WHOIS / RDAP Lookup
Owner, registrar, dates, nameservers and abuse contact for any domain or IP, via RDAP.
This WHOIS and RDAP lookup tells you who is behind a domain or an IP address. RDAP is the modern, structured replacement for classic WHOIS, so instead of a wall of registry text you get clean fields: the registrar, the creation and expiry dates, the nameservers, the DNSSEC status and the abuse contact for a domain, or the owning organization, address range and abuse contact for an IP. Since GDPR most personal details are redacted, which is normal, but what stays public is usually what you actually need. The lookup runs through our own service so you never hit a registry directly, and the raw record is one click away.
Queries run through the PacketNebula lookup service. We log nothing.
The lookup service is not reachable.
In local preproduction, start it with npm run api then . The rest of the site works without it.
WHOIS, grown up
For decades, finding out who owned a domain meant parsing WHOIS, a blob of text that every registry laid out its own way. RDAP is the replacement: same information, returned as structured JSON with real field names. This tool queries RDAP, hands you a readable summary, and keeps the raw record one click away for when you need a field the summary skips.
What you actually learn
For a domain: the registrar, the creation and expiry dates (renewal planning, or spotting a freshly registered phishing domain), the nameservers, whether DNSSEC is on, and the registry status codes that tell you if it is locked or pending deletion. For an IP: which organization holds the block, the address range, and the abuse contact, which is the one you want when something from that address is misbehaving.
Why the owner is usually hidden
Do not expect a name and email for most domains. Since GDPR, registries redact personal contact data from public records, so you will see the registrar and the dates but rarely the individual. That is the law working as intended. The abuse address normally stays public, which is enough for reporting. Need the DNS records that go with the domain? The DNS lookup tool picks up where this leaves off.
Frequently asked questions
What is the difference between WHOIS and RDAP?
They answer the same question (who registered this domain or IP) but RDAP is the modern replacement. WHOIS is unstructured text that every registry formats differently; RDAP returns clean JSON with defined fields and proper internationalization. ICANN has been pushing registries onto RDAP for years. This tool speaks RDAP and shows you a readable summary plus the raw record.
Why are the registrant name and email blank?
Privacy law, mostly GDPR. Since 2018 registries redact personal contact details from public registration data, so for most domains you will see the registrar and the dates but not the owner. That is expected, not a tool failure. The abuse contact is usually still published, which is the one you need for reporting.
Can I look up an IP address too?
Yes. Paste an IP and the tool queries the regional registry (ARIN, RIPE, APNIC and so on) for the block it belongs to: the network range, the organization that holds it and the abuse contact. That is how you find out who really owns the address hammering your firewall.
Why does some TLD return nothing?
Not every TLD runs an RDAP server yet, and a few ccTLDs still expose only legacy WHOIS or nothing public at all. When that happens you get an honest "no RDAP record" rather than a guess. Most gTLDs (.com, .net, .org and friends) and the major registries are fully covered.
Does the query stay private?
The domain or IP is sent to our small lookup service, which relays it to the registry over RDAP and returns the answer. Nothing about what you look up is logged or kept.