Is this WHOIS lookup free?

Yes. Every lookup on OSINT Projects is completely free, with no account or API key required.

Why are the registrant's name and email hidden?

Since GDPR came into force, most registrars redact personal contact information from public WHOIS records. Technical details like dates, registrar, status and nameservers are still shown.

What is the difference between WHOIS and RDAP?

WHOIS returns free-form text that varies by registry, while RDAP returns standardised, structured JSON. This tool prefers RDAP and falls back to WHOIS for TLDs that don't support RDAP yet.

Can I look up any TLD, including country domains?

Yes. Generic TLDs (.com, .org, .io) use RDAP, and country-code TLDs that lack RDAP automatically fall back to the traditional WHOIS protocol.

Does a WHOIS lookup reveal the website owner's identity?

Usually not directly, because contact data is redacted. However, registration dates, nameservers and registrar details are often enough to correlate domains during an investigation.

Free WHOIS / RDAP Domain Lookup

What is a WHOIS / RDAP lookup?

A WHOIS lookup retrieves the public registration record of a domain name. Every time a domain is registered, the registrar publishes a set of administrative details — who the sponsoring registrar is, when the domain was created, when it expires, its current status, and which nameservers it uses. A WHOIS lookup is the quickest way to answer questions like "who owns this domain?", "when was it registered?" and "when does it expire?".

RDAP (Registration Data Access Protocol) is the modern, structured successor to the legacy WHOIS protocol. Instead of free-form text that differs between every registry, RDAP returns clean, standardised JSON. This tool queries RDAP first for accurate, machine-readable data and automatically falls back to traditional WHOIS for country-code domains (ccTLDs) that don't yet support RDAP, so you get an answer for virtually any domain.

How to read the results

—Registrar — the company through which the domain was registered (e.g. GoDaddy, Namecheap, MarkMonitor).
—Registered — the original creation date of the domain. Older domains often carry more trust and SEO authority.
—Expires — the date the current registration lapses unless renewed. Useful for spotting soon-to-drop domains.
—Status — EPP status codes such as clientTransferProhibited or clientHold that show whether the domain is locked, on hold or free to transfer.
—Nameservers — the authoritative DNS servers for the domain, which reveal the DNS or hosting provider in use.

Common uses for OSINT and security

Investigators use WHOIS data to pivot during research: a registrar, creation date or nameserver can link a suspicious domain to a wider campaign. Security teams monitor expiry dates to avoid accidental lapses, and brand-protection analysts watch for newly registered look-alike domains used in phishing.

Because privacy regulations such as GDPR led most registrars to redact personal contact details, modern WHOIS rarely exposes an individual's name or email. The technical fields — dates, status, registrar and nameservers — remain public and are still highly valuable for reconnaissance and verification.