Domain Strategy6 min readApril 25, 2026

What Is WHOIS? Everything Domain Owners Need to Know

Affiliate disclosure: Some links in this article are affiliate links. We may earn a commission if you make a purchase, at no extra cost to you. This helps fund our independent research.

WHOIS is the internet's public directory of domain ownership. Every registered domain has a WHOIS record — a public database entry that shows who owns it, when it was registered, when it expires, and which name servers it uses.

Understanding WHOIS is essential for domain owners, buyers, and anyone doing due diligence on a website. Here is everything you need to know.

What WHOIS Shows

A standard WHOIS record includes:

Registrant information — the name, organisation, email, phone, and address of the domain owner. This is the field most affected by GDPR privacy rules.

Registration date — when the domain was first registered. Older domains tend to have more established search engine trust.

Expiry date — when the domain registration expires. Critical for domain buyers monitoring potentially expiring domains.

Registrar — which company manages the registration (GoDaddy, EuroDNS, Namecheap, etc.)

Name servers — which DNS servers handle the domain's routing. This tells you which hosting provider is being used.

Domain status — whether the domain is active, locked, pending transfer, etc.

How GDPR Changed WHOIS

Before 2018, WHOIS records were genuinely public — you could look up any .com and see the owner's full name, home address, and personal email address.

GDPR changed this for European registrants and for registrars that comply with European privacy law. Today, most WHOIS records for individual domain owners show redacted information:

Personal email replaced with a privacy proxy address
Personal address replaced with the registrar's address
Phone number redacted

This was a significant and positive change. Public WHOIS records had become a resource for spammers, scammers, and doxxers.

However, WHOIS privacy compliance varies by registrar and by TLD. Some country-code TLDs (ccTLDs) have always required public registrant information, regardless of GDPR. Always check the privacy policy of your specific registrar and TLD.

WHOIS Privacy Protection

Most modern registrars offer WHOIS privacy protection — a service that replaces your personal information in the WHOIS record with a proxy address managed by the registrar.

This should always be free. GoDaddy charges $9.99 per year per domain for WHOIS privacy, which we consider unreasonable given that most competitors include it at no charge. EuroDNS, Namecheap, and Cloudfield include WHOIS privacy for free on all supported TLDs.

If you are registering a domain for a business with a public address, WHOIS privacy matters less. If you are registering a domain for a personal project from your home address, enable WHOIS privacy before your registration goes public.

How to Use WHOIS for Research

WHOIS lookups are useful for:

Buying a domain — before making an offer on a domain someone else owns, WHOIS tells you who to contact and how long they have held it.

Competitor research — WHOIS data can reveal when a competitor's domain was registered (a proxy for how long they have been operating) and sometimes which hosting infrastructure they use.

Domain expiry monitoring — if you want a domain that is currently registered, tracking its expiry date lets you be ready to register it if the current owner does not renew.

Due diligence on websites — before purchasing a website or entering a business relationship, WHOIS lets you verify who actually controls the domain.

→ [Try our free WHOIS Lookup Tool](/tools/whois)

Domain Status Codes Explained

When you look up a WHOIS record, you will see one or more status codes. The most common:

clientTransferProhibited — the domain is locked against transfer. This is the default state and protects against unauthorised transfers.

serverTransferProhibited — the registrar has locked the domain, often during a dispute or legal hold.

pendingDelete — the domain registration has expired and it is in a grace period before being released for re-registration. This is the moment domain hunters watch for.

redemptionPeriod — the domain has entered a redemption phase after expiry. The current owner can still recover it, but at a premium price.

The Expiry Window

When a domain expires, it does not immediately become available for re-registration. The typical timeline:

Days 0-45: Grace period. Current owner can renew at standard price.
Days 45-75: Redemption period. Current owner can still recover but at a significant redemption fee ($80-200).
After day 75: Domain is deleted and released for general registration.

Domain investors and automated services monitor expiring domains and attempt to register them the moment they are released. If you want an expiring domain, having a registrar service monitor it and attempt instant registration is the most reliable approach.

→ [Register your domain with privacy protection included](/go/eurodns)

Last updated: April 25, 2026

Domain Strategy6 min readApril 25, 2026

What Is WHOIS? Everything Domain Owners Need to Know

By Øyvind

Affiliate disclosure: Some links in this article are affiliate links. We may earn a commission if you make a purchase, at no extra cost to you. This helps fund our independent research.

Understanding WHOIS is essential for domain owners, buyers, and anyone doing due diligence on a website. Here is everything you need to know.

What WHOIS Shows

A standard WHOIS record includes:

Registrant information — the name, organisation, email, phone, and address of the domain owner. This is the field most affected by GDPR privacy rules.

Registration date — when the domain was first registered. Older domains tend to have more established search engine trust.

Expiry date — when the domain registration expires. Critical for domain buyers monitoring potentially expiring domains.

Registrar — which company manages the registration (GoDaddy, EuroDNS, Namecheap, etc.)

Name servers — which DNS servers handle the domain's routing. This tells you which hosting provider is being used.

Domain status — whether the domain is active, locked, pending transfer, etc.

How GDPR Changed WHOIS

Before 2018, WHOIS records were genuinely public — you could look up any .com and see the owner's full name, home address, and personal email address.

GDPR changed this for European registrants and for registrars that comply with European privacy law. Today, most WHOIS records for individual domain owners show redacted information:

Personal email replaced with a privacy proxy address
Personal address replaced with the registrar's address
Phone number redacted

This was a significant and positive change. Public WHOIS records had become a resource for spammers, scammers, and doxxers.

WHOIS Privacy Protection

Most modern registrars offer WHOIS privacy protection — a service that replaces your personal information in the WHOIS record with a proxy address managed by the registrar.

How to Use WHOIS for Research

WHOIS lookups are useful for:

Buying a domain — before making an offer on a domain someone else owns, WHOIS tells you who to contact and how long they have held it.

Competitor research — WHOIS data can reveal when a competitor's domain was registered (a proxy for how long they have been operating) and sometimes which hosting infrastructure they use.

Domain expiry monitoring — if you want a domain that is currently registered, tracking its expiry date lets you be ready to register it if the current owner does not renew.

Due diligence on websites — before purchasing a website or entering a business relationship, WHOIS lets you verify who actually controls the domain.

→ [Try our free WHOIS Lookup Tool](/tools/whois)

Domain Status Codes Explained

When you look up a WHOIS record, you will see one or more status codes. The most common:

clientTransferProhibited — the domain is locked against transfer. This is the default state and protects against unauthorised transfers.

serverTransferProhibited — the registrar has locked the domain, often during a dispute or legal hold.

pendingDelete — the domain registration has expired and it is in a grace period before being released for re-registration. This is the moment domain hunters watch for.

redemptionPeriod — the domain has entered a redemption phase after expiry. The current owner can still recover it, but at a premium price.

The Expiry Window

When a domain expires, it does not immediately become available for re-registration. The typical timeline:

Days 0-45: Grace period. Current owner can renew at standard price.
Days 45-75: Redemption period. Current owner can still recover but at a significant redemption fee ($80-200).
After day 75: Domain is deleted and released for general registration.

→ [Register your domain with privacy protection included](/go/eurodns)

Last updated: April 25, 2026

What Is WHOIS? Everything Domain Owners Need to Know

What WHOIS Shows

How GDPR Changed WHOIS

WHOIS Privacy Protection

How to Use WHOIS for Research

Domain Status Codes Explained

The Expiry Window

Related Articles

How to Register Domains in Bulk Without Making Expensive Mistakes

How to Choose a Domain Name in 2026 — The Complete Guide

How to Protect Your Domain from Hijacking in 2026

What Is WHOIS? Everything Domain Owners Need to Know

What WHOIS Shows

How GDPR Changed WHOIS

WHOIS Privacy Protection

How to Use WHOIS for Research

Domain Status Codes Explained

The Expiry Window

Related Articles

How to Register Domains in Bulk Without Making Expensive Mistakes

How to Choose a Domain Name in 2026 — The Complete Guide

How to Protect Your Domain from Hijacking in 2026