How To Find Out Who Owns a Domain in 2026

In 1994, a San Franciscan programmer registered Milk.com on a whim. He wasn’t in dairy, didn’t have a startup idea. He just liked chocolate milk and thought the nickname “Milk Boy” was funny. 

Thirty years later, that whim is now prime search engine optimization (SEO) real estate, valued at anywhere from hundreds of thousands of dollars to more than a million. 

That’s the reality of domains: Even a random word can be worth a fortune. So when the name you want for your business is already taken, the first question is simple: Who owns it? 

A Whois lookup can help you find the answer. And while you might run into privacy shields and Registration Data Access Protocol (RDAP) records that hide details, there are still ways to trace domain ownership. 

This step-by-step guide will help you find out who owns a domain so you can get in touch. 

What is a Whois lookup?

A Whois lookup lets you see who registered a domain and how long they’ve held it. 

Every domain purchased through an accredited domain registrar is recorded in the global Whois database. When you enter a domain (or even an IP address) into a Whois search tool, the system queries the relevant registry and returns the most recent record on file. 

A Whois record can include:

• Ownership details. The name, organization, or proxy service listed as the registrant.
• Registration and expiration dates. When the domain was first created and when it’s set to expire.
• Registrar information. The company through which the domain was purchased.
• Contact information. Email or anonymized proxy address for reaching the owner.
• Name servers. The DNS information showing where the domain points and who hosts it.

You might run a Whois lookup if:

• You want to buy a domain that’s already registered and need the owner’s contact information. 
• You’re vetting a supplier or wholesale partner. 
• You’re investigating a store that’s infringing on your copyright. 
• You want to confirm your own domain’s records are correct.

Standard Whois lookups show common extensions like .com, .net, and .org. If you're researching a domain outside the major extensions, check the Internet Assigned Numbers Authority (IANA) Root Zone Database to identify the registry and its lookup tool.

Whois vs. RDAP: What's changing?

Registration Data Access Protocol (RDAP) is the modern replacement for Whois. It was launched by ICANN in January 2025 as a way for people to find out domain registration details for generic top-level domains (gTLD) like .com.

RDAP records show:

• Registration and expiry dates
• Domain status 
• Registrar information

RDAP complies with laws like GDPR with tiered access. Users with certain permissions—for example, law enforcement—can access domain registration details while keeping them private to the general public.

Most Whois lookup tools, including ICANN Lookup, now use RDAP behind the scenes, though the user experience and core data returned remain largely the same.

Historical Whois lookup

A basic Whois lookup tells you who owns a domain today. A historical Whois search goes deeper, showing ownership records, registrar changes, and technical details from years past.

Use a historical Whois lookup to:

• Track down security threats. More than 1.5 million domain names were used in phishing attacks in 2024 to 2025—the highest ever recorded, according to Interisle’s Phishing Landscape 2025 report. Of those, 77% were maliciously registered by cybercriminals. Historical Whois lets you spot patterns and flag repeat offenders.
• Build law enforcement cases. When registrants hide behind privacy shields or RDAP anonymization, historic records can fill in missing links, helping trace ownership changes, suspicious activity, or domain misuse over time.
• Run due diligence before you buy. There were about 392.5 million registered domains globally as of Q1 2026. If the domain name you want has already been used, use historical data to check for spam, malware, or prior bad behavior before you buy it.
• Validate domain SEO potential. A domain with age can offer search authority if its history is clean. Historical Whois reveals whether a domain stayed active, changed hands often, or was dropped and reused with questionable intent.

Several providers maintain archives of Whois records, some going back more than 15 years. Here are the most useful options in 2026:

• DomainTools. A widely used archive with many years of ownership history.
• WhoisXML API. Offers bulk historical Whois datasets and tracks newly registered and expired domains daily, letting you monitor changes in registrar and registration dates.
• ViewDNS.info. Provides quick snapshots and small-scale checks for SEO consultants and small businesses

How to find out who owns a domain

1. Find a Whois lookup tool
2. Search for the domain name URL
3. Detect if the contact information is private
4. Find registrant contact information
5. Use reverse Whois for related domains

Here are five steps to find out who owns a domain:

1. Find a Whois lookup tool

Whois lookup tools query the global domain registry and return details such as the registrar, registration and expiration dates, name servers, and ownership contact information (if not hidden).

Start with the Whois domain lookup tool. Enter the domain name to see who owns it. 

If you find your name is available, search for it using Shopify’s domain search tool. Enter the domain you want and view the most popular domain name options and available extensions. 

If you find an available domain name you love, buy it on the same page.

Other domain lookup tools include the following:

• ICANN Lookup is the official registry lookup run by the Internet Corporation for Assigned Names and Numbers. It provides authoritative results across all accredited registrars.
• GoDaddyWhois is a simple interface you can use to explore purchasing through GoDaddy’s brokerage service.
• Hostinger Whois is a straightforward free tool that small business owners often rely on for quick checks.
• Network Solutions is one of the original registrar tools and still offers extended Whois details today.
• DNSimple Whois was built with developers in mind. It features a clean interface and integrations with DNS management services.

2. Search for the domain name URL

To find domain information, enter the domain URL into the Whois search bar and hit the Search button.

Whois will show basic information: the domain’s history, ID, domain registrar server and URL, and creation date. 

This example shows shopify.com is registered with Markmonitor:

3. Detect if the contact information is private

When you run a Whois lookup, you won’t always see the registrant’s name and email. 

If the domain owner has used a privacy shield or proxy service to replace their personal details with a generic contact point, you might only get:

• A redacted email address (like a masked proxy email that forwards to the real owner)
• The name of a privacy service provider rather than the registrant
• A catch-all contact form provided by the registrar

Reach out via the anonymized email or registrar contact listed in the record. Use the proxy contacts provided, run a historical Whois search, or check DNS or SSL records to get closer to the owner.

4. Find registrant contact information

If the domain owner’s identity is hidden, do a web search to find information about the company that owns the domain. You might see a Contact Us or About Us page naming the company’s leadership, founders, or owners.

Look for the secretary of state or department of revenue websites for the corresponding location. For example, suppose a Florida-registered business owns a domain. In that case, you can use local databases to look up business ownership by company LLC name, employer identification number (EIN), address, phone number, or even registered agent name. 

Just remember that the person who owns the business may not be the same person who owns the domain. 

5. Use reverse Whois for related domains

A standard Whois lookup shows you details about a single domain. A reverse Whois search flips that around. Instead of starting with a domain, you start with a piece of registrant information, like an email address, organization name, or phone number; and see all the other domains registered with it.

Use a reverse Whois lookup for:

• Security investigations. Spot malicious networks by uncovering dozens of phishing or spam domains tied to the same registrant.
• Brand identity protection. Identify cybersquatters who register multiple variations of your brand name (for example, “yourbrand-shop.com,” “yourbrand-sale.net,” “yourbrand.io”).
• Cybercrime research. Connect the dots between suspicious sites that look unrelated on the surface but share the same underlying registration data.
• Due diligence. Before partnering with or buying from a company, check if their domain portfolio raises any red flags.

Because many domains now use privacy shields, reverse Whois often works best when you have at least one solid data point (like an email address) to pivot from. 

Paid providers such as DomainTools and WhoisXML API offer comprehensive reverse Whois capabilities, making it possible to trace registrants across dozens, or even hundreds, of domains.

What to do when you find out who owns a domain

Once you know who owns the domain you want to acquire, reach them and negotiate a deal to transfer domain ownership:

Contact the domain owner

If the Whois record displays the domain owner, enter the person’s name on Google to see what comes up. You can also search “[name] email address” or “[name] contact information.” If that doesn’t yield results, check out databases like Hunter.io or LinkedIn.

If the original owner has used a privacy service, reach out to the owner through the proxy contact address listed in the Whois record. Registrars route these messages to the owner. 

Keep your first message brief and neutral. Identify yourself, state that you're interested in the domain, and ask whether they’d consider selling.

Negotiate a deal to acquire the domain

Once you establish contact with the domain owner, be prepared to negotiate. 

Consider domain authority or how much search equity the existing site has when valuing a domain. An updated site with good SEO, or a domain name with a popular word or phrase, will cost more. For example, in 2025, AI.com sold for a record $70 million.

Andrew Lissimore experienced this firsthand. He found the original owner for headphones.com then reached out with an offer to buy it. 

“I said, ‘Hey, I'm interested in your domain. Are you looking to sell it by any chance?’ totally thinking there's no way this would ever work,” Andrew says in a Shopify Masters interview. “This is a really good lesson: trying stuff where the risk is very low, but the potential upside's really high.”

Although Andrew couldn’t afford over $1 million—the price the original owner came back with—they spent four months negotiating. “It was very expensive, but I was able to get it tied to the business basically,” Andrew says. “We were just paying for it monthly and then as the business grew, our payments would grow.”

Perform due diligence on the domain

Buying a domain that infringes on someone else’s mark could put you at risk of legal disputes or forced transfers. WIPO handled over 6,200 domain name disputes in 2025—the highest caseload in its history. 

Search databases like the World Intellectual Property Organization (WIPO) to confirm the domain isn’t tied to an existing trademark.

Other things to check before buying a domain include:

• Phishing or abuse history. Check sites like PhishTank to see if the domain has ever been reported for malicious activity. 
• Blocklist status. Run the domain through blocklist monitoring tools to make sure it hasn’t been blacklisted by security vendors or email providers. 
• Advanced ownership data. If Whois and RDAP results are redacted, you can use ICANN’s Registration Data Request Service (RDRS) to submit a request for registrant data.

Whois privacy and GDPR

The way Whois data is collected, stored, and shared has shifted a lot since GDPR (the EU’s General Data Protection Regulation) was launched in 2018. These changes mostly protect personal data, but they also make domain ownership information less visible.

In August 2025, ICANN’s new Registration Data Policy (RDP) officially replaced interim rules, bringing stricter standards on what data registrars must reveal and how.

Here’s what’s changed:

• Under the updated policy, Whois/Registration Data Directory Services (RDDS) by default redact or limit public access to many contact fields unless a registrant explicitly opts in or unless the registry requires them.
• Registrars and registries had to comply by August 21, 2025, meaning public Whois searches now routinely hide or omit fields like billing, administration, and technical contacts.
• The “Organization/Company” field in domain contact details now carries legal weight: if filled in, the organization is recognized as the domain’s registered name holder (i.e. “owner”). If the organization field is empty, the individual named in the registrant contact is considered the owner. 

These are your action steps under the new policy:

• Review your current domain details. Make sure your Organization field (if used) and your registrant name are correct. This will define legal ownership under the new rules.
• Check what is shown to the public. Do a Whois/RDDS search to see which fields are redacted. That helps you know what is visible and what is private.
• Save proof. If you need contact details (admin, billing, etc.) for future use, keep records now before everything gets masked.
• Use other tools. If Whois isn’t giving what you need, rely on historical Whois, RDAP, reverse Whois, or ICANN’s RDRS. These can often bridge gaps in public information.

For domain name owners, this means protecting your own details while also knowing what to expect when checking if a competitor, reseller, or impersonator owns or has parked a domain.

Protect your domain registration privacy

If you don’t want your details publicly available on the Whois database:

• Use a domain privacy service. It will swap your details for theirs on the Whois register. This way, whenever someone looks up your domain, the privacy service’s details come up instead of yours.
• Register your domain with privacy protection. Domain registrars often offer to replace your details with theirs during domain registration. Some registrars add this feature for an additional fee. With a few Whois exceptions, Shopify includes Whois privacy protection as a standard feature.
• Limit personal information on Whois records. Restrict how people access your personal information by using a PO box, virtual mailbox service, or business address. You can also create a dedicated email for domain registration, use a free business phone number provider, or use a business entity for registration.

You can’t buy a domain outright. Rather, you lease it from a registrar, meaning you’ll need to renew your contract every few years to maintain ownership. 

Registrars often use Whois information to contact domain owners regarding issues with their domain, such as transfer requests or renewal notices. Keep your details up to date to avoid missing notifications.