Reverse DNS Lookup — Translate Any IP Address to Its Hostname
By sadiqbd · June 6, 2026
An IP address doesn't tell you much — until you look up what it belongs to
You have an IP address from a log file, a failed connection, a suspicious email header, or a security incident. Who does it belong to? Is it a residential connection, a data centre, a web hosting provider, a VPN exit node? Reverse DNS (rDNS) — also called PTR lookup — translates an IP address back to a hostname, which often reveals the owner or purpose of that IP.
What Reverse DNS Is
The regular DNS process maps domain names to IP addresses (forward lookup). Reverse DNS goes the other way: it maps IP addresses back to domain names.
The mechanism uses a special DNS zone: in-addr.arpa for IPv4 and ip6.arpa for IPv6.
For the IP 93.184.216.34:
- The octets are reversed:
34.216.184.93 - A PTR query is sent to:
34.216.184.93.in-addr.arpa - The result (if configured):
example.com
PTR record example:
34.216.184.93.in-addr.arpa PTR example.com
The PTR record is managed by whoever controls the IP address — the ISP or hosting provider — not the domain owner. This distinction matters: a domain owner can't set their own reverse DNS unless they control the IP block.
How to Use the Reverse DNS Lookup on sadiqbd.com
- Enter the IP address — IPv4 or IPv6
- Run the lookup — the tool queries the PTR record
- Read the result — the hostname associated with the IP, or "no PTR record" if none exists
What Reverse DNS Results Tell You
A clean hostname matching the forward DNS:
If PTR lookup for IP 1.2.3.4 returns mail.example.com, and the A record for mail.example.com also resolves to 1.2.3.4, you have forward-confirmed reverse DNS (FCrDNS) — a strong signal of legitimacy. Many mail servers require this for accepting email.
A hosting provider hostname:
PTR returns something like 93-184-216-34.example-hosting.com or server.datacenter.com. This identifies the IP as belonging to a web hosting or cloud provider. Useful for identifying which provider an IP is from.
A residential ISP hostname:
PTR returns something like ecs-203-124-12-45.compute.hwclouds-dns.com or broadband-45-12-13.isp.net.bd. This indicates a residential or business internet connection — not a dedicated server.
No PTR record: Many IPs have no reverse DNS configured. This is common for dynamic IPs, some cloud instances, and any IP where the owner hasn't set up rDNS. Absence doesn't indicate anything suspicious by itself.
Mismatch between PTR and forward DNS:
PTR for 1.2.3.4 returns mail.example.com, but mail.example.com resolves to a different IP. This is a forward-confirmed rDNS failure — suspicious for email purposes and may indicate misconfiguration or spoofing.
Real-World Examples
Email header analysis
An email arrives with a suspicious sender. Checking the email headers reveals the sending IP: 45.67.89.123.
Reverse DNS lookup: 45.67.89.123 → mail-out.spamservice.net
The hostname reveals this is a known mass email service — useful context for deciding whether to trust the email.
Security incident investigation
Your server logs show multiple failed login attempts from IP 192.0.2.45.
Reverse DNS: 192.0.2.45 → tor-exit-node.privacy.network
The attacking IP is a Tor exit node — the attacker is routing through Tor to anonymise their origin. Standard block-by-IP response is less effective here; consider blocking the Tor exit node range.
Identifying a suspicious outbound connection
Your firewall logs show an outbound connection from your server to 198.51.100.22.
Reverse DNS: 198.51.100.22 → c2.malware-domain.com
A command-and-control hostname. Your server has been compromised and is communicating with a malware controller. Immediate incident response required.
Verifying your own mail server configuration
For email deliverability, your outbound mail server's IP should have a matching PTR record. Check:
Forward: mail.yourdomain.com → 1.2.3.4
Reverse: 1.2.3.4 → mail.yourdomain.com ✓
FCrDNS confirmed. If the reverse lookup returns nothing, contact your hosting provider or ISP to set up the PTR record.
Why FCrDNS Matters for Email
Many mail servers perform a Forward-Confirmed Reverse DNS (FCrDNS) check on inbound connections:
- The connecting mail server IP is looked up with PTR → gets a hostname
- That hostname is looked up with an A record → gets an IP
- If the IP matches the connecting IP → FCrDNS passes
Failing this check is a common reason for email delivery problems. If your outbound mail server doesn't have a PTR record, or the PTR doesn't match the forward A record, some mail servers will reject or score your email as suspicious.
Setting Up Reverse DNS
Reverse DNS is controlled by the IP address owner:
- For dedicated servers: contact your hosting provider (Vultr, DigitalOcean, Hetzner, AWS, etc.) — they allow PTR record configuration in their control panel
- For shared hosting: PTR is managed by the host; you typically can't customise it
- For your own IP block: configure PTR records in your IP management system
- For ISP-assigned IPs: contact the ISP; some allow custom PTR records, others don't
The PTR record should point to the hostname you want associated with that IP (e.g. mail.yourdomain.com), and the A record for that hostname should resolve back to the IP.
IPv6 Reverse DNS
IPv6 PTR records follow the same logic but with the full 128-bit address reversed and in nibble (half-byte) format under ip6.arpa.
For 2001:0db8:85a3:0000:0000:8a2e:0370:7334:
Reversed nibbles: 4.3.3.7.0.7.3.0.e.2.a.8.0.0.0.0.0.0.0.0.3.a.5.8.8.b.d.0.1.0.0.2
PTR query: ...4.3.3.7.0.7.3.0.e.2.a.8.0.0.0.0.0.0.0.0.3.a.5.8.8.b.d.0.1.0.0.2.ip6.arpa
IPv6 PTR configuration is otherwise identical in concept to IPv4.
Frequently Asked Questions
Why doesn't every IP have a PTR record? PTR records must be configured by the IP block owner. Many dynamic IPs, small cloud instances, and unconfigured servers have no PTR. It's a best practice for mail servers but optional for most other purposes.
Is reverse DNS the same as a WHOIS lookup? No. WHOIS tells you who registered a domain or IP block (name, organisation, contact). Reverse DNS tells you the hostname associated with an IP. They answer different questions, though both identify who controls a resource.
Can I set my PTR record to anything I want? No — only the IP owner can set the PTR record. If you're on a shared hosting IP, you can't customise the PTR. On a dedicated server with your own IP, you can set it through your provider's control panel.
Does every domain need a PTR record? Only if you're running your own mail server. Websites don't require PTR records, but email servers do for proper deliverability.
Is the reverse DNS lookup free? Yes — completely free, no sign-up needed.
Reverse DNS turns a raw IP address into meaningful context — who owns it, what it's for, and whether it matches what it claims to be. It's one of those tools that provides an immediate, useful answer in seconds.
Try the Reverse DNS Lookup free at sadiqbd.com — translate any IP address to its hostname instantly.
