Domain WHOIS / RDAP Lookup

Enter a domain to see who it is registered with, when it was created and when it expires, the EPP status codes (each explained in plain English), its nameservers and DNSSEC status, and any published contacts. Data comes live from RDAP - the modern, structured successor to WHOIS - with a classic WHOIS fallback.

You can paste a full URL or an email address - we will extract the domain. Example: cloudflare.com.

What is a WHOIS / RDAP lookup?

A WHOIS or RDAP lookup retrieves the public registration record for a domain name: who it is registered with, when it was created and when it expires, the status locks protecting it, its nameservers, whether DNSSEC is enabled, and any published contact details. WHOIS is the original, free-text protocol (RFC 3912). RDAP - the Registration Data Access Protocol (RFC 9082 and RFC 9083) - is its modern, structured, JSON-based replacement. This tool queries RDAP first and falls back to classic WHOIS only when a TLD does not yet serve RDAP, and it tells you which source the answer came from.

Why is RDAP replacing WHOIS?

WHOIS has real limitations: its output is unstructured free text that differs between every registry, it has no standard way to authenticate or rate-limit requests, no internationalisation, and no consistent way to express redaction. RDAP fixes all of this with a standardised JSON model, HTTP/HTTPS transport, RESTful URLs, differentiated access, and proper Unicode support. ICANN has formally moved gTLD registries and registrars to RDAP and set the sunset of the legacy WHOIS (RDDS) service - RDAP is now the authoritative source for gTLD registration data. The fields you see above (registrar, IANA ID, abuse contact, events, status, nameservers, secure DNS) map directly to RDAP's structured objects.

How do I read EPP domain status codes?

Status codes come from the Extensible Provisioning Protocol (EPP) and describe what operations are allowed or in progress on a domain. They fall into a few families:

  • Client locks (clientTransferProhibited, clientDeleteProhibited, clientUpdateProhibited) are set by your registrar and you can ask them to toggle. clientTransferProhibited is the standard anti-hijacking lock and should normally be on.
  • Server locks (serverTransferProhibited, serverDeleteProhibited, serverUpdateProhibited) are set by the registry and the registrar cannot remove them alone - often part of a premium Registry Lock security service.
  • Hold codes (clientHold, serverHold) mean the domain has been pulled from the zone and will not resolve - usually non-payment, a dispute, or an abuse action.
  • Lifecycle / grace codes (autoRenewPeriod, redemptionPeriod, pendingDelete) track an expiring or expired domain through its grace windows toward release.
  • ok / active means a normal domain with no pending operations. Note that a domain with any lock will not also show ok.

The report above prints each code with its plain-English meaning so you do not have to memorise them.

Why are the contact details redacted?

Before 2018, public WHOIS exposed the registrant's name, address, email and phone. The EU's General Data Protection Regulation (GDPR) made publishing that personal data unlawful by default, so ICANN's Temporary Specification - and now the Registration Data Policy - require registries and registrars to redact personal contact fields from public WHOIS/RDAP. That is why you usually see only the registrar and an abuse contact, with registrant/admin/tech contacts withheld. Legitimate access (law enforcement, trademark, security) goes through a tiered disclosure request rather than the public record. Country-code TLDs (ccTLDs) set their own policies - some, like .fr, still publish organisational contacts, while many redact like gTLDs.

How do I read the expiry date - and what happens when a domain expires?

The expiry date is when the current registration term ends. The badge above turns amber when a domain is within 30 days of expiry and red once it has passed. After expiry, most gTLDs run an auto-renew grace period (often up to 45 days, status autoRenewPeriod), then a ~30-day redemptionPeriod during which only the original registrant can recover the name (usually for a steep fee), then a short pendingDelete phase before the name is released back to the open market. If a domain matters to you, renew it well before expiry and keep the registrar account contact and payment method current.

Is the registrar abuse contact the right place to report a problem?

For phishing, malware, spam or other abuse tied to a domain, the registrar's abuse email and phone shown above are the correct first point of contact - ICANN requires accredited registrars to publish and act on them. For content or trademark disputes there are separate channels (registrar legal contacts, UDRP, or the relevant hosting provider). Note that using WHOIS/RDAP data for unsolicited marketing violates registrar terms and anti-spam law.

Frequently Asked Questions

What's the difference between IP WHOIS and domain WHOIS?
Domain WHOIS shows domain registration details (owner, registrar, expiration date). IP WHOIS shows IP address allocation details. They're separate databases managed by different organizations.
Can I see who owns a domain anonymously registered?
Domains with privacy protection show the privacy service's information instead of the true owner. Some registrars reveal owner info for legitimate legal or abuse reports.
What does the domain status mean?
Status codes like 'clientTransferProhibited' prevent unauthorized transfers, 'pendingDelete' means domain is expiring, 'redemptionPeriod' allows owner to recover expired domain, and 'ok' means active with no restrictions.
How can I tell when a domain expires?
The WHOIS record includes 'Registry Expiry Date' and 'Registrar Expiry Date'. The domain will be released for re-registration after a grace period following expiration (typically 30-75 days).
Can WHOIS data be used to contact domain owners?
Yes, if contact information isn't privacy-protected. However, using WHOIS data for spam or unsolicited marketing may violate anti-spam laws and registrar terms of service.
Last reviewed: Reviewed by the

How this tool works: This tool runs in your browser and on our server in real time. Depending on the tool, results are computed directly from the input you provide or retrieved from live, authoritative data sources at the moment you run a lookup. We do not sell your data, and your lookups are kept private — any history shown here is stored only on your device.

Related Tools

Explore these related tools to get more insights and complete your analysis:

IP WHOIS Lookup

Look up WHOIS data for any IP address to find the network owner, ASN, allocated range, abuse contact, and registration details from regional registries.

DNS Lookup

Check DNS records for any domain instantly. Our free DNS lookup tool queries authoritative nameservers to show A, AAAA, MX, TXT, NS, SOA, and CNAME records.

Reverse DNS Lookup

Look up the hostname associated with any IP address using reverse DNS. Verify PTR records and identify servers by their IP addresses instantly.

Subdomain Discovery

Discover all subdomains for any domain. Uses certificate transparency logs, DNS enumeration, and other techniques to map the complete domain infrastructure.

SSL Certificate Checker

Check any website's SSL/TLS certificate. View expiration date, issuer, certificate chain, supported protocols, and get a security grade with recommendations.