Small Sharp Software Tools

Harness the Combinatoric Power of Command-Line Tools and Utilities

6. Looking Up Domains

Tagged with Bash networking dns

Published February 6, 2019

Use `host`, `dig`, and `whois` to look up information about domain names.


Hi this is Brian and I’m going to show you how to use a few command-line tools to get information about domain names.

First up, we have the host command. You can use it to get basic info about a domain name, such as the primary IP address it resolves to:

Use it to look up

$ host has address has IPv6 address 2607:f8b0:4009:816::200e mail is handled by 40 mail is handled by 50 mail is handled by 10 mail is handled by 20 mail is handled by 30

You see the ipv4 address and the ipv6 addresses, and you see how this domain handles email.

Host gives you a quick human-readable look at a domain.

The dig commmand lets you look up specific DNS records. By default, it looks up an A record:

$ dig
; <<>> DiG 9.8.3-P1 <<>>
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 8067
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;                    IN      A

;; ANSWER SECTION:             1       IN      A

;; Query time: 20 msec
;; WHEN: Tue Feb  5 11:30:55 2019
;; MSG SIZE  rcvd: 44

To have it show MX, or Mail Exchange records, just specify the record type as an additional argument:

$ dig mx
; <<>> DiG 9.8.3-P1 <<>> mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 56994
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 10

;                    IN      MX

;; ANSWER SECTION:             600     IN      MX      10             600     IN      MX      50             600     IN      MX      30             600     IN      MX      20             600     IN      MX      40

;; ADDITIONAL SECTION:     293     IN      A     293     IN      AAAA    2607:f8b0:4001:c0a::1a 293    IN      A 293    IN      AAAA    2a00:1450:400b:c03::1a 293    IN      A 293    IN      AAAA    2607:f8b0:400c:c06::1b 293    IN      A 293    IN      AAAA    2607:f8b0:400d:c09::1b 292    IN      A 292    IN      AAAA    2800:3f0:4003:c02::1a

;; Query time: 625 msec
;; WHEN: Tue Feb  5 11:33:04 2019
;; MSG SIZE  rcvd: 356

When you want to find details about the domain name, such as when it was registered and who owns it, that’s where you’ll use the whois command.

This command spits out a lot of output though, so it’s best to pipe its results to a pager like less:

$ whois | less
   Domain Name: GOOGLE.COM
   Registry Domain ID: 2138514_DOMAIN_COM-VRSN
   Registrar WHOIS Server:
   Registrar URL:
   Updated Date: 2018-02-21T18:36:40Z
   Creation Date: 1997-09-15T04:00:00Z
   Registry Expiry Date: 2020-09-14T04:00:00Z

The output shows information about when the domain was created and when its registration expires. In some cases it also shows the contact information of the person responsible for the domain. Unfortunately, this sometimes exposes the personal information of the person that registered the domain. Thankfully, more and more domain providers offer a privacy feature which hides this info from the whois tool and other search engines.

You can use whois to see if a domain is available, too. There are lots of web-based tools out there to do this, but this way is pretty quick.

When you search for a domain that doesn’t exist, whois will tell you right away in the first line of output:

$ whois | head -n 1

host, dig and whois are handy tools for exploring information about domain names. Use them against your own domain names and see what information you can find.