Free Tool

Free Domain Whois Lookup

Look up registrar, owner, creation date, expiry, and DNS records for any domain. Free, instant, no signup or API key required. Powered by RDAP and Cloudflare DNS.

No signup required

Free forever

GDPR compliant

Quick Answer

A Whois lookup tool reveals registration data for a domain - registrar, registration date, expiry, status, nameservers, and DNS records. Modern Whois lookups use RDAP (Registration Data Access Protocol), the structured JSON replacement for legacy port-43 Whois. The U2L Whois tool queries rdap.org plus Cloudflare DNS-over-HTTPS to return everything in one call.

Quick Facts

Modern Whois data comes from RDAP, the IETF-standard JSON replacement for legacy Whois. Faster, structured, and supported by ICANN-accredited registrars since 2018.
Returns: registrar name, domain status (clientHold, ok, etc.), registration date, expiry, last-changed date, and authoritative nameservers.
Plus DNS records: A (IPv4), AAAA (IPv6), NS (nameservers), and MX (mail) records via Cloudflare 1.1.1.1 DoH.
Many registrars now redact registrant contact info (name, email, phone) due to GDPR. Public Whois rarely exposes the owner's identity for personal domains anymore.
ccTLDs (.de, .uk, .br) sometimes don't support RDAP and may return partial data. gTLDs (.com, .org, .io, .ai) all support RDAP.
Free, no API key. Cached at the edge for 1 hour to keep it fast and avoid hammering rdap.org for the same domain repeatedly.
Useful for: domain availability, expiry monitoring, brand-protection, transfer planning, and DNS verification during migrations.

How to look up Whois data

One-step lookup. Type the domain.

1
Enter the domain
Type the domain (example.com) into the search box. Don't include protocol or path - the tool strips https:// and trailing /paths automatically. Punycode (xn--) domains are supported.
2
Click Look Up
The tool fans out to rdap.org for registration data and to Cloudflare 1.1.1.1 for DNS records in parallel. Results return in 1-2 seconds for cached domains, 3-5 seconds for cold lookups.
3
Review and copy
Registration data and DNS records show in their own panels. Copy any field with one click; export the full JSON for scripts and dashboards.

What is a Whois Lookup?

Whois Lookup is a tool that fetches public registration data for a domain - registrar, owner (when not redacted), registration date, expiry, status, and authoritative nameservers - plus the live DNS records that resolve the domain to IP addresses and mail servers. Whois data is required by ICANN for every gTLD registration; the U2L tool exposes it via the modern RDAP protocol with no signup.

Domain registration data became publicly queryable in the 1980s via Whois (port 43) and stayed mostly unchanged for 30 years. RDAP, standardized in 2015 and mandated by ICANN in 2018, replaces port-43 Whois with a structured JSON API that's easier to parse, faster to query, and supports authentication for restricted fields. The U2L tool uses RDAP throughout; legacy Whois is no longer needed.

Modern Whois lookups expose less personal data than they used to. Post-GDPR (2018), most ICANN-accredited registrars redact registrant name, email, and phone unless the domain owner explicitly opts in to public disclosure. What remains visible: the registrar, dates, status flags, and nameservers - enough for technical and brand-protection use cases but not enough to identify individual owners.

DNS records are separate from Whois data but related. Whois tells you who registered the domain; DNS tells you what IP addresses and mail servers serve traffic for the domain right now. The U2L tool queries both in parallel via Cloudflare's 1.1.1.1 DNS-over-HTTPS and returns everything in one response.

How does a Whois Lookup work?

When you submit a domain, the U2L API normalizes the input (strips https://, www., and any trailing path), validates the domain format, then makes two parallel network calls. The first goes to rdap.org/domain/{name}, a public RDAP bootstrap service that redirects to the right TLD-specific RDAP server (Verisign for .com, PIR for .org, etc.). The response is a structured JSON document defined by RFC 9082-9083.

RDAP responses include events (registration, expiration, last changed), entities (registrar, registrant, technical contact), nameservers, and status flags. The U2L API extracts the most useful fields and returns them in a flat shape. Raw RDAP JSON is also available via the 'View raw' toggle for power users.

The second parallel call goes to Cloudflare's 1.1.1.1 DNS-over-HTTPS endpoint for A (IPv4), AAAA (IPv6), NS (nameserver), and MX (mail) records. DoH gives the same answers as a normal DNS query but over HTTPS, so it works inside Cloudflare Workers (which can't make raw UDP DNS queries). Each record type is queried independently with a 3s timeout.

Results are cached at the Cloudflare edge for 1 hour with public Cache-Control headers. Repeat lookups for the same domain return instantly. RDAP and DoH both have generous free quotas; the cache layer ensures we never hammer them and keeps your lookups fast.

Use Cases

How marketers, businesses, and developers use whois lookup.

Domain availability check

Type a domain you want to register. If RDAP returns 'no such domain', it's probably available. Cross-check with the registrar's checkout page since different TLDs have different redemption windows.

Expiry monitoring before transfers

Before initiating an inbound domain transfer, check the expiry date. Most registrars block transfers within 60 days of expiry; the Whois date tells you whether to renew first.

Verify a domain is yours / not parked

If a competitor or parked-domain seller claims to own a domain, the registrar field in Whois is the verifiable signal. Match it against your account at the same registrar.

DNS migration verification

After updating nameservers at the registrar, the Whois NS field updates within 24-48 hours. Verify the new NS values are live before users start hitting the new DNS.

MX record verification for email setup

After configuring Google Workspace or M365 mail, verify MX records resolve correctly. The DNS panel shows live MX values; mismatches mean mail will bounce.

Brand-protection lookback

Use the registration date to spot recently-registered look-alike domains (yourbrand-support.com registered 2 weeks ago is suspicious). Combine with Whois history tools for full forensics.

Phishing investigation

A suspicious link's domain registered yesterday with a privacy proxy is a phishing red flag. Whois exposes the recency; DNS exposes whether it's resolving to a known bad host.

SSL certificate renewal check

Whois tells you the domain is still registered. Combine with /tools/ssl-checker (coming soon) to verify the cert is still valid.

M&A due diligence

Acquisition targets bring domain portfolios. Bulk-Whois the seller's domains to verify ownership, expiry timeline, and nameserver setup before signing.

Domain investor research

Domainers research drop-catch and aftermarket purchases by checking expiry dates and registrar histories. Whois is the starting point for every domain valuation.

Whois Lookup vs Alternatives

Side-by-side feature and pricing comparison with the top alternatives.

Feature	U2L	whois.com	DomainTools
Free unlimited lookups			Paid
RDAP (modern protocol)		Mixed
Live DNS records (A, NS, MX)
JSON / API output			Paid
No signup or API key
Edge-cached for speed	1 hour	Unknown
Whois history (past records)			Paid

Whois Lookup vs ICANN Lookup

ICANN Lookup is the official ICANN-operated Whois portal at lookup.icann.org. Free, authoritative, RDAP-backed. The 'right' answer for ICANN-accredited gTLDs.

U2L's tool combines the same RDAP data with live DNS resolution and a faster cached response. For one-off official lookups, ICANN Lookup is canonical; for repeated lookups during migrations or audits, U2L's cache and DNS panel save time.

Whois Lookup vs DomainTools

DomainTools offers Whois history (records going back 20+ years), reverse-IP lookup, and brand-monitoring tooling. Industry-standard for security and brand-protection teams. Paid tiers start at ~$99/mo.

U2L's free Whois tool covers the basics every developer or marketer needs. For full Whois history or large-scale brand monitoring, DomainTools is worth the spend; for daily DNS migration checks and one-off lookups, U2L is sufficient.

Best Practices

Check expiry dates 60 days in advance

Most registrars block outbound transfers within 60 days of expiry. If you plan to transfer a domain, do the Whois lookup early and renew first if expiry is close.

Verify nameservers after every DNS change

After updating NS at the registrar, run Whois 24-48 hours later to confirm the change propagated to the registry. Out-of-sync NS values are a common cause of intermittent DNS issues.

Look at status flags carefully

clientHold or serverHold means the domain is suspended. ok means everything's normal. clientTransferProhibited blocks transfers; remove it at your registrar before transferring out.

Don't trust redacted owner data

Most modern Whois lookups redact owner name and email post-GDPR. Don't try to use Whois for adversarial owner identification - the data isn't there. Use DomainTools or court orders for serious investigations.

Cross-check DNS records against your config

After Cloudflare or registrar DNS changes, the U2L DNS panel shows what the world sees. Mismatches with your dashboard mean propagation isn't complete.

Use punycode for IDN domains

Internationalized domain names (e.g. café.com) must be queried as their punycode equivalent (xn--caf-dma.com). The U2L tool accepts both; punycode is canonical.

RDAP errors mean different things on different TLDs

A 404 on .com means the domain truly doesn't exist. A 404 on .de may mean the TLD just doesn't expose RDAP. Always cross-check with the TLD registry's own Whois page for ccTLDs.

Cache-aware bulk audits

If running Whois over many domains, expect the first lookup to take 3-5s and subsequent lookups within 1 hour to be cached. Plan audit runs accordingly.

Common Mistakes to Avoid

Pasting the full URL instead of just the domain

https://example.com/about works (the tool strips protocol and path) but typing example.com directly is faster. Subdomains (blog.example.com) query the parent domain's registration data, not the subdomain.

Expecting Whois history

U2L returns current registration data only - past registrar, past owner, past nameservers are not in RDAP. For Whois history, use DomainTools or SecurityTrails.

Confusing registrar with registrant

Registrar = the company that sold the domain (GoDaddy, Namecheap). Registrant = the person/org that owns it. The U2L tool returns registrar; registrant is usually redacted post-GDPR.

Treating ccTLD failures as bugs

Some ccTLDs (.de, .uk variants) don't expose RDAP at all or expose it with rate limits. The U2L tool returns DNS records even when RDAP fails; check the registry's own Whois page directly for these TLDs.

Trusting cached results during fast DNS changes

U2L caches results for 1 hour. If you're mid-DNS-cutover and need second-by-second results, the U2L tool isn't the right place. Use 'dig' from a terminal or unbypassed DNS tools.

Querying too soon after registration

RDAP data lags registration by 5-15 minutes for most TLDs. If you just registered a domain and Whois shows 'not found', wait a few minutes and retry.

Using Whois to identify domain owners adversarially

GDPR redaction makes this near-impossible for personal domains. Whois exposes registrar, dates, and DNS - that's it. Don't expect names and emails for individual registrants.

Technical Specifications

Whois protocol	RDAP (RFC 9082-9083) via rdap.org bootstrap
DNS protocol	DNS-over-HTTPS (RFC 8484) via cloudflare-dns.com
Record types returned	A, AAAA, NS, MX (DNS); registrar, status, dates, NS (RDAP)
TLD coverage	All gTLDs (.com, .org, .io, .ai, etc.); most ccTLDs
Cache TTL	1 hour at the Cloudflare edge
Lookup timeout	5s for RDAP, 3s per DNS record type
Punycode (IDN) support	Yes - input as xn-- form for canonical lookup
Owner / registrant data	Usually redacted post-GDPR; registrar is always returned
API endpoint	GET /api/tools/whois-lookup?domain=example.com

Industry-Specific Use Cases

Web developers and DevOps

DNS migration verification, expiry monitoring on client domains, post-deploy nameserver checks. RDAP + DNS in one call beats running dig + whois separately.

Brand protection and trademark

Lookback on suspicious domain registrations, expiry tracking on company-owned domain portfolios, monitoring nameserver changes that signal hijacks.

Security and incident response

Phishing-domain triage: registration recency and DNS resolution patterns are first-line indicators. Combine with passive-DNS tools for full investigation.

Domain investors and aftermarket

Drop-catch research, expiry calendar tracking, registrar transfer planning. Whois is the foundation of every domain valuation workflow.

M&A and due diligence

Verify domain ownership and expiry before acquisition close. Bulk Whois via API can be wired into deal-room data rooms.

Registrars and reseller platforms

Embedding Whois lookups into customer dashboards. The U2L API gives you a free RDAP gateway without managing the bootstrap mapping yourself.

Frequently Asked Questions

What's the difference between Whois and RDAP?

Whois is the legacy port-43 text protocol (1980s). RDAP is the modern HTTPS+JSON replacement (2015+, mandated for gTLD registrars in 2018). Same data, structured format, easier to parse. The U2L tool uses RDAP throughout.

Why is the owner name not shown?

Post-GDPR (2018), most ICANN-accredited registrars redact registrant contact info (name, email, phone) by default unless the registrant explicitly opts in to public disclosure. The U2L tool shows what RDAP returns; usually that's just the registrar, not the registrant.

Does it work for all TLDs?

All ICANN gTLDs (.com, .org, .net, .io, .ai, etc.) support RDAP and work fully. Most ccTLDs (.de, .uk, .fr, .br, .au) work but with varying levels of detail. Some smaller ccTLDs don't expose RDAP at all; for those, the tool returns DNS records only and an 'RDAP unavailable' note.

How accurate is the expiry date?

RDAP expiry comes directly from the registry (Verisign for .com, PIR for .org, etc.). It's the authoritative date. Some auto-renew accounts may show a near-future expiry that auto-extends; the date is current-state, not auto-renew-aware.

Why does my just-registered domain show 'not found'?

RDAP propagation lags registration by 5-15 minutes for most TLDs (longer for some). If you just registered, wait a few minutes and retry. The U2L tool caches results for 1 hour, so a 'not found' result will persist until the cache expires.

Can I look up subdomains?

RDAP only operates on registered domains, not subdomains. Querying blog.example.com returns example.com's registration data. Use the DNS panel to inspect subdomain-specific records (A, CNAME).

What does the 'status' field mean?

Status flags from RFC 7483. 'ok' = active and unrestricted. 'clientHold' = registrar has suspended the domain. 'pendingDelete' = scheduled for deletion. 'clientTransferProhibited' = transfers blocked. Several can be active at once.

Is there an API I can call programmatically?

Yes. GET https://u2l.ai/api/tools/whois-lookup?domain=example.com returns JSON. Cached for 1 hour. No auth required. Be polite - don't loop more than 1 request per second per IP for the same domain.

Why are DNS results sometimes empty?

Either the domain doesn't have that record type (no MX = no email), or the authoritative DNS is unreachable. The tool queries Cloudflare 1.1.1.1; if Cloudflare can't resolve, the record list is empty.

Can I get a domain's previous registrar / Whois history?

No. RDAP returns current data only. For Whois history (past registrar, past owner, past nameservers), use DomainTools, SecurityTrails, or whoisxmlapi - all paid services.

Does this work for .ai or other tech TLDs?

Yes. .ai, .io, .dev, .app, .tech, .cloud all support RDAP. The data is as complete as for .com.

What if rdap.org is down?

The tool returns DNS data only and a clear 'RDAP unavailable' error. rdap.org is run by the IETF and has high uptime; outages are rare.

How is this different from a DNS-only lookup?

DNS tells you what IP / mail-server / nameserver a domain points to right now. Whois tells you who registered it, when, and through which registrar. Both are useful; this tool gives you both in one query.

Will the lookup leak my IP to the registrar?

rdap.org sees the U2L Cloudflare Worker IP, not yours. The registrar / TLD registry sees rdap.org's IP. Your IP is not exposed.

Can I lookup multiple domains at once?

The current tool supports one domain per request. For bulk Whois, scripts can hit the API in a loop with rate-limit backoff (one request per second is safe).

Why does the tool sometimes show different nameservers in Whois vs DNS?

Whois NS comes from the TLD registry (slow to update; canonical for delegation). DNS NS comes from the authoritative server right now (live; what resolvers actually see). Mismatches indicate mid-migration state - usually resolves in 24-48 hours.

Does it support IDN / punycode domains?

Yes. Input the punycode form (xn--caf-dma.com) for canonical lookup. The Unicode form (café.com) also works; the tool converts internally.

How do I check if a domain is available to register?

If RDAP returns 'no such domain' (404), it's likely available. Cross-check at your registrar's checkout - some TLDs have premium pricing or pending-delete redemption windows that the registrar's own check catches.

Related Free Tools

Free QR Code API

REST API for generating SVG and GIF QR codes. WiFi, vCard, URL, and text. Free, no API key, edge-cached.

DNS / CNAME Checker

Look up A, AAAA, CNAME, MX, TXT, NS records for any domain. Verify global DNS propagation in seconds.

SSL Certificate Checker

Inspect any SSL certificate: validity, issuer, chain, expiry, and protocol. Spot issues before users do.

HTTP Header Inspector

Inspect HTTP request and response headers for any URL. Cache, security, CORS, and server details.

URL Shortener Speed Test

Compare redirect response times across 10+ URL shorteners. Real measurements in your browser.

Deep Link Tester

Test iOS Universal Links and Android App Links. Validate scheme, host, and fallback behavior.

See all 50 free tools

Key Terms

Whois: Public registration data for an internet domain. Originally the 1980s port-43 text protocol; modern queries use RDAP (HTTPS+JSON).
RDAP: Registration Data Access Protocol (RFC 9082-9083). The IETF-standard JSON replacement for legacy Whois. Mandated by ICANN for gTLD registrars since 2018.
Registrar: The company that sold and manages the domain registration (e.g. GoDaddy, Namecheap, Cloudflare Registrar). Returned by RDAP for nearly every domain.
Registrant: The person or organization that owns the domain. Usually redacted in modern Whois post-GDPR. Visible in some ccTLD registries that haven't adopted privacy redaction.
Nameserver (NS): The authoritative DNS server for a domain. Whois lists the registrar-set NS values; DNS resolves the actual current NS authoritatively.
DNS-over-HTTPS (DoH): DNS queries sent over HTTPS instead of UDP port 53. Used by the U2L tool to query Cloudflare 1.1.1.1 from inside Cloudflare Workers (which can't make UDP queries).
Punycode (IDN): ASCII encoding of internationalized domain names. café.com becomes xn--caf-dma.com. RDAP and DNS canonicalize to punycode for queries.
Status flag: RFC 7483 codes describing the domain's lifecycle state: ok, clientHold, pendingDelete, clientTransferProhibited, etc. Multiple can apply at once.

Want to monitor domain expiry and DNS changes?

Sign up free for daily Whois snapshots, expiry alerts, and DNS change notifications across all your domains. No credit card; takes 30 seconds.