Domainee
Sign inGet started

WHOIS

WHOIS is the legacy protocol for looking up who registered a domain. Mostly redacted now thanks to GDPR. RDAP is the modern replacement.

WHOIS is the original protocol for querying domain registration data, defined in RFC 3912 (and earlier predecessors). It speaks plain text over TCP port 43. You ask "tell me about example.com" and the server replies with a free-form blob containing registrant, admin, technical contacts, nameservers, registration and expiry dates.

whois example.com

For 30+ years this was the way to find out who owned a domain. Post-2018, WHOIS is mostly redacted: registrant contact details are hidden by default to comply with GDPR.

What you still get from WHOIS

For most domains today:

  • Registrar name.
  • Registration / creation date.
  • Expiry date.
  • Nameservers.
  • Registrant: redacted ("REDACTED FOR PRIVACY" or the registrar's privacy proxy address).

For corporate-registered domains, sometimes a real organization name is still listed (because they opted out of privacy). For domains where the registrant is in a jurisdiction without strong privacy laws, sometimes contact details show up.

How it's used today

  • Domain availability checks. Does a TLD have a record for mybrand.com? Cheap way to check, though most registrars provide better APIs.
  • Expiry tracking. Knowing when your competitor's domain expires.
  • Abuse reports. Legal demands going through the registrar's abuse contact, which is still required to be in WHOIS.
  • Subpoena research. Law enforcement and trademark holders go through registrars (with subpoenas) to get the underlying data.

The technical problems

WHOIS as a protocol has aged badly:

  • No structured format. Each TLD's WHOIS server returns a different layout. Parsing is regex-driven and brittle.
  • No authentication or rate limiting.
  • No encryption. Plain TCP.
  • No internationalization. Non-ASCII registrant data gets mangled.

RDAP is the replacement

RDAP (Registration Data Access Protocol, RFC 7480-7484) is a modern REST/JSON replacement for WHOIS. Same data, structured format, with authentication and rate-limiting support. All gTLDs are required to support RDAP as of 2017. ccTLDs are slower to adopt.

For new code, hit RDAP first and fall back to WHOIS only for TLDs that don't support it.

In a SaaS

If you offer domain-related features (availability check, transfer flow), prefer your registrar's API over hitting WHOIS directly. Registrar APIs are stable, authenticated, rate-limited cleanly. WHOIS scraping is rate-limited unpredictably and varies per TLD.

Want this handled for you? Start free with Domainee — 50 custom domains + 100 GB bandwidth, no card.