The WHOIS tool allows you to get a domain name’s public registration information.
Enter one of the following into the text box:
- A domain name
- An IPv4 address (eg, 192.168.1.1)
- A Base-10 IP address.
If you’re providing a Base-10 IP address, check the Convert Base-10 to IP box.
When to Use It
You can use the WHOIS tool to:
- Find out who owns a domain
- Get the contact information for the domain owner
- See when the registration information was last updated
- Find out the status of a domain (eg, active, expired, available)
- Find the domain’s DNS servers.
You may not use WHOIS to gather information for the purposes of spamming.
What It Does
The WHOIS tool sends an inquiry to a WHOIS server to get information about the domain. The specific server to which we send your request depends on the top-level domain in your query. If you provide a domain with a .com or .net extension, the query goes to internic.net. If you provide an IP address, the tool will do a reverse DNS lookup to get the associated domain name.
Requests for WHOIS information follow the WHOIS protocol that’s specified in RFC 3912. Domain registries can follow a thin or thick data model (the .com and .net TLDs use the thin model). Both models include:
- Information about the registrar
- Domain status
- Creation and expiration dates
- Name server data
- Date the record was last updated.
The thick model also includes administrative, billing, and technical contact information.
The protocol provides no guidance about character encoding. ASCII and UTF-8 are the most commonly used options, however.
There isn’t a standard format for WHOIS information that comes back. Typically, you’ll get:
- The registered domain name and registry ID
- The domain’s dates of creation, expiration, and last modification
- The registrar’s URL, contact information, and WHOIS server address
- The domain holder’s name and contact information
- The name servers for the domain.
If the domain is unknown and cannot be found, you’ll see the message No match for domain. This is a good indication that a domain name is available, but it’s not a guarantee. The server’s information might not be up to date, or it might simply be unavailable (even if it isn’t registered). If you enter an invalid top-level domain (eg, example.qwert), you’ll get the following message: No WHOIS server known for the given domain.
You can query for a subdomain (eg, xyz.example.com), but the usefulness of this is questionable. The results you get depend on how the registered domain is set up. If it supports user-created domain names, you’ll probably get the information on the registered domain, even if the subdomain doesn’t exist. If the subdomain is hosted on a different server, you might get information on the host, rather than the domain that “owns” the subdomain.
Internationalized domain names (IDNs) can contain UTF-8 characters and/or ASCII characters. To include IDNs in your query, you need to perform a preliminary step, which is to convert the domain name to Punycode. Copy and paste the converted domain, then run your WHOIS lookup.
WHOIS servers may impose a limit on how many queries they will accept from one source in a given time period. If you’re not getting a response to your query, try again after some time has elapsed.
A Deeper Look
You’ll sometimes hear the term “the WHOIS database,” but this doesn’t exist. There isn’t a single source of truth with regards to every domain name in existence. Instead, each domain registrar collects information from its customers and makes it available to the WHOIS services. Any given WHOIS server will cover one or more top-level domains (TLDs). While all TLDs are supposed to conform to ICANN requirements, some do not — a domain can look like it belongs to a well-known organization, yet still be fake.
After someone registers a domain or updates the information associated with a domain, it can take anywhere from a few minutes to a few weeks for WHOIS servers to reflect these changes. This is the primary reason why a WHOIS result isn’t a guarantee that a domain is available/unavailable.
Each domain holder is supposed to provide their contact information to be published through the WHOIS services. Many registrars, however, provide the option of masking this information. Instead of seeing the domain owner’s information, you’ll see the address of the registrar instead.
Furthermore, not all of the information provided may be correct. ICANN Requires domain holders to provide valid information, but domain registrars cannot always verify everything. Domains involved with illicit activities are especially likely to register with inaccurate data.
Domains can also be illegally hijacked, and one way to do this is to take away the registration. If a domain record begins to display unexpected content and shows a change in registrars, this is likely what happened.
Some TLDs do not provide a public WHOIS interface, such as the .aq (Antarctica) domains. The WHOIS tool will be unable to provide you information on these domains.
A Note of Interest
WHOIS requests date all the way back to Arpanet in the 1980s. The original WHOIS tool allowed you to look up people, as well as domain names, and you could use wild-card requests.