A Reverse DNS lookup determines the domain name of an IP Address.

Reverse DNS Lookup | Reverse IP Lookup Tool

Use the reverse DNS lookup tool to check DNS PTR records and determine the hostname of an IP address.

What is reverse DNS lookup?

A reverse domain name system (DNS) lookup, or reverse IP lookup, is the opposite sequence of a DNS lookup. It's essentially a reverse IP tracker. With a standard DNS lookup online, you query the DNS server or hostname to get the IP address. However, with the reverse DNS lookup command, you query the IPv4 address or IPv6 address to find the hostname. Therefore, entering the IP address into the reverse lookup tool tests PTR records, allowing users to locate the domain name associated with the corresponding IP.

For example, one IP address of Google.com is 74.125.142.147. Typing this IP address into the reverse DNS lookup tool returns the hostname of Google as listed in the database of the Address and Routing Parameter Area’s (ARPA) top-level domain of the Internet.

Note that some IP addresses will not return a domain name. PTR DNS records may indicate multiple domain names for a given IP address in these cases. Web hosting, where one IP address of the server is shared among one or more domains, is a common example. To see what your IP address links to, go to the homepage of What's My IP to find out your IP.

dns lookup and reverse dns lookup examples

How does reverse DNS lookup work?

A reverse DNS lookup searches DNS queries for PTR records, or DNS pointer records. A PTR record maps an IP address to the hostname, so if there is no PTR record for DNS on the server, a reverse DNS record lookup won’t work.

Because the tool works to verify PTR records, it can be thought of as a PTR lookup. Though all DNS records are important to the domain name system - from CNAME records to A records - pointer records are particularly essential for a reverse lookup.

How to do a reverse IP lookup

Reverse DNS Lookup (Linux)

For a reverse IP lookup in the Linux system, users can use three different commands to perform the reverse DNS process: the dig command, the host command, and the nslookup command. Each works in a slightly different way, focusing on observing different information.

The dig command, or domain information groper command, allows the rDNS lookup in Linux to run manually through the terminal. It returns name servers; users primarily utilize it for examining and resolving DNS issues because of its flexible and clear output.

The host command converts the host names to IP addresses and vice versa.

The nslookup command also helps check and resolve DNS issues. It's the most used network administration tool with two modes to display output: interactive, which gives information about hosts and domains against the query, and non-interactive, which shows only the name and requested, relevant details for a domain.

Reverse DNS Lookup (Windows)

For Windows users, the nslookup command via the command prompt is the best way to do a reverse domain lookup and check DNS records in a Windows server. Open the Windows start menu and search "command prompt" in the search bar. An access shortcut appears from which you can open the "Run" box with Windows+R. From there, run the nslookup commands and find A records, NS records, or SOA records of a domain.

What are reverse DNS lookups used for?

Using the free reverse IP lookup tool above is very useful for a variety of purposes:

  • Finding spam emails. It’s difficult to differentiate legitimate mail servers from spam servers from an IP address alone. However, certain generic rDNS names can indicate that the email server is spam. This is where the reverse DNS lookup comes in.
  • Knowing who visits your website. Website visit logs usually contain IP addresses, which aren’t particularly useful for tracking exactly who is visiting your website. The reverse IP lookup process serves as a reverse website search tool, finding the hostname of your visitors to give you a better picture of who visits your website. This is especially useful for those operating B2B businesses.
  • Troubleshooting. The rDNS test helps run and troubleshoot basic Internet protocols like the ping command in the command line prompt. It also keeps you from encountering problems with enterprise management systems, r-commands, SMTP servers, and network backup systems.
  • Security. Reverse IP lookups check DNS records to locate the address' A records and map a domain name to the physical IP address of the device. This helps determine the virtual hosts from web servers, thus identifying server weaknesses and improving security.

What is a DNS PTR record?

A DNS PTR record is the type of DNS record used to store the related hostname for an IP address. Reverse DNS lookups use these records, as they return the associated hostname when a user performs a reverse DNS search. They are the opposite of A records and AAAA records for IPv4 and IPv6 addresses, respectively, which return the associated IP for a hostname.

Pointer records are structured like all other DNS records and include five pieces of information: the IP address, the entry's TTL, the DNS record class, the record type, and the resource data.