Before you buy a domain, reach out to a website owner, research a competitor, or investigate suspicious traffic sources, there's one place you should check first: the WHOIS database.
WHOIS is the global public registry of domain ownership records. Every registered domain in the world has a WHOIS entry — though privacy laws have changed what information is visible. This guide explains how WHOIS works, what you'll find (and what you won't), and how to run lookups without leaving a paper trail.
1. What is WHOIS?
WHOIS is a query-and-response protocol that lets you look up who registered a domain name, where it's registered, and when it expires. It's maintained by ICANN (the Internet Corporation for Assigned Names and Numbers) — the organization responsible for managing the global domain name system.
When you run a WHOIS lookup, you typically get back:
- Registrar — The company where the domain was purchased (GoDaddy, Namecheap, Cloudflare Registrar, etc.)
- Registration date — When the domain was first registered.
- Expiry date — When the registration runs out. Useful for knowing if a domain might become available soon.
- Name servers — The DNS servers currently handling traffic for the domain.
- Domain status — Technical status codes (more on these below).
- Contact information — The registrant's name, email, and address. (Often redacted now — see below.)
2. Run a WHOIS Lookup
WHOIS Lookup
Look up domain registration details, ownership info, expiry dates, nameservers, and registrar data for any domain name instantly.
How GDPR Changed WHOIS Forever
Before 2018, WHOIS records were fully public. You could look up any domain and see the owner's full name, email, phone number, and home address.
That changed dramatically when the EU's GDPR took effect. Publishing personal contact details publicly — without the owner's consent — violated European privacy law. In response, ICANN created new policies allowing registrars to redact personal information from public WHOIS records.
Today, most individual domain owners have their contact details replaced with either:
- A generic privacy email like
privacy@registrar.com - A web form for making contact without revealing the owner's identity
This applies globally, not just in Europe — because registrars worldwide adopted these practices to maintain GDPR compliance for EU customers. Similar protections exist under California's CCPA and India's DPDP Act.
If you're doing domain research, this also means running lookups through a browser-based tool keeps your search history private. Cloud-dependent tools may log what domains you're looking up — which can be a problem if you're researching potential domain acquisitions.
3. WHOIS Status Codes: What They Mean
When you look at a WHOIS record, you'll usually see one or more EPP status codes. Here's what the common ones mean in plain English:
ok/active— Normal state. The domain is registered and functioning.clientTransferProhibited— A lock set by the registrar to prevent unauthorized transfers to another registrar. This is standard security practice for valuable domains.redemptionPeriod— The domain has expired, but the owner has a grace period (usually 30 days) to reclaim it before it's released.pendingDelete— The domain is past the redemption period and will be deleted and released for public registration within 5 days.
Frequently Asked Questions
What is a WHOIS lookup?
A WHOIS lookup retrieves the registration record for a domain name — including who registered it, where, when it expires, and which DNS servers it uses.
Why is the owner's contact information hidden in WHOIS records?
Most registrars now offer (or automatically apply) domain privacy protection, which replaces personal contact details with a proxy address. This became standard after GDPR required that personal information not be published publicly without consent.
What's the difference between a domain registry and a registrar?
The registry is the organization that manages a top-level domain (like Verisign for .com). A registrar is the company you buy your domain from (like Namecheap or GoDaddy). The registry sets the rules; the registrar handles the transaction.
Does FluxToolkit log my WHOIS searches?
No. Your domain lookups are not stored or tracked. We don't keep records of which domains you search.
Related Articles
How to Check DNS Records Online — Check the technical DNS configuration alongside ownership records.
Robots.txt Explained: How to Create One — Configure crawler access after verifying domain ownership.
UTM Parameters Explained — Track traffic from domains you've researched with WHOIS.
Domain Age Checker Guide — Check how long a domain has been registered alongside ownership data.
IP Address Lookup Guide — Look up the IP address behind the domain you researched.