What happens when a domain expires?
When a domain expires, things can go downhill fast. Websites go dark, emails stop working, and, eventually, someone else could even grab the domain you built your brand on. Whether you manage your own domains or oversee them for clients, understanding how expiration works and what to do before and after it happens can help you avoid a potentially costly mistake.
Understanding domain expiration
Every domain name follows a lifecycle that determines how long it remains registered, when it renews, and when that registration ends. Typically, domains are purchased in one- to ten-year increments. During the active registration period, the domain is fully functional: the website resolves, email gets to its destination, and DNS settings remain under the registrant's control.
While domains don't vanish instantly when they reach the expiration date, things start to change quickly. Most registrars suspend connected services right away, a move that can help alert the domain's owner that it's expired. Others allow a short grace period before taking them offline. Either way, downtime and loss of functionality are imminent if the domain isn't renewed promptly.
Domain expiration vs. suspension
It's worth noting that domain expiration differs from domain suspension. Expiration happens naturally when a registration term ends and the domain isn't renewed; suspension can occur during the domain's lifetime for reasons like policy violations, billing issues, or compliance actions.
In both cases, the domain's Whois record will likely show a clientHold status, meaning the domain has been taken offline and will not resolve. If your record shows this status and you're unsure whether it's due to expiration or suspension, log in to your domain account or contact us directly for clarification.
Understanding the difference between expiration and suspension helps to interpret service interruptions correctly and respond appropriately.
What happens when a domain expires?
Once the registration term ends without renewal, the domain expires. At this stage, the domain goes through a series of phases and corresponding status changes. For gTLDs, these are defined by ICANN, while ccTLDs follow rules set by their individual registries, which can vary. Recognizing these steps is critical as they determine whether — and how — the original owner can recover the domain.
Here's the typical flow for most gTLDs:
Expiration day
Occurs the day after the registration period ends. The domain is no longer considered active, and most registrars disable associated services at this point. Websites stop resolving, email stops routing, and the registrar typically replaces the domain's DNS records with its own — often pointing to a renewal reminder or parked page. Some registrars may allow a very short continuation period, but disruption is the norm.
At this point, the Whois status code will show clientHold or serverHold, indicating the domain is inactive. Visit our renewal page and renew the domain to restore normal function.
Renew period (usually 30-45 days)
The domain is expired and can be renewed at the standard cost. Services remain suspended until renewal is completed, after which functionality is typically fully restored within 24-48 hours.
During this period, the Whois status code will continue to show clientHold. Renewing the domain directly through your provider's control panel should restore normal function. If DNS or website access doesn't return promptly, confirm the renewal and DNS propagation with support.
Redemption period (typically 30 days)
After the renewal grace period, the domain enters the redemption period. Renewal is still possible, but you may have to pay a redemption fee in addition to the standard renewal fee. Services remain offline, and restoration, once requested, can take several business days.
The Whois status code will show redemptionPeriod. Contact your registrar immediately to request restoration. Time is critical—once the redemption window closes, the domain can't be recovered.
Pending delete (5 days)
At this stage, the domain is locked and queued for deletion. Neither the registrant nor the registrar can recover it.
The Whois status code will show pendingDelete. Unfortunately, no action can restore the domain. Your only option is to monitor for re-release or attempt to backorder it.
Public availability
After deletion, the domain is released back into the pool of unregistered names and becomes available for anyone to register on a first-come, first-served basis. High-value domains are often claimed instantly through backorder services that monitor and acquire them the moment they drop. When this happens, the previous registrant may be stuck paying a large sum to purchase it from the new owner or find they've lost the domain they built their brand on.
Once it's re-registered, the domain will show a new creation date and reflect the new registrant's details. If your domain has been claimed, you'll need to register a new name or negotiate with the new owner.
While there are safety nets between expiration and deletion, recovery becomes costlier and riskier the longer you wait to take action.
The hidden business risks of expired domains
When a domain expires, the impact goes well beyond downtime. For businesses that rely on their online presence, an expired domain can lead to lasting financial, operational, and reputational damage.
Lost branding and SEO equity
Search engines tie years of ranking signals—like backlinks, indexed pages, and domain authority—to an active domain. During grace or redemption periods, that equity isn't entirely lost; rankings may dip while the site is offline, but most signals can recover within days or weeks once the domain and DNS are restored.
Deletion, however, is the point of no return—if the domain is released and re-registered, even by the same owner, it starts over with no crawl history, active backlinks, or ranking signals until search engines recrawl and reindex the site. New registrants may still see some residual traffic from old backlinks or returning visitors, but any lasting SEO value belongs to the original registration.
Cybersecurity exposure
Expired domains with a history of traffic or email activity are prime targets for bad actors. Once purchased, they can be repurposed for phishing, impersonation, or malware distribution, tricking customers who still trust the domain. In regulated industries, this can create serious compliance risks—and potential liability—if sensitive communications or data are misdirected to the new owner. Even outside those sectors, it can severely damage brand trust, undermining the confidence clients place in their providers.
Google briefly lost ownership of google.com
Even global giants aren't immune to domain expiration mishaps. In 2015, Google LLC briefly lost control of its own domain name after it unexpectedly became available for registration. A former employee noticed the availability and, through Google's own domain platform, purchased it.
This story ended on a positive note: Google not only recovered its domain name, but doubled the $6006.13 reward it had offered—a numerical nod to the company's name—after the employee donated the amount to charity. However, not every domain loss is resolved so cleanly, and this example serves as a clear reminder that regular monitoring and timely renewals are key to maintaining uninterrupted control of your domain.