If you followed my last post HERE you might be wondering “That’s great and all, but how do I find the AS number in the first place?”.
If you are running Linux it’s easy:
First install dig and whois:
If you are using Centos/Fedora:
yum install bind-utils whois -y
In case you are using Debian/Ubuntu:
apt install dnsutils whois -y
After that to get the IP number associated with the domain.
dig +short facebook.com | head -1
The output should be an IP address in example:
With the IP address in hand to get the ASN you just need to run:
whois -h whois.radb.net '18.104.22.168' | grep -i origin | tr -s " " | cut -d " " -f2
Voila the output should be the AS number(s)
And with most things on the internet these lists are not static so you should build a script to update them from time to time.