On This Page: [hide]
Every registered domain name has an owner on record. That information used to be completely public. Then GDPR arrived in 2018, registrars started redacting personal details, and ICANN officially retired the old WHOIS protocol in January 2025. The system that worked for decades changed fundamentally in just a few years.
Quick answer: Start with ICANN’s free lookup tool at lookup.icann.org, which now uses the newer RDAP protocol. If the owner’s details are hidden behind privacy protection, try a historical WHOIS service like DomainTools or WhoisXML API to find older, unredacted records. For legal or trademark matters, ICANN’s Registration Data Request Service (RDRS) lets you formally request nonpublic registration data from the registrar.
Last reviewed: March 2026. Methods and tools verified.
What is WHOIS and How Did It Work?
WHOIS (pronounced “who is”) was an internet protocol created in the 1980s to query databases storing registration information about domain names. When someone registered a domain, their contact details went into a public database: name, email, phone number, physical address, and the dates the domain was registered and set to expire. Anyone could look up this information for free.
The system ran on port 43 and returned plain text responses. Each registrar formatted their output differently, which made automated processing unreliable. There was no encryption, no authentication, and no way to control who accessed the data. For over 30 years, nobody questioned this setup. Openness was the point.
That changed when the European Union’s General Data Protection Regulation (GDPR) took effect in May 2018. Suddenly, publishing personal contact details of domain owners without consent violated privacy law. Registrars began redacting names, emails, and phone numbers from public WHOIS results almost overnight. The information still existed in registrar databases, but public access was cut off.
RDAP: The Protocol That Replaced WHOIS
On January 28, 2025, ICANN (the Internet Corporation for Assigned Names and Numbers) officially sunset WHOIS for generic top-level domains (gTLDs like .com, .net, .org). Its replacement is RDAP, the Registration Data Access Protocol.
RDAP fixes the technical problems that plagued WHOIS for decades. It returns structured JSON data instead of messy plain text, so every registrar’s output follows the same format. It runs over HTTPS, which means queries are encrypted. And critically, RDAP supports differentiated access. A registrar can return different levels of detail depending on who’s asking and why.
Here’s what that means in practice. A regular user running a lookup sees basic registration data: registrar name, registration dates, nameservers, and domain status. Personal details remain redacted. But a verified law enforcement officer or trademark holder could potentially receive more information through authenticated requests. WHOIS was all-or-nothing. RDAP allows nuance.
One important caveat: country-code TLDs (ccTLDs like .uk, .de, .au) aren’t required to adopt RDAP on ICANN’s timeline. Some have migrated, others haven’t. So for ccTLD lookups, traditional WHOIS may still be the only option available. If you’re choosing hosting in a specific country, this matters because local TLD registries vary widely. Our Europe web hosting guide, for instance, covers providers across regions where ccTLD policies differ. Both protocols will coexist for the foreseeable future.
Free Domain Lookup Tools That Work in 2026
You don’t need to understand protocols to look up a domain owner. Several free web-based tools handle everything behind the scenes. Just type in a domain name and get results.
ICANN Lookup (lookup.icann.org)
This is the official tool from the organization that manages the domain name system. It now uses RDAP as its backend. You’ll get the registrar name, registration and expiration dates, nameservers, and domain status codes. For gTLDs, this should be your first stop because it queries authoritative sources directly.
Whois.com
A clean, simple interface that supports both WHOIS and RDAP queries. Enter a domain and you’ll see registration details, nameserver information, and whatever registrant data the registrar makes public. It works well for quick checks when you need results without extra features.
Who.is
Beyond basic lookup data, Who.is shows DNS records, server information, and related domains. The extra context can help when you’re trying to figure out who controls a domain that has privacy protection enabled. If two domains share the same nameservers and IP address, they likely have the same owner.
Registrar-Specific Tools
GoDaddy, Namecheap, Name.com, and Hostinger all offer free WHOIS lookup pages. These work fine for basic searches, though they’ll often suggest you buy the domain or use their brokerage service if the domain is already taken. The data itself is the same you’d find through other tools.
How to Look Up a Domain Owner (Step by Step)
The process takes about 30 seconds. Here’s exactly what to do.
Step 1: Go to lookup.icann.org (or any tool from the list above).
Step 2: Type the full domain name into the search field. Include the extension: “example.com”, not just “example”. Hit search.
Step 3: Read the results. You’ll see a block of registration data. The key fields to focus on: Registrar (the company managing the domain), Creation Date (when it was first registered), Expiration Date (when it needs renewal), Name Servers (where the domain points), and Registrant Contact (the owner’s details, if visible).
Step 4: Check the registrant fields. If you see actual names and email addresses, you’ve found your answer. If you see “REDACTED FOR PRIVACY” or a proxy service name like “WhoisGuard” or “Domains By Proxy”, the owner has privacy protection enabled. You’ll need to try the methods in the next sections.
Why Most Results Show “Redacted for Privacy”
Run a lookup on almost any domain registered after 2018, and you’ll likely see placeholder text where the owner’s name and email should be. This isn’t a bug. It’s working exactly as intended.
Domain privacy protection works by replacing the registrant’s personal details with the registrar’s (or a proxy service’s) information in public records. Before GDPR, this was an optional add-on that many registrars charged USD 10-15/year for. Now, most registrars include it free by default. Namecheap was an early adopter of free privacy protection. Others followed once GDPR made it effectively mandatory for European registrants.
Some site owners go further than just WHOIS privacy. If you’re shopping for a registrar that includes privacy at no extra cost, our cheap domain registration guide breaks down what each one offers. For full identity protection at the hosting level too, there’s also anonymous web hosting.
Even without privacy protection services, ICANN’s own policies now require registrars to redact personal data from public RDAP/WHOIS results for gTLDs. The 2025 Registration Data Policy made this permanent. So even if a domain owner hasn’t actively enabled privacy protection, their personal information probably won’t appear in a standard lookup.
What you’ll typically still see: the registrar name, registration and expiration dates, nameservers, domain status, and sometimes the registrant’s country or state. That’s enough to learn when a domain was registered, which company manages it, and whether it’s about to expire. It won’t tell you the individual behind it.
5 Ways to Find a Domain Owner When Details Are Hidden
Privacy protection doesn’t make identification impossible. It just makes it harder. So what can you actually do when a lookup returns nothing useful? Here are five methods that still work.
1. Check Historical WHOIS Records
Pre-GDPR WHOIS data still exists in archived databases. Services like DomainTools, WhoisXML API, and WhoisFreaks maintain billions of historical records going back over a decade. If a domain was registered before May 2018 without privacy protection, the original owner’s full contact details are probably archived somewhere.
WhoisXML API alone claims over 25.5 billion historical records. WhoisFreaks reports 3.6 billion+ indexed records. These aren’t free services (most charge per lookup or require a subscription), but they’re the most reliable way to uncover ownership details that have since been redacted.
2. Use ICANN’s Registration Data Request Service (RDRS)
ICANN launched RDRS in November 2023 as a centralized system for requesting nonpublic domain registration data. You create a free account at rdrs.icann.org, specify the domain name you’re researching, the type of data you need, and your purpose. ICANN categorizes purposes into groups: intellectual property disputes, law enforcement, legitimate business interests, and more. The system identifies the correct registrar and forwards your request automatically.
The initial two-year pilot concluded in November 2025, but ICANN’s Board extended the service for up to two more years while a permanent solution is developed. Here’s the catch: registrars have no obligation to disclose the data, only to acknowledge and process the request. Some respond within days, others take weeks. ICANN publishes quarterly metrics reports tracking response rates.
RDRS won’t help with casual curiosity. If you just want to know who owns a random domain, the registrar will likely deny your request. But for legitimate purposes (someone registered a domain using your brand name, or you’re investigating a phishing site), it provides a formal, documented channel that registrars take seriously. It’s also the closest thing to an official process for getting past privacy redactions.
3. Contact the Registrar Directly
Every WHOIS/RDAP result shows the registrar’s name and abuse contact email. Most registrars also provide web forms for contacting domain owners through an anonymized relay. You send your message to the registrar, they forward it to the domain owner, and the owner decides whether to respond. Your message reaches them without their details being exposed.
This approach works best for straightforward inquiries, like asking if a domain is for sale or reporting a problem. Don’t expect a response if the domain belongs to a large company or if the owner simply doesn’t check their registrar email.
4. Investigate DNS and SSL Certificates
Sometimes ownership clues hide in a domain’s technical infrastructure. SSL certificates issued before automated services like Let’s Encrypt became dominant often contain organization names and locations. Extended Validation (EV) certificates always include verified company information.
DNS records can reveal connections too. Check where the domain’s nameservers point, what IP address it resolves to, and whether other domains share the same infrastructure. Tools like ViewDNS.info and DNSlytics let you do reverse IP lookups to find all domains hosted on the same server. If one of those related domains has public ownership data, you’ve potentially found your answer.
5. Search Beyond WHOIS Entirely
Google the domain name. Check the website’s “About” or “Contact” page. Look for mentions on LinkedIn, social media, or business registries. Many domain owners who hide their WHOIS data still link their identity to the domain through other public channels. State secretary of state databases, business registration records, and trademark filings often connect company names to domain names.
Reverse WHOIS: Starting From What You Know
Standard lookups start with a domain and return owner information. Reverse WHOIS flips this around. You start with something you know about the owner, like an email address, name, or organization, and find all domains connected to it.
Here’s a practical example. You run a lookup on a suspicious domain and find the registrant email is “[email protected]”. A reverse WHOIS search on that email address reveals 47 other domains registered with the same contact. Now you’ve mapped an entire network of related sites from a single data point. This is why reverse lookups are popular for cybersecurity investigations, brand protection, and competitor research.
Major providers include WhoisXML API, WhoisFreaks, and DomainTools. These are paid services. WhoisXML API and WhoisFreaks both offer per-query pricing if you only need occasional lookups. DomainTools is geared more toward security teams with monthly subscriptions. Free reverse WHOIS tools do exist, but they typically cap results at 10-20 domains or search a much smaller database.
Which Method Should You Use?
With so many options covered above, here’s how to decide without overthinking it.
Ask yourself two questions: what do you actually need, and are you willing to pay? That narrows things down fast.
If you just need basic registration info (registrar, dates, nameservers), any free tool works. Done in 30 seconds, costs nothing. Most people never need more than this.
If you need the actual person or company behind a domain, free tools probably won’t cut it anymore. Your best bet depends on the domain’s age. Older domains (registered before 2018) likely have unredacted records sitting in historical databases. Newer domains with privacy enabled from day one are tougher. You’re looking at registrar contact forms, DNS detective work, or a formal RDRS request.
Money on the table? Buying a domain or pursuing a trademark dispute means using official channels. RDRS for legal documentation, registrar brokerage services for purchase inquiries. These create paper trails that matter if things escalate.
And if you’re doing security research or tracking down a network of related domains? That’s where paid subscriptions to DomainTools or WhoisXML API earn their keep. One-off free tools won’t give you the depth you need for serious investigation work.
Frequently Asked Questions
Is it legal to look up who owns a domain name?
Yes. Domain registration data that registrars make publicly available through WHOIS or RDAP is legal to access and view. These are public databases maintained specifically for transparency and accountability purposes. What you do with that information is a separate question, but the act of looking up a domain’s registration data is entirely legal in every jurisdiction.
Why did ICANN replace WHOIS with RDAP?
WHOIS was a 1980s-era protocol with no encryption, no standardized output format, and no ability to control data access levels. RDAP fixes all three problems. It uses HTTPS for encrypted queries, returns structured JSON that every registrar formats consistently, and supports tiered access so different requestors can receive different levels of detail. ICANN officially sunset WHOIS for gTLDs on January 28, 2025, with RDAP as the required replacement.
Can I find out who owns a domain with privacy protection enabled?
Not through a standard lookup, no. Privacy protection specifically prevents public display of the registrant’s personal information. However, you have options. Historical WHOIS databases may contain pre-privacy records. ICANN’s RDRS allows formal requests for nonpublic data if you have a legitimate purpose. And the registrar itself can relay messages to the domain owner without revealing their identity. For legal proceedings, courts can compel registrars to disclose ownership information.
Are WHOIS lookup tools free?
Basic lookup tools are free. ICANN Lookup, Whois.com, Who.is, and registrar tools like GoDaddy’s WHOIS all cost nothing for standard queries. Advanced services like historical WHOIS, reverse WHOIS, and bulk lookups typically require paid subscriptions. DomainTools, WhoisXML API, and WhoisFreaks charge per query or offer monthly plans. Expect to pay if you need data beyond what’s currently public.
Final Verdict
Domain owner lookups in 2026 look very different from even five years ago. The shift from WHOIS to RDAP, combined with GDPR-driven privacy redactions, means casual curiosity rarely gets satisfied with a simple search anymore. Basic registration data (registrar, dates, nameservers) remains freely accessible. Personal ownership details require more effort, better tools, or a legitimate legal basis.
For most people, ICANN’s free lookup tool at lookup.icann.org covers 90% of what they need. If you’re doing serious research, invest in a historical WHOIS service. For legal matters, use RDRS and document everything.
Bottom line: the information still exists if you know where to look. You just can’t find it all in one free search like you used to.
If you’re researching domains as part of a hosting decision, our hosting finder tool can match your needs with the right provider. For location-specific recommendations, our USA web hosting comparison covers the largest market in detail.