What is Whois Protocol

Whois is a protocol that can be used to query information about Internet domains and IP addresses and their owners (“registrants”) from a distributed database system. Since its inception, Whois queries have been carried out primarily via the command line. Since corresponding client software was not available for all common operating systems, web-based frontends became established early on. Despite later versions, web Whois providers still enjoy great popularity, not least for reasons of topicality in domain lookups.

Since the General Data Protection Regulation came into force in May 2018, the query only provides third parties with the technical information of the name servers and e-mail addresses for contact. In addition, owners themselves receive the data entered, for example for checking, for a limited period of time via a link that is sent to the stored e-mail address. Third parties, on the other hand, can only request the owner data via separate forms as an authority and in the event of verifiable legal disputes, for example due to name rights or seizures.

Neither the structure and character encoding of the return nor error handling are subject to standards, which makes cross-domain machine evaluation difficult. Domain lookups are the responsibility of the organization or NIC that manages them and are not available for every top-level domain. As a rule, detailed information that must be provided during the domain registration can be requested here.

The individual domain name registries often handle the handling of Whois data very differently. The public provision of phone numbers in the context of Whois records, for example, is subject to constant discussion, which flared up again in 2006 with a proposal from ICANN. Since administrative contact is also provided for possible misuse, some providers already limit themselves to a list of name servers or information about registrability.

The individual domain name registries often handle the handling of Whois data very differently. The public provision of phone numbers in the context of Whois records, for example, is subject to constant discussion, which flared up again in 2006 with a proposal from ICANN. Since administrative contact is also provided for possible misuse, some providers already limit themselves to a list of name servers or information about registrability.

The Protocol

A plaintext protocol is defined on port 43/TCP specified by IANA. The sister protocol RWhois adds redirects and a hierarchical structure to Whois, similar to the Domain Name System. As in HTTP 0.9, queries consist of a single line passed by the client to an open socket. The first line feed is followed by the response from the Whois server. Some databases, allow you to specify the encoding or query type by means of your own parameters that precede the query but are not standardized.

In order to make Whois information available via a web browser, there are various Whois proxy services. In many cases, these are services operated by domain merchants and registrars that only cover isolated domains and rarely IP or AS information. For further searches, it is recommended to use a corresponding client in the command line.

With most popular home and server operating systems, a Whois client is either included in the scope of delivery or at least freely available. Simple queries can be made in the command line with the program. Here’s an example of the syntax: