Skip to main content

Reverse DNS

free
GET/v1/ip/reverse

Performs a reverse DNS lookup (PTR record query) to find the hostname(s) associated with an IP address. Validates forward-confirmed reverse DNS (FCrDNS) for up to 10 PTR hostnames, classifies detected hostname patterns, and returns a single-word `email_deliverability` verdict (pass / warn_generic / warn_no_fcrdns / fail_no_ptr) that compresses the FCrDNS + generic-hostname + PTR-presence signals into one actionable field. Essential for email deliverability validation and infrastructure reconnaissance.

What It Does

Queries PTR records for the IP address by looking up the in-addr.arpa (IPv4) or ip6.arpa (IPv6) domain via Cloudflare DoH. Returns all associated hostnames, performs forward-confirmed reverse DNS (FCrDNS) validation by resolving up to 10 PTR hostnames back to verify they match the original IP (with `fcrdns_truncated` / `fcrdns_total` so callers know when more PTRs existed than were checked), classifies detected hostname patterns (mail servers, CDNs, residential ISP naming, cloud compute), and produces an `email_deliverability` rollup combining FCrDNS pass/fail, generic-hostname detection, and PTR presence into a single recommendation.

Why It's Useful

Reverse DNS is critical for email deliverability since Google and Yahoo require Forward-Confirmed Reverse DNS (FCrDNS) as of February 2024. The bundled `email_deliverability.recommendation` field collapses the raw signals into a verdict every mail-ops engineer carries in their head, so a quick health check no longer requires custom client-side logic. It enables security analysts to resolve IPs in logs to meaningful hostnames, and penetration testers to discover infrastructure during reconnaissance. Missing or misconfigured PTR records are a leading cause of email delivery failures.

Use Cases

Email Administrator

Email Deliverability Audit

Verify that all mail server IPs have proper PTR records matching the HELO/EHLO hostname, and that FCrDNS passes. Required by Google and Yahoo since February 2024.

Prevent email delivery failures caused by missing or mismatched reverse DNS records.

SOC Analyst

Security Log Enrichment

Enrich firewall, IDS, and server access logs with hostnames to identify patterns like scanning from cloud providers or known botnet infrastructure.

Transform raw IP logs into actionable intelligence with meaningful hostname context.

Penetration Tester

Infrastructure Reconnaissance

Map IP ranges to hostnames during authorized penetration testing to discover additional subdomains, services, and shared hosting environments.

Expand attack surface understanding by uncovering hidden services and infrastructure relationships.

Parameters

NameTypeRequiredDescription
ipstringRequiredThe IPv4 or IPv6 address to perform reverse DNS lookup onExample: 8.8.8.8

Response Fields

FieldTypeDescription
ipstringThe queried IP address
ip_versionnumberIP version (4 or 6)
hostnamesarrayAll PTR record hostnames found (trailing dots removed)
has_ptrbooleanWhether any PTR record was found
fcrdnsarrayForward-confirmed reverse DNS results: hostname, forward_confirmed (boolean), forward_addresses. Capped at 10 hostnames.
fcrdns_truncatedbooleanTrue when the FCrDNS check ran against a subset of `hostnames` (i.e. >10 PTRs)
fcrdns_totalnumberTotal number of PTR hostnames returned (whether or not all were FCrDNS-checked)
hostname_classificationstringDetected hostname pattern: mail_server, nameserver, cdn, web_server, gateway, residential, static_ip, or cloud_compute
email_deliverability.fcrdns_passbooleanTrue when at least one PTR forward-resolves to this IP
email_deliverability.generic_hostnamebooleanTrue when PTR matches a residential / dynamic-ISP pattern — mail from this IP typically fails RBLs
email_deliverability.missing_ptrbooleanTrue when no PTR record exists — most receivers will reject mail from this IP
email_deliverability.recommendationstringSingle-word verdict: pass, warn_generic, warn_no_fcrdns, or fail_no_ptr

Code Examples

cURL
curl "https://api.edgedns.dev/v1/ip/reverse" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -d "ip=8.8.8.8"
JavaScript
const response = await fetch(
  'https://api.edgedns.dev/v1/ip/reverse?ip=8.8.8.8',
  {
    headers: {
      'Authorization': 'Bearer YOUR_API_KEY'
    }
  }
);

const data = await response.json();
console.log(data);
Python
import requests

response = requests.get(
    'https://api.edgedns.dev/v1/ip/reverse',
    headers={'Authorization': 'Bearer YOUR_API_KEY'},
    params={
    'ip': '8.8.8.8'
    }
)

data = response.json()
print(data)

Read the full Reverse DNS guide

Why it matters, real-world use cases, parameters, response fields, and how to call it from Claude, ChatGPT, or Gemini via MCP.

Read the guide →

Related Endpoints

IP Geolocation

Get location, ASN, and org for an IP

DNS Lookup

Query any of 22 DNS record types or ALL at once with DNSSEC validation

ASN Lookup

Get AS number, organization, and network type

External References

Learn more about the standards and protocols behind this endpoint.

IANA AS NumbersIEEE OUI Registry

Try This Endpoint

Test the Reverse DNS endpoint live in the playground.

Open in PlaygroundGet API Key