Products APIs Data Feeds Web Tools Domain Research & Monitoring Enterprise Packages
WHOIS / WHOIS History
WHOIS / WHOIS History

Provide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.

DNS / DNS History
DNS / DNS History

Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.

IP Geolocation / IP Netblocks
IP Geolocation / IP Netblocks

Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Access our web-based solution to dig into and monitor all domain events of interest.

Domain Research Suite (DRS)
Domain Research Suite (DRS)

Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.

Research
Monitoring
White-Label
Enterprise API Packages
Enterprise API Packages

Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.

Security Intelligence (SI) Suite
Security Intelligence (SI) Suite

Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.

Premium API Services
Premium API Services

Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.

×
Contact Us
API docs Integrations Pricing Blog FAQ



DNS & DNS History Blog

Read other articles

The Step-by-Step Process of Reverse DNS Lookup

Posted on August 14, 2018

Understanding reverse DNS lookup is crucial for learning how the internet retrieves domain names from IP addresses and how emails become approved. To understand this process, the first step is to find out how forward DNS works.

Understanding Forward DNS

The DNS system makes the internet work: it translates domain names into IP addresses and finds their location. Because of it, all you have to know is a domain name — such as www.facebook.com — and you can access the website. This process works through DNS servers: master servers, which are owned by independent agencies, hold all the matching domain names and IP addresses; smaller ones hold fractions of the database, and they are owned by businesses or ISPs.

When you search for something on the internet, your browser requests information from the DNS server connected to your ISP. It looks for the matching IP address in its database, but if that doesn’t work, it moves the request to other servers until one of them has the data. Then, the server returns the information to your browser, and you can access the page.

Structuring IP Addresses for Reverse DNS

Reverse DNS (rDNS) does the opposite. This is used when you have the IP address and need to find the host to which it belongs. It uses a different set of data—an IP address of 2.4.6.8 would be reversed as 8.6.4.2 in order to be used in the rDNS process.

Understanding DNS and structuring IP address

Depending on the version of IP you’re using — either v4 or v6 — your server will have a different way of structuring its data. V4 is more common, and it adds the top-level domain (TLD) “in-addr” to the end of the reversed IP address to signal what it is. It also adds “.arpa” because it is one of the TLDs for rDNS lookup. Using the above example, 2.4.6.8 would become 8.6.4.2.in-addr.arpa to make the original IP address searchable in rDNS databases.

Using rDNS to Access a Domain Name

To continue the process, the server refers to the Pointer record (PTR record), a collection of data specifically for rDNS lookup, and begins its search by using the properly formatted IP address through the following channels:

  • First, it asks the root server if it has the IP address on record. If the first server is not sufficient, it can redirect you to another one.
  • IP addresses are categorized into classes based on their first number, and the root server will send your request to a server that specializes in that class.
  • Once the request has been redirected, it goes through the selected Regional Internet Provider (RIR) and asks for a match with the formatted IP address. The RIR will find the original internet or bandwidth provider of your address.
  • The DNS server asks again for the PTR record, and the organization’s servers will give you the name in the form of host.example.com.

Why Use rDNS?

While it’s not important for everyone to have information in the reverse DNS database, it is crucial for any email provider. Emails are checked to make sure their servers have rDNS enabled to filter out spam, so it is necessary that you enable rDNS lookup if you are running an email server.

Read other articles
Try our WhoisXML API for free
Get started