Registration
What Is WHOIS Information?
WHOIS information is registration data associated with a domain name. It is not the same thing as DNS records, although people often look at both when investigating a domain.
WHOIS answers a different question than DNS
DNS tells you how a domain is configured on the network. WHOIS tells you how a domain is registered. That difference matters. If you want to know which IP address serves a hostname, ask DNS. If you want to know which registrar sponsors the domain or whether the domain is locked against transfer, look at registration data.
The classic WHOIS protocol was specified in RFC 3912. Today, many registration-data workflows are moving toward RDAP, the Registration Data Access Protocol, standardized in RFC 9082. ICANN’s lookup.icann.org service is a practical place to see current registration data for many domains.
What WHOIS information can include
Depending on the TLD and applicable policy, WHOIS or RDAP results may include the sponsoring registrar, important dates such as creation and expiration, domain status codes, the authoritative name servers associated with the registration, and various administrative or technical contact details. In many real-world cases, some contact fields are redacted, proxied, or omitted entirely.
| Common field | What it tells you |
|---|---|
| Registrar | Which registrar sponsors the domain registration |
| Creation / expiry dates | When the registration started and when it is due for renewal |
| Status codes | Whether transfer, deletion, or updates are restricted |
| Name servers | Which authoritative DNS hosts are published at the registration layer |
| Contacts | Administrative or technical points of contact, where available |
Why some WHOIS results look incomplete
Many people expect WHOIS to reveal the “owner” of a domain in a simple and public way. In practice, the output can be sparse, redacted, or routed through privacy and proxy services. Some of that is due to policy, some due to data model differences across TLDs, and some due to the broader industry transition from legacy WHOIS text output to RDAP’s structured responses.
That means WHOIS is still useful, but you should treat it as registration context rather than definitive ownership proof. It is especially helpful when you need to identify the sponsoring registrar, check domain status codes, or confirm which authoritative name servers are delegated from the registration side.
WHOIS may list delegated name servers, but it does not replace querying DNS itself. A registration record can point to name servers even if the zone content on those servers is broken or incomplete.
WHOIS, RDAP, and real-world investigation
When you investigate a domain, it often helps to combine registration data with live DNS data. For example, WHOIS or RDAP can tell you the registrar and registration status, while a DNS query can show you the actual NS, A, MX, or TXT records in use. If the delegated name servers do not match the intended provider, the issue may sit at the registrar layer rather than inside the zone.
RDAP improves on WHOIS by returning structured data that is easier for software to parse and by supporting more standardized behaviors. For human operators, the practical takeaway is simple: if your WHOIS client output feels inconsistent, try an RDAP-capable service as well. ICANN Lookup is a good starting point, and many registries and registrars also expose RDAP endpoints.
# Legacy-style registration lookup
whois example.com
# Then compare with live DNS
dig example.com NS
dig example.com SOAFAQ
Is WHOIS the same as proving legal ownership?
No. WHOIS or RDAP output is registration context, not a definitive legal determination.
Why does WHOIS sometimes show privacy or redacted values?
Because many registrations use privacy services or publish limited contact data under current policy and operational practices.
Should I use WHOIS or RDAP?
Use whichever is available in your workflow, but understand that RDAP is the newer, more structured direction for registration-data access.