WHOIS Lookup
Look up registration information for any domain or IP address via RDAP.
Enter a domain or IP address above to look up registration data.
curl -H "Authorization: Bearer YOUR_KEY" https://api.iploc.ai/v1/lookup/me
What is WHOIS?
WHOIS is a query-and-response protocol used to look up registration information for domain names and IP address blocks. Every domain and IP range on the internet is registered with a Regional Internet Registry (RIR) or domain registrar, and WHOIS provides public access to that registration data. ICANN (the Internet Corporation for Assigned Names and Numbers) mandates that registrars collect and publish certain registration details, including the registrant organization, registration and expiration dates, nameservers, and contact information (though privacy services may redact personal details under GDPR and similar regulations).
For IP addresses, WHOIS queries are directed to the appropriate RIR: ARIN (North America), RIPE NCC (Europe, Middle East, Central Asia), APNIC (Asia-Pacific), LACNIC (Latin America), or AFRINIC (Africa). The response reveals the organization that holds the allocation, the address range, country of registration, and abuse contact information. This data is essential for network operators investigating abuse, security researchers tracing attacks, and compliance teams verifying the ownership of IP resources. RDAP (Registration Data Access Protocol) is the modern replacement for traditional WHOIS, offering the same information in a structured, machine-readable JSON format.
RDAP vs Traditional WHOIS
Traditional WHOIS dates back to the 1980s and returns data as unstructured plaintext. Each registrar and RIR formats responses differently, making automated parsing unreliable. There is no standardized error handling, no authentication mechanism, and no way to indicate which fields are redacted for privacy versus simply absent. Queries are sent over TCP port 43 in plaintext, with no encryption or access control.
RDAP was designed by the IETF as a modern replacement (defined in RFCs 7480-7484). It uses HTTPS as the transport, returning well-structured JSON responses with consistent field names across all registries. RDAP supports authentication and differentiated access, meaning registries can provide more detailed data to authorized users while still serving basic information publicly. The structured format makes it far easier to build automated tools and integrations. RDAP also provides standardized links to related objects, proper internationalization support, and clear indication of which fields have been redacted. This tool uses RDAP endpoints to fetch registration data, providing reliable, structured results for both domain names and IP addresses.
Understanding WHOIS Data
A WHOIS response for a domain name typically includes the registrant (the organization or individual who owns the domain), the registrar (the company through which the domain was registered, such as Cloudflare, Namecheap, or GoDaddy), and key dates including the registration date, last updated date, and expiration date. The response also lists the authoritative nameservers for the domain, which tell the DNS system where to find the domain's records.
Many domain owners use WHOIS privacy protection (also called domain privacy or WHOIS proxy) to hide their personal contact information from public view. With privacy enabled, the registrar's proxy service appears in the registrant fields instead of the actual owner's details. Since the implementation of GDPR in 2018, many registrars automatically redact personal data for domains registered by individuals in the EU, even without explicitly purchasing a privacy service. For IP address lookups, WHOIS data shows the organization that holds the IP allocation, the assigned address range, the Regional Internet Registry (RIR), and abuse contact information.
Domain Registration Tips
Choose a reputable registrar that offers transparent pricing, free WHOIS privacy, and reliable DNS management. Avoid registrars that charge inflated renewal prices after a cheap first year. Look for registrars that support two-factor authentication and domain lock features to prevent unauthorized transfers. Cloudflare Registrar, Namecheap, and Porkbun are well-regarded options that charge at-cost or near-cost pricing.
Enable auto-renewal for important domains to prevent accidental expiration. Expired domains enter a grace period (typically 30-45 days) during which the original owner can renew at standard rates, but after that the domain enters a redemption period with significantly higher recovery fees, and eventually becomes available for anyone to register. Domain squatters and drop-catching services actively monitor expiring domains to grab valuable ones the moment they become available.
Once you have your domain registered, verify its DNS configuration with our DNS lookup tool to ensure all records are properly set up. For IP-based WHOIS queries, you can also check the reverse DNS mapping using our reverse DNS lookup.