Enter a domain or IP address to see its public WHOIS record: who it's registered through, when it was created and expires, its nameservers, and the network that owns it.
How to use the whois lookup
Enter a domain name or IP address.
Press Look up.
Read the registrar, registration and expiry dates, nameservers, and ownership details returned.
Reading a WHOIS record
WHOIS shows the public registration behind a domain or IP. For a domain you'll see the registrar, the creation, update and expiry dates, the nameservers, and status codes — personal contact details are usually redacted for privacy. For an IP or ASN, WHOIS returns the Regional Internet Registry record: the allocated block, the owning organization, and abuse contacts. To see where a domain actually points, use the DNS lookup tool; to map an IP to a hostname, use reverse DNS. The lookup runs on our server and isn't logged.
Code & API examples
Use this from the command line or your code. The API is free, GET-only, and returns JSON.
WHOIS queries public registry records for a domain or IP, returning details like the registrar, registration and expiry dates, nameservers, status, and the network or organization that owns the resource.
Typically the registrar, creation, update, and expiry dates, the current nameservers, domain status codes, and — where not redacted — registrant contact or organization details.
Since GDPR, registrars mask personal contact data behind privacy or redaction, and many domains use WHOIS privacy services. You'll usually see the registrar and dates but not an individual's name or email.
Run a WHOIS lookup and read the expiry or 'Registry Expiry Date' field. It shows the current registration end date, though owners can renew at any time before it lapses.
WHOIS returns registration and ownership records about who controls a domain or IP. DNS returns the live technical records (A, MX, etc.) that route traffic. They answer 'who owns it' versus 'where does it point'.
Yes. For an IP or ASN, WHOIS queries the Regional Internet Registry (ARIN, RIPE, APNIC, etc.) and returns the allocated block, the owning organization, and abuse contacts rather than domain registration data.
They're EPP status codes set by the registrar or registry. clientTransferProhibited blocks transfers to another registrar — a common anti-hijacking lock — while codes like pendingDelete or redemptionPeriod signal a lapsed registration.
Each registry runs its own WHOIS server with its own format and disclosure policy. Some TLDs return rich records, others minimal ones, and privacy redaction varies by registrar and jurisdiction.
It reflects the registry's records at query time, so registrar and status changes appear quickly. Expiry and update dates are authoritative, but cached or thin records from some TLDs may lag.
The query goes to the registry's WHOIS server, not to the domain owner, so they aren't notified. vpn.golf runs the lookup server-side and keeps no logs of what you searched.
That usually means the domain isn't registered and is available, though it can also occur during propagation delays or for TLDs that restrict public WHOIS access.
RDAP is the modern, structured (JSON) successor to the plain-text port-43 WHOIS protocol, with standardized fields and access controls. Registries increasingly serve both; this tool uses WHOIS and the data overlaps heavily.