Tool overview
What is a WHOIS / RDAP Lookup?
A WHOIS lookup retrieves public domain registration data—registrar, creation and expiry dates, nameserver hosts, DNSSEC delegation status, and domain status codes (such as transfer locks). Modern registries expose this through RDAP (Registration Data Access Protocol), which returns structured JSON instead of legacy port-43 text.
Why use this Domain Intelligence Dashboard?
Acquisition teams verify expiry runway before renewals or transfers. Security reviewers check DNSSEC, transfer prohibitions, and SSL reachability alongside registry facts. Developers debugging DNS compare published nameservers with live A/AAAA resolution—without installing CLI whois clients or parsing inconsistent text output.
Key Features
RDAP-backed registrar and timeline parsing, domain health score with risk and best-practice checklists, nameserver provider detection, client-side DNS resolution, SSL enrichment, tabbed detail views (Overview, Registration, DNS, Security, Timeline, Raw Data), copyable plain-text reports and raw JSON, and quick jump to DNS Lookup with hostname prefill.
How to Use
Follow these steps to get accurate results from the tool interface above.
- Enter a domain (example.com) or paste a full URL—paths and query strings are stripped automatically.
- Press Enter or click Lookup. Subdomains such as www.example.com resolve to the registrable apex (example.com) because registries publish RDAP at the registered domain.
- Review the health score, status badges, domain timeline, and risk/best-practice checklists.
- Open Overview, Registration, DNS, Security, Timeline, or Raw Data tabs for structured fields with one-click copy.
- Use Quick Actions to copy a plain-text report, copy raw RDAP JSON, or jump to DNS Lookup with the hostname prefilled.
- After a successful lookup, a 10-second cooldown prevents registry rate-limit abuse; failed lookups can be retried immediately.
RDAP & Domain Intelligence Reference
How this tool maps Registration Data Access Protocol (RDAP) responses into registrar, DNS, security, and health metrics—and what each field means for acquisition, migration, and security reviews.
RDAP vs legacy WHOIS
RDAP (RFC 7483) returns structured JSON with typed entities, events, and status codes. Legacy WHOIS port-43 text varies by registrar. This tool uses IANA bootstrap routing with rdap.org fallback when a TLD is missing from cache.
Registrar & registrant fields
Registrar name and handle come from RDAP entities with role registrar. Registrant names are often redacted under GDPR/WHOIS privacy—the dashboard marks Privacy Protected when redaction markers appear in vCard data.
Registration events timeline
eventAction registration, last changed, and expiration drive the timeline and domain-age ring. Lifeline percent estimates remaining registration runway between created and expiry dates.
Nameservers & DNS provider
nameservers[].ldhName lists authoritative hosts. Provider detection matches common patterns (Cloudflare, Route 53, GoDaddy, Google Cloud DNS). Client-side A/AAAA resolution shows current address records alongside registry data.
DNSSEC & transfer lock
secureDNS.delegationSigned maps to Enabled/Disabled/Unknown. Domain status codes such as clientTransferProhibited indicate registrar locks that block unauthorized transfers.
Domain health score
Scoring weighs expiry runway, DNSSEC, SSL reachability, nameserver redundancy, and transfer lock. Grades: Excellent (90+), Good (70+), Fair (50+), Poor (<50). Use as a checklist signal, not a legal or security certification.
SSL enrichment
A lightweight HEAD request to https://{apex} checks certificate reachability. This confirms TLS is negotiable—it does not replace a full certificate transparency or chain audit.
Subdomain & URL normalization
Inputs with protocols, paths, or query strings normalize to a hostname before lookup. Registry RDAP endpoints reject many subdomains with HTTP 400; the tool queries the public suffix / registrable domain instead.
Rate limits & errors
Upstream registries may return HTTP 429—surfaced as a user-facing retry message. HTTP 404 means no RDAP object for that domain. Invalid or private hosts are rejected before any network call.
Frequently Asked Questions
Expandable answers for common debugging bottlenecks and data privacy questions.
Official Documentation & References
Authoritative specifications and platform documentation for this utility.