In Networking Last updated:
Share on:
Jira Software is the #1 project management tool used by agile teams to plan, track, release, and support great software.

You’re at the right place if you want to learn about Reverse DNS lookup and Reverse IP lookup and the different tools to perform them.

DNS lookup is a valuable source of information that can assist organizations and attackers in detecting DNS vulnerabilities.

The DNSSEC protocol implementation is one of the most well-known ways to protect against DNS threats like DNS hijacking and on-path attacks.

This article will look at how to perform DNS and IP reverse lookup using some online tools for security research.

Let’s get started.

Online DNS and Reverse IP Address Lookup Tools

Let’s explore the top most effective tools you can use to perform a DNS and reverse IP address lookup.


Reverse IP/DNS API by WhoisXML API allows users to see all the connections between IP addresses and hostnames. This product line is fueled by a market-leading repository of passive DNS data containing billions of IP and DNS records.

Reverse IP/DNS tools have gained the trust of thousands of users, aiding them in adding DNS context to security platforms, accelerating threat detection and response, expanding threat intelligence, and more.

Currently, the product line includes a/an:

  • API with output queries in XML and JSON formats. The API lets users query up to 10 IPs per second and can be easily integrated with Splunk and Postman platforms.
  • DNS Database with files available in a unified and consistent CSV format, updated daily, weekly, or monthly, depending on user requirements. Download the CSV sample to test the data in your environment.
  • GUI lookup tool that allows users to check the domain names sharing an IP address in seconds and download the results in JSON format.
Try Reverse IP/DNSĀ API is a handy and excellent web service that can perform both the DNS and IP reverse lookup on a domain or IP address.

Enter the website name or IP address you want and click on the ‘GO’ button to continue.

This website also has various other tools like Reverse whois lookup, Spam database lookup, MAC address lookup, Firewall test, and many more.



HackerTarget is a fantastic tool for checking the Reverse DNS records and Reverse IP lookup of any website.

To find the records of the target website, enter the domain name or IP address  and click on the “submit.”

HackerTarget has various tools to secure the systems, from discovering attack surfaces to identifying vulnerabilities like web scanners and port scanners.

Try HackerTarget


DomainTools is a tool to perform the reverse IP lookup on any website. Type its domain name or IP address into the text box and click ‘Lookup.’ It rapidly gives the results you want.

Using this web service, you can also perform other operations like checking the hosting history, bulk parsed whois lookup, and even IP monitoring (tracking changes to registered domain names associated with an IP Address).

Try DomainTools


MXToolBox tool is a very simple tool to use. Enter an IP address in the input field to perform the reverse DNS lookup.

Other features of this tool include blacklist checking, DMARC (Domain-based Message Authentication, Reporting, and Conformance), and LOC lookup.

Try MXToolBox

Using the Crips tool in Linux

Alternatively, you can perform the Reverse DNS and IP lookup in Linux using the Crips tool.

This tool is not pre-installed in Linux. You need to install it manually from their GitHub repository.

Crips is a collection of online IP Tools for quickly obtaining information about IP Addresses and DNS records.

The features include Whois lookup, Traceroute, Reverse DNS Lookup, GeoIP Lookup, Port Scan and Reverse IP Lookup.

Installation & usage

  • Open the terminal.
  • Use the following git repository to clone into your system.
git clone

Go to that directory and run the tool using python.

cd Crips && python

Next, choose the option you want. To perform Reverse DNS lookup, enter 4, and to perform Reverse IP lookup enter 7. You can even perform other operations like Geo lookup and port scanning.

For example, here I am performing a Reverse IP lookup using the Crips tool.

In a few seconds, it gives the result after entering the target domain address.

   _|_|_|            _|                      
 _|        _|  _|_|      _|_|_|      _|_|_|  
 _|        _|_|      _|  _|    _|  _|_|      
 _|        _|        _|  _|    _|      _|_|  
   _|_|_|  _|        _|  _|_|_|    _|_|_|    
       }--{+} Coded By Manisso {+}--{
     }----{+} {+}----{
       }--{+} Greetz To IcoDz  {+}--{                               

    {1}--Whois lookup
    {3}--DNS Lookup
    {4}--Reverse DNS Lookup
    {5}--GeoIP Lookup
    {6}--Port Scan
    {7}--Reverse IP Lookup
Crips~# 7 
Enter IP Or Domain :
<head><title>301 Moved Permanently</title></head>
<center><h1>301 Moved Permanently</h1></center>
File Saved On : 
File : index.html?
Continue [Y/n] ->

And finally, the output will be saved in an index file in the same directory. If you open that file, you can find the domain names which are hosted on the same server.

Next, let’sĀ understand the concepts of reverse DNS lookup and reverse IP lookup.

What is Reverse DNS lookup?

A typical DNS record points a domain name to an IP address, which tells a computer where a request for information should be sent on the internet. This is known as forward resolution and has a forward DNS record. This is done each time you go to a website on the internet.

DNS record is just like a phone book for the internet where we save the contacts using the names of mobile numbers.

A reverse DNS record is the exact opposite of a forward DNS record. You just begin by looking up the IP address to see what domain or hostname is associated with it.

Reverse DNS, often known as rDNS, is not as widely utilized as conventional DNS lookups. A domain must point to an IP address, but the IP address does not need to have a Reverse DNS record on it. Without even an rDNS record, domains will still load.

Reverse DNS entries are stored in a particular PTR-record type.

Performing a Reverse DNS lookup on an IP can be done easily by running commands in a terminal. On Windows, Mac, and Linux, there is a command called nslookup.

In the below example, you can see that I performed DNS and reverse DNS lookup on the target website.

Address:  2245:211:c34b:a1c1::c458:1041
Non-authoritative answer:
Address:  2245:211:c34b:a1c1::c458:1041

This does a lookup and first tells where it’s getting the information from. Here, it shows the details about DNS resolver information first. Then, it shows the hostname that the reverse DNS record points to for the given IP.

What is Reverse IP Lookup?

A reverse IP lookup looks up the domain name and IP address and lists all the domains hosted on the same server. It finds all the DNS A records associated with a specific IP address. It essentially returns a list of all domain names with the same IP address.

Now, the question is what the attacker will do by knowing the names of other web applications that are running on the same server. After all, they are not hacker targets.

Let’s say website A is the target web application, and hackers couldn’t find any vulnerabilities to exploit.

In this case, a hacker does the reverse IP lookup, and let’s say they find out that Website B is also registered on the same server.

Now, suppose website B has bugs that are easy to exploit, and by exploiting these bugs or vulnerabilities, they can get hold of the server hosting these web applications. As a result, the attacker will also have access to all the information on website A. These websites may belong to the same organization or different organizations. To stop a thief, one has to think like a thief. That’s why knowing about Reverse IP lookup is very important for security researchers.

Final Words

Leveraging DNS and reverse IP lookup tools empower individuals to make informed decisions regarding their online activities.

I hope you found this article very useful in learning the difference between DNS & IP reverse lookup and the various methods and tools to perform them.

You can trust Geekflare

Imagine the satisfaction of finding just what you wanted and needed. We understand that feeling, too, so we go to great lengths to evaluate free and paid trials, subscribe to the premium plan if required, have a cup of coffee, and test the software and tools! While we may receive affiliate commissions from purchasing links on our site, our primary focus remains steadfast: delivering unbiased editorial insights, meticulously crafted product tables, and in-depth reviews. To learn more about our expert unbiased reviews from your perspective, check out how we test.

Share on:
  • Ashlin Jenifa
    Hey there, my name is Ashlin, and I’m a senior technical writer. I’ve been in the game for a while now, and I specialize in writing about all sorts of cool technology topics like Linux, Networking, Security, Dev Tools, Data Analytics, and Cloud…

Thanks to our Sponsors

More great readings on Networking

Power Your Business

Some of the tools and services to help your business grow.
  • The text-to-speech tool that uses AI to generate realistic human-like voices.

    Try Murf AI
  • Web scraping, residential proxy, proxy manager, web unlocker, search engine crawler, and all you need to collect web data.

    Try Brightdata
  • is an all-in-one work OS to help you manage projects, tasks, work, sales, CRM, operations, workflows, and more.

    Try Monday
  • Intruder is an online vulnerability scanner that finds cyber security weaknesses in your infrastructure, to avoid costly data breaches.

    Try Intruder