What is WHOIS and how to look up domain info

Home / Everything About / Everything About Domains / What is WHOIS and how to look up domain info

WHOIS has been part of the internet since the early 1980s. It was built as a way to look up who was responsible for a domain name or IP address, and that core function has not changed. What has changed is how much of that information is visible to the public, thanks to privacy laws and privacy protection services that now mask personal details on many records.

Whether you are checking domain availability, trying to find out who owns a website, or verifying when a domain expires, a WHOIS lookup is the starting point.

What is WHOIS?

WHOIS is a publicly accessible database that contains registration information for domain names. Every time someone registers a domain, the registrar submits details about the registration to a WHOIS database. Those details are then available for anyone to look up.

The system was created in 1982 as a directory for the early internet. At that time, the internet was a small network of academic and government institutions, and publishing contact details for domain operators made sense. The internet grew, but WHOIS stayed public.

What does WHOIS stand for?

WHOIS is not an acronym. It literally means "who is," as in "who is responsible for this domain?" The name comes from the question the system was designed to answer. When you run a WHOIS lookup, you are asking the database to tell you who registered a specific domain name and how to reach them.

What information does a WHOIS record contain?

A WHOIS record for a registered domain typically includes the following details.

  • Registrant name (the person or organization that registered the domain)
  • Registrant email address
  • Registrant phone number
  • Registrant mailing address
  • Registrar name (the company the domain was registered through)
  • Registration date (when the domain was first registered)
  • Expiry date (when the registration period ends)
  • Last updated date (when the record was last modified)
  • Nameservers (the DNS servers the domain points to)
  • Domain status codes (flags indicating the current state of the domain)

The domain status codes are worth paying attention to. A status like "clientTransferProhibited" means the registrar has locked the domain to prevent unauthorized transfers. A status like "redemptionPeriod" means the domain has expired and is in a grace period before it becomes available again. These codes give you a quick snapshot of the domain's current situation.

How do you perform a WHOIS lookup?

Running a WHOIS search takes less than a minute, and there are two main ways to do it.

Online WHOIS lookup tools

The simplest approach is to use an online WHOIS lookup tool. You type in the domain name, hit search, and the tool returns the WHOIS record for that domain. ICANN (the organization that coordinates domain name registration globally) offers an official lookup tool at lookup.icann.org. Most domain registrars also provide a WHOIS search on their websites.

Command line

If you are comfortable with a terminal, you can run a WHOIS lookup directly from the command line. On macOS and Linux, the command is built in. You type whois example.com and the terminal returns the full WHOIS record. Windows does not include the command by default, but you can install it or use an online tool instead.

Both methods return the same data. The online tools format the results in a cleaner layout, while the command line gives you the raw output.

What can you learn from a WHOIS lookup?

The information in a WHOIS record is useful in several practical situations.

  • Who owns a domain. If you want to contact the owner of a domain name, whether to ask about purchasing it or to report an issue, the registrant contact info in the WHOIS record is where you start.
  • When a domain was registered. The registration date tells you how long the domain has been active. Older domains with a long registration history often carry more trust.
  • When a domain expires. The expiry date tells you when the current registration period ends. This is useful if you are interested in a domain that might become available soon. The chapter on domain expiry covers what happens when a registration lapses.
  • Which registrar holds the domain. The registrar field tells you which company the domain was registered through. This is helpful if you need to contact the registrar about a dispute or transfer.
  • Where the domain is pointed. The nameserver entries show which DNS servers handle the domain. This can help you figure out which hosting provider a website uses.

Why do some WHOIS records show proxy information?

If you run a WHOIS lookup and see a registrar's contact details instead of a person's name and address, that domain has WHOIS privacy enabled. Privacy protection replaces the registrant's personal details with proxy contact information provided by the registrar.

The domain is still registered to a real person or organization. The registrar has the actual details on file. But the public record shows the proxy instead, shielding the owner from spam, scraping, and unwanted contact.

Many registrars now include WHOIS privacy at no extra cost. It is one of the most effective ways for domain owners to keep their personal information out of public databases.

How have privacy laws changed what WHOIS shows?

Before 2018, WHOIS records for most domains showed full registrant contact details by default. That changed when the European Union's General Data Protection Regulation (GDPR) went into effect.

GDPR classifies personal information in WHOIS records as protected data. Registrars serving EU residents were required to stop publishing personal registrant details by default. Most registrars applied these changes globally rather than just for EU domains, because it was simpler to have one policy than to manage exceptions by region.

The result is that many WHOIS records now show "REDACTED FOR PRIVACY" in place of registrant names, email addresses, phone numbers, and mailing addresses. The registrar still collects this information during registration, but it is no longer visible in the public record unless the registrant chooses to make it public.

This means a WHOIS lookup today may return less personal detail than it would have ten years ago. You can still see the registrar, registration and expiry dates, nameservers, and domain status. But the personal contact fields are often hidden.

When might you need to do a WHOIS search?

There are several common reasons to run a WHOIS lookup.

  • Checking if a domain is available. A WHOIS search is one way to see whether a domain is registered. If the lookup returns a full record, the domain is taken. If it returns no results, the domain may be available to register.
  • Finding the owner of a domain. If you want to buy a domain that someone else owns, or if you need to contact the person behind a website, the WHOIS record is the public directory for that information.
  • Verifying expiry dates. If you are watching a domain that might lapse, the expiry date in the WHOIS record tells you when the current registration ends.
  • Investigating spam or abuse. If you receive emails from a suspicious domain or notice a domain being used for phishing, a WHOIS lookup can reveal who registered it and which registrar is responsible. Abuse reports are typically sent to the registrar listed in the record.
  • Confirming your own domain details. Running a WHOIS lookup on your own domain is a good way to verify that your registration information is correct, that your privacy protection is working, and that your nameservers are pointed where you expect them to be.

How does WEMASY handle WHOIS?

Domains registered through WEMASY include privacy protection as part of the registration. Your personal contact details are not exposed in the public WHOIS record. The domain management panel in your WEMASY account lets you view your registration details, manage DNS settings, and confirm that privacy protection is active.

If you connect an external domain to your WEMASY site, the WHOIS record is managed by whichever registrar holds that domain. WEMASY does not modify WHOIS records for domains registered elsewhere.

See what each plan includes on the WEMASY pricing page.

Frequently asked questions

Is it legal to look up someone's WHOIS information?

Can you find out who owns a domain if WHOIS privacy is enabled?

How often is WHOIS data updated?

Are WHOIS records the same for every domain extension?

Can you run a WHOIS lookup on an IP address?

Now that you understand how WHOIS works and what a lookup reveals, the next step is understanding how to control what your own record shows. The chapter on WHOIS privacy covers how privacy protection works, what it hides, what it does not hide, and how to enable it. And if you want to make sure your domain is protected from more than just public data exposure, the chapter on domain security covers the settings that keep your domain from being transferred or taken over without your permission.

DEVELOPMENT VERSION