WHOIS Domain Lookup

Look up domain registration details using RDAP. See registrar, registration and expiration dates, nameservers, DNSSEC status, and contact information for any domain.

Was this tool helpful?

How to Use

Look up domain registration details using the modern RDAP protocol:

Enter a domain name — Type any domain (e.g., example.com) into the input field, or click one of the quick-try buttons. The tool automatically strips https://, www., and path segments, so pasting a full URL works too.
View registration details — Results include the registrar name and URL, registration and expiration dates with a color-coded countdown badge, last update timestamp, domain status codes (e.g., clientTransferProhibited), DNSSEC signing status, and nameserver records.
Check contacts — Contact information includes registrant, administrative, and technical contacts when available. Under GDPR, most registrars redact personal details and show privacy service information instead.

About This Tool

WHOIS vs RDAP

Traditional WHOIS is a 40-year-old protocol (RFC 3912) that returns unstructured plain text over port 43. Each registrar formats responses differently, making automated parsing unreliable. RDAP (Registration Data Access Protocol, RFC 9082/9083) is its modern replacement — it returns structured JSON over HTTPS, supports authentication and access control, and is now mandatory for all ICANN-accredited registrars since 2019.

This tool queries RDAP servers through the rdap.org bootstrap service, which automatically routes queries to the correct authoritative registry server for each TLD. The structured JSON response is parsed into the readable format shown above.

Domain Status Codes

EPP (Extensible Provisioning Protocol) status codes indicate the current state and restrictions on a domain. Common statuses include: clientTransferProhibited (domain cannot be transferred without registrar authorization), clientDeleteProhibited (domain cannot be deleted), and serverHold (domain suspended by the registry, DNS does not resolve). Statuses prefixed with "client" are set by the registrar; "server" prefixes are set by the registry.

DNSSEC

DNSSEC (Domain Name System Security Extensions) adds cryptographic signatures to DNS records, allowing resolvers to verify that responses have not been tampered with during transit. A signed domain has a chain of trust from the root zone down to the domain's nameservers. The RDAP response includes whether the domain has delegationSigned set to true, meaning DNSSEC is active.

Privacy and GDPR

Since GDPR came into effect in May 2018, ICANN's Temporary Specification for gTLD Registration Data requires registrars to redact personal information from public WHOIS/RDAP records. Most registrars now show a privacy proxy or "REDACTED FOR PRIVACY" in contact fields. Only the registrant's country and state/province may remain visible. For ccTLDs (country-code domains like .uk, .de), privacy rules vary by country. Related tools for investigating domains include DNS Lookup and HTTP Headers Analyzer.

Why Use This Tool

Domain Investigation

WHOIS lookups are a fundamental tool for domain research. Before purchasing a domain, checking WHOIS reveals whether it is already registered, when it expires, and who the registrar is. Security professionals use WHOIS to investigate phishing domains, identify domain ownership patterns, and verify SSL certificate details against registration data.

Common Use Cases

Domain expiry monitoring: Check when your domain expires and set calendar reminders. The color-coded countdown badge gives immediate visual feedback — red for under 30 days, amber for under 90 days.
Registrar verification: Confirm which registrar holds a domain registration before initiating a transfer. The registrar name and URL help you find the correct control panel.
Nameserver verification: Verify that DNS nameservers match your expected hosting provider. Mismatched nameservers can indicate DNS hijacking or incomplete migrations.
DNSSEC validation: Check whether a domain has DNSSEC enabled. Unsigned domains are vulnerable to DNS spoofing attacks where attackers return forged DNS responses.
Phishing investigation: Look up suspicious domains to check their registration date. Domains registered within the last few days that impersonate known brands are common phishing indicators.

Privacy

Queries are proxied through our Cloudflare Worker to the rdap.org bootstrap service. The Worker does not log or store any queries. The RDAP request reaches the authoritative registry server, which may log queries per its own policies. Related network tools include What Is My IP, DNS Lookup, Subnet Calculator, and IPv4 Converter.

FAQ

What is the difference between WHOIS and RDAP?

WHOIS is a 40-year-old protocol (port 43) that returns unstructured text. RDAP (Registration Data Access Protocol) is its modern replacement, returning structured JSON over HTTPS. RDAP is now mandatory for all ICANN-accredited registrars. This tool uses RDAP for accurate, structured results.

Why is contact information redacted?

Under GDPR and ICANN privacy regulations, most registrars redact personal contact information from public WHOIS/RDAP records. You will typically see the registrar's privacy service details instead of the domain owner's personal information.

What information is available?

Domain name, registration status, creation and expiration dates, registrar name, nameservers, DNSSEC status, and contact details (often redacted for privacy). The exact fields depend on the registry and registrar policies.

Is my query logged?

Our proxy does not log queries. The RDAP request passes through rdap.org's bootstrap service to the authoritative registry server. The registry may log queries per their own policies.