Whois

Check IP/Domain Whois

The response returns geolocation information of the queried IP address or domain, including status, country, region, city, zip code, latitude, longitude, timezone, ISP, organization, and AS (Autonomous System) details.

Request

GET https://ismalicious.com/api/check/whois?query=146.59.151.156

Try this endpoint in your browser 🔗

Query Parameters

Parameter

Type

Description

query

string

The IP address / Domain name to check.

Response

{
    "whois": {
        "ip": "146.59.151.156",
        "rir": "RIPE",
        "is_bogon": false,
        "is_mobile": false,
        "is_crawler": false,
        "is_datacenter": true,
        "is_tor": false,
        "is_proxy": false,
        "is_vpn": true,
        "is_abuser": false,
        "datacenter": {
            "datacenter": "OVH SAS",
            "domain": "ovhcloud.com",
            "network": "146.59.150.0 - 146.59.151.255"
        },
        "company": {
            "name": "OVH SAS",
            "abuser_score": "0.0098 (Elevated)",
            "domain": "ovhcloud.com",
            "type": "hosting",
            "network": "146.59.150.0 - 146.59.151.255",
            "whois": "https://api.ipapi.is/?whois=146.59.150.0"
        },
        "abuse": {
            "name": "OVH Technical Contact",
            "address": "OVH SAS, 2 rue Kellermann, 59100 Roubaix, France",
            "email": "abuse@ovh.net",
            "phone": "+33972101007"
        },
        "asn": {
            "asn": 16276,
            "abuser_score": "0.0032 (Low)",
            "route": "146.59.0.0/16",
            "descr": "OVH, FR",
            "country": "fr",
            "active": true,
            "org": "OVH SAS",
            "domain": "ovhcloud.com",
            "abuse": "abuse@ovh.net",
            "type": "hosting",
            "created": "1970-01-01",
            "updated": "2024-12-02",
            "rir": "RIPE",
            "whois": "https://api.ipapi.is/?whois=AS16276"
        },
        "location": {
            "continent": "EU",
            "country": "France",
            "country_code": "FR",
            "state": "Hauts-de-France",
            "city": "Roubaix",
            "latitude": 50.69421,
            "longitude": 3.17456,
            "zip": "59998 CEDEX",
            "timezone": "Europe/Paris",
            "local_time": "2024-12-10T14:27:29+01:00",
            "local_time_unix": 1733837249,
            "is_dst": false
        },
        "elapsed_ms": 0.71
    }
}

Description

This API endpoint provides detailed WHOIS information for a given IP address or domain name. By querying this endpoint, users can obtain data regarding the ownership, network range, and associated organization of an IP address. The response further includes insights about data center presence, VPN and proxy usage, along with geographical and organizational details. This feature is crucial for security teams and IT professionals to carry out robust network analysis and threat assessments efficiently.

Why is this useful?

Helps identify potential threats by revealing whether an IP is associated with malicious activities, data centers, or VPNs.
Provides detailed insights into network ownership and geography, allowing for better network oversight.
Assists in meeting regulatory requirements by documenting IP and domain ownership and associated activities.
Identifies suspicious IPs or domains used in fraudulent schemes, reducing the risk of financial loss.
Supports data-driven decisions by providing comprehensive network and organization details.

For performance reasons, you'll find other separate endpoints for each sub-check you want to look after:

Reputation

Vulnerabilities

Geolocation

PreviousGeolocation NextSearch resource

Last updated 15 days ago

Check IP/Domain Whois

Request

Response

Description

More: