How to Use the WHOIS Command to Lookup Ip and Domain Name Information
Summary
TLDRThe video tutorial demonstrates how to use the WHOIS command to obtain information about IP addresses and domain names. It covers the process for both Mac/Linux and Windows users, with instructions on how to install the WHOIS command on Windows if it's not already present. The host explains that WHOIS can reveal registration and contact details for domain registrants, and even hosting information. Examples are provided, including looking up Google's domain and a personal website, to illustrate the type of data that can be accessed. The video also touches on privacy protection for domain registrants and how to find a website's hosting by using the 'ping' command to get the IP address and then querying that IP with WHOIS. The tutorial concludes with a demonstration of installing the WHOIS command on a Windows system.
Takeaways
- 💻 The WHOIS command is used to look up IP address and domain name information, including contact details and hosting information.
- 📡 On Mac or Linux, the WHOIS command is pre-installed and can be accessed via the terminal; on Windows, it's not installed by default but can be installed from a Microsoft URL.
- 🔎 Running WHOIS with a domain name, such as `whois google.com`, returns various details about the domain's registration and registrar.
- 📅 Domain names have a registration date, and the example shows Google's domain was registered on September 15, 1997, with an expiration date in 2028.
- 🤖 Some contact information is hidden for privacy, while some is publicly available, such as the organization name and state.
- 🌐 Name servers' details are provided in the WHOIS output, which are essential for domain functionality.
- 📝 Privacy protection services are available to prevent public exposure of personal contact information, instead providing a contact form or a disguised email address.
- 🏢 The WHOIS command can also reveal the registrar of a domain, such as MarkMonitor Inc. for Google's domain.
- 🏠 By using the `ping` command followed by a domain, one can obtain the IP address of the hosting provider for that domain.
- 🌐 WHOIS can also provide information on IP addresses, not just domain names, which can help identify hosting services used by a website.
- 💡 Cloudflare, mentioned in the script, is a Content Delivery Network (CDN) that can be associated with a domain for asset delivery, but it doesn't necessarily mean the website is hosted on Cloudflare.
- 📚 The tutorial also guides on how to install the WHOIS command on a Windows computer by downloading a zip file from a provided URL and extracting it to a folder.
Q & A
What is the purpose of the 'whois' command?
-The 'whois' command is used to look up IP address and domain name information, which can include contact details for the domain registrant and hosting information.
Is the 'whois' command available on all operating systems by default?
-The 'whois' command is available by default on Mac and Linux systems through the terminal. However, on Windows, it is not installed by default and needs to be installed separately.
What is the process to use the 'whois' command on Windows?
-On Windows, you can use the command prompt to execute the 'whois' command after installing it. The installation involves downloading a 'whois' zip file from a Microsoft URL, extracting it, and then copying the path to the folder it was extracted to.
What is the significance of the domain registration date?
-The domain registration date indicates when the domain name was first registered. It is important as it shows the age of the domain, which can be a factor in its credibility and search engine rankings.
Why might some contact information be hidden from public view in a 'whois' lookup?
-Some contact information may be hidden due to privacy protection services that domain registrants use to prevent their personal details from being publicly accessible on the internet.
What is the role of Verisign in the domain registration process?
-Verisign is the company that manages .com domain names. Every .com domain that is registered goes through Verisign at some point in the registration process.
What does a 'name server' refer to in the context of domain names?
-A name server is a server that appends domain names to IP addresses. They are part of the Domain Name System (DNS) and are crucial for directing traffic to the correct location on the internet.
How can one find out the hosting information of a website?
-One can use the 'ping' command to find the IP address associated with a website's hosting. Then, by using the 'whois' command on that IP address, one can obtain information about the hosting company.
null
-null
What is a Content Delivery Network (CDN) and how is it related to website hosting?
-A CDN is a system of distributed servers that deliver web content to users based on their geographic location, the origin of the web page, and the content delivery server to ensure fast and reliable access. It can be related to website hosting as it may host some of the website's assets to improve load times and performance.
How does the 'whois' command provide information about a domain's registrar?
-The 'whois' command provides information about the registrar when it returns the details of the domain's registration. This includes the name of the registrar company, the registration and expiration dates, and sometimes contact information.
What is the difference between a registrar and a hosting company?
-A registrar is a company that manages the reservation of internet domain names, while a hosting company provides the actual space and resources on the internet for websites to be viewed by others. A domain can be registered with one company and hosted with another.
How can the 'whois' command be used to look up information on an IP address?
-The 'whois' command can be used on an IP address by simply inputting the IP address after the command, just as you would with a domain name. This will return information about the organization that owns the IP address and related details.
Outlines
🔍 Introduction to WHOIS Command for Domain Lookup
This paragraph introduces the WHOIS command, which is used to look up IP address and domain name information. It explains that this can include contact details of the domain registrant and hosting information. The speaker notes that the WHOIS command is pre-installed on Mac and Linux systems and can be accessed via the terminal, while Windows users need to use the command prompt and may need to install WHOIS separately. The tutorial then demonstrates how to use the WHOIS command by looking up information for 'google.com', including its registration date, registrar, and some contact details. It also touches upon privacy protection for domain registrants and how some information may be hidden from public view.
🌐 Exploring WHOIS for Different Domains and IP Lookup
The second paragraph continues the discussion on WHOIS by comparing the results of looking up 'google.com' with another domain, 'tonyteachers.tech'. It highlights the differences in the registrar and the level of public information available for each domain. The speaker also demonstrates the use of a contact form for privacy protection, which is a feature provided by some registrars to prevent direct public access to the registrant's contact information. Additionally, the paragraph explores how to find out the hosting information for a domain by using the 'ping' command to get the IP address and then using WHOIS to look up the hosting company associated with that IP. The paragraph concludes with a brief mention of installing the WHOIS command on a Windows computer by downloading it from a Microsoft URL.
Mindmap
Keywords
💡WHOIS command
💡IP address
💡Domain name
💡Registrar
💡Privacy protection
💡Name servers
💡Hosting company
💡Ping command
💡Content Delivery Network (CDN)
💡VeriSign
💡Radix
Highlights
The WHOIS command can be used to look up IP address and domain name information.
On Mac or Linux, WHOIS is accessible via Terminal, while on Windows it's accessed through Command Prompt.
WHOIS can provide contact information for domain registrants and hosting information.
Every .com domain goes through Verisign, the company managing .com domain names.
Google.com was first registered on September 15, 1997, with registration until 2028.
Some contact information for domains is hidden from public view for privacy.
WHOIS can also provide information from the registrar, such as creation, update, and expiration dates.
Different domain endings, like .tech, are registered through different companies, such as Radix.
Privacy protection can prevent contact information from being publicly visible.
A disguised email address can be provided for contact forms to protect privacy.
The ping command can reveal the IP address associated with a domain's web hosting.
WHOIS can also look up information based on an IP address, not just domain names.
Hosting companies can be identified through WHOIS lookups of associated IP addresses.
Content Delivery Networks (CDNs) like Cloudflare may be associated with a domain but not necessarily the hosting provider.
WHOIS command is not installed by default on Windows but can be installed from a Microsoft URL.
After installing WHOIS on Windows, it can be executed from the Command Prompt for any domain or IP address.
Transcripts
in this video i'm going to show you how
to use the who is command to look up ip
address and domain name information and
this information can be contact
information for whoever registered the
domain name and it can even be hosting
information so let's go ahead and hop on
into the tutorial if you're on a mac or
a linux computer you're already going to
have the whois command installed and you
can access it via terminal if you're on
windows you're going to use the command
prompt but this is not installed by
default stick around to the end of the
video if you want to learn how to
install who is on windows but otherwise
let's go ahead and proceed so like i
said we have the who is command
installed and you can see how to use it
here we're going to do our first example
with who is google.com so it's just who
is and then the name of a domain name
so hit enter and it's going to spit out
a lot of information definitely
overwhelming at first but let me walk
you through it so
every single dot com domain name that
you look up is going to start with this
section it's just
generic information for
anybody who has a dot com so every dot
com goes through verisign
that is the company who manages dot com
domain names so if you register a dot
com domain it's going to go through
verisign at some point so
not not the most interesting stuff at
the top maybe something that's
interesting is that the first.coms were
recruited in 1985. okay so the next
section is more along the lines of what
we're interested in so specifically the
domain name google.com
has some information here so that was
first registered on
september 15 1997
and they have the domain name registered
until 2028 so
they they're well out there and that's
like a what is it eight years into the
future six to eight years into the
future
they registered with their registrar is
mark monitor incorporated okay they have
a little bit of contact information in
here but it seems they have a lot of
that information hidden from the public
view uh here's some name servers
and that's about all the interesting
stuff so that was a who is from verisign
uh there's also a who is from mark
monitor their registrar so you see some
redundant information so google.com
uh the same
creation date updated date the
expiration date
and then
uh the same type of contact information
and
the name servers as well so
they do have a little bit more public
information that they're out of
california the the organization's called
google llc
but that's about it for google let's try
another example i'm going to pull up
another terminal window here just to
show you how these these two compared to
each other so
uh where were we who is so who is we'll
try who is tony teaches dot tech
okay so this is a different domain
ending so we're not gonna see a com at
the top we're going to see a dot tech so
all dot tech domain names are registered
through
radix okay and they're out of mumbai
india
and that came into existence the tech
domain name
first came into existence in 2015. so
cool but uh not what we're here to look
at
so let's look at tonyteachers.tech so
that is my website if you haven't
figured that out i registered that on
january 19th of 2020
i registered it with google so google
domains
here is my name servers they're all
google domain name servers and i have
some privacy protection so you can't see
any of my contact information
that is here here's the who is that who
is google.com
this is my registrar this is the
information for my privacy protection
the only way the only kind of public
information that is exposed
which really isn't much is this
registrant email so it's not my email it
just takes you to a contact form and let
me show you
what that looks like so i'm going to go
here open that up and if you did want to
get in touch with me
you can
type the domain name in it already
pre-filled it for you confirm that
you're not a robot submit and then it's
going to give you a contact form that
will
actually it's not going to give you
contact form sorry it's going to give
you an email address a hidden email
address the disguise email address but
this will actually end up in my email
box so you can
some people have their information
public some of them
have contact forms some of them have
private email addresses like this just
so that your public information isn't
sitting out there on the internet so
that's what that looks like
anything else interesting in here
not really
what is interesting though i got my
domain name from google domains as you
can tell here but what about my website
where is my website hosted well there is
a way you can sometimes figure this out
so for a particular
website or a particular domain name
let's go ahead and ping it use the ping
command so if we ping tony teaches
dot tech that's going to give us back
the ip address associated with the web
hosting for that that domain name so now
we can use the whois command to look up
that ip address it doesn't have to be a
domain name it can be an ip address as
well so let's see what's going on at
194.1.147
dot
what was the other
147.33 okay so
that shows us
uh let's see the organization that
i guess owns that ip address is ripe ncc
uh
k
media tech okay we're getting onto
something here and there it is wpx
hosting wpx hosting is my hosting
company that's what i use to host my
website and they are out of
sofia bulgaria okay so that's where my
website is hosted
we can try this for
another website right so we can do who
is
network
chuck
dot com
and he has a dot com so you see that
same exact verisign information at the
top
and he registered his domain name
in 2016
from
godaddy so his he he used godaddy to
register his domain but that doesn't
necessarily mean that his website is
hosted with godaddy so we can try a
similar technique we can do ping
network
chuck.com
that'll give us back the ip address of
his web hosting and then we can do who
is
this ip address
and we'll see information from
cloudflare so cloudflare is like it's a
cdn a content delivery network so that
doesn't necessarily mean his website is
hosted from that that just means that uh
some of his assets are there but it it
could be the case that he's hosting
directly with cloud failure
um
so yeah i think now i'll show you how to
install the
uh whois command on windows so check
that out next as you can see here the
who is command is not installed on this
windows computer but we can install it
by going to this microsoft url and
downloading this who is zip file and we
can go ahead and extract that zip file
and then what you're going to want to do
is copy the path to the folder that it
was extracted to
open up a command prompt window
cd into that directory and now you can
execute the whois command for any domain
name or ip address that you desire
[Music]
Voir Plus de Vidéos Connexes
OSINT : Les astuces cachées des noms de domaine | Ep. 4
4- شرح DNS وطريقة جمع معلومات عن ال Domain | دورة اختبار اختراق تطبيقات الويب
Unir un cliente Windows 10 a un dominio en Windows Server 2019
How to Join a Client PC (Windows 10) to an Active Directory Domain Controller (Windows Server 2019)
Install and Configure DHCP Server in Windows Server 2019 Step By Step Guide
3 Information Gathering
5.0 / 5 (0 votes)