Internet Guide Logo


Last Edit: 29/03/17

The WHOIS protocol "pronounced who is" is used to query databases that contains information about the registration of domain name, ip addresses and as numbers. The specification for WHOIS was first outlined in Request for Comments RFC 812 by Ken Harrenstien and Vic White and was later expanded upon in RFC 954 by K. Harrenstien, M. Stahl and E. Feinler. The latest specification is outlined in Request for Comments RFC 3912 by L. Daigle. This page will cover how the WHOIS protocol is used to query the Domain Name System (DNS) for information about domain names. The Domain Name System (DNS) is an essential system for the operation of the Internet, allowing users to use alphanumeric strings (domain names) to easily find Internet services / resources. The Domain Name System (DNS) is comprised of a hierarchy of domain names, the information about these domain names is stored in DNS records on databases that use a thick or thin registry model. These DNS databases are operated by DNS registries and registrars. ICANN, the ultimate authority for the Domain Name System (DNS), requires DNS registries and registrars to provide a WHOIS service on port 43 and an interactive WHOIS online search tool so that users can query the databases that store domain name information. The WHOIS search tools provided by DNS registries and registrars uses a client-server model that uses the WHOIS protocol to query and return results.

As stated, to find out information about a domain name a WHOIS search tool / client is required to query a database that stores DNS records. WHOIS search tools differ in their scope, but they are located at the IANA website and the website of organisations who operate DNS registries and registrars. The IANA WHOIS service is located at and is the ultimate authority for locating WHOIS information. How a WHOIS search query is processed by the WHOIS protocol will depend upon whether the domain name is located within a thin or thick database model. WHOIS queries are more complex than they originally were: due to the increase of Top Level Domains. A completed WHOIS search on the IANA WHOIS service will only provide information about the Top Level Domain operator: this is because IANA only manages the root zone of the Domain Name System and only stores information about the Top Level Domain operators. If a user searched IANA for a uk Top Level Domain, like, the result would be the following:


domain: UK

organisation: Nominet UK
address: Minerva House
address: Edmund Halley Road
address: Oxford Science Park
address: Oxford OX4 4DQ
address: United Kingdom

nserver: DNS1.NIC.UK 2a01:618:400:0:0:0:0:1
nserver: DNS2.NIC.UK 2401:fd80:400:0:0:0:0:1
nserver: DNS3.NIC.UK 2a01:618:404:0:0:0:0:1
nserver: DNS4.NIC.UK 2401:fd80:404:0:0:0:0:1
nserver: NSA.NIC.UK 2001:502:ad09:0:0:0:0:3
nserver: NSB.NIC.UK
nserver: NSC.NIC.UK
nserver: NSD.NIC.UK

The result is directing the user to visit the Nominet website - the registry for the uk Top Level Domain - to perform a WHOIS search there. A completed search result for a uk Top Level Domain using the Nominet WHOIS search tool is as follows:

Domain name:

British Broadcasting Corporation

Registrant type:
UK Corporation by Royal Charter

Registrant's address:
British Broadcasting Corporation
Broadcasting House
Portland Place
United Kingdom

British Broadcasting Corporation [Tag = BBC]

Relevant dates:
Registered on: before Aug-1996
Expiry date: 13-Dec-2025
Last updated: 29-Oct-2016

Registration status:
Registered until expiry date.

Name servers: 2610:a1:1015::17 2001:502:4612::17

Some of the result fields returned - for the search - have been omitted. What it highlights, however, is that WHOIS search tools differ in their scope. Some WHOIS search tools are capable of searching multiple Top Level Domain registries and returning a far more extensive search result. Whereas some WHOIS search tools, like the IANA and Nominet tools, will only perform a WHOIS search on a specific database in the Domain Name System (DNS); such as the root zone or a specific top level domain.

WHOIS is not without it's critics, one of the criticisms leveled at it is the lack of privacy it provides and that email spammers harvest email addresses from WHOIS servers. ICANN is currently in the process of either replacing or overhauling WHOIS.