Recently I’ve encounter list of IPs that are related to CoinHive. So I want to check for domains that tied to these IPs. We can do that by using dig command to perform reverse DNS (rDNS).
Reverse DNS (rDNS) is a method of resolving an IP address into domain name, just as the domain name system (DNS) resolves domain names into associated IP addresses.
I found this script at this site:
#!/bin/bash for item do domain=$(dig -x "$item" +short) if [ -n "$domain" ] ; then echo "$item" - "$domain" else echo "$item" result is NULL fi done
Just save this code above in your Linux/*nix machine, and run this command as below:
[email protected]:~# cat ip.txt | xargs bash reverse_dns
The result should be like this: