​Reverse DNS lookup: What is it and how to do it?

So, in a traditional Forward DNS lookup, you type a domain name, and you are searching for the IP address so you can access its content. However, the Reverse DNS lookup has another purpose. You start with the IP address, and you look at who is behind it.

​What is Reverse DNS lookup?

The Reverse DNS lookup is a DNS check that starts with an IP address (IPv4 or IPv6 address) and searches to find the hostname (domain name) behind it. The purpose is to find out who exactly stands behind a particular IP address. As you probably guessed by now, it is a very important verification tool. It is used for various purposes, but most probably the most popular is to verify the origin of email messages. The email server, who is receiving a message, will check if the domain name of an incoming message and the IP address matches. It will perform a Reverse DNS lookup, checking the IP address and looking for the PTR record behind it. The PTR records link IP addresses (IPv4 and IPv6) to hostnames (domains).

​How can you perform a Reverse DNS lookup?

We humans can perform Reverse DNS lookups too. It is not only a possibility for servers. Now we will show you different tools that you can easily use, no matter what device you are using.

Reverse DNS lookup with the Nslookup command.

The Nslookup command is available on every computer – Windows, macOS, BSD, Linux, Unix, etc. It is maybe the most universal DNS lookup command out there.

You can also use it on Android and iOS if you install a Terminal application.

  1. Get to your Command-line interface:

On Windows – Open the Command Prompt. Of course, you can use Windows PowerShell too. It is your decision.

On macOS, BSD, Linux, and Unix – Open the Terminal.

  1. Type this command and press the Enter button to perform the lookup:

syntax: nslookup IP address

The IP address can be IPv4 or IPv6 address.

example: nslookup 91.198.174.192

Online with Mxtoolbox

Of course, if you don’t want to use a built-in command, you can always use an online tool for Reverse DNS lookup. In this case, we are using Mxtoolbox. It has a very simple interface.

  1. Open the URL.
  2. Type or paste the IP address you would like to check, and then press Reverse Lookup.

The result will show you the PTR record’s content.

Reverse DNS lookup with the Dig command.

This one is my favorite. The Dig command is a very powerful tool for DNS probing that is available on Linux by default. The steps will be very similar to the Nslookup command.

  1. Open the Terminal.
  2. Type this command and press the Enter button to perform the lookup:

syntax: dig -x IP address

The IP address can be IPv4 or IPv6 address.

example: dig -x 91.198.174.192

The difference with the Nslookup command is that here you need the additional option “-x” to indicate that you need a Reverse lookup. The result of this command is much more detailed than the previous, that information could be helpful.

​Conclusion

Now you know how to perform a Reverse DNS lookup, no matter where you are and what device you are using. Test it, and see which of these ways better fits you.

Leave a Reply

Your email address will not be published.