WHOIS is a protocol used to query databases that store information on domain names and IP addresses. When you register a domain name, your contact information (including your name, address, phone number, and email address) is added to a database. WHOIS is a way to look up that information and find out who owns a specific domain name.
There are different types of WHOIS, depending on the top-level domain (TLD) you're querying. For example, the WHOIS for a .com domain will look different from the WHOIS for a .uk domain. Some WHOIS databases are public and can be accessed by anyone, while others are private and can only be accessed by authorized users.
When you use a WHOIS lookup tool, you can typically find information such as the domain name's registrant (the person or organization that owns the domain), the domain's registrar (the company that sold the domain), the domain's nameservers (the servers that are responsible for converting the domain name into an IP address), and the domain's creation and expiration dates.
As well as being used to check the registration information of a domain, WHOIS also can also be used to see when a domain was first registered and when it will expire, information that can be useful for security researchers and others trying to track down malicious sites.
WHOIS database can be looked up using web-based tools provided by most of the domain registrars, or even command line tool such as
whois command in Linux-based system.