WHOIS is a query and response protocol that provides information about existing domain names and all the pertinent data about them. This includes the owner’s contact details, domain registration, and expiration dates, information about registrars, etc. WHOIS helps you make sure that all the relevant information about a particular registered domain are authentic and up-to-date. This is crucial to prevent fraud and identity theft.
You can think of WHOIS as a private investigator that gives you information about a person of interest. In this case, it will be a domain of interest.
Read More about “WHOIS”
WHOIS is almost as old as the Internet is. It traces its roots to the ARPANET (the Internet’s predecessor) NICNAME protocol. The NICNAME or WHOIS protocol, as we know it now, was first described in a Request for Comments (RFC) document created by Ken Harrenstein and Vic White in 1982.
Before that, however, Elizabeth Feinler and her team, who made the Resource Directory for ARPANET, were responsible for creating the first WHOIS directory in the early 1970s. They set up a server in Stanford University’s Network Information Center (NIC) that served as a directory that contained relevant information about people or entities. They also created domains, which translated to a computer’s physical addresses.
When the ARPANET turned into the Internet, WHOIS became a critical part of the Transfer Control Protocol/Internet Protocol (TCP/IP) suite, a foundation of the World Wide Web.
Where Did WHOIS Get Its Name?
WHOIS got its name because a WHOIS record basically answers the question: Who is responsible for this domain name?
To know how WHOIS works, watch this video:
What Information Can You Get from a WHOIS Record?
All of the information on domains’ WHOIS records are usually collated in a database that users can query. Each WHOIS record provides the following details about a domain and its owner:
- Estimate domain age
- Contact email address
- Creation, last update, and expiration dates
- Registrar’s name, Internet Assigned Numbers Authority (IANA) identification number, and contact information
- WHOIS server
- Domain status according to the Internet Corporation for Assigned Names and Numbers (ICANN)
- Registrant’s organization, state, country, country code
- Administrative, technical, and billing contacts’ names and contact information
These data points are useful for cybersecurity, domaining, software development, payment processing, marketing, brand protection, and sales.
What Are the Uses of WHOIS Data?
WHOIS record data:
- Helps cybersecurity professionals get clues to kickstart their investigations on domains of interest
- Gives domainers an idea if the domains they are interested in buying are available
- Allows software developers to add features to their applications in development
- Aids payment processors and banks in preventing transaction fraud by comparing the details in a customer’s WHOIS record with a likely fraudster’s
- Simplifies marketing research by letting users get instant domain ownership information for statistical analyses to tailor-fit strategies to customers
- Lets brand agents spot likely trademark infringement instances like using look-alike domain names
- Helps sales agents know their customers and prospects better, starting with their contact information
WHOIS Thick and Thin Models, What Are They?
You can find WHOIS information using these two models:
- Thin model: You will get minimal domain details, namely its registration date, registrar, and nameservers.
- Thick model: You will obtain more details on top of those provided by the thin model, including a domain’s registrant, administrative, and technical contacts and details.
What Is WHOIS Privacy?
Many if not all registrars today offer privacy services upon domain registration. The hosting service provider’s information will be provided instead of the users’, masking the latter’s personal details. Anyone who wants to get in touch with WHOIS privacy users need to pass through the registrar.
Users, however, don’t get full anonymity despite paying extra for domain privacy services. If searchers have legal documents, such as a warrant, to get their information, registrars must oblige.
Is WHOIS Information Accurate?
ICANN aims to provide unlimited and readily available access to the WHOIS database subject to applicable laws. As such, registrars must submit all data (unless privacy-protected) pertaining to registered domains. All registrants who fail to give complete information to their registrars can lose their right to owning their domains.
Given all that, it’s safe to say that WHOIS information is fairly accurate, that is, so long as the registrant provides true and correct personal data. Many cybercriminals fake their identities and often use shell or nonexistent companies.
WHOIS is, as this post showed, a valuable source of information about domain owners. It is a good starting point for conducting research, regardless of the industry the user is in.