Recently I’ve encounter list of IPs that are related to CoinHive. So I want to check for domains that tied to these IPs. We can do that by using dig command to perform reverse DNS (rDNS).
Reverse DNS (rDNS) is a method of resolving an IP address into domain name, just as the domain name system (DNS) resolves domain names into associated IP addresses.
I found this script at this site:
#!/bin/bash
for item
do
domain=$(dig -x "$item" +short)
if [ -n "$domain" ] ;
then
echo "$item" - "$domain"
else
echo "$item" result is NULL
fi
done
Just save this code above in your Linux/*nix machine, and run this command as below:
root@box:~# cat ip.txt | xargs bash reverse_dns
The result should be like this:
