OSINT · Network Intelligence
Paste an IP address, domain, or ASN number and get unified intelligence in seconds — geolocation, ASN, DNS records, SSL certificates, passive DNS history, public threat feed correlation, and one-click enrichment links to industry tools. All from your browser.
Enter an IP, domain, or ASN
Launch a one-click lookup on the leading threat intelligence platforms. Each opens in a new tab with the current query pre-loaded.
Pinpoint the country, city, ISP, and ASN for any IPv4 or IPv6 address. Identify hosting providers, cloud ranges, and abuse contacts in seconds.
Automatically check whether an IP appears in Feodo Tracker (C2 servers), the TOR exit node list, Emerging Threats compromised hosts, or the CINS Army bad-actor list.
Resolve live A, AAAA, MX, NS, TXT and PTR records via Cloudflare DNS-over-HTTPS, then trace passive DNS history to spot infrastructure pivots and shared hosting.
Query Certificate Transparency logs via crt.sh to enumerate all TLS certificates issued for a domain — including historic and wildcard certs that reveal hidden subdomains.
Pull structured registration data for domains and IP blocks — registrar, creation & expiry dates, nameservers, and registrant org — without leaving the browser.
One-click links open the current query in AbuseIPDB, VirusTotal, Shodan, Censys, GreyNoise, and more — no copy-pasting, no re-typing. Speed up your triage workflow.
Responsible Use: NetRecon is designed for legitimate security research, incident response, threat hunting, and defensive intelligence. Do not use this tool for unauthorised reconnaissance, stalking, or harassment. Lookups are subject to rate limits. No query data is stored — only anonymised usage metrics.