What is a WHOIS Lookup?

WHOIS is a protocol for querying databases that store information about registered domain names. When someone performs a WHOIS lookup, they can see who registered a domain, when it was registered, when it expires, and which nameservers it uses.

What WHOIS Reveals

A typical WHOIS response includes:

• Domain name — the registered domain
• Registrar — the company through which the domain was registered
• Registration date — when the domain was first registered
• Expiration date — when the registration expires and needs to be renewed
• Updated date — when the domain record was last modified
• Nameservers — the DNS nameservers authoritative for the domain
• Status codes — flags like clientTransferProhibited (transfer lock) or ok
• Registrant contact — name, organization, address, email, and phone number of the domain owner

The amount of information visible depends on the TLD and whether privacy protection is enabled.

How WHOIS Works

Every domain registration is stored in a database maintained by the registry (the organization responsible for a TLD). When you perform a WHOIS lookup:

1. Your query goes to a WHOIS server (either the registry's server or a thin/thick WHOIS proxy)
2. The server looks up the domain in its database
3. It returns the registration record in a standardized text format

You can perform WHOIS lookups using:

• Command line — whois example.com on Linux/macOS
• Web tools — many registrars and third-party sites offer web-based WHOIS lookup
• RDAP — the newer Registration Data Access Protocol, which returns structured JSON instead of plain text

Privacy Concerns

By default, WHOIS records are public. Anyone can look up who owns a domain and see their name, address, email, and phone number. This raises several concerns:

• Spam — email addresses in WHOIS records are frequently harvested by spammers
• Unwanted contact — domain owners receive unsolicited calls, emails, and postal mail from marketing companies
• Identity exposure — personal domain registrations reveal the owner's home address and phone number
• Targeted attacks — attackers can use WHOIS data for social engineering or phishing

These concerns are especially relevant for individual domain owners who register domains with their personal information.

GDPR and WHOIS

The European Union's General Data Protection Regulation (GDPR), enacted in 2018, had a significant impact on WHOIS data availability:

• Personal data redaction — registrars operating under GDPR must redact personal information from public WHOIS results for domains registered by individuals
• Registrant name — often replaced with "REDACTED FOR PRIVACY" or the registrar's name
• Contact email — replaced with an anonymized forwarding address or web form
• Address and phone — removed from public results entirely

GDPR redaction applies automatically to most European registrars. For ccTLDs outside Europe, the rules vary by registry.

Even with GDPR redaction, law enforcement and parties with legitimate interests can request access to the full WHOIS data through the registrar.

WHOIS Privacy Protection

WHOIS privacy (also called domain privacy or ID protection) replaces your personal contact information with the registrar's or a proxy service's details. This works for TLDs and regions where GDPR redaction does not apply automatically.

With WHOIS privacy enabled:

• Your name is replaced with the privacy service's name
• Your address is replaced with the service's address
• Your email is replaced with a forwarding address that still delivers messages to your inbox
• Your phone number is removed or replaced

Sitequest offers WHOIS privacy for supported TLDs. You can enable or disable it at any time from your domain settings. For more details, see WHOIS Privacy.

When WHOIS Data is Useful

Despite privacy concerns, WHOIS data serves legitimate purposes:

• Abuse reporting — identifying the owner of a domain hosting malicious content
• Trademark enforcement — finding registrants who may be infringing on trademarks
• Domain purchasing — contacting the owner of a domain you want to buy
• Technical troubleshooting — checking nameserver configuration, expiration dates, and status codes
• Security research — investigating phishing or spam campaigns

Checking WHOIS for Your Domain

To see what your domain's WHOIS record looks like publicly:

1. Visit any web-based WHOIS lookup tool
2. Enter your domain name
3. Review the results — check whether your personal information is visible or redacted

If your personal details are exposed and you prefer to keep them private, enable WHOIS Privacy in your Sitequest dashboard.

Next Steps

• Enable WHOIS Privacy for your domains
• Register a domain through Sitequest
• Learn what a domain is for a broader introduction