DNS and GeoIP from the browser address bar

When analysing logs in Splunk for attacks and spammers I need to do reverse DNS lookups, geolocation of IP addresses, and whois lookups to identify the source.  Here is a shortcut that saves opening a terminal, by using a custom search engine to do the lookup straight from your web browser address bar.

Visiting DNSStuff.com adds a "Search Engine", at least in Chrome, which does reverse dns + geoip location from the address bar.  Set the "keyword" on the search engine to "ip" so by typing  "ip 173.194.33.104" in the address bar redirects to this page.  The search engine can also be added manually. The %s is replaced by address bar contents on pressing enter:
http://www.dnsstuff.com/tools/ipall/?tool_id=67&token=&toolhandler_redirect=0&ip=%s
The DNSStuff IP lookup is free but their other tools require subscription. DomainToIP.com has a free bookmarklet (bottom left of the page) that does forward lookup and whois on the site currently in your address bar.  Add a custom search engine with keyword "dns" so that typing "dns www.google.com" in the address bar directs to this page.
http://domaintoip.com/ip.php?domain=%s
There are many other uses for custom search engines: I have custom search keywords to search the Python documentation, for Google's "I'm Feeling Lucky" button, for Splunk documentation, Google site-search for Wikipedia, and so forth.

Note: In Splunk I also use the Google Maps App and the Reverse DNS App, but to do a single lookup its quicker just to use the address bar.

Popular posts from this blog

Cutting down on clutter with the Outbox Method

A comparison of file synchronisation software