What Is WHOIS?

In plain English

WHOIS is the public record of who registered a domain and when. It is the closest thing the web has to a birth certificate for a website address.

The idea

Every domain has to be registered with somebody. That registration leaves a record, and WHOIS is how you look it up.

It is not a rating and it is not a security check. It is paperwork. But it answers one question no marketing page will answer honestly: how long has this address actually existed?

What a WHOIS record shows

The exact fields vary by registry, but you can usually expect these.

  • The registration date. When the domain was first created. This is the field that matters most to a shopper.
  • The expiry date and last update. Useful context, though a long expiry proves nothing on its own.
  • The registrar. The company the domain was bought through.
  • Name servers. Where the domain's DNS is hosted.
  • Contact details. Sometimes. Very often not, and that is fine. More on that below.

Hidden contact details are normal

If you look up a domain and see a privacy service instead of a person's name, do not read anything into it.

Registrars now offer privacy protection as standard, and many include it for free. Registries also redact personal data by default for data protection reasons. So the overwhelming majority of ordinary, legitimate domains show a privacy service in the contact fields.

Hidden contact details are not a warning sign. Anyone telling you otherwise is reading a guide written for a version of the internet that no longer exists. What you should look for instead is whether the website gives you a real way to reach a human. That belongs on the contact page, not in a registry record.

RDAP, the modern version

WHOIS is old. The text it returns was designed to be read by people, not machines, and every registry formats it slightly differently.

RDAP is the replacement protocol. It queries the same registry data and returns it in a structured, predictable form, which means tools can read it reliably instead of guessing at the layout. If you use a modern lookup tool, there is a good chance it is quietly using RDAP and simply calling it WHOIS out of habit.

For your purposes the distinction does not matter much. The data is the same. RDAP is just the tidier way of asking.

How to use it as a shopper

Skip the contact fields. Go straight to the creation date and ask whether it fits the story the site is telling you.

A shop claiming years of happy customers on a domain registered last month is worth a second look. See domain age for what to do with that, and how not to over-read it.

Weigh it alongside everything else. Does the site use HTTPS? Is there a real contact route? Do the reviews exist anywhere other than the site itself? Our free check reads the registration date for you, along with the rest.

Related terms

Browse the full glossary →

See where your site stands.

Run a free check and find out which of these your site already passes, in seconds.

Run a free check Browse the fixes