WHOIS Data: What It Reveals About Domains

Every domain has a registration record. WHOIS (pronounced “who is”) is the protocol that lets you look up this information—who owns a domain, when it was registered, and when it expires.

Whether you’re buying a domain, researching a competitor, or investigating suspicious activity, WHOIS data is often your starting point.

What WHOIS Contains

A WHOIS record typically includes:

Registration Details

• Registrar: The company where the domain was purchased
• Created date: When the domain was first registered
• Updated date: When the record was last modified
• Expiration date: When the registration expires

Name Servers

• Which DNS servers handle the domain’s records
• Usually points to the hosting provider or a DNS service

Status Codes

• Current state of the domain (active, locked, etc.)
• Multiple statuses can apply simultaneously

Contact Information (when available)

• Registrant (owner) name and organization
• Admin, technical, and billing contacts
• Addresses, phone numbers, emails

Privacy and Redacted Data

Since GDPR (2018), much contact information is redacted for privacy:

Registrant Name: REDACTED FOR PRIVACY
Registrant Email: Please query the RDDS service

This is now standard for most registrations, especially with European registrars. You can still see:

• Registrar name
• Registration/expiration dates
• Name servers
• Status codes

For redacted records, registrars provide anonymized contact forms to reach domain owners.

Domain Status Codes

EPP (Extensible Provisioning Protocol) status codes explain a domain’s state:

Status	Meaning
clientTransferProhibited	Transfer locked by registrant
serverTransferProhibited	Transfer locked by registrar
clientDeleteProhibited	Deletion blocked
clientUpdateProhibited	Changes blocked
pendingDelete	Domain being deleted (can’t be recovered)
redemptionPeriod	Recently expired, can be recovered for a fee
ok	No special status, normal operation

Multiple statuses are normal. A locked domain might show both clientTransferProhibited and clientUpdateProhibited.

Use Cases for WHOIS Data

Domain Purchasing

Before buying a domain:

• Check if it’s actually available
• See when it expires (expired domains may have baggage)
• Research the history if buying from current owner

Due Diligence

When evaluating a website or business:

• How long has the domain existed? (age can indicate legitimacy)
• Is it about to expire? (might indicate neglect)
• Who’s the registrar? (reputable or not)

Investigating Suspicious Sites

For phishing or scam detection:

• Recently registered domains are suspicious
• Registrars known for spam hosting
• Privacy protection on malicious sites

Competitor Research

Understanding competitors:

• When they registered their domain
• What other domains they might own (same registrant)
• Their hosting/DNS infrastructure

Trademark and Brand Protection

Finding infringing domains:

• Similar names to your brand
• Registration dates (registered after your trademark?)
• Contact information for legal action

Historical WHOIS

Current WHOIS shows the present state. For historical data:

• Some services archive WHOIS snapshots
• Useful for seeing previous owners
• Can reveal domain history and changes

Domain Expiration Timeline

When a domain expires:

1. Grace period (0-45 days): Owner can renew at normal price
2. Redemption period (30 days): Can recover for a high fee
3. Pending delete (5 days): Being purged from registry
4. Available: Can be registered by anyone

Exact timing varies by TLD and registrar.

Checking WHOIS Data

Command line:

whois example.com

This queries the appropriate WHOIS server based on the TLD.

Our WHOIS Lookup Tool

The WHOIS Lookup tool provides a cleaner interface:

• Registration and expiration dates
• Registrar information
• Name servers
• Domain status codes
• DNSSEC status
• Age of the domain

No command line needed, works for any domain.

WHOIS for Different TLDs

Different top-level domains have different WHOIS policies:

.com, .net, .org

• ICANN-regulated
• Standardized format
• Privacy protection widely available

Country Code TLDs (.uk, .de, .ca)

• Governed by local registries
• Policies vary significantly
• Some require local presence

New gTLDs (.app, .io, .dev)

• ICANN-regulated
• Generally follow .com patterns
• Some have unique requirements

WHOIS Privacy Services

Many registrars offer privacy protection:

• Registrar’s proxy info replaces yours
• Contact goes through registrar
• Usually free or inexpensive

Privacy protection is legitimate for personal sites. For businesses, consider whether transparency might build trust.

RDAP: The Future of WHOIS

RDAP (Registration Data Access Protocol) is replacing WHOIS:

• Structured JSON format (easier to parse)
• Built-in privacy controls
• Standardized queries
• Better internationalization

Most major registries now support RDAP alongside traditional WHOIS.

Common WHOIS Questions

Why is contact info redacted?

Privacy regulations (GDPR, CCPA) require protecting personal data. Most registrars now redact by default.

How accurate is WHOIS data?

Registration dates and registrar info are accurate. Contact information may be outdated or intentionally inaccurate (though this violates most terms of service).

Can I hide my information?

Yes, use privacy protection from your registrar. This is standard and legitimate.

Why does expiration date matter?

Expired domains might have been abandoned, could have SEO penalties, or might be grabbed by someone else.

Take Action

1. Look up your own domains with our WHOIS Lookup to verify expiration dates
2. Check expiration is far enough out (renew if close)
3. Verify your registrar is reputable
4. Consider privacy protection if not already enabled

For help with domain strategy or due diligence, get in touch.