- Joined
- Oct 12, 2023
- Messages
- 224
- Reaction score
- 41
A plain-English guide to the Internet's modern domain lookup system
For it.com clients, registrars, end users, and anyone who wants to understand how domain registration data is now accessed.
If you have ever looked up who owns a domain name, checked whether a domain was registered, or tried to report abuse tied to a website, you have probably used something called WHOIS. For decades, WHOIS was the Internet’s public address book for domain names. It was simple, mostly text-based, and it did the job for a long time.
But the Internet that WHOIS was built for is not the Internet we use today. The early Internet had fewer domain names, less automation, fewer privacy rules, and a much smaller set of operational risks. Today, domain registration data has to support privacy law, cybersecurity investigations, registrar systems, automated monitoring, international users, and large-scale registry operations.
That is why RDAP matters.
RDAP stands for Registration Data Access Protocol. The name sounds technical, but the basic idea is straightforward. RDAP is a modern, standardized system used to retrieve registration information about Internet resources, including domain names, IP addresses, and Autonomous System Numbers, also called ASNs. In plain English, RDAP is the modern way systems look up registration data on the Internet.
WHOIS worked reasonably well when a person wanted to read a plain text response. But it was never designed for today’s software systems, APIs, automation, privacy controls, or security expectations.
One of the biggest problems with WHOIS was inconsistency. Different registrars and registries could present similar data in different ways. One WHOIS response might say “Registrant Name.” Another might say “Domain Holder.” Another might abbreviate fields or present them in a different order. That made automated processing difficult and sometimes unreliable.
WHOIS also had limits around international character sets, secure connections, authentication, and different levels of access. In many cases, WHOIS worked like an all-or-nothing system. Information was either public or hidden. That approach became harder to defend as privacy regulations, cybersecurity needs, and operational expectations became more sophisticated.
RDAP was created to solve those problems.
One point causes a lot of confusion. If you open a direct RDAP URL in a browser, you may not see a friendly web page. You may see structured data that looks like code. That does not mean anything is broken.
That is exactly what the RDAP server is designed to return.
RDAP usually returns data in JSON, a structured format that software systems can read reliably. A person can read it too, but it is not designed to look like a normal consumer website. It is designed so registrars, registries, monitoring tools, cybersecurity platforms, compliance teams, and other systems can retrieve the same kinds of data in predictable ways.
Here is a simple example. A direct RDAP lookup for an it.com domain may look like this:
When you visit a URL like that, you are talking directly to the RDAP service. It is not meant to behave like a marketing page, a help page, or a registrar checkout screen. It is a data service.
Most ordinary users are not expected to use RDAP directly. Most people will use a lookup page, a registrar interface, or another tool that presents the data in a cleaner format. The tool may still say “WHOIS” because the public recognizes that term, but behind the scenes the data may be coming from RDAP.
For it.com clients and end users, the practical point is simple. You do not need to learn JSON or memorize RDAP URLs to check a domain. A human-friendly lookup page remains the best starting point for most people.
At it.com, users can search for domain registration information through the public lookup interface at:
That public interface is easier for people to use. RDAP is the modern registration data layer underneath. The lookup page is the presentation layer. This distinction matters because a registrar, a security platform, or an abuse investigation tool may interact with RDAP directly, while an end user may only see the clean public-facing result. Both are using the same general registration data ecosystem. They are simply using it in different ways.
Some RDAP responses will show that contact data is redacted. That is normal. Privacy laws and domain policy often limit what can be published to the general public. Redacted data does not mean the information does not exist. It means it is not available through a public lookup.
If you are a party with a lawful basis to request non-public registration data, use the disclosure request process rather than trying to pull the data from the public RDAP output. We call this a "Reasonable Request for Lawful Disclosure," or a "Disclosure Request." An Authenticated Requestor — such as law enforcement or a trusted or competent authority that can be verified — receives priority handling.
Before submitting a request, always check the public lookup first. If the information you need is already there, that is the fastest path. Our lookup page at get.it.com/whois will also show you the registrar of record for any it.com domain. That matters because it.com is the domain registry, and most registrars do not pass end user contact data up to us. The registrar of record holds that direct relationship with the registrant, which means they are usually the right first point of contact for a disclosure request.
To find the registrar and submit your request directly to them, start at our public lookup. Once you have identified the registrar of record, contact them with the following: the exact domain name, the specific data elements you are requesting, your identity and contact information, the legal basis for the request, and why the data is needed. You should also state that the request is made in good faith and that any data received will be processed lawfully. Requests must be verifiable — a title, credentials, agency name, counsel letter, power of attorney, court order, or similar authority may be needed, depending on the circumstances.
If you are unable to reach the registrar of record, or your request does not receive a response, you may submit a request directly to it.com by emailing [email protected]. Please include the same information listed above. If the request involves abuse, fraud, phishing, malware, child safety, threats to life or safety, or another urgent concern, we will make our best efforts to prioritize the request.
RDAP is no longer just a future-looking improvement. It is now the domain industry’s standard direction for generic top-level domain registration data. ICANN announced that, as of January 28, 2025, RDAP became the definitive source for delivering gTLD registration information in place of sunsetted WHOIS services.
It is worth noting that this transition applies specifically to generic top-level domains (gTLDs) under ICANN’s jurisdiction. Country-code top-level domains (ccTLDs) are not currently required to adopt RDAP, so WHOIS and RDAP will continue to coexist for some time depending on which type of domain is being looked up.
That does not mean the word “WHOIS” will disappear overnight. People have used that word for decades, and many public lookup tools will continue to use it because it is familiar. But the underlying protocol has changed. In many places, what people still call a WHOIS lookup is now powered by RDAP.
ICANN’s own lookup tool is a good example. It conducts RDAP queries and presents the result in a way ordinary users can understand.
Domain names are part of public Internet infrastructure. That means registration data has to serve several needs at the same time. It has to help users understand domain status. It has to help registrars and registries operate reliably. It has to support abuse reporting and cybersecurity work. It also has to respect privacy law and data protection expectations.
RDAP is not magic, and it does not solve every policy question. But it gives the industry a better technical foundation. It replaces inconsistent text output with structured responses. It allows secure connections. It supports different levels of access. It works better across languages and scripts. It is better suited to automation.
For it.com, supporting RDAP is part of operating in line with modern registry expectations. It helps our registrars, partners, clients, and users work with domain registration data in a cleaner and more reliable way.
Most people will never knowingly use RDAP. They will use a registrar website, an it.com lookup page, a security tool, a monitoring service, or another interface that uses RDAP behind the scenes.
That is fine. That is how infrastructure should work. The user should not need to understand the protocol to benefit from it.
WHOIS was built for a smaller Internet. RDAP was built for the Internet we have now. It is more structured, more secure, more consistent, and better suited to modern privacy and operational needs.
Continue reading on the it.com Domains blog...
For it.com clients, registrars, end users, and anyone who wants to understand how domain registration data is now accessed.
If you have ever looked up who owns a domain name, checked whether a domain was registered, or tried to report abuse tied to a website, you have probably used something called WHOIS. For decades, WHOIS was the Internet’s public address book for domain names. It was simple, mostly text-based, and it did the job for a long time.
But the Internet that WHOIS was built for is not the Internet we use today. The early Internet had fewer domain names, less automation, fewer privacy rules, and a much smaller set of operational risks. Today, domain registration data has to support privacy law, cybersecurity investigations, registrar systems, automated monitoring, international users, and large-scale registry operations.
That is why RDAP matters.
RDAP stands for Registration Data Access Protocol. The name sounds technical, but the basic idea is straightforward. RDAP is a modern, standardized system used to retrieve registration information about Internet resources, including domain names, IP addresses, and Autonomous System Numbers, also called ASNs. In plain English, RDAP is the modern way systems look up registration data on the Internet.
Why WHOIS needed to change
WHOIS worked reasonably well when a person wanted to read a plain text response. But it was never designed for today’s software systems, APIs, automation, privacy controls, or security expectations.
One of the biggest problems with WHOIS was inconsistency. Different registrars and registries could present similar data in different ways. One WHOIS response might say “Registrant Name.” Another might say “Domain Holder.” Another might abbreviate fields or present them in a different order. That made automated processing difficult and sometimes unreliable.
WHOIS also had limits around international character sets, secure connections, authentication, and different levels of access. In many cases, WHOIS worked like an all-or-nothing system. Information was either public or hidden. That approach became harder to defend as privacy regulations, cybersecurity needs, and operational expectations became more sophisticated.
RDAP was created to solve those problems.
| WHOIS | RDAP |
| Plain text responses | Structured JSON responses |
| Built mainly for human reading | Built for software, APIs, and automation |
| Inconsistent formats across providers | Standardized query and response formats |
| Limited security and access controls | HTTPS, authentication, and differentiated access |
| Harder to support privacy requirements | Better suited for modern privacy and compliance |
Why RDAP looks strange in a browser
One point causes a lot of confusion. If you open a direct RDAP URL in a browser, you may not see a friendly web page. You may see structured data that looks like code. That does not mean anything is broken.
That is exactly what the RDAP server is designed to return.
RDAP usually returns data in JSON, a structured format that software systems can read reliably. A person can read it too, but it is not designed to look like a normal consumer website. It is designed so registrars, registries, monitoring tools, cybersecurity platforms, compliance teams, and other systems can retrieve the same kinds of data in predictable ways.
Here is a simple example. A direct RDAP lookup for an it.com domain may look like this:
When you visit a URL like that, you are talking directly to the RDAP service. It is not meant to behave like a marketing page, a help page, or a registrar checkout screen. It is a data service.
Most ordinary users are not expected to use RDAP directly. Most people will use a lookup page, a registrar interface, or another tool that presents the data in a cleaner format. The tool may still say “WHOIS” because the public recognizes that term, but behind the scenes the data may be coming from RDAP.
How this works for it.com users
For it.com clients and end users, the practical point is simple. You do not need to learn JSON or memorize RDAP URLs to check a domain. A human-friendly lookup page remains the best starting point for most people.
At it.com, users can search for domain registration information through the public lookup interface at:
That public interface is easier for people to use. RDAP is the modern registration data layer underneath. The lookup page is the presentation layer. This distinction matters because a registrar, a security platform, or an abuse investigation tool may interact with RDAP directly, while an end user may only see the clean public-facing result. Both are using the same general registration data ecosystem. They are simply using it in different ways.
What to do if you are an Authorized Verifiable Requester of information
Some RDAP responses will show that contact data is redacted. That is normal. Privacy laws and domain policy often limit what can be published to the general public. Redacted data does not mean the information does not exist. It means it is not available through a public lookup.
If you are a party with a lawful basis to request non-public registration data, use the disclosure request process rather than trying to pull the data from the public RDAP output. We call this a "Reasonable Request for Lawful Disclosure," or a "Disclosure Request." An Authenticated Requestor — such as law enforcement or a trusted or competent authority that can be verified — receives priority handling.
Before submitting a request, always check the public lookup first. If the information you need is already there, that is the fastest path. Our lookup page at get.it.com/whois will also show you the registrar of record for any it.com domain. That matters because it.com is the domain registry, and most registrars do not pass end user contact data up to us. The registrar of record holds that direct relationship with the registrant, which means they are usually the right first point of contact for a disclosure request.
To find the registrar and submit your request directly to them, start at our public lookup. Once you have identified the registrar of record, contact them with the following: the exact domain name, the specific data elements you are requesting, your identity and contact information, the legal basis for the request, and why the data is needed. You should also state that the request is made in good faith and that any data received will be processed lawfully. Requests must be verifiable — a title, credentials, agency name, counsel letter, power of attorney, court order, or similar authority may be needed, depending on the circumstances.
If you are unable to reach the registrar of record, or your request does not receive a response, you may submit a request directly to it.com by emailing [email protected]. Please include the same information listed above. If the request involves abuse, fraud, phishing, malware, child safety, threats to life or safety, or another urgent concern, we will make our best efforts to prioritize the request.
What changed in the industry
RDAP is no longer just a future-looking improvement. It is now the domain industry’s standard direction for generic top-level domain registration data. ICANN announced that, as of January 28, 2025, RDAP became the definitive source for delivering gTLD registration information in place of sunsetted WHOIS services.
It is worth noting that this transition applies specifically to generic top-level domains (gTLDs) under ICANN’s jurisdiction. Country-code top-level domains (ccTLDs) are not currently required to adopt RDAP, so WHOIS and RDAP will continue to coexist for some time depending on which type of domain is being looked up.
That does not mean the word “WHOIS” will disappear overnight. People have used that word for decades, and many public lookup tools will continue to use it because it is familiar. But the underlying protocol has changed. In many places, what people still call a WHOIS lookup is now powered by RDAP.
ICANN’s own lookup tool is a good example. It conducts RDAP queries and presents the result in a way ordinary users can understand.
What RDAP means for trust
Domain names are part of public Internet infrastructure. That means registration data has to serve several needs at the same time. It has to help users understand domain status. It has to help registrars and registries operate reliably. It has to support abuse reporting and cybersecurity work. It also has to respect privacy law and data protection expectations.
RDAP is not magic, and it does not solve every policy question. But it gives the industry a better technical foundation. It replaces inconsistent text output with structured responses. It allows secure connections. It supports different levels of access. It works better across languages and scripts. It is better suited to automation.
For it.com, supporting RDAP is part of operating in line with modern registry expectations. It helps our registrars, partners, clients, and users work with domain registration data in a cleaner and more reliable way.
Most people will never knowingly use RDAP. They will use a registrar website, an it.com lookup page, a security tool, a monitoring service, or another interface that uses RDAP behind the scenes.
That is fine. That is how infrastructure should work. The user should not need to understand the protocol to benefit from it.
WHOIS was built for a smaller Internet. RDAP was built for the Internet we have now. It is more structured, more secure, more consistent, and better suited to modern privacy and operational needs.
Useful links
| it.com public domain lookup | https://get.it.com/whois |
| Example: direct it.com RDAP lookup | https://rdap.it.com/domain/get.it.com |
| ICANN RDAP information page | https://www.icann.org/rdap/ |
Continue reading on the it.com Domains blog...
