通过Zmap、masscan等工具发起扫描，针对扫描结果进行关键字查找，获取网站真实IP。

1、ZMap扫描工具[出自:jiwo.org]
https://github.com/zmap/zmap

2、Masscan端口扫描器
https://github.com/robertdavidgraham/masscan

二、DNS记录
https://securitytrails.com/https://viewdns.info/iphistory/https://sitereport.netcraft.com/?url=github.com

 三、子域名扫描
Google、baidu、Binghttp://tool.chinaz.com/subdomain/http://i.links.cn/subdomain/http://subdomain.chaxun.la/http://searchdns.netcraft.com/https://www.virustotal.com/Layer子域名挖掘机wydomain：https://github.com/ring04h/wydomainsubDomainsBrute:https://github.com/lijiejie/Sublist3rhttps://github.com/aboul3la/Sublist3r

四、网络空间搜索
1、钟馗之眼
https://www.zoomeye.org
2、Shodan
https://www.shodan.io

五、证书搜索

https://censys.io/ipv4?q=H4nk.com

六、国外多PING测试工具：
https://asm.ca.com/zh_cn/ping.php

http://host-tracker.com/

http://www.webpagetest.org/

https://dnscheck.pingdom.com/