Whois Domain Lookup Tools and Sites are resources everyday a domain name professional uses for some research or other. If you are not familiar with Domain names,
Please read my article posted on another blog. After reading my refereed blog post, you would know about gTLD,ccTLD, Registry, Registrar, Registrant (owner) and ICANN. In the refereed post, at the time of writing there were more than 20 gTLDs. Now, it is around 1200 TLDs.
Table of Contents
What is a Whois Domain Lookup query
Whois query provides primarily information about who owns the domain name, which registrar was used to register the name, when domain was registered,when the domain name was last updated, when the domain name would expire and various status codes applicable with domain name.It also provides associated nameserver applicable for the domain name.
How Whois Domain Lookup query works
Whois is a TCP/IP based query response tool (command line tool), which queries a whois server at default port 43. Whois database is maintained at root-level (whois.iana.org), registry level and registrar level. For many TLDs (mostly ccTLD), the registry itself provides complete info about the registered domain and registrars are not responsible to maintain the database. You may query directly into registry or registrar database using options of command line tool.If, no Whois server is selected, Whois client first query root (whois.iana.org) about whois server information of that particular TLD registry.whois query of the domain for registry provides address of whois server of registrar where domain is registered and some basic info about domain. Whois is query for domain at registrar may provide you complete info about the domain name. This works for TLD like .com,.net,.org etc. In most of ccTLD, query at registry whois servers provides complete info about domains and registrar may not maintain a database of domains (like .in ccTLD). There are many web based whois tools as well, but all of them are just frontend of command line tools.
Command Line whois client for Linux
Whois Domain Lookup clients are available on various Linux Distributions by default. For some reason, if it is not already installed on your Linux machine, you may do so, by following steps.
Install of whois Command Line Tool for Linux
- On Redhat and Centos
sudo yum install whois
-
On Ubuntu
sudo apt-get install whois
-
On Fedora
sudo dnf install whois
There is a lot of information available for command line Linux based whois tools. So, I will leave it here for running Command Line Linux support.
Command Line whois domain lookup client for Windows
Whois command line tool for Windows Info and Requirements
By Mark Russinovich
Published: December 11, 2019
Runs on:
Client: Windows Vista and higher
Server: Windows Server 2008 and higher
Nano Server: 2016 and higher
Whois Domain Lookup Command Line tool for windows : Download and Install
Click to download Whois Command line Tool for Windows.
It will ask you to save WhoIs.zip, choose a folder and download it.
Extract WhoIs.zip in any folder.
There are 4 files that will get extracted
* Eula.txt
* whois.exe
* whois64.exe
* whois64a.exe
All the executables are self-contained. So, you may run the version of executables from the command line based on your architecture x86 or x64. For x86 architecture, executable is whois.exe and for x64 executable is whois64.exe.As x64 windows are backward compatible, you may choose to run whois.exe on x64 architecture as well.
Problem is, when you need to run the above command line tool, you need to go into a folder where say whois.exe exists, so you can’t just run the tool in any other folder. So, what you need to do is, put the executable in the PATH variable of windows.
Putting whois.exe in a folder which exits in path
* Go to the command line in your Windows OS.
* type “path”
* It will return something similar as below
C:\Users\anjan_2\chilly-blog-content>path
PATH=C:\Program Files (x86)\Common Files\Oracle\Java\javapath;C:\Program Files (x86)\PC Connectivity Solution\;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\WINDOWS\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files (x86)\Java\jre7\bin;C:\Program Files (x86)\Java\jre7\lib;C:\Program Files (x86)\Windows Live\Shared;C:\Program Files (x86)\Skype\Phone\;;C:\WINDOWS\System32\OpenSSH\;C:\UltraEdit\;%USERPROFILE%\AppData\Local\Microsoft\WindowsApps;
* Windows looks for commands in “current folder, then in the PATH environment variable.
* Using File Explorer copy paste whois.exe to any folder in PATH. I recommend to put it in c:\WINDOWS\System32\
* If you have not logged in as an Administrator, it will ask for admin credentials.
* Eureka – you have installed the command line tool for your Windows platform.
Using Command line whois tool for Windows : some examples
Syntax
whois domainname whoisserver(optional)
like
whois vigour.com whois.iana.org
Name of whois server is optional. I will deal with this a little bit later.
Example of query with root, registry and registrar for a .com domain, vigour.com
Query Root
whois vigour.com whois.iana.org
Above query would provide you whois server of registry which is whois.verisign-grs.com
Query Registry Whois Server
whois vigour.com whois.verisign-grs.com
Whois Domain Lookup query would provide you whois server of Registrar and then recursively query the registrar, so provides registrant complete info as well. In this case, whois server of registar is whois.godaddy.com
Query Registrar Directly
whois vigour.com whois.godaddy.com
It returns you complete information of the registrant stored in Registrar database.
Querying root and registry where registry maintains complete data
Some registry like .in ccTLD registry maintains complete data of registrant. Example domain name is closet.in.
Query Root
whois closet.in whois.iana.org
Above command provides info of whois server at registry, which is whois.registry.in
Query Registry
whois closet.in whois.registry.in
Above command provides complete information of domain name details.some registrars do maintain whois lookup data for .in TLD as well, but that is not required by registry.
Example and Explanation when no Whois Server is provided.
Syntax – we will use domain name vigour.com for example
whois vigour.com
By default,when no whois server name is provided, whois command line tool for Windows, doesn’t first query root whois server (whois.iana.org) but it query TLD.whois-servers.net,Replace TLD with TLD of your domain name, like COM.whois-servers.net for .com TLD. Subsequently,it queries the registry and registrar, if applicable. Generally for gTLD, complete whois record is maintained at registrar level and for ccTLD complete whois record is maintained at registry level.
Savings output of windows command line whois tool to a text file
Syntax
whois -nobanner domainname >filename.txt
Replace domainname with domain name you want to lookup for, for example vigour.com, filename.txt will get created and whois info will be stored in the file.
ICANN Domain Lookup, Web-interface
Introduction to RDAP
RDAP stands for Registration Data Access protocol. RDAP was standardised in 2015. RDAP is the successor of whois. While whois provides data in plain text,RDAP delivers data in a standard, machine-readable JSON format.RDAP data is delivered using HTTP protocol. For more information about RDAP, please visit the Wikipedia page
ICANN Domain lookup Details
ICANN provides a web interface for domain name lookup using RDAP protocol.It only provides lookup for domain names where registry or registrar have implemented RDAP protocol. Link of ICANN RDAP Domain name lookup.
Lets take an example of ICANN domain lookup using RDAP
* Please visit ICANN Domain Lookup and enter “vigour.com” in the search box and press “Lookup” Button. ICANN shows formatted results. Also, This domain is registered at GoDaddy. .com registry Verisign and Registrar in this case, Godaddy have implemented RDAP. Under “Authoritative Servers” section of the response, you will get a link of RDAP response link at registry and link of RDAP response at registrar.
*Link of RDAP result at Registry for the domain Vigour.com – https://rdap.verisign.com/com/v1/domain/vigour.com
*Link of RDAP result at Registrar for the domain Vigour.com – https://rdap.godaddy.com/v1/domain/VIGOUR.COM
* You may also see RAW JSON data at bottom of result page by clicking “Raw Registry RDAP Response” and “Raw Registrar RDAP Response”
Example of ICANN domain lookup where Registrar has not implemented RDAP protocol.
Lets take another example where registry has implemented RDAP but Registrar doesn’t.
* Do the same exercise for domain name “anjan.org”, registry for .org domain is Public Interest Registry” and registrar is onlinenic.com.
* ICANN provides formatted output and informs that Registrar has not implemented RDAP protocol.
* In the Raw Data section, at the bottom of the page, only has a link to the registry.
Example where Registry has not implemented RDAP but Registrar has implemented it
* Dot .in Registry has not implemented RDAP, but Godaddy has implemented RDAP for all domains registered with them.
* Visit ICANN Lookup and do a lookup for Patentlaw.in, ICANN doesn’t return any data as the registry has not implemented RDAP protocol.
* Since GoDaddy maintains whois and RDAP databases for all domains registered with them, you may directly query RDAP records registered with Godaddy.
* Even if registry has not implemented RDAP, You may get RDAP data at Registrar (in this case GoDaddy) by visiting the following URL in the browser.
https://rdap.godaddy.com/v1/domain/domainname.tld
* For example, replace domainname.tld with a valid domain, Patentlaw.in.
Syntax would be
https://rdap.godaddy.com/v1/domain/PATENTLAW.IN
Godaddy Domain name lookup – Whois, web and RDAP
* You may ask, why a separate section for Godaddy Domain Name lookup? GoDaddy is the undisputed leader in Domain Name Registration. They have more than 60 millions domain names under their portfolio. So, people are looking for whois service at GoDaddy and link to Godaddy Whois lookup.
* In earlier sections, we have dealt with querying Domain Lookup for Godaddy using command line tool and RDAP.In this section, we will review web based front end of whois service provided by GoDaddy.
* Web interface for Godaddy WHOIS look is https://www.godaddy.com/en-in/whois
* GoDaddy first searches for the domain name in their database, if a record exists, it shows the record.
* For domain that is not found in Godaddy database, GoDaddy recursively query, root whois server, registry whois server and registrar whois server.If There is no whois info at registrar whois, Godaddy shows Registry whois domain name lookup record. If, Registrar whois server is maintained, Godaddy shows whois data received from Registrar whois server.
Review of Web based whois Domain name lookup services
We have already dealt with GoDaddy web based whois interface, There are many web interface based whois tools, they are basically, front end of command line whois tool. But these websites add value, like you may query a domain name whois from your browser on smartphones.
whois.domaintools.com
In the past, I was a user of the website.They offer free domain name lookup, their paid version have many add on features like domain name history, hosting history etc.
gwhois.org
I am an avid user of the website. Their user interface is great. They summarise the important information at the top of the page. They show whois info of the domain at root level, registry level and registrar level in a nicely formatted way, in just one click. Not only that, you may choose to query the DNS record of the domain name, with whois lookup of domain as well. They don’t ask you for “captcha” every now and then.
-
- You have two ways to query the domain, by entering the domain name in the search box and checking or unchecking the “DNS” text box.
- Directly typing the domain name in the url.Syntax without DNS query would be https://gwhois.org/vigour.com for whois domain lookup query for domain name Vigour.com.Syntax with DNS query would be https://gwhois.org/vigour.com+DNS for whois domain name lookup query for name vigour.com
Privacy Protection of Domain Name from whois results
What is Domain Name Privacy?
When you register a domain name, ICANN enforces you to provide your correct name, address, phone and email address. This info is in the public domain. So, anyone may get this info about domain ownership by performing whois domain lookup query for the domain name. This led to spamming the domain name registrant with email and phone calls. So, that’s how the Privacy Protection services came into picture. They hide actual contact details with proxy address, phone number and email address. Email only gets forwarded to the owner,based on certain rules, opted by the registrant. Important thing to note is, when a registrant opt for Whois Privacy service, his actual data is even not shared with the registry, data is only available at registrar.
How to activate whois privacy
All registrar provides “whois privacy service” for a fee or free.
“redacted for privacy” doesn’t mean that domain name has “Whois privacy” enabled.
GDPR – General Data Protection Regulation, Link has enforced Registrars to protect the personal data of the people who are in the EU, and has set rules on how personal data information is collected, used, and stored. This has led to whois data showing contact details as “redacted for privacy”.
Following screenshot of whois query of anjanbhushan.net registered at 1api
Even when “redacted for privacy” helps to hide your data from Public, the registry has access to the data. All,.in registry has enforced “redacted for privacy” for all domains in .in TLD domain. However, the registry has complete data of the registrant.
Many registry doesn’t allow “Whois privacy service”
Although most of the registry hence TLD allow “whois privacy service”, there are a few registries that prohibit it. A partial list of TLDs where “whois privacy service” is not allowed are as follows.
.ca, .ch, .cn, .in, .uk, .au, .es, .sg, .de, .eu, .fr, .gg, .id,.is, .law, .li,.nl,.nu,.nyc, .paris,.to,.us, .vote, .voto and .xn—3ds443g
Domain Name Status Codes
Domain Name status codes are also known as “Extensible Provisioning Protocol (EPP) domain status codes”. Following screenshot has EPP code for Vigour.com
Vigour.com domain name referred to in screenshot has four EPP status code.
Important Status Codes set by Registry
- addPeriod – When a domain is registered initially, it has status addPeriod. During this period, the registrar may send a delete command for domain name to the registry.
- autoRenewPeriod – After domain name expires some registry automatically renew the domain, during this period, Registrar may opt to delete the domain and Registry would credit to registrar for cost of renewal.
inactive – This status happens when no nameservers are associated with the domain name.
ok – This status tells that there is no pending action. Typically this happens when you unlock the domain for transfer.
pendingDelete – This status shows that domain was in redemptionPeriod status for 30 days and not restored. It will remain in PendingDelete for several days, after that domain name will drop and be available to be registered again.
pendingTransfer – when you typically start transferring the name to a new registrar, this status code is shown in whois query.
redemptionPeriod – When the registrar asks the registry to delete the domain, this status would be shown by the registry. Domain will remain in redemptionPeriod for 30 days. After 5 days from end of redemptionPeriod, domain name will be purged from registry.
renewPeriod – when the registrar explicitly asks the registry to renew the domain name, the domain name would be in this status for a few days, in which the Registrar may opt to delete the domain name. During this period if, registrar asks to delete the domain, the registry will credit the cost to the registrar.
serverHold – when the registry sets this status, the DNS for the domain name would not be activated.
transferPeriod – After a domain name is transferred from one registrar to another, this status gets activated. During this period, the registrar may opt to delete the domain name, and if the registrar would do so, the registry would provide credit to the registrar.
Important Status codes set by Registrar
- clientTransferProhibited – when this status code is put by the registrar, the registry would reject domain transfer request to another registrar. Typically, you may “unlock” the domain name from your account and this status code will go away.
For a complete list of EPP codes please visit.
After reading this post, you must have got acquainted with Whois tools, terminology and resources related to Whois. If you liked the post please share it to social media by clicking the icons below this post.Also, please visit the “Homepage” of the blog and look for the section “Our Social Media Presence”, follow our page at Facebook and Linkedin. Also to keep you updated with the blog please subscribe to the Newsletter