whois – Domain and IP Information Lookup

whois is an essential query and response protocol used for querying databases that store registered...

Networking Tools Linux Open Source

whois is an essential query and response protocol used for querying databases that store registered domain names, IP addresses, and autonomous system information. For system administrators and security professionals, whois provides critical intelligence about domain ownership, registration dates, expiration dates, nameservers, and contact information for network resources.

Understanding who owns a domain or IP address is fundamental for network troubleshooting, security investigations, and compliance verification. The whois protocol connects to distributed databases maintained by regional internet registries (RIRs) and domain registrars to retrieve this authoritative information.

Key Features

Domain Lookups – Query registration details for any domain name
IP Address Queries – Find ownership information for IP blocks
ASN Information – Look up autonomous system details
Registrar Details – Identify domain registrars and their contacts
Expiration Tracking – Check when domains expire
Nameserver Information – View authoritative DNS servers

Installation

sudo apt install whois    # Debian/Ubuntu
sudo dnf install whois    # Fedora/RHEL
sudo pacman -S whois      # Arch Linux

Basic Usage Examples

# Query domain information
whois example.com

# Query IP address ownership
whois 8.8.8.8

# Query specific whois server
whois -h whois.verisign-grs.com example.com

# Query ASN information
whois AS15169

# Verbose output
whois -v example.com

# Query with specific port
whois -p 43 example.com

Understanding Output

A typical whois response includes domain name, registrar information, registration and expiration dates, nameservers, DNSSEC status, and registrant contact details (though many are now redacted for privacy under GDPR). For IP addresses, you’ll see the allocated network block, organization name, and abuse contact information.

Use Cases

Security Investigations – Research suspicious domains or IPs
Domain Management – Monitor expiration dates
Network Troubleshooting – Identify network owners
Competitive Analysis – Research competitor domains
Abuse Reporting – Find correct contacts for complaints

View Documentation

Was this article helpful?