Why do some fields show 'Redacted for Privacy' or appear blank?

GDPR and similar privacy regulations have led most registrars to redact personal contact information from WHOIS records by default. Fields like registrant name, email, phone, and address are commonly hidden. This is not an error — it reflects the current state of the public WHOIS record. Technical fields such as registrar, nameservers, dates, status codes, and abuse contact are always public and will be shown regardless of privacy settings.

WHOIS Lookup — Find Domain Owner, Registrar & Registration Info

Error: Unable to complete lookup. Please try again.

You can also paste a full URL — the tool strips the protocol and path automatically.

Looking up WHOIS data for …

ℹ Protocol note:

Domain Queried

—

⌨ Raw WHOIS / RDAP Response

How to Use the WHOIS Lookup Tool

Enter a Domain Name or IP Address

Type any domain name (e.g. example.com) or IP address (e.g. 8.8.8.8) into the input field. The tool automatically detects which type you entered. You can also paste a full URL — the protocol and path are stripped automatically so you do not need to clean it up first.

Click WHOIS Lookup

Press the button or hit Enter. For domains, the tool queries RDAP first (the modern ICANN-standard protocol) and automatically falls back to the legacy Port 43 WHOIS protocol for country-code domains that have not yet implemented RDAP. For IP addresses, it queries the appropriate Regional Internet Registry — ARIN, RIPE, APNIC, LACNIC, or AFRINIC — automatically.

Review the Registration Details

The results show registrant name and organization (if not privacy-protected), registrar, creation date, expiry date with days-remaining countdown and color-coded warning badge, nameservers, EPP domain status codes with plain-English explanations, and DNSSEC status. A privacy badge indicates if WHOIS privacy masking is active — all publicly available technical data is still shown even when privacy is enabled.

Copy or View the Raw Response

Use the Copy Results button to export all registration data to your clipboard as formatted plain text — useful for pasting into a support ticket, email, or documentation. Toggle Raw WHOIS to view the complete unformatted RDAP or Port 43 response for advanced use or troubleshooting.

Frequently Asked Questions

What is a WHOIS lookup?

A WHOIS lookup queries the global domain registration database to return publicly available information about a domain name — including who registered it, when it was created, when it expires, which registrar manages it, and which nameservers it uses. The WHOIS protocol dates to 1982 and is now being replaced by RDAP (Registration Data Access Protocol), the modern ICANN-mandated standard that returns structured JSON data over HTTPS. This tool uses RDAP first and falls back to legacy WHOIS for country-code domains that have not yet implemented it.

Why does the domain show "Privacy Protected" instead of the owner's name?

Since GDPR took effect in 2018, most domain registrars now offer WHOIS privacy services that replace the registrant's personal name, email, address, and phone number with generic proxy information. This protects domain owners from spam, harassment, and identity theft. Even when privacy is enabled, technical registration data — registrar name, creation date, expiration date, nameservers, EPP status codes, and abuse contact — remains publicly visible and is always shown in our results.

What are EPP domain status codes?

EPP (Extensible Provisioning Protocol) status codes describe the current state of a domain registration. "clientTransferProhibited" means a registrar lock is in place — this is a normal, healthy security measure preventing unauthorized transfers. "clientHold" means DNS resolution has been suspended by the registrar — the website and email will not work. "pendingDelete" means the domain is in its final deletion countdown and cannot be recovered or renewed. "redemptionPeriod" means the domain has expired and entered a 30-day recovery window, usually with a high redemption fee. This tool shows every status code with a plain-English explanation so you know exactly what each one means.

What is the difference between RDAP and WHOIS?

WHOIS is the original domain lookup protocol from 1982 — it queries servers on TCP Port 43 and returns unstructured plain text. RDAP (Registration Data Access Protocol) is the modern replacement mandated by ICANN for all generic top-level domain (.com, .org, .net, .io, etc.) registries. RDAP returns structured JSON over HTTPS, handles privacy compliance better, and supports internationalized domain names. Some country-code domains like .ca, .de, and .uk have not yet implemented RDAP and still respond on Port 43 — our tool falls back to WHOIS automatically for these and shows which protocol answered your query.

What is IP WHOIS and how is it different from domain WHOIS?

Domain WHOIS answers "who registered this domain name and when?" IP WHOIS answers "which organization was assigned this IP address block?" IP address assignments are managed by Regional Internet Registries — ARIN covers North America, RIPE covers Europe, APNIC covers Asia-Pacific, LACNIC covers Latin America, and AFRINIC covers Africa. Enter any IPv4 or IPv6 address in this tool to see the organization that holds the assignment, the CIDR block, the assigned network name, country, ASN, and abuse contact.

What does the expiry warning badge mean?

The expiry warning badge appears when a domain is approaching its renewal deadline. An amber badge appears when the domain expires within 90 days — it is worth noting and scheduling a renewal. A red badge appears when it expires within 30 days — renewal is urgent. The exact number of days remaining is always shown alongside the expiration date regardless of whether a warning badge appears. This feature is useful for IT administrators monitoring domains they manage, or for domain investors tracking when a target domain may lapse and become available for registration.

Can I look up a domain I do not own?

Yes. WHOIS data is publicly available for all registered domains. Anyone can query it — there is no requirement to own the domain. WHOIS lookups are routinely used by IT administrators verifying DNS delegation, security researchers investigating suspicious domains, brand protection teams identifying unauthorized registrations, and domain investors researching expiry dates. The only data that may be hidden is personal contact information protected by WHOIS privacy services or GDPR redaction — technical data such as registrar, dates, and nameservers is always public.

WHOIS Terms Glossary

Not sure what a WHOIS field or status code means? These definitions explain every piece of registration data this tool returns — what it is, why it matters, and what to look for.

Registration Data Fields

Registrant

Domain Owner

The person or organization that registered the domain. Since GDPR, this is often hidden behind a privacy proxy. When visible, it shows the name, organization, email, and address of the domain owner.

Registrar

Registration Company

The ICANN-accredited company through which the domain was purchased — e.g. GoDaddy, Namecheap, Google Domains, or Cloudflare. The IANA ID is a unique numeric identifier for the registrar assigned by ICANN.

Creation Date

Registration Date

The date the domain was first registered. Combined with today's date, the tool calculates and displays the domain age. Older domains are generally considered more trustworthy by search engines and mail servers.

Expiration Date

Renewal Deadline

The date the domain registration expires. If not renewed before this date, the domain enters a grace period and then a redemption period before being released for public registration. This tool shows days remaining and highlights approaching deadlines.

Last Updated

Last Modified Date

The date the WHOIS record was last changed. This updates when nameservers change, contact information is edited, or the domain is renewed. A recent update date during a security investigation may indicate the domain was recently modified.

Nameservers

DNS Delegation

The DNS servers that are authoritative for this domain — the servers that hold the master copy of all DNS records. Nameservers in WHOIS are set at the registrar level and determine where the domain's DNS is hosted, which may differ from where the website is hosted.

EPP Domain Status Codes

clientTransferProhibited

Registrar Transfer Lock

Transfer to another registrar is locked. This is a standard security measure on all active domains — it prevents unauthorized transfers without the domain owner's authorization code. If you see this, it means the domain is protected.

clientHold

DNS Suspended by Registrar

The registrar has suspended DNS resolution for this domain. The website and email associated with this domain will not work. Usually caused by non-payment, abuse reports, or legal disputes. Contact the registrar to resolve.

serverHold

DNS Suspended by Registry

DNS resolution has been suspended at the registry level — more serious than clientHold. Often applied due to confirmed abuse, court orders, or ICANN enforcement actions. Cannot be resolved at the registrar level.

pendingDelete

Final Deletion Countdown

The domain is in a 5-day deletion queue. It cannot be recovered, renewed, or transferred. After this period, it is released back to the public for registration. Domain investors monitor this status for "drop catching" opportunities.

redemptionPeriod

Expiry Recovery Window

The domain has expired and entered a 30-day recovery window. The original owner can still reclaim it by paying a redemption fee (often $100–$300). After this period, it moves to pendingDelete. Act quickly if you need to recover a domain in this state.

serverTransferProhibited

Registry Transfer Lock

Transfer is locked at the registry level — typically applied during a domain dispute (UDRP proceeding) or a legal hold. This cannot be lifted by the registrar and requires resolution of the underlying dispute.

Privacy, GDPR & WHOIS Masking

WHOIS Privacy

Registrant Privacy Protection

A service offered by registrars that replaces the domain owner's personal contact information in WHOIS records with proxy contact details. This prevents spam harvesting and protects personal information. Most registrars now offer this free with every domain registration.

GDPR Redaction

General Data Protection Regulation

Since May 2018, GDPR has required registrars serving EU customers to redact personal information from public WHOIS records by default. This is why most modern WHOIS lookups show "Redacted for Privacy" — it is legal compliance, not an error. Technical data (registrar, dates, nameservers) is always displayed.

Abuse Contact

Registrar Abuse Email

Even when full registrant details are hidden, registrars are required to provide a public abuse contact email. This is the address to use for reporting domain abuse — spam, phishing, malware, or illegal content — to the registrar. The registrar is obligated to respond to legitimate abuse reports.

Proxy Service

Privacy Proxy Provider

When WHOIS privacy is active, the registrant fields show the proxy service's details instead of the owner's. Common proxy services include Domains By Proxy (GoDaddy), WhoisGuard (Namecheap), Contact Privacy (Google), and Privacy Guardian. The proxy service will forward legitimate communications to the actual domain owner.

RDAP & WHOIS Protocols — How This Tool Works

RDAP

Registration Data Access Protocol

The modern ICANN-mandated replacement for WHOIS. RDAP returns structured JSON over HTTPS, supports authentication and rate limiting, handles internationalized domain names, and gives registrars better control over privacy compliance. All gTLD registries (.com, .org, .net, .io, etc.) now support RDAP. This tool uses RDAP as its primary lookup protocol.

Port 43 WHOIS

Legacy WHOIS Protocol (1982)

The original WHOIS protocol — a simple TCP connection to port 43 that returns unformatted plain text. Still used by many country-code domains (ccTLDs) such as .ca, .de, .uk, .au, and others that have not yet implemented RDAP. This tool automatically falls back to Port 43 when RDAP is unavailable and shows which protocol was used.

ccTLD Note

Country-Code Domain Limitation

Country-code top-level domains (ccTLDs) like .ca (Canada), .de (Germany), .uk (United Kingdom), .au (Australia), and others operate under their own national registries and policies. Some have implemented RDAP; others still use only Port 43. Data availability and field names may vary by ccTLD registry.

IP WHOIS (RDAP)

Regional Internet Registry Lookup

IP address block assignments are managed by five Regional Internet Registries: ARIN (North America), RIPE NCC (Europe/Middle East/Central Asia), APNIC (Asia-Pacific), LACNIC (Latin America/Caribbean), and AFRINIC (Africa). This tool uses RDAP to query the correct RIR automatically based on the IP address entered.

WHOIS Lookup

How to Use the WHOIS Lookup Tool

Frequently Asked Questions

WHOIS Terms Glossary

Related IT Tools