ZeroTrace OSINT
Reverse DNS
PTR records, forward-confirmed reverse DNS, and bulk-mode IP-to-hostname lookups.
The reverse-DNS tool resolves an IP back to its hostname (or hostnames) via PTR records. It also does the forward-confirmed reverse-DNS check — re-resolving the PTR back to the A / AAAA record to confirm the mapping is consistent.
What you get
For any IPv4 or IPv6:
- PTR record(s) — the hostname(s) the IP claims as its name.
- Forward-confirmed flag — does the PTR's A record point back to the original IP? (Yes / No / Mismatch)
- Hostname pattern detection — same hosting-provider pattern catalog used by IP geolocation.
Why forward-confirmed matters
A hostname owner can claim any PTR they like for an IP they control. The forward-confirmed check verifies that the registered A record for the PTR hostname actually points back to the IP — which is what most legitimate services arrange and most spoofers do not.
| FCrDNS result | What it means |
|---|---|
| Confirmed | The PTR is owned by the same operator who runs the IP. High-trust mapping. |
| Unconfirmed | A record points elsewhere (or doesn't exist). Often benign (shared hosting, CDN), occasionally suspicious. |
| Mismatch | A record exists and points to a different IP. Misconfiguration or impersonation. |
For mail-server reputation work in particular, forward-confirmed reverse-DNS is one of the cheap signals that big mail providers actually check.
Bulk reverse DNS
Bulk paste accepts a list of IPs and resolves them in parallel (with per-host rate-limiting). The aggregate table shows IP, PTR, and FCrDNS status side by side — a clean way to enrich a log file or a CIDR sweep.
For a /24 sweep, paste the IPs from the CIDR tools range expander. Most IPs will have no PTR (uninteresting); the ones that do tell you what hostnames the operator is willing to publish.
Pivots from a reverse-DNS result
| Click on... | Pivot to |
|---|---|
| The IP | WHOIS, IP geolocation, ASN lookup, IP reputation |
| PTR hostname | DNS lookup, WHOIS on parent domain, certificate transparency on parent |
| FCrDNS result | (no pivot — informational) |
Sources
- The system DNS resolver, which honours your network's chosen resolver.
Reverse-DNS is one of the few tools in the toolkit that does not call an external HTTP API — it uses native DNS queries. There is no external source attribution because there is no external source.