whois lookup of a domain or IP address to find the registered owner.
About the Whois Lookup service
Whois lookups are an easy and fast way to find the ISP, Hosting provider, countries and contact details for a domain or IP address. There are many uses for Whois data that can be utilised by attackers and defenders in the information security sector.
Useful for tracking down attackers when defending or finding targets to attack when on the offensive. A
whois lookup can reveal organisational details, IP ranges to scan and the email addresses of technical staff. This information is commonly found in the information gathering phase of an assessment or planned attack.
This IP Tool simply runs the
whois command line tool that is packaged in most Linux operating systems.
What is Whois?
Whois is simply a plain text protocol that returns information from a database of Internet resources. It can reveal the owner or registered user of a resource; that may be a domain name, an IP address block or an autonomous system number (ASN).
Information returned includes physical addresses, email addresses of system staff, names and phone numbers. The DNS name servers of a domain are also displayed. Many domain registration services allow a private listing in which the details of the domain owner can be hidden, these became popular following the prevalence of spam being directed at domain owners.
Whois Lookup API
Another way to query the
whois service is to use the API. The HTTP response from the API will be returned in a simple text based format.
The API is designed to be used in an ad-hoc fashion not for bulk queries and is like all our IP Tools is limited to 50 (total) requests from a single IP Address per day.