Reading a WHOIS Record Without Getting Lost in the Jargon

Reading a WHOIS Record Without Getting Lost in the Jargon

Rishav Kumar · August 8, 2025 · 3 min read

WHOIS records have a reputation for being dense and confusing. Honestly, once you know what to ignore, they are pretty readable. Here is a quick field-by-field breakdown of what you are actually looking at.

The Basics: What a WHOIS Record Contains

A WHOIS record is a registration document maintained by the domain registrar and/or the domain registry. It records who registered the domain, when, through which registrar, and what nameservers it is using. Think of it like a property deed for a domain name.

Creation Date vs. Updated Date vs. Expiry Date

These three dates tell different stories:

  • Creation Date: When the domain was first registered. This is domain age. It does not change.
  • Updated Date: The last time any record was modified. This could be a nameserver change, a registrant update, or just a routine registrar sync. Do not over-read this field.
  • Expiration Date: When the domain registration lapses if not renewed. An upcoming expiry date is worth noting if you are evaluating a site's stability.

The Registrar vs. the Registry

People confuse these. The registrar is the company you buy the domain from — GoDaddy, Namecheap, Google Domains, etc. The registry is the operator of the top-level domain — Verisign runs .com, the Internet Assigned Numbers Authority oversees the structure. Most WHOIS records show both. For most purposes, the registrar is the one you care about.

Status Codes Decoded

WHOIS status codes look scary. They are not. A few common ones:

  • clientTransferProhibited: The registrar has locked the domain against transfer. Standard practice, nothing alarming.
  • clientUpdateProhibited: Changes to registrant info are locked. Some registrars do this by default.
  • pendingDelete: The domain has expired and is in the deletion queue. It will be available for registration soon.
  • redemptionPeriod: The prior registrant has a window (typically 30 days) to pay a fee and reclaim it before it goes to deletion.

When You See "REDACTED FOR PRIVACY"

Post-GDPR, this is extremely common in European registrations. The registrant's personal information has been removed from the public record. This is legal, increasingly standard, and says nothing about whether the site is legitimate. If you need to contact the owner, look for a proxy contact email the registrar provides.

DNSSEC: Should You Care?

DNSSEC status tells you if the domain has DNS Security Extensions configured. If you are just looking up a site for research purposes, this field is largely irrelevant. If you are a DNS administrator, you probably already know what to do with it.

Back to Blog
Share: