You have the perfect idea for a website. You go to your favorite registrar and you search for your domain name and your heart sinks when you see “Domain already taken.”
That’s when you find out about something called the WHOIS. You enter the domain name you want, get results, and a quick scan shows:
Registrar: GANDI SAS
Is Gandi the owner of my domain name?
Let’s clear this up once and for all: no.
Whenever a domain name’s registrar is listed as “GANDI SAS” that means the domain name is registered at Gandi but it does not mean that we own it.
But I get it. It’s confusing—registrar, registry, registrant—these terms are honestly hard to keep straight.
So here’s a chart to show you how it works:
Buys domains from
Buys domains from
A registrant is the actual owner of a domain name. The registrar is an accredited seller of different domain names from a variety of registries. A registry is licensed by ICANN (in the case of gTLDs) or governments (in the case of ccTLDs) to sell domain names based on their ending (called top-level domains or sometimes ‘extensions’).
The way it works is that registries manage and sell the domain endings they’re responsible for. Registrars get accredited by multiple registries to sell domains in each of their specific endings. That makes a registrar one place where you can get any domain you want. For the most part, registries sell domains to registrars who sell domains to end users. Some registries do sell domains directly to customers but this is the exception, not the rule.
What is WHOIS?
Technically, WHOIS is a protocol. But it’s basically synonymous for what it’s used for, which is a database (or a bunch of databases, really) of all the information about the registration of all the domain names.
Traditionally, WHOIS is used in a command-line interface, but now there are many online versions and even smartphone apps that can make WHOIS queries.
What information does WHOIS provide?
The exact information you’ll find from WHOIS varies depending on the domain extension and even the registrar. But generally, here’s what you’ll see when you do a WHOIS lookup:
- Registrar information
This includes the registrar WHOIS server and the URL of the registrar’s website. You’ll also find the name of the registrar, their IANA ID, and contact information (both an email address and phone number) if you need to report the domain being used for abuse.
- Updated, creation, and expiration dates
There are three dates listed in a WHOIS entry: these tell you when the domain was first created (the “creation date”), when the domain was last updated (the “updated date”), and when the domain expires (the “Registrar Registration Expiration Date”).
- Domain status
The domain can have a number of different statuses that can mean a variety of different things. The most common are “clientTransferProhibited”, which means it’s “locked” from being transferred to another registrar, “autoRenewPeriod”, which means the domain has expired but can still be renewed, “redemptionPeriod” which means the domain has expired and can no longer be renewed but is in a grace period in which the owner can pay a higher fee to “restore” the domain, and “pendingDelete” which means the domain has expired and can no longer be renewed or restored.
- Contact information
Next, and most controversially, is the contact information provided to the registrar for each of the domain’s three contacts: Registrant (the owner), Admin, and Tech. These include name, company name, street address, phone number, and email address.
Why doesn’t the WHOIS list a real name and address?
There are two possible reasons you’re not seeing the person’s name or address when you do a WHOIS for the domain name you want.
Many registrars offer a service that inserts another, generic address in place of the owner’s information. You’ll often see the name of this service and a company-owned proxy address listed for all the domain’s contacts.
In 2018, the European Union implemented the General Data Protection Regulation, which restricts the ability of companies to publish personal data about people, and the information previously published in WHOIS listings cannot be made public under the GDPR (unless granted an exception).
For this reason, you’ll mostly see “REDACTED FOR PRIVACY” listed instead of the actual contact information, even if the domain you’re looking up has nothing to do with Europe.
In addition, since spammers can harvest email addresses from WHOIS queries to build email lists, most registrars also offer some way to not show your real email address.
However, the email addresses that replace these email addresses will forward to the actual owner of the domain name. This is similar to when you see obfuscated email addresses on websites like Craigslist.
How do I contact the owner of the domain name I want to contact?
Assuming that the domain you’re looking up has contact information that’s either “REDACTED FOR PRIVACY” or uses some kind of WHOIS privacy service, how do you reach a domain owner?
Your best option is to email the email address listed, even if it seems like a strange email address to you.
And if you don’t hear anything back, it’s probably the case that the owner of the domain name just isn’t interested in talking to you.
What if I have a complaint about a domain?
It’s possible that you may be trying to contact an owner or administrator of a domain not because you’re interested in the domain itself, but because it’s being used to spam you, scam you, or post illegal or material that’s harmful to you.
If that’s the case, you should reach out to the Abuse team of the registrar. You can find their contact information at the top of the WHOIS listing.
Domain contact data disclosure procudure
There is also a specific procedure that you can follow in the case of a legitimate request for contact data. Our legal team vets and approves these requests based on criteria laid out in the applicable laws.