WHOIS Lookup: registrar, dates & name servers via RDAP
Free in-browser WHOIS lookup. Uses the modern RDAP protocol (the JSON-based successor to WHOIS) via rdap.org. Returns the registrar, IANA ID, creation / expiry dates, name servers, DNSSEC, status (EPP) codes and abuse contact — for every TLD that publishes an RDAP endpoint.
Accepts a domain (example.com), an IPv4/IPv6 address (8.8.8.8) or an autonomous system number (AS15169). RDAP route is detected automatically.
When to run a WHOIS / RDAP lookup
Check domain expiry
Confirm when a domain renews so you don't lose it — or watch for it dropping if you want to register the name yourself.
Identify the registrar
See which registrar a domain is parked at (GoDaddy, Namecheap, Cloudflare, Squarespace…) before raising a transfer or a takedown.
Report abuse
Pull the registrar's abuse contact email — the only one that matters when reporting phishing, malware, copyright or spam.
Investigate an IP
Paste an IPv4 or IPv6 address: the tool routes to the matching RIR RDAP (ARIN, RIPE, APNIC, LACNIC, AFRINIC) and shows the network owner.
Look up an ASN
Type AS15169 to see the autonomous-system owner, allocation date and the country it's registered in.
Audit EPP status codes
Verify clientTransferProhibited, serverDeleteProhibited and friends are set the way you want — they're your first defence against hijacks.
How to use the WHOIS lookup tool
Type the target
Enter a domain (example.com), an IPv4 / IPv6 address (8.8.8.8) or an autonomous system number (AS15169). Detection is automatic.
Click Look up
The query goes to rdap.org, which routes to the correct authoritative RDAP server (registry for domains, RIR for IPs and ASNs).
Read the cards
For a domain you get registrar, dates, name servers, DNSSEC and EPP status. For an IP you get the network range, CIDR, allocation date and abuse contact. For an ASN you get the org and country.
Open the raw JSON
Scroll to the Raw RDAP JSON card to copy the full structured response — useful for scripts, audits and bug reports.
About WHOIS, RDAP and domain registration data
WHOIS is the legacy plain-text protocol that has answered the question "who owns this domain?" since 1982. Its modern, JSON-based replacement is RDAP (Registration Data Access Protocol, RFC 7480-7484), which ICANN mandated for all gTLDs from 2019. This WHOIS lookup tool queries RDAP directly so you get structured, machine-readable data over HTTPS — no scraping, no rate-limited gateways.
Domain WHOIS
For a domain, RDAP returns the registrar, its IANA ID, the abuse contact email, the registration / update / expiry events, the authoritative name servers, the DNSSEC delegation status, and a list of EPP status codes. Most registrant contact details are now redacted to comply with GDPR — that's normal and expected for any TLD operated by an EU-based registry or registrar.
IP WHOIS via RIR RDAP
IP addresses are allocated by five Regional Internet Registries: ARIN (North America), RIPE NCC (Europe / Middle East), APNIC (Asia-Pacific), LACNIC (Latin America) and AFRINIC (Africa). Each runs its own RDAP server. When you paste an IP the rdap.org gateway routes the query to the right RIR and returns the network range, CIDR prefix, allocation date and the abuse contact — which is what you need when reporting attacks coming from that address.
Autonomous System Numbers (ASNs)
Every network on the public internet that controls its own routing has an ASN (e.g. AS13335 is Cloudflare, AS15169 is Google). Looking up an ASN reveals the organisation, country and contact handles — useful for routing diagnostics, BGP investigations and identifying which provider an IP belongs to.
EPP status codes explained
Statuses like clientTransferProhibited, serverDeleteProhibited and clientHold are EPP (Extensible Provisioning Protocol) codes that govern what a registrar or registry will allow on the domain. clientTransferProhibited is set on healthy domains and means no one can move the domain to another registrar without first unlocking it — a basic anti-hijack measure. clientHold usually means an unpaid invoice; serverHold usually means legal action.
Why some lookups return "not found"
A few older ccTLDs (.tr, .it historically, some .gov variants) still only publish classic port-43 WHOIS and have no RDAP endpoint. rdap.org returns 404 in those cases. For those domains, fall back to the ICANN classic WHOIS lookup.
WHOIS Lookup — frequently asked questions
It queries rdap.org, a public RDAP gateway. RDAP is the modern, JSON-based successor to WHOIS and is exposed by every TLD registry via CORS-friendly HTTPS endpoints.
Most TLDs now redact registrant contact details to comply with GDPR and ICANN privacy rules. You'll usually see only the registrar, dates, name servers and abuse contact email.
All gTLDs (.com / .net / .org / .io / .dev / .ai / etc.) and most ccTLDs that have an RDAP endpoint. A handful of older ccTLDs still only publish classic WHOIS (port 43) and won't return data here.