WHOIS is a query and response protocol that provides information about existing domain names and all the pertinent data about them. This information includes the owner’s contact details, domain registration, and expiration dates, registrar data, and more. WHOIS helps you ensure that all the relevant information about a particular registered domain is authentic and up-to-date, which is crucial to prevent fraud and identity theft.
You can think of WHOIS as a private investigator that gives you information about a person of interest. In this case, that would be a domain of interest.
Read More about “WHOIS”
WHOIS is almost as old as the Internet is. It traces its roots back to the ARPANET (the Internet’s predecessor) NICNAME protocol. The NICNAME or WHOIS protocol, as we know it now, was first described in a Request for Comments (RFC) document created by Ken Harrenstein and Vic White in 1982.
Before that, however, Elizabeth Feinler and her team, who made the Resource Directory for ARPANET, were responsible for creating the first WHOIS directory in the early 1970s. They set up a server at the Stanford University’s Network Information Center (NIC) that served as a directory that contained relevant information about people or entities. They also created domains, which translated to computers’ physical addresses.
When the ARPANET turned into the Internet, WHOIS became a critical part of the Transfer Control Protocol/Internet Protocol (TCP/IP) suite, a foundation of the World Wide Web.
Where Did WHOIS Get Its Name?
WHOIS got its name because a WHOIS record basically answers the question: Who is responsible for this domain name?
To know how WHOIS works, watch this video.
What Information Can You Get from a WHOIS Record?
All the information on WHOIS records is usually collated in a database that users can query. Each WHOIS record provides the following details about a domain and its owner:
- Estimate domain age
- Contact email address
- Creation, last update, and expiration dates
- Registrar’s name, Internet Assigned Numbers Authority (IANA) identification number, and contact information
- WHOIS server
- Domain status according to the Internet Corporation for Assigned Names and Numbers (ICANN)
- Registrant’s organization, state, country, and zip code
- Administrative, technical, and billing contacts’ names and contact information
- Name servers
These data points are useful for cybersecurity, domaining, software development, payment processing, marketing, brand protection, and sales processes.
What Are the Uses of WHOIS Data?
WHOIS record data:
- Helps cybersecurity professionals get clues to kickstart their investigations on domains of interest
- Gives domainers an idea if the domains they are interested in buying are available
- Allows software developers to add features to their applications in development
- Aids payment processors and banks in preventing transaction fraud by comparing the details in a customer’s WHOIS record with a likely fraudster’s
- Simplifies marketing research by letting users get instant domain ownership information for statistical analyses to tailor-fit strategies to customers
- Lets brand agents spot likely trademark infringement instances like using look-alike domain names
- Helps sales agents know their customers and prospects better, starting with their contact information
WHOIS Thick and Thin Models, What Are They?
You can find WHOIS information using these two models.
- Thin model: You will get minimal domain details, namely registration date, registrar, and name servers.
- Thick model: You will obtain more details on top of those provided by the thin model, including a domain’s registrant, administrative, and technical contacts and details.
What Is WHOIS Privacy?
Many if not all registrars today offer privacy services upon domain registration. The hosting service provider’s information will be provided instead of the users’, masking the latter’s personal details. Anyone who wants to get in touch with WHOIS privacy users need to pass through the registrar.
Users, however, don’t get full anonymity despite paying extra for domain privacy services. If searchers have legal documents, such as a warrant, to get their information, registrars must oblige.
Is WHOIS Information Accurate?
ICANN aims to provide unlimited and readily available access to the WHOIS database subject to applicable laws. As such, registrars must submit all data (unless privacy-protected) pertaining to registered domains. All registrants who fail to give complete information to their registrars can lose their right to owning domains.
Given all that, it’s safe to say that WHOIS information is fairly accurate, that is, so long as the registrant provides true and correct personal data. Many cybercriminals fake their identities and often use shell or nonexistent companies.
WHOIS is, as this post showed, a valuable source of information about domain owners. It is a good starting point for conducting research, regardless of the industry the user is in.
- The WHOIS protocol provides critical information about domain names, including ownership details, registration and expiration dates, and registrar information.
- Originating from the ARPANET era, WHOIS was formalized in 1982 and is based on an earlier directory system created by Elizabeth Feinler’s team in the 1970s.
- WHOIS data points provide insights helpful in wide-ranging cybersecurity, software development, marketing, brand protection, and sales applications.
- WHOIS privacy services mask users’ personal details by providing the hosting service provider’s information instead. Legal proceedings, however, can compel registrars to reveal user information.
- Domain owners risk losing their right to own domains if they provide incomplete WHOIS data, but fraudsters can exploit the system by providing false information.