passive
whois
whois example.com
nslookup
nslookup > set type=mx > example.com
netcraft
– http://toolbar.netcraft.com/site_report?url=http://www.wikipedia.org
active
nmap
sudo nmap -sS -Pn -A 000.000.000.000
-sS – TCP scamomg
-Pn – Treat all hosts as online / no ping
-A – more data – it will take a time