Product Blog

An organization’s domain name is one of its most valuable digital assets, so the desire to secure it is only natural. However, the terms used to describe these security measures—domain name protection and domain name privacy—are often used interchangeably, which can lead to confusion.

While both aim to protect, there are distinct differences, which we discuss in greater detail in this post. Please refer to the table below for the TL;DR version.

We are excited to announce that a protocol selector has been added to WHOIS Lookup and WHOIS Search (on Domain Research Suite), giving users more flexibility to choose how to retrieve domain registration data. 

With this new feature, users can select from three protocols—RDAP, WHOIS, and Auto.

When you run a WHOIS lookup for a domain name you’re interested in, you may find that some details are redacted for privacy. You can’t see who owns that domain because “Privacy service provided by Withheld for Privacy ehf” is on the registrant organization field. What, exactly, does this mean? And is there a way to find out the actual domain owner’s email address and contact them? 

We’ll talk about registration data redaction in general and Withheld for Privacy ehf in particular in this post, as well as cover how it works, and some of the other most common domain privacy protection companies. We will also demonstrate how you can possibly still uncover domain ownership data despite redaction.

Conversations around replacing WHOIS – the main protocol for retrieving information about domain registrants – have been around for decades. Now, WHOIS is being phased out and replaced by the Registration Data Access Protocol (RDAP). 

Why is that happening?

We’re excited to announce that WHOIS API is RDAP-ready, following the WHOIS port 43 shutdown and the expected transition from WHOIS to RDAP or the Registration Data Access Protocol—the next-generation system for accessing domain registration data developed by the Internet Engineering Task Force (IETF). 

Our development team implemented several developments to ensure users can continue to access fast, accurate, and up-to-date domain registration information with WHOIS API. Among the improvements made were:

Written by Ching Chiao, Head of APAC and Global Data Partnership & Alexandre François, Product Marketing Director
WhoisXML API

On January 28, 2025, ICANN (the Internet Corporation for Assigned Names and Numbers) will officially sunset the WHOIS Port 43 services. This decision marks a pivotal moment for the cybersecurity industry, domain registries, and anyone who relies on domain data for operational or investigative purposes. But what does this change mean, and how will it impact the broader ecosystem?

We are excited to announce that Snowflake users can now request access to WHOIS Database Download’s quarterly gTLD and ccTLD files on the platform, available in three formats:

• Simple: The simple CSV file contains the domain name, registrar name and email address, WHOIS and name servers, creation and expiration dates, and registrant and administrative contact details.

• Regular: The regular CSV file contains all the fields in the Simple file, along with information about the billing, technical, and zone contacts.

• Full: This file format contains all fields in the Simple file, in addition to the raw text from the WHOIS registry and registrar.

We’re thrilled to announce that WHOIS queries can now be processed through POST requests in addition to the current HTTP GET request method. This new capability offers a more secure way to access domain registration information.

Using POST requests significantly reduces the risk of unauthorized access to API keys, as they encrypt the HTTP message body, including the API key. To illustrate, here is an example of a POST request.