This is a tutorial to obtain information with OSINT methods from an IP address coming from a server. very useful methods to obtain information.
In this article we will use tools like IPInfo.io, host.io and Fofa.info to collect information from an IP Address and see all the useful information that can be obtained using OSINT tools for IP addresses
In this case we will use the IPInfo tool to see IP information, the first information it shows is the Location, name of the server provider and other information indicating that this IP is being used for websites.
IPinfo will also provide contact information for the hosting provider abuse email, in this case it is Cloudflare, if you want to report illegal content related to pornography, the easiest option to get the server provider’s abuse email with the IP address of the server, it is the IPInfo tool
In the “hosted domains” section you can see a small list of website domains that use the same IP address that you are investigating.
Now using the host.io tool you can see a longer list of domains that are using the IP Address
This is useful when your target is using a VPS, since the websites hosted by the VPS will all have the same IP address. In the case of Cloudflare this is not the case because it is a company that camouflages the original IP address.
FOFA.INFO: (IP Search Engine)
Fofa.io is an information search engine based on IP addresses and other information, very useful to obtain information about VPS servers
When analyzing the IP address, you can see the favicons of the websites that use the IP address and information about requests to open ports that the FOFA tool detects from the IP address.
Obtain information about the server operating system:
One of the functions of the FOFA.IO tool is to analyze the information on open ports from IP Addresses, if you have the IP address of a VPS (Virtual Private Server) you can get the name of the operating system and probably other data such as the version and distribution of linux.
Contact information to submit an abuse report:
If you have the IP address of a website with illegal activities that you want to report to the hosting provider, you can do so by adding the IP address to the IPInfo.io tool and going to the “Abuse Details” section.
Get domains that use the same IP addresses:
If the server that uses that IP address is a VPS (Virtual Private Server) type, you could obtain the websites that use the same IP address that you are analyzing. This can be used to connect websites and know information about the administrator of these websites.