whois

whois

whois is a command-line tool used to retrieve registration details of a domain, such as ownership, contact information, registrar details, and key dates (like creation and expiration). It’s commonly used by network administrators, cybersecurity professionals, and IT experts to investigate domain ownership, troubleshoot issues, and perform network diagnostics.

Non-interactive Mode

You can query a domain and specify options directly inline with the whois command. While typically only one domain is queried per command, you can enhance the query by combining additional flags for more detailed output.

Examples:

  • Basic Query:
    > whois example.com
  • Hide Legal Disclaimer: Suppress the legal disclaimers that some whois implementations display.
    > whois -H example.com
  • Verbose Output: Get detailed information about a domain, such as additional network and administrative details.
    > whois -v example.com
  • Raw Output: Display the raw data without any formatting, useful for processing by scripts.
    > whois -r example.com

Interactive Mode

Unlike some tools like nslookup, whois doesn’t have a traditional interactive mode. However, you can perform a sequence of commands to issue queries step-by-step with different flags to refine your output or query multiple domains consecutively.

Example:

> whois example.com
> whois -v example.com # Retrieve verbose output
> whois -H example.com # Suppress legal disclaimer

Common Whois Flags

Here are some frequently used options that allow you to customize your queries:

-H: Hide the legal disclaimer from the output.

-v: Enable verbose output, displaying more detailed information.

-r: Output raw data, useful for script processing or deeper analysis.

-h: Specify a whois server to query. For example, -h whois.verisign-grs.com allows you to target a specific server.

-p: Specify the port used for the query. The default is 43, but this option allows you to override it if necessary.

Combined Flags

Multiple flags can be used in a single command for more complex queries. For instance, you can retrieve verbose output while hiding the legal disclaimer and specifying a custom whois server:

> whois example.com -H -v -h whois.verisign-grs.com example.com

Use Cases

  • Investigating Domain Ownership: When you need to know who owns a domain or find the registrar information, whois provides details like the registrant’s contact information, registration dates, and DNS details.
  • Troubleshooting DNS or Domain Issues: IT professionals use whois to check whether a domain’s information is up-to-date or spot inconsistencies that could lead to network issues.