Reverse IP Lookup
Reverse IP lookup returns all domain names hosted on a given IP address. It is used by threat hunters to identify other malicious domains sharing the same hosting infrastructure as a known bad actor — a technique known as infrastructure pivoting.
Frequently Asked Questions
What is Reverse IP Lookup?
Reverse IP lookup returns all domain names hosted on a given IP address. It is used by threat hunters to identify other malicious domains sharing the same hosting infrastructure as a known bad actor — a technique known as infrastructure pivoting.
How is Reverse IP Lookup related to DNS History?
Reverse IP Lookup and DNS History are both key concepts in threat intelligence. DNS history is a record of historical DNS resolution data for a domain — including all IP addresses it has ever resolved to, when changes occurred, and what nameservers have been used. It is used in threat investigations to trace infrastructure reuse and identify related malicious domains.