SecurityTrails::Ip: Collecting domain data from SecurityTrails

SecurityTrails Ip parser overview

SecurityTrails is the world's largest repository of historical DNS data. It provides data for security companies, researchers, and groups that need to detail suspicious changes in DNS records and prevent future fraudulent or criminal activity.

A-Parser functionality allows you to save parsing settings for further use (presets), set up a parsing schedule, and much more. You can use automatic query replication, substitution of subqueries from files, enumeration of alphanumeric combinations and lists to obtain the maximum possible number of results.

Results can be saved in the format and structure that you need, thanks to the built-in powerful Template Toolkit template engine that allows you to apply additional logic to the results and output data in various formats, including JSON, SQL, and CSV.

Go to DEMOBuy A-Parser Pro ($299)

Collected data

• Domain
• Hosting provider
• Alexa rank
• Mail provider

Use cases

• Obtaining subdomains by IP
• Collecting Alexa Rank for subdomains
• Obtaining Hosting Provider
• Obtaining Mail Provider

Queries

The query should be an IPv4 address.

176.9.9.90

Results

By default, subdomains are displayed in the result.

a-parser.com
img.a-parser.com
www.a-poster.info
serpjson.com
en.a-parser.com
a-poster.info
forbi-shop.com
files.a-parser.com
www.forbi-shop.com
www.a-parser.com

Result output options

A-Parser supports flexible result formatting thanks to the built-in Template Toolkit template engine, which allows it to output results in any form, as well as in structured form, such as CSV or JSON.

Output of all subdomain data

Result format:

$list.format('$domain, $host_provider, $alexa_rank, $mail_provider\n')

Example result:

google.com, Google LLC, 4, Google LLC
developers.google.com, Google LLC, 40, none
earth.google.com, Google LLC, 640, none
uk.youtube.com, Google LLC, 1305, none

Output of data in CSV

Result format:

[% 
   FOREACH list; 
    tools.CSVline(domain, host_provider, alexa_rank, mail_provider);
   END;
%]

Example result:

google.com,"Google LLC",4,"Google LLC"
developers.google.com,"Google LLC",40,none
earth.google.com,"Google LLC",640,none
uk.youtube.com,"Google LLC",1305,none

Output of data in JSON

Initial text

[% data = {} %]

Final text

[% data.json %]

Result format:

[%    
    data.query = query;     
    data.subdomains = [];     
    FOREACH list;          
    item = {};     
    item.domain = domain;     
    item.alexa = alexa_rank;     
    item.host_provider = host_provider;     
    item.mail_provider = mail_provider;          
    data.subdomains.push(item);     
    END;     
    result = {};     
    result = data;     
   
%]

Example result:

{
    "subdomains": [
        {
            "domain": "google.com",
            "mail_provider": "Google LLC",
            "host_provider": "Google LLC",
            "alexa": 4
        },
        {
            "domain": "developers.google.com",
            "mail_provider": "none",
            "host_provider": "Google LLC",
            "alexa": 40
        },
        {
            "domain": "earth.google.com",
            "mail_provider": "none",
            "host_provider": "Google LLC",
            "alexa": 640
        },
        {
            "domain": "uk.youtube.com",
            "mail_provider": "none",
            "host_provider": "Google LLC",
            "alexa": 1305
        }
        
    ],
    "query": "172.217.164.174"
}

tip

To make the "Initial text" and "Final text" options available in the Task Editor, you need to activate "More options".

Possible settings

info

General settings for all parsers.