The whois system

The whois system is a listing of records that contains details about both the ownership of domains and the owners. The Internet Corporation for Assigned Names and Numbers (ICANN) regulates domain name registration and ownership, but the list of records is held by many companies, known as registries.

  • A registry is a company that manages a list containing a set of domain names (there are many of these).

  • A registrant is the legal owner of the domain; it is registered to this legal person.

  • A registrar offers services to a registrant to make a registration.

A whois record contains all the contact information associated with the person, company, or other entity that registered the domain name. Some registrations contain more information than others, and some registries return differing amounts of information.

DNS registrars

For an organisation or company to host its own e-mail, web, ftp, or any other service on the Internet, it must have each of these servers listed within the DNS infrastructure. These DNS servers list the names of the servers, along with the IP addresses that can be used to access these services. Internet Protocol (IP) address information is publicly available via the ARIN and many other Internet registering authorities. Anyone can begin a search using a single known IP address. The search will yield the complete block of IP addresses belonging to the organisation or company.

Whois databases contain this information and much of it can be accessed via the internet (web and cli).

  • Look up the target at InterNIC to find out who the registrar is

  • Go to the (RIR) whois database to get detailed records.


A Regional Internet Registry (RIR) is an organization that manages the allocation and registration of Internet number resources within a particular region of the world. Internet number resources include IP addresses and autonomous system (AS) numbers.