WHOIS / RDAP Lookup

Domain and IP ownership lookup with RDAP first, WHOIS fallback, plus summary cards.

Summary

Key fields from RDAP (and WHOIS when available).

Run a lookup to see WHOIS/RDAP output.

About

This WHOIS / RDAP lookup gives you a structured ownership snapshot for domains and IP ranges without jumping between registrars. RDAP responses arrive as JSON with explicit fields and links; if a registry lacks RDAP, the tool falls back to classic WHOIS text so you still get a raw record. You can see who owns the object, which contacts or roles are published, the registration timeline, and live nameserver/DNSSEC signals—ideal when you need to verify a transfer, check expiry risk, or confirm that a domain really belongs to the party claiming it.

For domains, the summary surfaces registrar name, registrant or organization when available, creation/updated/expiry dates, current statuses (clientTransferProhibited, redemptionPeriod and similar), plus active nameservers. The DNSSEC flag shows whether the zone is signed. Copy the RDAP link to visit the authoritative source or provide the WHOIS text to support teams during escalations. Status fields often explain why an action fails (locked domains cannot transfer; redemption means pending deletion), so you can resolve blockers faster.

For IP addresses, RDAP reveals which network announces the block, the start/end range, country codes and any remarks set by the operator. Entities and handles help you spot whether an address belongs to an ISP, hosting provider, cloud/VPN, or an upstream carrier. That context is essential when you allowlist traffic, respond to abuse complaints, or need to justify that an exit node is residential versus data-center. Parent handles point to broader allocations if you need to widen or narrow a policy.

Use the raw outputs when automation needs canonical data: incident responders attach RDAP JSON to tickets; SOC teams paste WHOIS text into SIEM/IR playbooks; deliverability engineers quote registrar information when asking registrants to fix DNSSEC, NS glue or expiry issues. Because RDAP is structured, you can also map statuses and dates to monitoring alerts that warn before a domain lapses. Outputs are transient—no data is stored server-side.

Practical scenarios: validating that SPF/DKIM domains are truly under your control, confirming that a phishing lookalike sits at a different registrar, checking whether an IP range belongs to a VPN so you can tighten rate limits, or sharing the RDAP link with a registrar agent to expedite updates. Everything runs server-side with SSRF guards so internal networks stay protected.

FAQ

›When is RDAP used instead of WHOIS?

The tool tries RDAP first for structured JSON. If RDAP is unavailable or errors, it falls back to WHOIS text.

›Why do some fields show as empty?

Privacy redaction, GDPR policies or registry rules can hide registrant details, emails or phone numbers.

›What do domain statuses mean?

clientTransferProhibited blocks transfers; clientHold can stop DNS; redemptionPeriod means the domain is pending deletion unless restored.

›How do I confirm DNSSEC?

The summary shows whether the RDAP record marks the zone as signed. You can also validate with a DNSSEC checker for the live zone.

›What about IP ranges?

RDAP for IPs shows the announced range, country code, remarks and entities so you can see which network operates the block.

›Can I trust the raw text?

WHOIS text comes directly from the registry output; RDAP JSON is the structured equivalent. Always check the RDAP link for the authoritative view.

Related Tools

Ping Test
/tools/network/ping
Traceroute / MTR
/tools/network/traceroute
Port Checker
/tools/network/port-check
DNS Propagation Checker
/tools/network/dns-check
HTTP Headers & Redirects
/tools/network/headers