)
• Map the resolved IP addresses to ASNs and BGP prefixes using a BGP MRT data file, which can be sourced from platforms like RIPE RIS or RouteViews.
• Generate structured output in multiple formats including JSON for APIs and automated processing, CSV for spreadsheet or database import, and Human-readable text for reporting or inspection
• Offer both a command-line interface (CLI) for automation and batch processing, as well as a web-based interface for interactive use.

These features make the Domain ASN Mapper a comprehensive tool for infrastructure analysis, security research, and operational monitoring.

Architecture overview​

The system has been developed with a modular design ensuring each core function is encapsulated and independently maintainable. This also supports ease of integration and future feature expansions. The architecture is composed of four primary components:

1. DNS Processor
   Responsible for resolving various DNS record types (A, AAAA, NS, MX) for specified domains.
2. ASN Processor
   Maps IP addresses to ASNs using MRT files.
3. Output Formatter
   Formats the results in multiple formats (JSON, CSV, text) for flexibility in downstream analysis.
4. Web Interface
   Provides a user-friendly browser-based interface for uploading domain lists and MRT files, and visualising the results.

Under the hood: Technical implementation​

The Domain ASN Mapper is engineered as a modular Python application, using well-established Python libraries and practices, and is designed for flexibility and robustness.

1. DNS Processor (dns_processor.py):
   1. Leverages the dnspython library for performing iterative DNS queries.
   2. Resolves multiple record types critical for infrastructure mapping: A (IPv4), AAAA (IPv6), NS (Name Servers), and MX (Mail Exchangers).
   3. Handles intermediate lookups: For NS and MX records, it subsequently resolves the A and AAAA records of the returned hostnames.
   4. Implements configurable timeouts and retries (dns.resolver.timeout, dns.resolver.lifetime) via dnspython settings to handle transient DNS issues.
   5. Supports filtering to resolve only IPv4, only IPv6, or both.
2. ASN Processor (asn_processor.py):
   1. Utilises the pyasn library for efficient IP-to-ASN lookups.
   2. Requires a BGP data file in MRT format (--mrt-file).
   3. Pre-processes the MRT file into a compressed .dat lookup database (pyasn.mrtx.dump_prefixes_to_file) for significantly faster subsequent lookups. If a .dat file exists, it's loaded directly.
   4. Performs lookups using pyasn.lookup(ip_address), returning the originating ASN and the specific BGP prefix announced that covers the given IP.
   5. Aggregates ASN information across all resolved IPs (A, AAAA, NS IPs, MX IPs), providing a consolidated unique_asns summary including source record type and hostnames for each unique ASN.
   6. Includes error handling for invalid IP addresses and lookup failures.
3. Output Formatter (output_formatter.py):
   1. Provides flexible output generation:
      1. JSON: Detailed, structured output for programmatic use.
      2. CSV: Flattened representation for spreadsheets.
      3. Text: Human-readable summary format.
   2. Incorporates error messages for domains where processing encountered issues.
4. Interfaces (main.py, app.py):
   1. Command-Line Interface (CLI): Driven by main.py using argparse. Ideal for scripting and batch processing.
   2. Web Interface: Implemented using Flask (app.py). Provides a GUI for file uploads (.txt domains, .mrt/.gz/.bz2 MRT), option selection, processing, and results viewing/downloading. Includes an API endpoint (/api/results/<job_id>) for JSON results.

Workflow overview: From domains to ASN mappings​

The Domain ASN Mapper processes data through the following workflow:

1. Input collection:
   1. Domain list (text file) and
   2. an MRT file
2. DNS resolution:
   1. Resolves A, AAAA, NS, and MX records
   2. Resolves IPs for NS and MX hostnames
3. ASN lookup:
   1. Unique IPs are passed to the ASN Processor
   2. ASN Processor uses the pyasn database (from MRT) to find the ASN and prefix for each IP
4. Aggregation and formatting:
   1. Results are compiled, to combine all data per domain including DNS records, IPs, ASN/prefix info
   2. Builds a unique ASN summary with related metadata
5. Output:
   1. The Output Formatter generates the results in the chosen format

Scalability and resilience​

The tool is optimised for efficiency and robustness: pyasn's pre-compiled database ensures efficient ASN lookups, and DNS resolution includes basic timeout/retry handling via dnspython. The system has been designed so that errors processing one domain do not halt the entire batch, and results indicate errors per domain, while logging provides extensive operational visibility.
In addition, the modular design also facilitate future enhancements such as parallel processing.

Why this matters for the RIPE community​

This tool directly leverages and provides insights relevant to the network operators and researchers within the RIPE community. This, in particular, includes:

• Utilising core Internet data
  Relies on DNS and BGP routing data (MRT files from sources like RIPE RIS), making it inherently relevant.
• ASN visibility
  Provides a clear mapping from user-facing domain names to the underlying ASNs responsible for hosting their services. This helps operators understand traffic sources/destinations associated with specific domains.
• Infrastructure analysis
  Enables analysis of infrastructure choices, such as the diversity of ASNs used for critical services (web, mail, DNS) of a domain.
• Foundation for security research
  By mapping infrastructure, it provides a starting point for correlating domains with potentially malicious or compromised ASNs or prefixes.
• Potential integration point
  Future versions could integrate RPKI status or leverage RIPE Atlas measurements for enhanced infrastructure validation (see Roadmap).

First step towards a comprehensive Domain Reputation System​

The Domain ASN Mapper provides the foundational infrastructure mapping. Building upon this, the Domain Reputation Measure project roadmap focuses on integrating diverse datasets and developing sophisticated scoring mechanisms.

Phase 2: Reputation scoring engine and data enrichment​

• Goal: Develop the core engine to calculate initial reputation scores
• Data integration: Incorporate BGP/ASN stability history, RPKI validation status, Passive DNS history, WHOIS/registration data, TLS certificate analysis, external threat feeds, and popularity metrics (e.g., Tranco list rank)
• Scoring algorithm: Implement a multi-factor, weighted scoring algorithm, aiming for tunability and transparency
• API development: Create a RESTful API for real-time reputation queries

Phase 3: Advanced analytics, predictive capabilities and community integration​

• Goal: Enhance with ML, longitudinal analysis, visualisation, and operational integration
• Advanced Analytics: Implement longitudinal analysis, anomaly detection for infrastructure changes, and explore predictive ML models
• Visualisation dashboard: Develop an interactive dashboard for monitoring reputation scores, trends, and underlying data
• Community and tooling Integration: Explore leveraging RIPE Atlas, establish feedback mechanisms, provide SIEM/SOAR integration points (e.g., STIX/TAXII).
• Methodology and openness: Commit to publishing detailed methodology and potentially open-sourcing further components, presenting findings at forums like RIPE Meetings.

(See the project's README for the full detailed roadmap)

Conclusion and call for collaboration​

The Domain ASN Mapper has been developed as the initial phase of the Domain Reputation Measure Project, and offers immediate utility for anyone needing to understand the network infrastructure behind domain names. It automates the crucial first step of correlating DNS information with BGP routing data provided by the community (e.g., via RIPE RIS).

As the foundation for the ongoing Domain Reputation Measure project, this tool, and its future enhancements, will provide significant value for network security, risk assessment, and operational visibility.

We invite the RIPE community and others to test the Domain ASN Mapper, provide feedback, report issues, and contribute to its development. The project is open-source, and collaboration is highly encouraged.

Find the code and contribute on GitHub: https://github.com/soshianse/Domain-Reputation-Measure
Let's work together to build better tools for understanding and securing the internet's infrastructure.

 

[Hypersot]

Anyone knows of any tool that can check whether a list of domains (basically the domains I own) can be verified for https? (both desktop and mobile)

Just found out that one of my domains for sale didn't have a certificate issued.

 

[IrfanHabib]

Anyone knows of any tool that can check whether a list of domains (basically the domains I own) can be verified for https? (both desktop and mobile)

Just found out that one of my domains for sale didn't have a certificate issued.

I can build it for you. check hundreds of domain's https status simultaneously

 

[Future Sensors]

Anyone knows of any tool that can check whether a list of domains (basically the domains I own) can be verified for https? (both desktop and mobile)

Just found out that one of my domains for sale didn't have a certificate issued.

I'd personally make a script / wrapper that uses openssl, and checks the existence and validity of installed TLS certs, taking into account that I do not overload web servers with my requests.

Here's an online bulk checker, as well:

https://decoder.link/bulk

 

[Hypersot]

@IrfanHabib ,
thanks. Will let you know if I decide I need to pay for a tool like that.

@Future Sensors ,
that is a wild list of tools. I'm surprised Namecheap offers something like that. Never knew that page existed.

However,
I get some weird results that are not explained very well (obviously the tool is to be used by people that know what they are doing). Is there an index somewhere where it explains the errors for people with lower IQ that have trouble understanding the messages?

So, what I get is something like 'Doesn't match Common Name or/and SANs' or even 'something went terribly wrong' (but it doesn't say what that was) etc.

Thanks for sharing

 

[Future Sensors]

'Doesn't match Common Name or/and SANs'

In short, this could indicate misconfiguration on the webserver, or simply a delay in actually deploying a valid certificate with your domain in it. If you like, DM me some examples of a few domain names in both error categories you mentioned, then I can further investigate with you, using some other tools.

 

[iLoveDotCom]

I use Namebio, Estibot, Atom Domain Appraisal, GoDaddy Domain Explorer, DNX, DNWE, and Agent.ai domain valuations.

 

[Hypersot]

@Future Sensors ,
I would have sent you a small list, since you kindly offered to help, however I prefer to understand what is happening first and then sort this out myself. Make a small patch now will not help in the long run, especially if someone else does it.

It seems I need to start understanding more about sales landers. We rely too much on 3rd-party services in domaining.

Thanks for all the info you shared. Very helpful.

 

[alop]

Namelix.com

 

[Future Sensors]

The Registration Data Access Protocol (RDAP) is the modern successor to the outdated WHOIS protocol, designed to address its limitations.

RDAP provides a standardized way to access registration data for internet resources like domain names and IP addresses. Unlike WHOIS, which returns unstructured plain text, RDAP uses a machine-readable JSON format, supports internationalized domain names, and operates over secure HTTPS connections. It also allows for differentiated access, meaning different users can be granted varying levels of data access.

A central hub for RDAP tools and information is available at https://about.rdap.org/, and a guide to its deployment among top-level domains can be tracked at https://deployment.rdap.org/. While most gTLD registries and registrars have been required to implement RDAP since 2019, a new version of the gTLD RDAP profile (February-2024) is being introduced. The older February-2019 version will be considered obsolete after August 21, 2025, when the newer version becomes required, and the older one will be retired.

For more background on the protocol, see its Wikipedia page at https://en.wikipedia.org/wiki/Registration_Data_Access_Protocol and compare it to the older WHOIS protocol at https://en.wikipedia.org/wiki/WHOIS.

Technical Specifications & Policies

The core technical specifications for RDAP are defined by a suite of Internet Engineering Task Force (IETF) RFCs:

RFC 7480: HTTP Usage in the Registration Data Access Protocol (RDAP)
RFC 7481: Security Services for the Registration Data Access Protocol (RDAP)
RFC 7482: Registration Data Access Protocol (RDAP) Query Format (obsoleted by RFC 9082)
RFC 7483: JSON Responses for the Registration Data Access Protocol (RDAP) (obsoleted by RFC 9083)
RFC 7484: Finding the Authoritative Registration Data (RDAP) Service (obsoleted by RFC 9224)

ICANN maintains specific policy guides for the protocol, including the gTLD RDAP Profile. You can find the ICANN page on the gTLD RDAP Profile here: https://www.icann.org/gtld-rdap-profile/.

Web and CLI Tools

For a web-based client, you can use the tool at https://client.rdap.org/. It's a front-end application that allows you to perform RDAP lookups directly from your browser. This tool relies on standard web technologies and can be run on any system with a modern web browser. The source code for this web client is available on GitHub at https://github.com/rdap-org/.

For command-line users, a tool called rdapper provides a simple console-based client for performing RDAP queries. Its source code is hosted on GitHub at https://github.com/gbxyz/rdapper. rdapper is written in Perl and requires a Perl environment to run. It can be installed using cpanm or run as a Docker container, making it accessible on various operating systems including Linux, macOS, and Windows.