Whois

Check IP/Domain Whois

The response returns geolocation information of the queried IP address or domain, including status, country, region, city, zip code, latitude, longitude, timezone, ISP, organization, and AS (Autonomous System) details.

Request

GET https://ismalicious.com/api/check/whois?query=146.59.151.156

Try this endpoint in your browser 🔗

Query Parameters

Parameter

Type

Description

query

string

The IP address / Domain name to check.

Response

{
    "whois": {
        "ip": "146.59.151.156",
        "rir": "RIPE",
        "is_bogon": false,
        "is_mobile": false,
        "is_crawler": false,
        "is_datacenter": true,
        "is_tor": false,
        "is_proxy": false,
        "is_vpn": true,
        "is_abuser": false,
        "datacenter": {
            "datacenter": "OVH SAS",
            "domain": "ovhcloud.com",
            "network": "146.59.150.0 - 146.59.151.255"
        },
        "company": {
            "name": "OVH SAS",
            "abuser_score": "0.0098 (Elevated)",
            "domain": "ovhcloud.com",
            "type": "hosting",
            "network": "146.59.150.0 - 146.59.151.255",
            "whois": "https://api.ipapi.is/?whois=146.59.150.0"
        },
        "abuse": {
            "name": "OVH Technical Contact",
            "address": "OVH SAS, 2 rue Kellermann, 59100 Roubaix, France",
            "email": "[email protected]",
            "phone": "+33972101007"
        },
        "asn": {
            "asn": 16276,
            "abuser_score": "0.0032 (Low)",
            "route": "146.59.0.0/16",
            "descr": "OVH, FR",
            "country": "fr",
            "active": true,
            "org": "OVH SAS",
            "domain": "ovhcloud.com",
            "abuse": "[email protected]",
            "type": "hosting",
            "created": "1970-01-01",
            "updated": "2024-12-02",
            "rir": "RIPE",
            "whois": "https://api.ipapi.is/?whois=AS16276"
        },
        "location": {
            "continent": "EU",
            "country": "France",
            "country_code": "FR",
            "state": "Hauts-de-France",
            "city": "Roubaix",
            "latitude": 50.69421,
            "longitude": 3.17456,
            "zip": "59998 CEDEX",
            "timezone": "Europe/Paris",
            "local_time": "2024-12-10T14:27:29+01:00",
            "local_time_unix": 1733837249,
            "is_dst": false
        },
        "elapsed_ms": 0.71
    }
}

Description

This API endpoint provides detailed WHOIS information for a given IP address or domain name. By querying this endpoint, users can obtain data regarding the ownership, network range, and associated organization of an IP address. The response further includes insights about data center presence, VPN and proxy usage, along with geographical and organizational details. This feature is crucial for security teams and IT professionals to carry out robust network analysis and threat assessments efficiently.

Why is this useful?

Helps identify potential threats by revealing whether an IP is associated with malicious activities, data centers, or VPNs.
Provides detailed insights into network ownership and geography, allowing for better network oversight.
Assists in meeting regulatory requirements by documenting IP and domain ownership and associated activities.
Identifies suspicious IPs or domains used in fraudulent schemes, reducing the risk of financial loss.
Supports data-driven decisions by providing comprehensive network and organization details.

For performance reasons, you'll find other separate endpoints for each sub-check you want to look after:

Reputation Vulnerabilities Geolocation

PreviousGeolocation NextSearch resource

Last updated 1 year ago

hashtagCheck IP/Domain Whois

hashtagRequest

hashtagResponse

hashtagDescription

hashtagMore:

Check IP/Domain Whois

Request

Response

Description

More: