Determine who host a site? [Archive]

SaYiaN

10-09-2005, 02:11 AM

I'm having a problem figuring that out. For example.

http://www.martialartsplanet.com

How can you determine who host it? Isn't it free for the general public to see like the viewing of the dns names used.

Whois is not giving me anything?

Domain Name: MARTIALARTSPLANET.COM
Registrar: TUCOWS INC.
Whois Server: whois.opensrs.net
Referral URL: http://domainhelp.tucows.com
Name Server: NS1.MARTIALARTSPLANET.COM
Name Server: NS2.MARTIALARTSPLANET.COM
Status: ACTIVE
Updated Date: 20-nov-2004
Creation Date: 10-jan-2002
Expiration Date: 10-jan-2006

This is just in general. I'm confused on this hosting stuff...

Sometimes i come across site's i feel as trying to phreaking ppl and would like to report it :}

zaphodiv

10-09-2005, 07:48 PM

The RFC's that describe how the internet works are in interesting read.

>How can you determine who host it?

The easy way is to use netcraft (http://netcraft.com)'s search.

The manual way is to do a name to ip lookup. Look up the ip using whois. You may have to do more lookups if you didn't correctly guess which regional registry it is managed by. Ip address allocations are handled by different bodys in different areas of the worlds. The big three are ARIN for north america, RIPE for Europe, and APNIC for the asia pacific region.There is also AfriNIC, LACNIC, DoDNIC InterNIC, KORNIC and others.

That tells you the owner of the block of ip addresses that the webserver is in.
In some cases that will be a hosting company with their own block, in some cases it will be a big ISP such as level three who are providing a connection to someone but havn't put their customers details in whois, somtimes it will be an ISP providing a connection to someone who is running a web server off their home cable or DSL line.

The nameservers for a domain name are sometimes of interest such as when you want to complain about a spammer.

Sometimes the nameservers have names like ns1.big-isp.com

In this case ns1.martialartsplanet.com points to the same ip address as
www.martialartsplanet.com
ns2.martialartsplanet.com points to an ip address 1 higher.
Obviously the nameservers and the webserver are operated by the same people.

>Whois is not giving me anything?
Firstly whois on the domain name tells you who owns the domain name. The domain name owner and the operator of the webserver are often different entitys.

Second you have not followed the trail far enough. You now have to look
up the domin name in the tucows/opensrs whois (http://resellers.tucows.com/whois/index_html)

Whois info for, martialartsplanet.com:

Registrant:
Virtual Scotland
248 Bath Street
Glasgow, Strathclyde G2 4JW
UK

Domain name: MARTIALARTSPLANET.COM

Administrative Contact:
Manson, Forbes [email protected]
248 Bath Street
Glasgow, Strathclyde G2 4JW
UK
0141 353 1125
Technical Contact:
Technical, Host Europe [email protected]
Portland Street
Beeston
Nottingham, Nottinghamshire NG9 2LP
UK
+44 115 9170000 Fax: +44 115 9170442

Registration Service Provider:
PIPEX Communications Uk Ltd, [email protected]
+44.115-917-0000
http://www.123-reg.co.uk/
This company may be contacted for domain login/passwords,
DNS/Nameserver changes, and general domain support questions.

Registrar of Record: TUCOWS, INC.
Record last updated on 10-Mar-2004.
Record expires on 10-Jan-2006.
Record created on 10-Jan-2002.

Domain servers in listed order:
NS1.MARTIALARTSPLANET.COM 8.6.223.68
NS2.MARTIALARTSPLANET.COM 8.6.223.69

Domain status: ACTIVE

>[I] feel [are] trying to phreaking [people]
"phreaking" means doing illicit things with telephones. Perhaps you meant scamming?