Discover the reverse DNS entries for an IP address, a range of IP addresses or a domain name. IP based reverse DNS lookups will resolve the IP addresses in real time, while the domain name or hostname search uses a cached database (see below for details).

Valid Input

Remove limits & captcha with membership

Recon: Find host names with Reverse DNS Lookups

A reverse DNS record (or PTR record) is simply an entry that resolves an IP address back to a host name. Most people are aware of the forward lookup, also known as an A record, that finds an IP address from a host name so an Internet service is able to be accessed.

When an attacker or penetration tester assesses an organization, they will commonly attempt to map the footprint of the organization to find all the weak points to attack. By gathering a list of possible host names, IP addresses, and IP network blocks that are related to the targeted organization, an attack surface can be developed. With this reverse DNS tool, you cannot only resolve single IP addresses but also a range of IP addresses or search for all the reverse DNS containing a domain name.

Perform a query using either a single IP , a range such as, or CIDR notation You are also able to search for hostnames such as Reverse DNS resolution of a range of IP addresses is limited to 254 addresses (a /24 or smaller subnet).

Reverse DNS Search Limits
Queries / dayMax # of Results
Membership# based on Plan500'000
With a membership get up to half a million results from a single query. A gold mine of data for security analysts, network defenders and other cyber security professionals.

Reverse DNS search

Use the reverse DNS search to find all the reverse DNS entries for a particular organisation. Simply enter an organisations domain name to get the results. Currently, the results are limited to a maximum of 5000 results - this will typically only be an issue for big Internet services companies and ISP's.

Much of the data used for the hostname search comes from the excellent project that is run out of the Rapid7 labs. The database of reverse DNS entries covers the full IPv4 address space. This equates to 43GB of plain text DNS PTR records.

Where are Reverse DNS entries used

Many Internet services, network tools, and server logging will use reverse DNS to populate IP address fields with a more human readable hostname. An example of this can be seen in the output of a traceroute tool.

Configuring Reverse DNS

Reverse DNS is configured and controlled by the IP block owners. Often the reverse DNS host name is configured to indicate the netblock owner, such as ISP or web hosting provider.

If you are hosting a server with a dedicated IP address and would like to have reverse DNS configured (required if you are running an Internet mail server), the PTR record will usually be configured through your IP block hosting provider (usually the server hosting company).

Reverse DNS API

In addition to the web form you can also quickly access the reverse DNS tool using the API. The output will be in plain text and will include the IP address and the reverse DNS host name with a space separating them. Access the API using a web browser, curl or any common scripting language.

This query will display the reverse DNS from the public DNS server provided by Google (

The API is simple to use and aims to be a quick reference tool; like all our IP Tools there is a limit of 50 queries per day or you can increase the daily quota with a Membership. For those who need to send more packets HackerTarget has Enterprise Plans.

Automated Security Vulnerability Scans.

Discover. Investigate. Learn.

Use Cases

Website Recon?

Fingerprint Web App
Technologies in Bulk

Whatweb / Wappalyzer

Remove limits with a full membership

More info available