This article briefly explains what’s WHOIS and describes most common use cases often referred to as “WHOIS search” or “WHOIS lookup”.
WHOIS actually means “Who is?” and reads the same. It’s a useful utility for looking up information on any domain name.
Historically, WHOIS is one of the oldest terms of the Internet. It’s a crucial set of data for businesses (e.g. ISPs), individuals (e.g. webmasters) and even governments, so no wonder it is one of the most searched database in the world, also one of the most detailed.
WHOIS search results provide helpful information surrounding a particular domain name. It may include personal or business information about domain name ownership, registration and expiration dates, nameservers, status information, etc. It may also include contact information such as physical address, phone number and email address.
Technically, WHOIS is a protocol used to update and find information about domain names, IP addresses and some other Internet resources. This means WHOIS services operate through WHOIS servers – databases that store records of registered users or assignees of Internet resources in a human-readable format.
Anyone can connect to a WHOIS server to send a query, the server will then respond to this query. The most common usage of WHOIS is for finding information about domain names – that’s generally meant by various terms, such as “whois search”, “whois lookup” or “whois query”.
How to perform a WHOIS search
You don’t need to have any software installed on your PC, there are many websites that will allow you to perform a WHOIS lookup, for example who.is
[alert]Recent CentOS versions don’t have whois command line client installed by default. Run yum install jwhois command to set it up. Windows users can get a command line Whois utility by Mark Russinovich.[/alert]
This command will output the following result:
[Querying whois.verisign-grs.com] [Redirected to whois.enom.com] [Querying whois.enom.com] [whois.enom.com] =-=-=-= Registration Service Provided By: Namecheap.com Contact: [email protected] Visit: http://namecheap.com Domain name: webhostingbuzz.com Registrant Contact: WebHostingBuzz USA LLC Matthew Russell () Fax: 15 Midstate Drive Suite 212 Auburn, MA 01501 US Administrative Contact: WebHostingBuzz USA LLC Matthew Russell ([email protected]) +1.8002521887 Fax: +1.3023972394 15 Midstate Drive Suite 212 Auburn, MA 01501 US Technical Contact: WebHostingBuzz USA LLC Matthew Russell ([email protected]) +1.8002521887 Fax: +1.3023972394 15 Midstate Drive Suite 212 Auburn, MA 01501 US Status: Locked Name Servers: ns100.fastwhb.com ns101.fastwhb.com Creation date: 31 Oct 2002 00:00:00 Expiration date: 31 Oct 2018 00:00:00 =-=-=-= The data in this whois database is provided to you for information purposes only, that is, to assist you in obtaining information about or related to a domain name registration record. We make this information available "as is," and do not guarantee its accuracy. By submitting a whois query, you agree that you will use this data only for lawful purposes and that, under no circumstances will you use this data to: (1) enable high volume, automated, electronic processes that stress or load this whois database system providing you this information; or (2) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via direct mail, electronic mail, or by telephone. The compilation, repackaging, dissemination or other use of this data is expressly prohibited without prior written consent from us. We reserve the right to modify these terms at any time. By submitting this query, you agree to abide by these terms. Version 6.3 4/3/2002
This is a standard-looking whois response about a domain name.
Obviously, the above information has been captured at a time of preparing this article for publication, so if you decide to run the exact same query and search whois database for webhostingbuzz.com domain name records – some bits of the output may vary.
[alert]A WHOIS lookup may not provide expected results if WHOIS privacy is enabled by domain name registrar. This is usually done in order to hide or disguise certain information, or prevent automated collecting of it as all information in whois database is 100% publicly available.[/alert]
No useful information will be provided if a domain name is not registered:
[email protected] [~]# whois not-yet-registered.com [Querying whois.verisign-grs.com] [whois.verisign-grs.com] Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. No match for domain "NOT-YET-REGISTERED.COM". >>> Last update of whois database: Thu, 21 Feb 2013 15:51:22 UTC <<<
As seen above, not-yet-registered.com domain name doesn’t have any WHOIS records associated with it, meaning that it can be registered by anyone. As soon as someone registers this domain name and it stops being available for registration – we’ll see whois results similar to those of webhostingbuzz.com name.
Keep in mind that different WHOIS servers will display different results also depending on a domain name zone (TLD). For example:
[email protected] [~]# whois bloggr.no [Querying whois.norid.no] [whois.norid.no] % Kopibeskyttet, se http://www.norid.no/domenenavnbaser/whois/kopirett.html % Rights restricted by copyright. See http://www.norid.no/domenenavnbaser/whois/kopirett.en.html Domain Information NORID Handle...............: BLO1487D-NORID Domain Name................: bloggr.no Domain Holder Handle.......: BA5098O-NORID Registrar Handle...........: REG42-NORID Legal-c Handle.............: EA3434P-NORID Tech-c Handle..............: DH38R-NORID Name Server Handle.........: NSHY11H-NORID Name Server Handle.........: NSHY46H-NORID Name Server Handle.........: NSHY81H-NORID Additional information: Created: 2011-02-17 Last updated: 2013-02-08 NORID Handle...............: BA5098O-NORID Type.......................: organization Name.......................: OMEGA MEDIA AS Id Type....................: organization_number Id Number..................: 934563719 Registrar Handle...........: REG42-NORID Post Address...............: Sorgenfrigata 6A Postal Code................: NO-0367 Postal Area................: OSLO Country....................: NO Phone Number...............: +47.94328901 Email Address..............: [email protected] Additional information: Created: 2010-10-01 Last updated: 2013-01-31
That’s because specific details of records being stored vary among domain name registries. Besides that, each country-code top-level registry has its own national rules.
WHOIS search of IP address
WHOIS query can be also used to retrieve publicly available information about IP addresses:
[email protected] [~]# whois 126.96.36.199 [Querying whois.arin.net] [Redirected to whois.ripe.net:43] [Querying whois.ripe.net] [whois.ripe.net] % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '188.8.131.52 - 184.108.40.206' inetnum: 220.127.116.11 - 18.104.22.168 netname: LIT-1 descr: LayerIP - UK hosting division infrastructure country: GB remarks: Please send abuse complaint emails to "[email protected]" admin-c: LRIP-RIPE tech-c: LRIP-RIPE status: ASSIGNED PA mnt-by: MNT-LAYERIP mnt-by: TIMICO-MNT mnt-domains: MNT-LAYERIP source: RIPE # Filtered role: LayerIP NOC address: Landmark House, 1 Riseholme Road, Lincoln, LN1 3SN, UK admin-c: LRIP-RIPE tech-c: ARKH8-RIPE nic-hdl: LRIP-RIPE mnt-by: MNT-LAYERIP source: RIPE # Filtered % Information related to '22.214.171.124/24AS8607' route: 126.96.36.199/24 descr: LayerIP - UK hosting division infrastructure origin: AS8607 mnt-by: TIMICO-MNT mnt-by: MNT-LAYERIP source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.53 (WHOIS3)
The result is somewhat similar to what you get when querying whois about a domain name.
[alert style=success]If you’re fancy learning more about WHOIS, including examples of ‘esoteric’ use and other really techie stuff – check WHOIS Guide for Real Geeks by WebHostingBuzz Experts.[/alert]
Was this article helpful?