스킬 파일

Ip Attribution

Name: Ip Attribution
Author: transilienceai

Maps IP addresses to cloud providers, ASNs, and organizations via WHOIS

transilienceai181 스타2026. 3. 30.

직업: 정보 보안 분석가
카테고리: 도메인 및 DNS 도구

스킬 내용

IP Attribution Skill

Purpose

Map discovered IP addresses to cloud providers, Autonomous System Numbers (ASNs), and organizations through WHOIS lookups and cloud IP range matching.

Operations

1. dns_resolve

Resolve domain names to IP addresses.

Command:

dig +short A {domain}
dig +short AAAA {domain}

Process:

Query A records for IPv4 addresses
Query AAAA records for IPv6 addresses
Handle CNAME chains (follow to final IP)
Record all resolved IPs

Output:

관련 스킬

Ip Attribution | Skills Pool

{
  "domain": "example.com",
  "ipv4": ["93.184.216.34"],
  "ipv6": ["2606:2800:220:1:248:1893:25c8:1946"],
  "cname_chain": ["example.com", "cdn.example.net"]
}

whois {ip_address} | grep -iE "OrgName|Organization|NetName|Country|CIDR|ASN"

{
  "ip": "93.184.216.34",
  "organization": "Edgecast Inc.",
  "net_name": "EDGECAST",
  "country": "US",
  "cidr": "93.184.216.0/24",
  "asn": "AS15133"
}

dig +short {reversed_ip}.origin.asn.cymru.com TXT

"15133 | US | arin | 2007-03-01 | EDGECAST"

URL: https://ip-ranges.amazonaws.com/ip-ranges.json
Fields: ip_prefix, region, service

URL: https://www.gstatic.com/ipranges/cloud.json
Fields: ipv4Prefix, ipv6Prefix, scope

URL: https://www.microsoft.com/en-us/download/details.aspx?id=56519
Note: Weekly updated JSON files

URL: https://www.cloudflare.com/ips-v4
URL: https://www.cloudflare.com/ips-v6

{
  "skill": "ip_attribution",
  "domain": "string",
  "results": {
    "ip_mappings": [
      {
        "domain": "example.com",
        "ip": "93.184.216.34",
        "ip_version": "ipv4",
        "attribution": {
          "cloud_provider": "AWS|GCP|Azure|Cloudflare|Other",
          "cloud_region": "us-east-1",
          "cloud_service": "CloudFront",
          "organization": "Amazon.com, Inc.",
          "asn": "AS16509",
          "asn_name": "AMAZON-02",
          "country": "US",
          "cidr": "93.184.216.0/24"
        },
        "is_cloud": true,
        "is_cdn": true
      }
    ],
    "summary": {
      "unique_ips": "number",
      "cloud_hosted": "number",
      "cdn_fronted": "number",
      "providers_detected": ["array"]
    }
  },
  "evidence": [
    {
      "type": "dns_resolution",
      "domain": "string",
      "ip": "string",
      "timestamp": "ISO-8601"
    },
    {
      "type": "whois",
      "ip": "string",
      "organization": "string"
    },
    {
      "type": "cloud_ip_match",
      "ip": "string",
      "provider": "string",
      "range": "string"
    }
  ]
}

Provider	IP Range Pattern	ASN Pattern
AWS	From ip-ranges.json	AS16509, AS14618
GCP	From cloud.json	AS15169, AS396982
Azure	From ServiceTags	AS8075
Cloudflare	104.16.0.0/12, 172.64.0.0/13	AS13335
Fastly	151.101.0.0/16	AS54113
Akamai	Various	AS20940, AS16625
DigitalOcean	Various	AS14061
Linode	Various	AS63949
Vultr	Various	AS20473
Heroku	AWS ranges	(Uses AWS)
Vercel	Various	AS209242
Netlify	Various	AS205948

Ip Attribution

IP Attribution Skill

Purpose

Operations

1. dns_resolve

Ip Attribution

IP Attribution Skill

Purpose

Operations

1. dns_resolve

2. whois_ip_lookup

3. asn_lookup

4. cloud_provider_match

Output

Cloud Provider Detection Signals

Rate Limiting

Error Handling

Security Considerations

Sherlock

Domain Name Brainstormer

Bmad Domain Research

Claimable Postgres

Active Directory Attacks

Gws Gmail Watch