Home > Network Management > whois

whois: Domain and IP Information Lookup

whois is a command used to query registration information for internet domain names or IP addresses. It allows you to check various details such as domain owner, registrar, registration date, expiration date, and nameservers.

Overview

whois is a protocol and client program used to query registration data for internet domain names and IP addresses. This information helps identify domain owners, registrars, and contact details.

Key Information Provided

The following are the typical pieces of information you can obtain from a whois query:

  • Domain owner information (may be restricted due to privacy regulations)
  • Registrar information
  • Domain registration and expiration dates
  • Domain status (e.g., clientTransferProhibited)
  • Nameserver information
  • Administrative and technical contact information (may be restricted)

Key Options

The whois command allows you to control the lookup process through various options.

Lookup Control

Generated command:

Try combining the commands.

Description:

`whois` Executes the command.

Combine the above options to virtually execute commands with AI.

Usage Examples

Here are some common usage examples for the whois command.

Basic Domain Information Lookup

whois example.com

Queries WHOIS information for the specified domain name.

IP Address Information Lookup

whois 8.8.8.8

Queries WHOIS information for the specified IP address. This typically returns information from the RIR (Regional Internet Registry) that allocated the IP block.

Query Using a Specific WHOIS Server

whois -h whois.nic.or.kr example.co.kr

Typically, .kr domains can be queried through the WHOIS server of the Korea Internet & Security Agency (KISA).

Query Without Header Information

whois -H example.com

Outputs only the raw WHOIS data, excluding header information such as legal disclaimers.

Installation

The whois command may not be included by default in most Linux distributions. You can install it using the following commands.

Debian/Ubuntu

sudo apt update && sudo apt install whois

Installs the whois package using the APT package manager.

CentOS/RHEL/Fedora

sudo dnf install whois

Installs the whois package using the DNF (or yum) package manager.

Tips & Precautions

Useful tips and points to be aware of when using whois.

Privacy (GDPR, etc.)

Due to privacy regulations like GDPR (General Data Protection Regulation), WHOIS information for many domains may be anonymized or displayed with limited details. Especially for individual registrants, contact information is often masked. This can hinder legitimate inquiries.

Rate Limiting

Some WHOIS servers may limit the number of queries to prevent excessive usage. Attempting too many queries in a short period can result in a temporary ban, so exercise caution when using automated scripts.

Checking RIR Information for IP Address Lookups

WHOIS lookups for IP addresses return information from the RIR (Regional Internet Registry) that allocated the IP address. For example, IPs in the Asia-Pacific region will show information from APNIC, and those in North America from ARIN. This allows you to check the owner and allocation details of IP blocks.

Various WHOIS Servers

The WHOIS server to query may vary depending on the domain extension (.com, .org, .kr, etc.) or the allocation region of the IP address. While the whois command attempts to handle this automatically, you may sometimes need to explicitly specify a server using the -h option.

Same category commands

aria2c

aria2c: A Multi-Protocol Download Utility

curl

curl -I: Check HTTP Header Information

curl

curl: HTTP Requests and File Transfer (Silent Mode)

curl-verbose

curl-verbose: Detailed output of curl's communication

dig

dig: DNS Information Lookup