WHOIS or “Who is?” is a useful tool for searching information on any domain name. It is one of the oldest terms in the web. It’s an important set of data for businesses (ISPs), individuals (e.g., webmasters) and even governments. For this reason, it is one of the most searched database worldwide, as well as one of the most comprehensive. WHOIS search results provide valuable information for a specific domain name. It includes personal or business data about domain name ownership, registration/expiration dates, nameservers, and status information, among others. It may also consist of contact information like physical addresses, phone numbers, and emails.
Technically, WHOIS is a protocol for finding and updating information about domain names, IP addresses and Internet resources. WHOIS services operate through WHOIS servers or databases that keep records of registered users of Internet resources in a format that humans can read.
You can connect to a WHOIS server to send a query. The server will respond to this inquiry.
It is most commonly used for obtaining information about domain names, generally using various terms such as “whois search”, “whois lookup”, or “whois query”.
Performing a WHOIS search
It is not necessary to install any software on your PC. Many websites will allow you to perform a WHOIS lookup, such as who.is.
[su_note note_color=”#ffa6b1″]Recent CentOS versions do not have any whois command line client installed by default. Run yum install jwhois command. Windows users can get a command line Whois utility by Mark Russinovich.[/su_note]
This command will get the following result:
The above is a standard whois response about a domain name.
The information presented above was captured at the time of writing this article for publication. If you decide to run the exact same query and search the whois database for jolt.co.uk domain name records, a few details of the result may vary.
[su_note note_color=”#ffa6b1″]A WHOIS lookup may not provide expected results if WHOIS privacy is enabled by domain name registrar. This is usually done in order to hide or disguise certain information, or prevent automated collecting of it as all information in whois database is 100% publicly available.[/su_note]
No useful information is given if a domain name is not registered:
root@linux [~]# whois not-yet-registered.com [Querying whois.verisign-grs.com] [whois.verisign-grs.com] Whois Server Version 2.0 Domain names in the .com and .net domains can now be registered with many different competing registrars. Go to http://www.internic.net for detailed information. No match for domain "NOT-YET-REGISTERED.COM". >>> Last update of whois database: Thu, 21 Feb 2013 15:51:22 UTC <<<
The not-yet-registered.com domain name does not have any WHOIS records associated with it which means anybody can register that particular domain name. Once someone registers this domain, we will see whois results like those of the jolt.co.uk name.
Remember different WHOIS servers show various results based on the domain name zone (TLD). For instance:
root@linux [~]# whois bloggr.no [Querying whois.norid.no] [whois.norid.no] % Kopibeskyttet, se http://www.norid.no/domenenavnbaser/whois/kopirett.html % Rights restricted by copyright. See http://www.norid.no/domenenavnbaser/whois/kopirett.en.html Domain Information NORID Handle...............: BLO1487D-NORID Domain Name................: bloggr.no Domain Holder Handle.......: BA5098O-NORID Registrar Handle...........: REG42-NORID Legal-c Handle.............: EA3434P-NORID Tech-c Handle..............: DH38R-NORID Name Server Handle.........: NSHY11H-NORID Name Server Handle.........: NSHY46H-NORID Name Server Handle.........: NSHY81H-NORID Additional information: Created: 2011-02-17 Last updated: 2013-02-08 NORID Handle...............: BA5098O-NORID Type.......................: organization Name.......................: OMEGA MEDIA AS Id Type....................: organization_number Id Number..................: 934563719 Registrar Handle...........: REG42-NORID Post Address...............: Sorgenfrigata 6A Postal Code................: NO-0367 Postal Area................: OSLO Country....................: NO Phone Number...............: +47.94328901 Email Address..............: firstname.lastname@example.org Additional information: Created: 2010-10-01 Last updated: 2013-01-31
The reason for this is that specific details of records stored vary among domain name registries. Additionally, each country-code’s top-level registry has its own national rules.
WHOIS search of IP address
WHOIS query can retrieve publicly-available information about IP addresses:
root@linux [~]# whois 22.214.171.124 [Querying whois.arin.net] [Redirected to whois.ripe.net:43] [Querying whois.ripe.net] [whois.ripe.net] % This is the RIPE Database query service. % The objects are in RPSL format. % % The RIPE Database is subject to Terms and Conditions. % See http://www.ripe.net/db/support/db-terms-conditions.pdf % Note: this output has been filtered. % To receive output for a database update, use the "-B" flag. % Information related to '126.96.36.199 - 188.8.131.52' inetnum: 184.108.40.206 - 220.127.116.11 netname: LIT-1 descr: LayerIP - UK hosting division infrastructure country: GB remarks: Please send abuse complaint emails to "email@example.com" admin-c: LRIP-RIPE tech-c: LRIP-RIPE status: ASSIGNED PA mnt-by: MNT-LAYERIP mnt-by: TIMICO-MNT mnt-domains: MNT-LAYERIP source: RIPE # Filtered role: LayerIP NOC address: Landmark House, 1 Riseholme Road, Lincoln, LN1 3SN, UK admin-c: LRIP-RIPE tech-c: ARKH8-RIPE nic-hdl: LRIP-RIPE mnt-by: MNT-LAYERIP source: RIPE # Filtered % Information related to '18.104.22.168/24AS8607' route: 22.214.171.124/24 descr: LayerIP - UK hosting division infrastructure origin: AS8607 mnt-by: TIMICO-MNT mnt-by: MNT-LAYERIP source: RIPE # Filtered % This query was served by the RIPE Database Query Service version 1.53 (WHOIS3)
It is similar to what you get for querying whois about a domain name.
[su_note note_color=”#ffa6b1″]If you want to learn more about WHOIS, check out the WHOIS Guide for Real Geeks by Jolt.co.uk Experts.[/su_note]