What is a WHOIS lookup?

A WHOIS lookup queries the global domain registration database to pull up information about a registered domain name. The protocol was originally defined in RFC 3912 and returns data maintained by domain registries and ICANN-accredited registrars. A typical WHOIS response includes the sponsoring registrar, creation date, last-updated date, expiry date, authoritative nameservers, and EPP status codes showing whether the domain is locked, transferable, or under any holds. Network administrators use WHOIS to investigate abuse reports. Security researchers track malicious domains with it. Legal teams rely on it for trademark disputes under ICANN's UDRP process. This tool parses the raw WHOIS response and organizes it into structured sections with computed values like domain age and days until expiry, so you get clean, readable data instead of raw text output.

How do I find who owns a domain?

Finding domain ownership got a lot harder after GDPR took effect in May 2018. ICANN's Registration Data Policy now requires registrars to redact personal registrant information from public WHOIS responses for all gTLD domains (.com, .net, .org, and others). Registrant name, email, phone number, and physical address are typically replaced with "REDACTED FOR PRIVACY" or substituted with a privacy proxy contact. That said, a WHOIS lookup still reveals useful ownership signals. The sponsoring registrar, registration date (showing how long the current owner has held the domain), nameservers (revealing hosting infrastructure), and organization name are often still visible if the registrant did not enable privacy protection. For legitimate legal inquiries like trademark disputes or abuse complaints, you can contact the registrar directly since their abuse contact email appears in WHOIS results. ICANN also provides a formal process for accessing redacted data through its SSAD (System for Standardized Access/Disclosure) framework.

Is this WHOIS lookup tool free?

Yes, this WHOIS lookup tool is free. Without an account, you get 5 lookups per day. Creating a free DNSChkr account bumps that to 20 per day. Each lookup queries authoritative WHOIS and RDAP servers, then presents the results in a structured format with computed values like domain age, days until expiry, and decoded EPP status codes. Coverage includes generic TLDs (.com, .net, .org, .io), country-code TLDs (.uk, .de, .jp), and new gTLDs (.app, .dev, .xyz). Results show registrar details, all nameservers with direct links to DNS inspection tools, and a toggle for the raw unprocessed registration data. For higher-volume needs like bulk domain research or automated monitoring, DNSChkr offers credit-based plans with increased lookup limits.

What is a domain registrar?

A domain registrar is an organization accredited by ICANN (or a country-code domain authority) to sell and manage domain name registrations for end users. The big names include GoDaddy (largest by volume with over 80 million domains), Namecheap, Cloudflare Registrar, Tucows, and Google Domains. Think of the registrar as an intermediary between you and the registry operator. Verisign, for instance, operates the .com registry, while registrars handle the customer-facing sales and management. Registrars maintain WHOIS records, process renewals, handle transfers via EPP authorization codes, and enforce ICANN policies like the 60-day transfer lock after registration. When choosing a registrar, look at pricing transparency, DNSSEC support, two-factor authentication, whether domain privacy is included, and ICANN accreditation status. You can verify any registrar's accreditation at ICANN's registrar lookup page.

How do I check when a domain expires?

Enter any domain name in the WHOIS lookup field above to see its full registration timeline, including the expiry date with an automatic days-until-expiry countdown. For a more focused view, the Domain Expiry Checker tool shows a prominent visual countdown with color-coded indicators: green for 90+ days remaining, yellow for 30 to 90 days, and red for domains expiring within 30 days. Why does this matter? Brand owners need to make sure their domains never lapse. Expired domains can be snatched by cybersquatters or competitors within hours through drop-catching services. Domain investors track expiry dates to spot valuable domains returning to the pool. Security teams monitor expiry to prevent subdomain takeover attacks, which happen when a domain expires but DNS records pointing to it remain active elsewhere. Most registrars offer auto-renewal, but payment failures or outdated billing info can still cause unexpected lapses.

What are EPP status codes?

EPP (Extensible Provisioning Protocol) status codes are standardized indicators, defined in RFC 5731, that describe the current state and restrictions on a domain. They fall into two categories: client-side codes set by the registrar and server-side codes set by the registry. Common client codes include clientDeleteProhibited (prevents accidental deletion), clientTransferProhibited (blocks unauthorized transfers), and clientUpdateProhibited (prevents unauthorized setting changes). Server-side equivalents like serverDeleteProhibited and serverTransferProhibited add an extra layer of protection from the registry. The "ok" status means the domain has no restrictions and is operating normally. The codes to watch out for are clientHold and serverHold, which remove the domain from DNS resolution entirely. Registrars typically apply clientHold for non-payment or policy violations. ServerHold may indicate a legal dispute or ICANN compliance issue. A well-secured domain should have at least clientDeleteProhibited and clientTransferProhibited active.

What is the difference between WHOIS and RDAP?

RDAP (Registration Data Access Protocol), defined in RFCs 7480 through 7484, is the modern replacement for the legacy WHOIS protocol (RFC 3912). The biggest difference is data format. WHOIS returns unstructured plain text with no standardized field names, which makes automated parsing unreliable across different registrars. RDAP returns structured JSON with consistently named fields, so programmatic access actually works reliably. RDAP also brings proper HTTP status codes, standardized error responses, and built-in support for internationalized domain names (IDNs) via Unicode. On the privacy side, RDAP supports differentiated access control, meaning authenticated users with legitimate purposes can potentially see more data than anonymous queries. This aligns well with GDPR requirements. RDAP uses HTTPS by default too, adding transport encryption that plain WHOIS over TCP port 43 lacks. This tool automatically picks the best data source for each domain, preferring RDAP when available and falling back to traditional WHOIS otherwise.

What is domain lifecycle detection?

Domain lifecycle detection is a feature unique to DNSChkr that goes beyond simply reporting an expiry date. When a domain approaches or passes its expiration, it moves through a series of stages defined by ICANN policy: the registrar grace period (typically 0–45 days after expiry, where the owner can still renew at the normal price), the redemption period (30 days, where renewal is possible but at a significantly higher fee), pending delete (5 days, where the domain is queued for deletion), and finally the drop — when the domain becomes available for open registration. DNSChkr analyzes multiple independent signals to determine exactly where a domain sits in this pipeline: registry EPP status codes like clientDeleteProhibited or pendingDelete, nameserver patterns (whether they still point to active infrastructure or have been removed), active DNS resolution (whether the domain still resolves), and WHOIS update timing. Each detection includes a confidence score indicating how many signals corroborate the finding. This matters for domain investors watching for drops, brand protection teams monitoring competitor domains, and security researchers tracking potentially abandoned infrastructure.

How does domain expiry monitoring work?

DNSChkr allows signed-in users to set up email alerts for any domain looked up through the WHOIS tool. After running a lookup, a monitoring panel appears showing configurable alert thresholds: 60, 30, 14, 7, 3, and 1 day before the domain expires, plus post-expiry alerts at 1, 5, 30, 45, 75, and 80 days after expiration. The post-expiry thresholds align with the ICANN-defined lifecycle stages — the grace period, redemption period, and pending delete window — so users know exactly when a domain transitions between stages. Notifications are sent to the email address associated with the DNSChkr account. This is particularly useful for domain portfolio managers who need to track renewal deadlines across many domains, brand protection teams watching competitor or trademark-infringing domains, and domain investors monitoring high-value domains that may be dropping. Each user can monitor multiple domains simultaneously from their dashboard.

What are the visual and terminal display modes?

DNSChkr provides two ways to view WHOIS results. The visual dashboard (default) organizes registration data into structured cards with color-coded status indicators, an interactive expiry countdown with days remaining, a domain lifecycle timeline showing which stage the domain is in, a 7-point security validation checklist, contact entity information, and nameservers with direct links to DNS analysis. It is designed for non-technical users who want to understand domain health at a glance. The terminal view presents the same data in a classic command-line format with monospaced text and syntax highlighting — similar to running a whois command in a terminal. It includes six selectable color themes (Midnight, Matrix, Dracula, Solarized, Monokai, and Nord), copy-to-clipboard for the entire output, word wrap toggling, and fullscreen mode. System administrators, DevOps engineers, and security researchers who work primarily in terminals often prefer this format. Both views contain identical information and can be toggled with a single click. The selected view mode and theme preference persist across sessions via local storage.

Why is some WHOIS data missing or redacted?

Since May 2018, ICANN's Temporary Specification for gTLD Registration Data (later formalized as the Registration Data Policy in August 2019) requires all ICANN-accredited registrars to redact personal data from public WHOIS responses for GDPR compliance. Registrant name, organization (for natural persons), email, phone, fax, and street address must be withheld or replaced with placeholders like "REDACTED FOR PRIVACY" or "DATA REDACTED." Many registrars go further by offering free WHOIS privacy proxy services that substitute organizational data with proxy contacts. Country-code TLDs (.uk, .de, .au) have their own privacy policies that may differ from ICANN's gTLD rules. Some ccTLDs were actually redacting personal data before GDPR even existed. The technical and administrative fields remain publicly visible: registrar name, registration and expiry dates, nameservers, EPP status codes, and DNSSEC delegation information. If you need legitimate access to redacted data, ICANN's SSAD framework provides a standardized request process for law enforcement and intellectual property holders.

WHOIS Lookup

Instantly check domain registration details, registrar, nameservers, and expiry dates for any domain name.

Recent WHOIS Lookups

Updated 2026-03-30 17:51:41 UTC

Domains recently checked using the WHOIS lookup tool.

1.youtube.com
2.veeziosolutions.com
3.ikea.com
4.gwpharma.com
5.wordpress.com
6.rehab.com
7.reviewmydns.com
8.ab.com
9.lyricslk.com
10.example-domain.com

11.vpvip.com
12.facebook.com
13.ramoh.com
14.apple.com
15.ranoj.com
16.and.com
17.google.com
18.twk.ruhr
19.imdb.com
20.dnschkr.com

Written by Ishan Karunaratne · Last reviewed: March 14, 2026

What Is WHOIS?

WHOIS is a query-response protocol (RFC 3912) used to look up registration data for any domain name on the internet. A WHOIS lookup returns the sponsoring registrar, creation date, expiry date, authoritative nameservers, and EPP status codes that describe whether a domain is locked, transferable, or under restriction. Network administrators, security researchers, legal teams, and domain investors all rely on WHOIS data for abuse investigation, trademark enforcement, infrastructure auditing, and expiry monitoring.

DNSChkr's WHOIS lookup tool queries authoritative RDAP and WHOIS servers in real-time, then structures the raw response into organized sections with computed values — domain age, days-until-expiry countdown, color-coded status indicators, and decoded EPP status codes with human-readable explanations. Every nameserver in the results links directly to the DNS Inspector for one-click DNS analysis, making it easy to go from registration data to full DNS diagnostics in a single workflow.

What Makes This the Most Comprehensive WHOIS Lookup Tool Available?

Most WHOIS lookup tools return raw, unstructured text and leave interpretation to the user. DNSChkr takes a fundamentally different approach: every lookup runs through a 7-point validation checklist that automatically evaluates registration status, expiry risk, transfer and delete lock protection, nameserver configuration, and data completeness. But that is just the starting point — DNSChkr also performs real-time lifecycle detection, offers expiry monitoring with email alerts, and presents results in two distinct display modes designed for different audiences. The result is a comprehensive domain intelligence platform, not just a data dump.

Domain Lifecycle Intelligence

DNSChkr is one of the only WHOIS tools that performs real-time domain lifecycle detection. Instead of simply reporting an expiry date, it analyzes multiple independent signals — registry EPP status codes, nameserver patterns, active DNS resolution, and WHOIS update timing — to determine exactly where a domain sits in its lifecycle. The system identifies whether a domain is active, in its registrar's grace period, entering the redemption phase, pending deletion, or about to drop back to the open market. Each determination includes a confidence score based on how many independent signals corroborate the finding, along with a plain-language explanation of what the status means and what happens next in the registration pipeline.

For domains nearing or past expiry, DNSChkr provides acquisition intelligence — a ranked list of realistic options from contacting the current owner directly, to placing backorders, watching for registrar auctions, or waiting for the domain to drop. Each option includes an honest assessment of likelihood, typical timeline, and expected cost, so users can make informed decisions rather than guessing. No other free WHOIS tool provides this level of domain lifecycle analysis.

Expiry Monitoring with Email Alerts

Signed-in users can set up domain expiry monitoring with configurable email alerts directly from the WHOIS results page. Choose from multiple alert thresholds — 60, 30, 14, 7, 3, and 1 day before expiry, plus post-expiry alerts at 1, 5, 30, 45, 75, and 80 days after expiration. This makes DNSChkr both a lookup tool and an ongoing monitoring system. Domain portfolio managers, brand protection teams, and domain investors use these alerts to track domains of interest without manually checking WHOIS records every day. No other free WHOIS lookup tool offers integrated expiry monitoring with this level of granularity.

Two Ways to View WHOIS Data

DNSChkr offers two distinct display modes for WHOIS results. The default visual dashboard presents registration data in structured cards with color-coded indicators, an interactive expiry countdown, the lifecycle timeline, and the 7-point validation checklist — designed for brand managers, legal teams, and anyone who wants to understand domain health at a glance without technical expertise. The terminal view renders the same data in a classic command-line format with syntax highlighting, designed for system administrators, DevOps engineers, and security researchers who prefer consuming data in a CLI-native format. The terminal view includes six color themes — Midnight, Matrix, Dracula, Solarized, Monokai, and Nord — with copy-to-clipboard, word wrap, and fullscreen support.

RDAP-First Architecture

DNSChkr leverages RDAP (Registration Data Access Protocol), the modern successor to legacy WHOIS defined in RFCs 7480–7484. Unlike traditional WHOIS which returns unstructured plaintext that varies wildly between registrars, RDAP delivers structured JSON with standardized field names — producing more consistent and reliable results across the entire TLD ecosystem. The raw RDAP JSON response is accessible via a toggle for users who need the full, unprocessed data for technical analysis or compliance documentation.

184 Million Domain Records, Updated Daily

Behind the tool sits a continuously updated database of over 184 million domain registration records covering 1,200+ TLDs. Each record includes the sponsoring registrar, creation and expiry dates, nameserver delegations, and EPP status codes — refreshed daily from TLD zone files and RDAP queries to reflect the current state of the domain landscape. This is the same dataset that powers the Expiring Domains browser, the Reverse WHOIS search, and the Bulk WHOIS tool — capabilities that most standalone WHOIS lookup services simply do not offer.

184M+

Domain records

Covering 1,200+ TLDs, refreshed daily

7-Point

Validation checklist

Registration, expiry, locks, NS, data quality

5-Stage

Lifecycle detection

Active → grace → redemption → pending delete → drop

Alert thresholds

Before and after expiry email notifications

Other differentiators include PDF export of full WHOIS results (useful for compliance documentation and UDRP filings), all 24 EPP status codes decoded with human-readable explanations per RFC 5731, and deep integration with DNSChkr's other 20+ tools — from the Domain Age Checker and Domain Expiry Checker for focused registration timeline analysis, to Reverse WHOIS for finding all domains under a specific registrar or nameserver provider.

When Should You Use This WHOIS Lookup?

DNSChkr's WHOIS lookup is designed for users who need more than raw registration text — it is built for anyone who needs to understand and act on WHOIS data rather than just read it. Common use cases include:

Domain security auditing — The 7-point validation checklist instantly flags domains missing transfer or delete lock protection, expired or expiring registrations, and incomplete nameserver configurations. Use it to audit your own domains or evaluate domains before acquisition.
Incident response and abuse investigation — Identify the registrar, registration timeline, and nameserver infrastructure for suspicious domains. Results link directly to DNS Inspector and IP tools for deeper investigation.
Domain acquisition due diligence — Check domain age, registration history, current lock status, and registrar transfer policies before making a purchase. The computed domain age and expiry countdown provide the key data points for valuation.
Compliance documentation — Export WHOIS results as PDF for legal filings, trademark disputes (UDRP), or internal compliance records. The structured format with validation scores provides clearer documentation than raw WHOIS text.
Bulk portfolio monitoring — For domain portfolios, pair this tool with Bulk WHOIS to check registration status across multiple domains at once, or use Expiring Domains to track expirations across 184M+ domains.
Expiry tracking and domain acquisition — Set up email alerts for domains approaching expiry and use the lifecycle intelligence to understand exactly where a domain sits in the expiration pipeline. The acquisition options guide provides realistic paths for obtaining expired or expiring domains.

For simple "who registered this domain?" queries, any WHOIS tool works. Where DNSChkr adds value is in structured analysis: the validation checklist, cross-tool integration, data freshness indicators, and export capabilities turn a basic lookup into actionable intelligence.

What Can You Find in a WHOIS Lookup?

Registrar

The company that manages the domain registration (e.g., GoDaddy, Namecheap, Cloudflare). Useful for identifying where a domain is managed.

Registration Dates

When the domain was created, last updated, and when it expires. The creation date determines domain age, which matters for SEO and trust.

Nameservers

The DNS servers responsible for resolving the domain. These indicate which DNS provider the domain uses (Cloudflare, AWS Route 53, etc.).

Status Codes

EPP status codes showing the domain's current state — whether it's locked, transferable, or has any holds or restrictions in place.

Lifecycle Stage

Where the domain sits in its registration lifecycle — active, grace period, redemption, pending delete, or dropped — with confidence scoring.

Expiry Monitoring

Set up configurable email alerts before and after a domain expires, with 12 threshold options aligned to ICANN lifecycle stages.

How Do You Read WHOIS Results?

WHOIS results contain several sections. The registration info section shows the domain's registrar and key dates. Domain age and days-until-expiry are calculated automatically. The DNS section lists nameservers with direct links to inspect their configuration.

Status codes deserve special attention. A domain with clientDeleteProhibited and clientTransferProhibited is well-protected — its registrar has locked it against accidental deletion or unauthorized transfer. A domain on clientHold has been suspended by its registrar, typically due to non-payment or a dispute.

How Do WHOIS Privacy and GDPR Affect Lookup Results?

Since the EU's General Data Protection Regulation (GDPR) took effect in May 2018, the landscape of publicly available WHOIS data has changed significantly. ICANN's Registration Data Policy now requires registrars to redact personal information from public WHOIS responses for gTLD domains.

This means that registrant name, email, phone number, and address are no longer visible in most WHOIS lookups. Privacy proxy services add another layer by replacing even organizational data with proxy contact details. While this protects domain owners' privacy, it also makes abuse reporting and brand protection more complex.

This tool focuses on the technical and administrative data that remains publicly available: registrar, dates, nameservers, and status codes. For related insights, check the Domain Age Checker or the Domain Expiry Checker for focused views on registration timeline.

Frequently Asked Questions