reverse-dns-lookup

Reverse DNS Lookup: Complete Guide for Small Businesses

What if you could identify which companies are visiting your website?

Someone uses a work computer to access your site and you’re able to see someone from company A visited your site. These are most likely your potential customers. 

And that’s one of the ways reverse DNS lookup is important for your business. It could help you with your lead generation efforts instead of just relying on strategies like PPC, Referrals, email marketing, and others.

In this article, you’ll learn:

  • What is reverse DNS lookup?
  • Reverse DNS lookup vs forward DNS lookup
  • How does reverse DNS lookup work?
  • How it’s important for your business
  • How to perform a reverse DNS lookup

 

What Is Reverse DNS Lookup?

You know how your browser can magically find websites like Google or Amazon just by typing in their domain names? Well, that’s thanks to forward DNS lookup which translates those website names into the actual IP addresses that computers use to communicate.

Now, a reverse DNS lookup is like the reverse of that process. Instead of going from a domain name to an IP address, it lets you go from an IP address back to finding out the hostname or domain it’s associated with. 

Reverse DNS lookup lets you ask the DNS servers for the domain name based on the IP address.

reverse DNS lookup illustrated
Source: whatismyip.com

Here’s where it gets really juicy for businesses: When someone visits your website, their device has to reveal its IP address. With a reverse DNS lookup, you can take that IP address and trace it back to the company it belongs to. And you would have just turned an anonymous visitor into a potential lead.

It’s like having a superpower to unmask the secret identities of your website lurkers. Okay, maybe not a superpower per se, but it’s still pretty useful.

Imagine you run a B2B company selling industrial-strength staple removers. With reverse DNS lookup, you can see that someone from Acme Corporation just couldn’t resist checking out your staple remover. That’s a lead worth following up on!

Of course, not every IP address will lead you to a goldmine. Sometimes, you’ll just find out it was your buddy Steve browsing from his parent’s basement (no offense, Steve 😅).

How Does Reverse DNS Lookup Work?

The internet is basically a gigantic network of computers all agreed to follow certain protocols and standards. One of those is the DNS or Domain Name System – the phonebook that translates domains to IP addresses.

But for reverse lookups, we need to flip that process. That’s where PTR records come in. Think of them like the ReverseCard in Uno – they let you go from IP address back to hostname.

Here’s how it works: The internet is divided into zones, kind of like neighborhoods. There’s a special zone called “.in-addr.arpa” which is the territory for reverse DNS.

Internet service providers and companies that own IP addresses get to map PTR records for their IPs in this reverse DNS neighborhood. So if Acme Corp owns 123.456.78.9, their ISP sets a PTR record that points that IP to acmecorp.com or whatever hostname they want.

Then, when you do a reverse lookup on 123.456.78.9, it can follow that PTR breadcrumb trail through the .in-addr.arpa zone all the way back to Acme Corporation.

Of course, not every IP has these PTR records set up properly. Some are just generic ISP hostnames. But most businesses know it’s important to do so.

Read also: What Is a DNS Record? Tools, Steps, and More

Reverse DNS Lookup vs Forward DNS Lookup

Forward DNS lookup is the process your browser uses to turn a domain name like google.com into the actual IP address it needs to connect to Google’s servers. It’s going from human-readable domains to computer IPs.

Forward lookup is kind of a one-way street, though. You put in a domain, and it spits out an IP address. But it can’t tell you what domain is associated with a particular IP if you just give it that.

That’s where reverse DNS lookup comes into play. While a forward lookup goes from domain to IP, a reverse lookup lets you start with just an IP address and trace it back to find the hostname or domain name it belongs to.

Also, for a forward lookup, the DNS uses specific record types called A records (or AAAA for IPv6). An A record basically says, “This domain maps to this IP address.”

So when you type in “www.example.com”, the DNS looks up the A record for that domain, which points to, let’s say, the IP 93.184.216.34. That’s how your browser knows where to connect to serve up the website.

Reverse lookups, on the other hand, use a different kind of record called a PTR record (pointer record). Instead of domain-to-IP, these point IP addresses to hostnames in the special .in-addr.arpa DNS zone.

The setup looks something like this: 34.216.184.93.in-addr.arpa has a PTR record pointing it to “example.com”. So, a reverse lookup on 93.184.216.34 can follow that pointer back to the “example.com” hostname it represents.

Key difference is A records are your normal, forward DNS entries while PTR records are specifically for translating an IP back to a name for that reverse lookup functionality.

Another difference is about who owns or handles these records. For forward lookups, the domain owner controls the A records in their domain’s zone. But for PTR records, it’s the entity that owns that IP address range (usually an ISP) that provides those reverse entries.

So, for a company to show up properly in reverse lookups, they need to configure PTR records accordingly rather than just get random IPs assigned temporarily by an ISP.

Why Is Reverse DNS Lookup Important?

Reverse DNS lookup plays a crucial role for the following reasons.

Email deliverability

If the sending server’s IP doesn’t have a proper reverse DNS entry matching the domain it’s sending from, that raises a big red flag. Most spam filters will just outright reject or quarantine those emails to protect their users’ inboxes.

Correct reverse DNS records are vital for ensuring your emails actually make it to the inbox and don’t get unfairly labeled as spam. Also, setting up your email authentication protocols like DKIM and SPF can improve your deliverability.

Lead generation

When companies visit your website, their IP addresses get logged. With reverse lookup, you can unmask which organizations those IPs belong to. So, instead of waiting for potential customers to contact you, your site visitors get revealed. Then, it’s just a matter of identifying the right people to reach out to from those companies with your well-timed sales pitch.

You can look through the company’s LinkedIn page to identify the right person to reach out to.

How To Perform a Reverse DNS Lookup

We’ll look at two ways you could do a reverse DNS lookup.

Windows command line

Open your command prompt on your PC and type in:

Nslookup

And hit Enter to get into nslookup’s interactive mode. You should see that classic > prompt staring back at you.

Nslookup
Nslookup

Now, to do the reverse lookup, let’s say you want to reveal the domain of the IP address 8.8.4.4. Type in:

set type=PTR

This tells nslookup that you want to query for PTR records, which is DNS speak for reverse lookups.

set ptr
set ptr

Next, enter the IP address you want to look up, but in reverse order and end with .in-addr.arpa:

4.4.8.8.in-addr.arpa

4.4.8.8.in-addr.arpa
4.4.8.8.in-addr.arpa

For reverse DNS lookups using the in-addr.arpa domain, you need to format the IP address in reverse order. 

So instead of entering the IP like normal: 8.8.4.4

For the reverse lookup, you reverse the order of numbers: 8.8.4.4 becomes 4.4.8.8

Then you append .in-addr.arpa to the end: 4.4.8.8.in-addr.arpa

This reverse ordering convention is specifically how the in-addr.arpa domain is structured to allow reverse DNS queries.

Hit Enter, and if everything goes right, nslookup will hopefully respond with the hostname that the IP address is mapped to in its PTR record.

For example, that 8.8.4.4 IP belongs to Google, so you’d see:

4.4.8.8.in-addr.arpa name = dns.google

Reverse DNS lookup tools

Another way to perform reverse lookups is through online tools. Here are a couple of them:

Mxtoolbox

Mxtoolbox offers a range of tools that can check for DNS ptr records, domain registration information, IP or host reputation, and many others, including reverse DNS lookup.

To perform a reverse lookup:

  • Go to Mxtoolbox reverse DNS tool
  • Enter your IP address in the search box
  • Click reverse lookup, and the tool will attempt to find ptr records for the IP address.

Here’s an example of the IP 8.8.4.4:

Mxtoolbox
Mxtoolbox

Hackertarget

Hackertarget offers various tools to identify vulnerabilities in your organization, such as test ping, Nmap port scanner, DNS lookup, TCP port scan, and many others.

To perform a reverse lookup:

Here’s an example of the IP 8.8.4.4:

Hackertarget
Hackertarget

DNS checker

DNS checker verifies if your DNS records are well configured from their selected list of servers all over the world. 

To perform a reverse lookup:

Here’s an example of the IP 8.8.4.4:

DNS checker
DNS checker

Final Thoughts

While it seemed like a technical concept at first, it’s a fairly easy concept to understand. You don’t have to be technical or know how to code to perform a reverse lookup. Reverse DNS lookup ensures your email isn’t classified as spam and helps you identify valuable leads. It gives you a window into the identity of your site visitors. 

You could perform a reverse lookup using the command line, as we’ve seen, or through online tools such as MXtoolbox, Hackertarget, and DNS checker. 

FAQ

What is the difference between forward and reverse DNS lookup?

A forward DNS lookup converts a domain name (e.g., www.example.com) into an IP address. A reverse DNS lookup does the opposite – it reveals the hostname or domain name associated with a given IP address.

Why is reverse DNS important for businesses?

Reverse DNS lets you identify companies visiting your website based on their IP addresses. This can provide valuable B2B lead generation opportunities by unmasking potential customers interested in your products/services.

How does reverse DNS work technically?

It uses PTR (pointer) records configured in the in-addr.arpa DNS zone to map IP addresses back to hostnames. The entity that owns the IP address range (usually an ISP) provides these PTR records.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top