What is (5)debug(7)opendns(3)com(0)
We are looking for instances of coinhive and attempting to determine which sites are using coinhive in the course of looking for these sites we found these requests. Can you explain what debug is for?
1/18/2018 4:11:25 AM 13BC PACKET 000000F10BCB24F0 UDP Rcv **.**.**.** baad Q [0001 D NOERROR] TXT (5)debug(7)opendns(3)com(0)
-
What tool did you use to capture this information?
It looks like a packet from a DNS response to the following DNS query:
dig debug.opendns.com. txt
- or -
nslookup -type=txt debug.opendns.com.To answer your question:
The domain debug.opendns.com is being used for diagnostic purposes in case something OpenDNS related doesn't work for a user."attempting to determine which sites are using coinhive"
Isn't this Coinhive JavaScript based? Then your approach to research this through DNS is wrong. You must analyze your web traffic, not your DNS traffic.
Please sign in to leave a comment.
Comments
1 comment