WHOIS Explained: How to Look Up Who Owns a Domain

A WHOIS lookup queries the public registration record behind a domain name. It tells you which registrar manages the domain, when it was created and when it expires, which name servers it uses, and, when the data is not redacted, who registered it. Think of it as the registration certificate for a domain, queryable by anyone.

WHOIS is one half of how you identify a domain. The other half is its DNS records, which describe where the domain points rather than who owns it. This guide covers what WHOIS returns and how to read it; the linked splinters below go deep on each common task.

You can run a parsed WHOIS lookup on any domain with our WHOIS tool, which turns the raw record into clean, labelled fields.

What a WHOIS record contains

WHOIS is a simple query-and-response protocol, originally standardised in RFC 3912. A typical record breaks down into a few groups of fields.

Field group	Examples	What it tells you
Registrar	Registrar name, IANA ID, abuse contact	Which company manages the registration
Dates	Created, Updated, Expires	Domain age and renewal deadline
Status	clientTransferProhibited, etc.	Locks and protections on the domain
Name servers	ns1.example.com	Which DNS servers are authoritative
Registrant	Name, org, country, email	Who registered it (often redacted)

The registrar and date fields are reliable because they come from the registry that operates the top-level domain. The contact fields are a different story, which is where redaction comes in.

Why so much WHOIS data is now hidden

If you ran a WHOIS lookup before 2018 you would usually see the registrant's name, address, email, and phone number. Today most of that is replaced with redaction notices. The change came from the EU's General Data Protection Regulation, which led ICANN to adopt a Temporary Specification (now the Registration Data Policy) requiring registrars to hide personal data by default.

The practical effect: you can still see the registrar, dates, status and name servers for almost any domain, but the human behind it is usually masked. Two related guides cover this in detail, WHOIS privacy explained (the opt-in service) and why WHOIS data is redacted (the legal default).

Common things people use WHOIS for

• Finding the owner of a domain. Even with redaction there are still ways to make contact. See how to find who owns a domain.
• Checking how old a domain is. The creation date is a strong trust and SEO signal. See how to check a domain's age.
• Finding when a domain expires. Useful for acquisitions and for catching your own renewals. See how to find a domain's expiration date.
• Reading the raw record. The fields and their abbreviations can be cryptic. See how to read a WHOIS record.

Registrar, registrant, registry: not the same thing

WHOIS records reference several parties and they are easy to confuse. The registry operates the top-level domain, the registrar sells and manages registrations, and the registrant is the person or organisation that holds the domain. The distinction matters when you need to file a complaint or transfer a name. We untangle it in registrar vs registrant vs registry.

WHOIS is being replaced by RDAP

The classic WHOIS protocol returns unstructured text, which is awkward to parse and inconsistent across registrars. Its successor, RDAP, returns structured JSON and supports access control and internationalisation. ICANN has set RDAP as the standard for gTLD registration data. If you work with this data programmatically, read WHOIS vs RDAP.

Whichever protocol you use, the goal is the same: turn a domain name into a clear picture of who registered it, through whom, and when. Run a lookup on any domain with our WHOIS tool, or have an AI agent fetch it through the whois_lookup tool in our MCP server.