Have a Question?

If you have any question you can ask below or enter what you are looking for!

Understanding WHOIS Search


WHOIS or “Who is?” is a useful tool for searching information on any domain name. It is one of the oldest terms in the web. It’s an important set of data for businesses (ISPs), individuals (e.g., webmasters) and even governments. For this reason, it is one of the most searched database worldwide, as well as one of the most comprehensive. WHOIS search results provide valuable information for a specific domain name. It includes personal or business data about domain name ownership, registration/expiration dates, nameservers, and status information, among others. It may also consist of contact information like physical addresses, phone numbers, and emails.

Technically, WHOIS is a protocol for finding and updating information about domain names, IP addresses and Internet resources. WHOIS services operate through WHOIS servers or databases that keep records of registered users of Internet resources in a format that humans can read.

You can connect to a WHOIS server to send a query. The server will respond to this inquiry.

It is most commonly used for obtaining information about domain names, generally using various terms such as “whois search”, “whois lookup”, or “whois query”.

Performing a WHOIS search

It is not necessary to install any software on your PC. Many websites will allow you to perform a WHOIS lookup, such as who.is.

It is not hard to recover WHOIS records if you are a Linux or Mac user or purchased your own Linux-based VPS or Dedicated Server. Refer to the command in shell:

whois jolt.co.uk

[su_note note_color=”#ffa6b1″]Recent CentOS versions do not have any whois command line client installed by default. Run yum install jwhois command. Windows users can get a command line Whois utility by Mark Russinovich.[/su_note]

This command will get the following result:

    Domain name:

        Matthew russell

    Registrant type:
        UK Individual

    Registrant's address:
        28 Craypool Lane
        LN2 2UU
        United Kingdom

    Data validation:
        Nominet was able to match the registrant's name and address against a 3rd party data source on 03-Oct-2014

        eNom, Inc. [Tag = ENOM]
        URL: http://www.enom.com

    Relevant dates:
        Registered on: 30-Aug-2013
        Expiry date:  30-Aug-2017
        Last updated:  31-Jul-2016

    Registration status:
        Registered until expiry date.

    Name servers:

    WHOIS lookup made at 08:30:05 10-Feb-2017

This WHOIS information is provided for free by Nominet UK the central registry
for .uk domain names. This information and the .uk WHOIS are:

    Copyright Nominet UK 1996 - 2017.

You may not access the .uk WHOIS or use any data from it except as permitted
by the terms of use available in full at http://www.nominet.uk/whoisterms,
which includes restrictions on: (A) use of the data for advertising, or its
repackaging, recompilation, redistribution or reuse (B) obscuring, removing
or hiding any or all of this notice and (C) exceeding query rate or volume
limits. The data is provided on an 'as-is' basis and may lag behind the
register. Access may be withdrawn or restricted at any time.

The above is a standard whois response about a domain name.

The information presented above was captured at the time of writing this article for publication. If you decide to run the exact same query and search the whois database for jolt.co.uk domain name records, a few details of the result may vary.

[su_note note_color=”#ffa6b1″]A WHOIS lookup may not provide expected results if WHOIS privacy is enabled by domain name registrar. This is usually done in order to hide or disguise certain information, or prevent automated collecting of it as all information in whois database is 100% publicly available.[/su_note]

No useful information is given if a domain name is not registered:

root@linux [~]# whois not-yet-registered.com
[Querying whois.verisign-grs.com]

Whois Server Version 2.0

Domain names in the .com and .net domains can now be registered
with many different competing registrars. Go to http://www.internic.net
for detailed information.

No match for domain "NOT-YET-REGISTERED.COM".
>>> Last update of whois database: Thu, 21 Feb 2013 15:51:22 UTC <<<

The not-yet-registered.com domain name does not have any WHOIS records associated with it which means anybody can register that particular domain name. Once someone registers this domain, we will see whois results like those of the jolt.co.uk name.

Remember different WHOIS servers show various results based on the domain name zone (TLD). For instance:

root@linux [~]# whois bloggr.no
[Querying whois.norid.no]
% Kopibeskyttet, se http://www.norid.no/domenenavnbaser/whois/kopirett.html
% Rights restricted by copyright. See http://www.norid.no/domenenavnbaser/whois/kopirett.en.html

Domain Information

NORID Handle...............: BLO1487D-NORID
Domain Name................: bloggr.no
Domain Holder Handle.......: BA5098O-NORID
Registrar Handle...........: REG42-NORID
Legal-c Handle.............: EA3434P-NORID
Tech-c Handle..............: DH38R-NORID
Name Server Handle.........: NSHY11H-NORID
Name Server Handle.........: NSHY46H-NORID
Name Server Handle.........: NSHY81H-NORID

Additional information:
Created: 2011-02-17
Last updated: 2013-02-08

NORID Handle...............: BA5098O-NORID
Type.......................: organization
Name.......................: OMEGA MEDIA AS
Id Type....................: organization_number
Id Number..................: 934563719
Registrar Handle...........: REG42-NORID
Post Address...............: Sorgenfrigata 6A
Postal Code................: NO-0367
Postal Area................: OSLO
Country....................: NO
Phone Number...............: +47.94328901
Email Address..............: 74busjuisxeh@emailprotection.domainnameshop.com

Additional information:
Created: 2010-10-01
Last updated: 2013-01-31

The reason for this is that specific details of records stored vary among domain name registries. Additionally, each country-code’s top-level registry has its own national rules.

WHOIS search of IP address

WHOIS query can retrieve publicly-available information about IP addresses:

root@linux [~]# whois
[Querying whois.arin.net]
[Redirected to whois.ripe.net:43]
[Querying whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to ' -'

inetnum: -
netname: LIT-1
descr: LayerIP - UK hosting division infrastructure
country: GB
remarks: Please send abuse complaint emails to "abuse@layerip.com"
admin-c: LRIP-RIPE
tech-c: LRIP-RIPE
mnt-by: TIMICO-MNT
mnt-domains: MNT-LAYERIP
source: RIPE # Filtered

role: LayerIP NOC
address: Landmark House, 1 Riseholme Road, Lincoln, LN1 3SN, UK
admin-c: LRIP-RIPE
tech-c: ARKH8-RIPE
nic-hdl: LRIP-RIPE
source: RIPE # Filtered

% Information related to ''

descr: LayerIP - UK hosting division infrastructure
origin: AS8607
mnt-by: TIMICO-MNT
source: RIPE # Filtered

% This query was served by the RIPE Database Query Service version 1.53 (WHOIS3)

It is similar to what you get for querying whois about a domain name.

[su_note note_color=”#ffa6b1″]If you want to learn more about WHOIS, check out the WHOIS Guide for Real Geeks by Jolt.co.uk Experts.[/su_note]


World Map of Regional Internet Registries

Regional Internet Registries world map - geo whois search

Image credit: http://en.wikipedia.org/wiki/File:Regional_Internet_Registries_world_map.svg







WHOIS Protocol Specification – RFC 3912

API for Developers

Leave a Reply

You must be logged in to post a comment.