How the lookup works

Every lookup runs over RDAP — the structured, modern replacement for WHOIS — and adds a layer of decoding and safety checks on top of the raw registry data.

1. You enter a domain

Type any domain like example.com. The input is normalised: the scheme and www. are stripped, it's lower-cased, and internationalised names are converted to their xn-- punycode form so the registry understands them.

2. We find the right registry server

There's no single WHOIS server for the whole internet — each top-level domain has its own authoritative source. We resolve the correct one from IANA's official registry map, which covers every active extension. A cached copy keeps lookups fast and within registry rate limits.

3. RDAP returns structured data

RDAP replies in clean JSON instead of the free-form text WHOIS used to return. We flatten it into clear fields: registrar, IANA ID, abuse contact, nameservers, creation and expiry dates, and the DNSSEC signing flag.

4. Status codes get decoded

Domains carry technical status codes like clientTransferProhibited. We translate each one into plain language — what it means, who set it (your registrar or the registry), and whether you need to act. An overall health badge summarises the domain at a glance.

5. Look-alike domains get flagged

If a domain uses non-Latin characters that imitate familiar names (a "homograph" — the classic trick where a Cyrillic letter stands in for a Latin one), we flag it. This matters most when you're investigating a domain you don't already trust.

A note on redacted data

Since GDPR took effect, registries redact the registrant's personal contact details for most domains. That's policy, not a gap in this tool — where you see no owner name, the registry simply isn't publishing it.