Posted in:

Reverse IP Lookup: Top 5 Reasons to Identify Domains That Share Hosts

Sharing a host with several web properties isn’t uncommon. In fact, several WordPress and other third-party content platform users are no stranger to the concept. And the practice can put an organization’s digital assets at risk of malware infection, a breach, a distributed denial-of-service (DDoS) attack, a bad domain reputation, and slow page loading time.

These problems are avoidable, however. And the first step toward that is identifying which of your IP addresses share a host with other companies. That’s doable with the help of a reverse IP lookup.

What Is a Reverse IP Lookup?

A reverse IP lookup is a means to identify all of the domains a given IP address resolves to. It works by using an IP address as input to a reverse IP lookup tool. The tool then accesses passive DNS data to retrieve a list of the domains that have been historically connected to it.

A passive DNS database is a repository of the domains that resolved to a specific IP address over time. The amount of time depends on how many years the passive DNS database’s vendor has been crawling the Web for IP address-to-domain resolutions. A vendor, therefore, that has been pooling data for 10 years now could have passive DNS data dating back to 2011.

5 Things That Could Go Wrong with Shared IP Address Use

Sharing a host could spell an organization’s downfall if not addressed. Here are four reasons why.

Exposure to Malware

Sharing an IP address means sharing a server with several other files, content, or other digital properties that typically belong to different owners. That said, you can’t really be sure if all of the contents are threat-free. Some of them could be infected with malware, which could put the other contents at risk of infection.

Potential Data Breach

Since the files and other virtual properties don’t belong to you, you can’t be sure if they’re at least as secure as your assets. A vulnerability in one could give hackers a potential entry point into the server, putting your company and its data in danger as well.

Downtime

DDoS attacks mean to paralyze their targets. That starts by sending numerous requests to the target sites until their servers could handle no more and the pages eventually freeze up. That’s not the worst that could happen, though, as all the other connected systems will slow down or even cease to work as well.

Poor Domain Reputation

Maintaining a threat-free domain is a bit harder when you use a shared IP address. Sometimes, no matter how clean your apartment is, if the administration doesn’t maintain the rest of the building and grounds, it won’t matter. You’d still end up sort of living in a dump.

The same thing happens with a shared host. If one or more domains that share your IP address are tagged “malicious” on any blocklist, you suffer the consequences, too. Your domain reputation score drops, which would definitely turn off customers and web visitors, translating ultimately to revenue loss.

Slow Site

Your website is essentially your organization’s face online. It’s how users interact with and see you. A bad time on your site, therefore, translates to poor customer experience. And one of the criteria your web page is going to get judged on is how fast it loads. If your website takes too long to load, prospective customers who want to buy your product could change their minds and look for an alternative.

How a Reverse IP Lookup Can Help

As mentioned earlier, a reverse IP lookup identifies the domains that share an IP address. To show how it can help you zero in on the offending domains that share your host so you can sever ties with them to stay safe from risks, enter your IP address into a reverse IP lookup tool and subject your neighbors’ domains to blocklist checks.

If your site, for instance, resolves to the IP address 99[.]229[.]36[.]82, your site visitors may be greeted with a warning when they access it since your IP is dubbed “malicious” on AbuseIPDB. A reverse IP lookup for it lists four domains, one of which (zapto[.]org) could be the reason why the IP address has been marked dangerous.

—–

The example presented above highlights why identifying domains that share your hosts is crucial. Periodically subjecting your IP addresses to a reverse IP lookup can help your organization avoid unwanted consequences, including but not limited to ending up on anyone’s blocklist.