Domain Age Checker — Bulk RDAP + WHOIS Lookup

Check domain age, registration / expiry dates, registrar, nameservers, DNSSEC, EPP status codes, and registrar abuse contact for any list of domains. Uses IANA-bootstrapped RDAP (the modern WHOIS replacement) with a port-43 WHOIS fallback for ccTLDs that lack RDAP servers (.de, .ru, .jp, .kr, .cn, .it, .br, .es, .pl, .nl).

Pay-per-event pricing: $0.035 per run + $0.001 per unique domain checked.

What does Domain Age Checker do?

Domain Age Checker retrieves domain registration data using the RDAP (Registration Data Access Protocol) — the modern, structured replacement for WHOIS. For ccTLDs that don't yet operate RDAP servers, the actor falls back to a port-43 WHOIS lookup so you still get age data for .de, .ru, .jp, .kr, and other major ccTLDs.

It returns:

• Registration date, expiration date, last-updated date
• Domain age in days and years (decimal)
• Registrar name + IANA Registrar ID + abuse contact (email + phone)
• Authoritative nameservers
• DNSSEC / secure-DNS status
• Raw status strings + parsed EPP status codes (label + plain-English explanation for each)
• Registrant data (where the registry exposes it — most modern registries redact this by default)
• The lookupMethod used (rdap or whois) so you can filter ccTLD results separately

The structured JSON output makes it easy to filter, sort, and analyze domain age data at scale.

Who is it for?

• 🔍 SEO specialists — evaluating domain age as a ranking and authority signal when auditing backlink profiles or vetting link prospects
• 🛡️ Fraud investigators — flagging newly registered domains associated with phishing, spam, or impersonation campaigns; pivoting on registrar abuse contact for takedown requests
• 🏢 Domain investors — assessing domain value based on registration history, expiration timing, and EPP locks before making purchase decisions
• 📊 Brand protection teams — detecting suspicious lookalike domains registered recently and monitoring abuse contacts for cybersquatting reports
• 📋 Compliance analysts — verifying domain registration longevity as part of vendor and partner due diligence
• 🔬 Competitive researchers — determining when competitors registered their domains and tracking new market entrants
• 🔐 Security analysts — using DNSSEC status and EPP locks (clientHold, serverDeleteProhibited) as part of domain trust scoring

Why use Domain Age Checker?

• Modern RDAP protocol — structured JSON instead of legacy WHOIS text parsing, with IANA-bootstrapped server discovery so you always hit the canonical registry endpoint
• ccTLD coverage via WHOIS fallback — most RDAP-only competitors error out on .de, .ru, .jp, etc. We don't. You get registrar, nameservers, and dates for those TLDs too
• Richer output than the standard RDAP wrapper — adds DNSSEC, EPP-code expansion with plain-English explanations, registrar IANA ID, registrar abuse contact, last-updated date, and the lookup method used
• Forgiving input — accepts URLs (https://www.google.com/path), www.-prefixed domains, mixed case, and IDN unicode (bücher.de). Normalizes + dedupes before billing
• Parallel lookups — configurable concurrency (default 10, cap 50) means 1000 domains finish in well under a minute
• Predictable billing — domain_checked charges once per unique normalized domain, not once per raw row. Paste a messy spreadsheet without worrying about duplicates inflating cost
• Sensible retries — 2-attempt exponential backoff on transient failures (5xx, network, timeouts); permanent errors surface immediately
• Pay-per-event pricing — $0.001 per domain. Checking 1000 domains costs just over $1
• Structured JSON output — parsed fields ready for filtering, sorting, and integration with downstream tools

Input parameters

Parameter	Type	Required	Default	Description
domains	string[]	Yes	—	List of domains to check. Accepts bare domains (google.com), URLs (https://www.google.com/path), www.-prefixed, mixed case, and IDN/punycode. Inputs are normalized and deduplicated before lookup.
maxConcurrency	integer	No	10	How many RDAP/WHOIS lookups to run in parallel. 10 is the polite default; 50 is the cap.
timeoutMs	integer	No	15000	Wall-clock timeout per attempt (not per domain). With 2 retries, worst-case per-domain wall-clock is roughly 3 × timeoutMs + 2s backoff, doubled when WHOIS fallback fires. Default 15000 ms ⇒ worst case ~94s per domain; tune down if you want a tighter ceiling.
includeRawRdap	boolean	No	false	When true, the parsed RDAP JSON is included as a rawRdap field on each record.
includeRawWhois	boolean	No	false	When true, the raw WHOIS port-43 response text is included as a rawWhois field on each record looked up via WHOIS fallback. Useful for verifying parser correctness.
disableWhoisFallback	boolean	No	false	When true, ccTLDs without an RDAP server return an error instead of falling back to WHOIS port 43.

Example input

{
    "domains": [
        "google.com",
        "github.com",
        "example.de",
        "https://www.cloudflare.com/"
    ]
}

Output schema

Each unique normalized input domain produces one dataset record with the following fields:

Field	Description
domain	The normalized (lowercase, punycode) domain that was looked up
ageDays	Domain age in whole days since registration (null when the registry doesn't return a creation date, e.g., .de)
ageYears	Domain age in years (decimal, 1dp)
registrationDate	Original registration date (ISO 8601)
expirationDate	Expiration date (ISO 8601)
lastUpdatedDate	Most recent registry update (ISO 8601)
registrar	Registrar name
registrarIanaId	Registrar IANA Registrar ID (e.g., "292" for MarkMonitor)
registrarAbuseContact	{ email, phone } for the registrar's abuse-handling contact
nameservers	Authoritative nameservers (lowercased)
status	Raw status strings from the registry
eppStatusCodes	Parsed EPP codes with { code, label, explanation } for each recognized status string
dnssec / secureDns	true when DNSSEC delegation is signed, false when unsigned, null when not reported
registrant	{ name, organization, country, email } when not redacted; usually null due to privacy proxies
lookupMethod	"rdap", "whois", or "none"
error	Structured { kind, message?, detail? } when the lookup failed; null on success
checkedAt	ISO timestamp of the check
rawRdap	(Only when includeRawRdap: true) the parsed RDAP JSON response
rawWhois	(Only when WHOIS fallback fired and includeRawWhois: true) the raw WHOIS response text

Example output

{
    "domain": "github.com",
    "ageDays": 6793,
    "ageYears": 18.6,
    "registrationDate": "2007-10-09T18:20:50Z",
    "expirationDate": "2026-10-09T18:20:50Z",
    "lastUpdatedDate": "2024-09-07T09:16:32Z",
    "registrar": "MarkMonitor Inc.",
    "registrarIanaId": "292",
    "registrarAbuseContact": {
        "email": "abusecomplaints@markmonitor.com",
        "phone": "tel:+1.2086851750"
    },
    "nameservers": [
        "dns1.p08.nsone.net",
        "ns-1283.awsdns-32.org"
    ],
    "status": [
        "client delete prohibited",
        "client transfer prohibited",
        "client update prohibited"
    ],
    "eppStatusCodes": [
        {
            "code": "clientDeleteProhibited",
            "label": "Client Delete Prohibited",
            "explanation": "Registrar-set: the registrar has locked the domain against deletion requests."
        }
    ],
    "dnssec": false,
    "secureDns": false,
    "registrant": null,
    "lookupMethod": "rdap",
    "error": null,
    "checkedAt": "2026-05-15T19:01:01.953Z"
}

How to check domain age

1. Go to Domain Age Checker on Apify Store
2. Enter one or more domain names (bare, URL, www-prefixed, IDN — all fine)
3. Click Start and wait for the run to finish
4. Review registration date, expiration date, age, registrar, abuse contact, DNSSEC, and EPP status codes for each domain
5. Download results as JSON, CSV, or Excel from the Dataset tab

How much does it cost to check domain age?

Domain Age Checker uses Apify's pay-per-event pricing:

Event	Price	Description
Start	$0.035	One-time per run
Domain checked	$0.001	Charged once per unique normalized domain checked

Inputs are normalized (HTTPS://www.X.com/ → x.com) and deduplicated before billing, so accidental duplicates in your input list don't inflate cost.

Example cost

• 10 domains: $0.035 + 10 × $0.001 = $0.045
• 100 domains: $0.035 + 100 × $0.001 = $0.135
• 1,000 domains: $0.035 + 1,000 × $0.001 = $1.035

Using the Apify API

The Apify API lets you control Domain Age Checker programmatically. Schedule runs, read datasets, manage webhooks, and more.

Node.js

import { ApifyClient } from 'apify-client';

const client = new ApifyClient({ token: '<YOUR_API_TOKEN>' });
const run = await client.actor('YOUR_USERNAME/domain-age-checker').call({
    domains: ['google.com', 'github.com'],
});
const { items } = await client.dataset(run.defaultDatasetId).listItems();
console.log(items);

Python

from apify_client import ApifyClient

client = ApifyClient('<YOUR_API_TOKEN>')
run = client.actor('YOUR_USERNAME/domain-age-checker').call(run_input={
    'domains': ['google.com', 'github.com'],
})
items = client.dataset(run['defaultDatasetId']).list_items().items
print(items)

cURL

curl "https://api.apify.com/v2/acts/YOUR_USERNAME~domain-age-checker/run-sync-get-dataset-items?token=YOUR_TOKEN" \
  -X POST \
  -H "Content-Type: application/json" \
  -d '{"domains": ["google.com", "github.com"]}'

Use with AI agents via MCP

Domain Age Checker is available as a tool for AI assistants via the Model Context Protocol (MCP).

Setup for Claude Code

claude mcp add --transport http apify "https://mcp.apify.com?tools=YOUR_USERNAME/domain-age-checker"

Setup for Claude Desktop, Cursor, or VS Code

{
    "mcpServers": {
        "apify": {
            "url": "https://mcp.apify.com?tools=YOUR_USERNAME/domain-age-checker"
        }
    }
}

Example prompts

• "How old is the domain example.com?"
• "Check domain ages for these competitor websites and tell me which is newest."
• "Are any of these domains DNSSEC-signed? Which ones use Cloudflare nameservers?"
• "Find the abuse contact for the registrar of suspicious-phishing.com."

Integrations

Connect Domain Age Checker with other apps and services using Apify integrations:

• Google Sheets — automatically push domain age results to a spreadsheet for collaborative analysis and sorting by age
• Zapier / Make (Integromat) — trigger a domain age check whenever a new lead enters your CRM, then enrich the lead record with domain age and registrar data
• Slack — schedule weekly runs on a watchlist of domains and receive alerts when any domain is within 30 days of expiration
• n8n — build self-hosted workflows that combine domain age data with WHOIS, DNS, and SSL checks
• Webhooks — receive HTTP POST notifications when a run completes, enabling custom integrations with fraud detection systems, SEO dashboards, or domain monitoring platforms

Tips and best practices

• Domain age for lead qualification — domain age is a useful signal for determining whether a business is established or newly created.
• Filter on lookupMethod — split results into RDAP and WHOIS buckets when you need consistent age data, since the .de WHOIS server intentionally omits creation date.
• Use eppStatusCodes for fraud triage — a phishing domain almost never has registrar locks; an established site usually does.
• Schedule periodic checks — set up weekly runs to monitor expiration dates across your domain portfolio.
• Filter by age in downstream tools — export to Google Sheets or a database and filter by ageDays to quickly identify the oldest or newest domains in your list.
• Increase maxConcurrency carefully — defaults are polite; cap at 50. Some ccTLD registries rate-limit aggressively above 20 concurrent connections.
• Enable includeRawRdap when you need to verify a parsed field or extract a registry-specific extension we don't normalize.

Legality

This tool uses public RDAP (RFC 9082 / RFC 9083) and WHOIS (port 43) protocols to retrieve registration data that registries publish for the public internet. Use of these protocols is standard practice in SEO, domain research, fraud detection, and security work.

When processing personal data returned by the registry (registrant fields, where exposed), ensure compliance with applicable privacy regulations (GDPR, CCPA). Most modern registries redact registrant data by default; when they don't, you are responsible for the lawful basis of processing.

FAQ

What is the difference between RDAP and WHOIS? RDAP is the modern replacement for WHOIS. It returns structured JSON instead of unformatted text. Domain Age Checker uses RDAP for accuracy and consistency, with a port-43 WHOIS fallback for ccTLDs where the registry hasn't deployed an RDAP server yet.

What happens if a domain is not found? The result will include error.kind: "not_found" and lookupMethod reflecting which protocol was used. Other domains in the batch are not affected.

Can I check domain age for country-code TLDs like .de or .uk? Yes. For ccTLDs that lack an RDAP server, the actor falls back to port-43 WHOIS. Supported in v0.1: .de, .ru, .cn, .jp, .kr, .it, .br, .es, .pl, .nl. Other ccTLDs with RDAP support (.uk, .fr, .au, …) work via RDAP automatically.

How accurate is the age calculation? The age is calculated from the registration date returned by the registry to the time of the check. It is as accurate as the data the registry provides. ageDays is an integer count; ageYears is rounded to one decimal place.

Why does the .de result have null registrationDate? Denic (the .de registry) intentionally does not publish creation/expiration dates on the public port-43 WHOIS service — this is registry policy, not an actor bug. The actor surfaces this with error.kind: "no_creation_date_for_tld" and detail: "denic_no_creation_date". Nameservers, registrar tech contact, and status are still returned.

Does the actor show when a domain will expire? Yes. The expirationDate field contains the expiry date as an ISO 8601 timestamp. You can use this to track upcoming renewals or identify domains that may become available for registration.

What is the registrarAbuseContact field for? Every ICANN-accredited registrar must publish an abuse contact (email + phone). This is the right place to report phishing, spam, or other abuse originating from a domain. Domain Age Checker surfaces it so security teams can pivot directly from a domain to its registrar's takedown team.

Why are some registrant fields null? Since 2018 (GDPR) most registries redact registrant data by default. When the registry returns redacted or empty values, the actor returns registrant: null rather than echoing back [REDACTED] placeholders.

How does billing work for duplicates? Inputs are normalized and deduplicated before billing. https://www.google.com/, GOOGLE.COM, and google.com count as one domain. domain_checked is charged once per unique normalized domain that the actor attempted to look up. Invalid inputs (empty strings, malformed domains) are not charged.

How to check domain age in bulk

Checking domain age one at a time through manual WHOIS lookups is impractical when you have dozens or hundreds of domains to evaluate. Domain Age Checker processes your entire list in a single run, returning structured results you can sort, filter, and export.

To bulk-check domain ages:

1. Collect your domains into a list — from a spreadsheet, a backlink audit export, a lead database, or a competitor research file
2. Paste them into the domains input field (one per line, as a JSON array, or pasted URLs — all formats are normalized)
3. Start the run and get a structured report with registration date, expiration date, age, registrar, abuse contact, DNSSEC, and EPP codes for every domain
4. Download results as CSV or Excel and sort by ageDays to rank domains from oldest to newest

For recurring checks — such as monitoring a portfolio of domains for upcoming expirations — use Apify Schedules to automate weekly or monthly runs. Combine with the Google Sheets integration to maintain a live dashboard.

At $0.001 per domain, checking 1,000 domains costs just over $1.

How to verify domain age for fraud detection

Domain age is one of the strongest signals for identifying potentially fraudulent websites. Phishing sites, scam storefronts, and impersonation domains are almost always newly registered — typically days or weeks old.

Workflow:

1. Collect suspicious domains — from reported phishing emails, ad campaigns, affiliate links, or customer complaints
2. Run Domain Age Checker on the list
3. Flag domains under 90 days old as high-risk
4. Cross-reference with registrarAbuseContact for takedown requests, and with eppStatusCodes (legitimate businesses usually have clientTransferProhibited; phishing domains rarely do)
5. Automate the pipeline — use Apify Schedules and webhooks to check new domains daily and push flagged results to your security team's Slack channel

Domain age alone does not prove fraud, but it is a reliable triage filter combined with abuse-contact lookup and EPP-lock analysis.