Whois can query to the other domain name registration information, some domain at the time of registration will leave registrant name, contact information, telephone, E-mail, company address, etc., even the information mentioned in the first time, this information can be used to do some social engineering, or physical attacks (run family company TanFeng), the subsequent attack will have access to information
Whois queries are performed by region. Here are the NIC addresses for each country
AFRINIC       
www.afrinic.net
APNIC          
apnic.net
ARIN            http://arin.net
IANA             http://lana.net
ICANN          http://lcann.net
LACNIC         http://lacnic.net
NRO              http://nro.net
RIPE              http://ripe.net
InterNic       http://internic.net


At the beginning, Intel NICS were used to assign IP addresses. Later, different regional nics were established in different regions. Addresses and domain name information were also allocated in nics
APNIC is the Asia-pacific region for distribution
AFRINIC is the region of Africa for distribution
IANA is an international organization
These are all representative of different regions, we can query information to these addresses to query domain name related information, of course, if you don’t want to query through the command, you can also query the HTTP connection provided above, in Kali to query NIC, you need to query through the command. Whois command query and the above provided web page query is the same, WHOis its principle is to connect the above NIC web database to query the information checked, its advantage is at the same time will query a number of NIC, and the web page can only be a query, web page query here is not displayed, command query results are as follows: 

root@kali:~# whois sina.com
   Domain Name: SINA.COM
   Registry Domain ID: 2243615_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.paycenter.com.cn
   Registrar URL: http://www.xinnet.com
   Updated Date: 2018-12-20T09:17:25Z
   Creation Date: 1998-09-16T04:00:00Z
   Registry Expiry Date: 2021-09-15T04:00:00Z
   Registrar: Xin Net Technology Corporation
   Registrar IANA ID: 120
   Registrar Abuse Contact Email: [email protected]
   Registrar Abuse Contact Phone: +86.1087127926
   Domain Status: serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited
   Domain Status: serverTransferProhibited https://icann.org/epp#serverTransferProhibited
   Domain Status: serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited
   Name Server: NS1.SINA.COM
   Name Server: NS1.SINA.COM.CN
   Name Server: NS2.SINA.COMCopy the code

More information, not one by one display, folder with detailed content


Whois can query domain name information, can also query IP information, can be queried, such as the query to the mailbox, can send a Trojan horse in the past, to see if it will win, and telephone or fax, are can achieve some social workers
I recommend a book about social engineering called The Art of Anti-Cheating


When you query the IP address, it will tell you which IP segment it is. The query result is as follows: 

root@kali:~# whois 220.181.38.148
% [whois.apnic.net]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

% Information related to '220.181.0.0-220.181.255.255'

% Abuse contact for '220.181.0.0-220.181.255.255' is '[email protected]'Inetnum: 220.181.0.0-220.181.255.255 Netname: chinanet-IDC-BJ country: CN descr: CHINANET Beijing province network descr: China Telecom descr: No.31,jingrong street descr: Beijing 100032 admin-c: CH93-AP tech-c: HC55-AP remarks: hostmaster is notfor spam complaint,
remarks:        please send spam complaint to [email protected]
mnt-by:         MAINT-CHINANET
mnt-lower:      MAINT-CHINATELECOM-BJ
status:         ALLOCATED NON-PORTABLE
last-modified:  2008-09-04T06:56:04Z
source:         APNIC

person:         Chinanet Hostmaster
nic-hdl:        CH93-AP
e-mail:         [email protected]
address:        No.31 ,jingrong street,beijing
address:        100032
phone:          +86-10-58501724
fax-no:         +86-10-58501724
country:        CN
mnt-by:         MAINT-CHINANET
last-modified:  2014-02-27T03:37:38Z
source:         APNIC

person:         Hostmaster of Beijing Telecom corporation CHINA   TELECOM
nic-hdl:        HC55-AP
e-mail:         [email protected]
address:        Beijing Telecom
address:        No. 107 XiDan Beidajie, Xicheng District Beijing
phone:          +86-010-58503461 
fax-no:         +86-010-58503054
country:        cn
mnt-by:         MAINT-CHINATELECOM-BJ
last-modified:  2008-09-04T07:29:39Z
source:         APNIC

% This query was served by the APNIC Whois Service version 1.88.15-46 (WHOIS-NODE3)Copy the code

It can be seen that his IP segment is 220.181.0.0-220.181.255.255. The above information also includes which company this IP address belongs to and what address it is located in. It should be noted that this address may only be the office address of the manager of this IP segment, rather than the real home address. There is also a possibility is that the real physical use of address, such as home broadband is real home address, so after the query to the information need to be further verified that the information provided by the above and also need to further confirm the information is the proxy operators, or truth is the real information of target is need to be further verified


Information about domain name registration side need to say, when the registered domain name, can be agents or domain operators to help us to register, don’t leave so much personal information, otherwise later to help the company to operate a website or operating your own website, this information is likely to be a hacker attack by some means, Is it a bad habit to leave personal information for everything


Reprint please indicate the source!!