Reverse IP Lookup
The Reverse DNS Lookup tool finds the hostname behind an IP address. Enter an IP address for the reverse lookup to locate the DNS PTR record for that domain.
Introducing Our Reverse DNS Lookup Tool
Our Reverse DNS Lookup finds the domain/hostname associated with an IP address by querying the PTR record configured for that IP address. It provides a number of uses for network administrators and website managers, such as improving email security and identifying website traffic. Our tool provides an easy solution to check reverse DNS as compared to other methods such as using the command line on your device.
Enter an IP address (e.g., 8.8.8.8) to start the reverse IP lookup.
How to Use Our Reverse IP Lookup?
Here is how you can perform a reverse IP lookup with our tool:
- Enter the IP address in the reverse DNS lookup tool (ensure it's correct).
- Click on the Submit button.
- The tool will provide results showing the IP address and its respective hostname.
What is Reverse DNS Lookup?
It's a process for discovering the domain name associated with an IP address. It is called "reverse" because it is the opposite of a normal DNS lookup, which involves finding the IP address associated with a domain name.
When a reverse IP address lookup is initiated, our tool goes to the DNS servers and looks for a pointer record, also known as a PTR record of the queried IP address. In normal DNS lookups, if the IP address is needed for a domain or a server, the tool asks the server for the "A" record. The "A" record contains the information about the required IP address. (If the domain has an IPv6 address, the "AAAA" record is used instead.)
The "PTR" record is the opposite of this. It is stored under an IP address and contains information on the domain/hostname for that particular IP.
Understanding PTR Records for Reverse DNS Search
This section will help you understand how a PTR record is written, so if you ever see that record or have to create one for your domain, you can easily do that.
PTR Records for IPv4 Addresses
When a PTR record is created for an IPv4 address, it is the reversed form of that IP along with the domain extension: ".in-addr.arpa." Here, the ".arpa" is a domain, while the ".in-addr.arpa" is a subdomain consisting of the additional ".in-addr" part.
For example, if there is an IP address "8.8.4.4," then the PTR record would be: 4.4.8.8.in-addr.arpa
The first part of the record is "4.4.8.8" which is the reversed form of 8.8.4.4. After that comes the ".in-addr-arpa" subdomain. The method and example that we've mentioned above are for IPv4 addresses. PTR records for IPv6 addresses are slightly different.
PTR Records for IPv6 Addresses
Here is how PTR records are written for IPV6 addresses. The reversed form of the IP address is written with each alphabet/number separated by a dot rather than in sets of four, e.g.,
Instead of ".in-addr.arpa," the PTR record of an IPv6 address ends with ".ip6.arpa." For example:
The TLD is still ".arpa," but a different namespace is used.
Checking PTR Records with Other Methods
How to Check PTR Record in Windows
Here are the steps that you can follow to do a PTR record lookup in Windows to perform a reverse DNS check:
- Press the Windows button and type “cmd” in the search bar.
- Click on “Command Prompt” when it shows up in the search results.
- Once the CMD is open, type nslookup -q=ptr [example IP]
- Replace [example IP] with the IP address that you want to lookup
- Click on enter to find the hostname associated with the IP
If you want to check the PTR records against a particular DNS server, you can specify it in the CMD as well. You need to add the IP address of the server right after the IP of the domain that you are querying, like this:
How to Check PTR Record in macOS
Here are the steps for checking PTR records in macOS.
- Open the Terminal by pressing Command + Space and typing "Terminal"
- Once you are in the Terminal, enter the command nslookup -q=ptr [example IP]
- Replace [example IP] with the IP address that you want to lookup
- Press 'Return"
You can specify the particular DNS server in this method as well by adding the IP address of the server after the IP address that you want to check for the PTR record.
What are Some Uses of Reverse IP Search?
Reverse DNS search is used for various purposes.
Email spam filtration: ESPs (email service providers) perform an IP reverse search to establish the credibility of the sending domain. They check the PTR records of the domain from where the email is received. If there is no PTR record, then that particular domain is blocked, and it cannot send any more messages, i.e., through that particular ESP.
Data logging: Another use of reverse DNS lookup is data logging. For example, if some data, such as IP addresses, needs to be analyzed/checked, you can run reverse DNS checks to convert them to hostnames. The hostnames can be easier to remember and share.
Security identification: This is another way reverse DNS search can be used. Suppose there is an attempt to hack or harm a particular website—an attempt during which the IP address of the attacking domain is stored. You can do an IP reverse lookup to identify the domain and take the required action to safeguard your website.
FAQs for Reverse IP Lookup
Is performing a reverse IP check illegal?
No, running a dns reverse lookup is not illegal. There is no problem in taking an IP address and finding the domain name behind it. However, you shouldn't take unethical measures to find the IP itself. You can use an IP address checker to easily verify the IP address associated with a domain
Can I find sub-domains using reverse IP address lookup?
No, you cannot. When you run the reverse DNS lookup, you can find only the domain associated with the IP and not any subdomains.
Why is the reverse IP lookup tool not working?
If the reverse DNS check does not provide any domain name, it could be because the PTR records are not configured. The error could also indicate that the IP address is not correctly entered.