How to Check and interpret Domain WHOIS data from linux command

As per ICANN policy domain Register need to keep record of domain Registrant name, address, Contact Details etc details. Unless registrant make it private using registrar whois privacy (a service may be purchased for this purpose) those details are publicly available through registrar whois server. Most of the domain registrar offer free online tool to check whois database. This post will show how to check whois database of a registered domain using “whois” tool from linux command line. Some important terms of whois database is also explained.

  1.  Installing whois tools:
    1. CentOS and RHEL: whois tool present in “base” repository of yum installer and hence can easily be installed using “yum”
      yum install whois
    2. For Debian & Ubuntu system “whois” package is available for installation by “apt-get” installer
      apt-get install whois
  2. Using “whois” tool to check whois database of a domain:
    whois yourdomain.tld

    For serverlog.net whois output obtained from a CentOS 7 x64 system is given bellow for further interpretation of terms

    [root@ovh ~]# whois serverlog.net
    [Querying whois.verisign-grs.com]
    [Redirected to Whois.bigrock.com]
    [Querying Whois.bigrock.com]
    Domain Name: SERVERLOG.NET
    Registry Domain ID: 2059975749_DOMAIN_NET-VRSN
    Registrar WHOIS Server: Whois.bigrock.com
    Registrar URL: www.bigrock.com
    Updated Date: 2016-11-17T02:20:46Z
    Creation Date: 2016-09-17T17:17:30Z
    Registrar Registration Expiration Date: 2017-09-17T17:17:30Z
    Registrar: BigRock Solutions Ltd
    Registrar IANA ID: 1495
    Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
    Registry Registrant ID: Not Available From Registry
    Registrant Name: Abhik Bose
    Registrant Organization:
    Registrant Street: H13, IIT Bombay, Powai
    Registrant City: Mumbai
    Registrant State/Province: Maharashtra
    Registrant Postal Code: 400076
    Registrant Country: IN
    Registrant Phone: +91.9967615600
    Registrant Phone Ext:
    Registrant Fax:
    Registrant Fax Ext:
    Registrant Email: abhikbose23@gmail.com
    Registry Admin ID: Not Available From Registry
    Admin Name: Abhik Bose
    Admin Organization:
    Admin Street: H13, IIT Bombay, Powai
    Admin City: Mumbai
    Admin State/Province: Maharashtra
    Admin Postal Code: 400076
    Admin Country: IN
    Admin Phone: +91.9967615600
    Admin Phone Ext:
    Admin Fax:
    Admin Fax Ext:
    Admin Email: abhikbose23@gmail.com
    Registry Tech ID: Not Available From Registry
    Tech Name: Abhik Bose
    Tech Organization:
    Tech Street: H13, IIT Bombay, Powai
    Tech City: Mumbai
    Tech State/Province: Maharashtra
    Tech Postal Code: 400076
    Tech Country: IN
    Tech Phone: +91.9967615600
    Tech Phone Ext:
    Tech Fax:
    Tech Fax Ext:
    Tech Email: abhikbose23@gmail.com
    Name Server: ns1.interentry.com
    Name Server: ns2.interentry.com
    Name Server: ns3.interentry.com
    Registrar Abuse Contact Email: abuse@bigrock.com
    Registrar Abuse Contact Phone: +1-888-924-4762
    URL of the ICANN WHOIS Data Problem Reporting System: http://wdprs.internic.net/
    >>> Last update of WHOIS database: 2016-12-27T19:47:25Z <<<


    For more information on Whois status codes, please visit https://icann.org/epp

    Registration Service Provided By: BIGROCK

    Followed by Terms and Conditions of using whois database server (not shown)

  3. Explanation of Some Important Terms:
    1. Initial 4 line coated in []: The “whois” tools doesn’t know the actual register who contains the “whois database”. The tool start from central registry which redirects to the whois server of registrant. “whois.verisign-grs.com” and “Whois.bigrock.com” are whois server of central registry and registrar (Bigrock in our case). This followed by registrar name, Creation, expire and lat update date.
    2. Registrar IANA ID: This indicate the unique ID of the Registrar company. Each ICANN accredited register have an unique ID.
    3. Domain Status: This indicate the domain is locked for transfer by the current register or not. The lock may be of various reason.
      1. clientTransferProhibited” indicate a domain transfer lock requested by registrant to prevent erroneous domain transfer.
      2. serverTransferProhibited” indicates the domain is in initial 60 days of registration or last transfer and is in mandatory transfer lock by ICANN.
      3. An “OK” indicate the domain is ready to transfer. Before initiating a transfer request this is to be checked. In any state except “ok” a domain transfer request will be denied.
      4. autoRenewPeriod” indicate the domain registration is in Grace Period.
      5. pendingDeletion” indicate the domain registration is expired and grace period os also over and it’s waiting for next slot of deletion. Recovering a domain from this state to register account attract high charge by the register.
    4. Registrant ID: An unique ID of the domain Registrant to the Register. This ID is unique to a single Register only and sometime absent. So a registrant doesn’t have same ID for domains he owned at different Registrant. Ex. If he register two domain with Bigrock s/he will have same ID for those 2 domain but will have different ID for a domain registered at name.com.
    5. Name, Address and Contact Details: Following section contains Name, Address, email ID and phone number of the Domain Registrant, Domain Admin and Domain Technician. This three details are specified by Registrant at the time of registration or updated latter. Nowadays most domain register offer whois privacy protection either free of against a small price to make this data secret. A registrant shall use that or not is topic of another post. 
    6. Name Server: This contains the authoritative name servers for the concerned domain.
    7. DNSSEC: This indicate the DNS zones of the domain is signed with DNSSEC or not. A “signedDelegation” indicate the zone is signed with DNSSEC. What DNSSEC is and how to implement is out of current scope.
    8. Registrar Abuse Contact: This contain email and phone number of abuse control department of Registar
    9. This followed by terms and conditions for using whois server etc.

This discussion shall provide a good understanding what whois data is, how they maintained, explanation and how to check them from command line. Several free online tools are also available as follows

  1. who.is [For both gTLD and ccTLD Domains]
  2. whois.icann.org [maintained directly by ICANN, but only for gTLD Domains, require capture]
  3. whois.com [for both gTLD and ccTLD]
  4. whois.net [for both gTLD and ccTLD]

For any further query don’t hesitate to leave your comment.

Visits: 116

Leave a Reply

Your email address will not be published. Required fields are marked *