WHOIS API: Instant Domain Lookups in JSON & XML — Free Plan Available
Enterprise-grade WHOIS lookups with sub-200ms response times. Normalized JSON or XML across 1,500+ TLDs, RDAP-ready, with bulk query support. One API key for WHOIS, DNS, SSL, availability, and monitoring.
Try the WHOIS API
Enter any domain to retrieve its complete WHOIS record in real time.
Every Domain Detail in One Call
A single WHOIS request returns all registration data fields, normalized into a consistent schema regardless of the registrar or TLD.
Registration Dates
Creation, expiration, and last update dates for any domain. Track lifecycle events and set renewal reminders.
Registrant Details
Owner name, organization, registrar, and contact data when publicly available through WHOIS or RDAP.
Nameservers
Complete nameserver list. Identify hosting providers and track DNS infrastructure changes. Pair with our DNS API for full records.
EPP Status Codes
clientTransferProhibited, serverHold, redemptionPeriod… Understand domain restrictions and transfer eligibility at a glance.
Bulk Lookups
Query thousands of domains at production speed. Rate limits scale from 20 to 900 req/min depending on yourplan. See the Bulk WHOIS API guide for code examples.
Normalized Output
Consistent JSON or XML schema across every TLD. No per-registrar parsing logic — the same field names everywhere.
RDAP-Ready
Automatic RDAP fallback where available. Richer, more structured data from registries supporting next-gen lookups.
High Availability
Multi-region infrastructure with 99.9% uptime. Automatic failover ensures queries are always answered.
What Developers Build with WHOIS Data
Cybersecurity & Threat Intelligence
Investigate suspicious domains in automated pipelines. Enrich security alerts with registrant data, creation dates, and hosting details. Combine with DNS lookups and SSL checks for full threat analysis.
Brand Protection & Anti-Phishing
Detect typosquatting, look-alike domains, and phishing campaigns using bulk WHOIS queries. Set up automated alerts for ownership changes and check domain availability for protective registrations.
Domain Portfolio Management
Track expiration dates, registrar changes, and status updates across large portfolios. Automate renewal workflows and combine with monitoring for real-time change detection.
Market Research & Data Analytics
Analyze registration trends by TLD, registrar, or time period. Cross-reference with DNS records for hosting analysis and availability data for market intelligence.
One Endpoint, All Registration Data
A single GET request returns the complete WHOIS record for any domain. Same API key and authentication as all WhoisJSON endpoints.
Authentication: Authorization: TOKEN=YOUR_API_KEY
Response: JSON (default) or XML with format=xml
Bypass cache: Add _forceRefresh=1 for fresh data
{
"name": "google.com",
"registered": true,
"registrar": {
"name": "MarkMonitor Inc.",
"url": "http://www.markmonitor.com"
},
"created": "1997-09-15T04:00:00Z",
"expires": "2028-09-14T04:00:00Z",
"changed": "2019-09-09T15:39:04Z",
"status": [
"clientDeleteProhibited",
"clientTransferProhibited",
"clientUpdateProhibited",
"serverDeleteProhibited",
"serverTransferProhibited",
"serverUpdateProhibited"
],
"nameserver": [
"ns1.google.com",
"ns2.google.com",
"ns3.google.com",
"ns4.google.com"
]
}
Query the WHOIS API in Your Language
A minimal, complete example — one domain, one request, authenticated.
curl -s "https://whoisjson.com/api/v1/whois?domain=example.com" \
-H "Authorization: TOKEN=YOUR_API_KEY"const res = await fetch(
'https://whoisjson.com/api/v1/whois?domain=example.com',
{ headers: { Authorization: 'TOKEN=YOUR_API_KEY' } }
);
const data = await res.json();
console.log('Registered:', data.registered);
console.log('Expires: ', data.expires);import requests
r = requests.get(
'https://whoisjson.com/api/v1/whois?domain=example.com',
headers={'Authorization': 'TOKEN=YOUR_API_KEY'},
timeout=10,
)
data = r.json()
print('Registered:', data.get('registered'))
print('Expires: ', data.get('expires'))Need to process thousands of domains? See the Bulk WHOIS API guide →
What Is a WHOIS API?
A WHOIS API lets you query domain registration data programmatically. Instead of running manual whois commands, you send an HTTP request and get structured JSON or XML in return — registrar name, creation date, expiry date, status codes, nameservers, and registrant details when publicly available. WhoisJSON normalizes this data into a consistent schema across 1,500+ TLDs, handling both legacy WHOIS servers and modern RDAP endpoints transparently.
Part of the WhoisJSON Unified Platform
The WHOIS API is one of six endpoints available with every WhoisJSON account. The same API token also gives you access to DNS record lookups, SSL certificate validation, real-time domain availability checks, subdomain discovery, and automated domain monitoring with alerts. No extra sign-ups, no extra keys — one token, six tools. Whether you are building a cybersecurity scanner, a registrar platform, or a brand protection tool, all the data you need is accessible through a single, consistent API.
From Prototyping to Production
Every new account starts with 1,000 free requests per month shared across all endpoints — enough for prototyping and small-scale projects. Our paid plans scale to unlimited requests at up to 900 req/min with a 99.9% uptime SLA. Responses are cached for 3 hours by default; add _forceRefresh=1 to bypass the cache when freshness matters. Check our FAQ or browse the full API documentation for integration details.
How WhoisJSON Compares
| Provider | Normalized JSON | TLDs Covered | Free Tier | Price per 1k | Rate Limit |
|---|---|---|---|---|---|
| WhoisJSON | ✓ Yes | 1,500+ | 1,000 req/mo | From $0.02 | 900 req/min (Atlas) |
| WhoisXMLAPI | ✓ Yes | 1,000+ | 500 queries | ~$15/1k | ~3,000 req/min |
| DomainTools | ~ Partial | 500+ | No | $0.50+/1k | Undisclosed |
| Whoxy | ✓ Yes | 700+ | Pay-as-you-go | $0.40/1k | 1,000 req/min |
Data sourced from public pricing and documentation pages, April 2026. Verify current rates before choosing a provider.
Frequently Asked Questions about the WHOIS API
Authorization: TOKEN=YOUR_API_KEY header. Your key is available in your dashboard after signing up. The same token works across all six WhoisJSON endpoints. _forceRefresh=1 to your query string (e.g. /api/v1/whois?domain=example.com&_forceRefresh=1) to get live data directly from the WHOIS server.Why Choose WhoisJSON Instead of Other WHOIS APIs?
Choose WhoisJSON if you need a WHOIS API that is simple to integrate, affordable to scale, and ready for production.
| Feature | WhoisJSON |
|---|---|
| Free plan | 1,000 requests/month — no credit card |
| Output | JSON by default, XML available |
| Coverage | 1,500+ TLDs |
| Extra APIs included | DNS, SSL, domain availability, subdomains, monitoring |
| Authentication | One API key for all endpoints |
| Best for | Developers, cybersecurity tools, brand protection, domain monitoring |
Start free, test the API in minutes, and upgrade only when your usage grows.
Ready to Scale Your WHOIS Integration?
Whether you need 1,000 or 10 million lookups, WhoisJSON has a plan built for your workload.