I just transfer a domain to Cloudflare and I am kinda of surprised that WHOIS doesn’t redact my country. Is this expected? Is is a .com domain.
Mine shows my state and country. Then again, I live in the same state as Cloudflare, so I don’t know if that’s just a coincidence.
this is what i see
Registrar: Cloudflare, Inc Registrar IANA ID: 1910 Registrar Abuse Contact Email: Registrar Abuse Contact Phone: Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Registry Registrant ID: REDACTED FOR PRIVACY Registrant Name: REDACTED FOR PRIVACY Registrant Organization: DATA REDACTED Registrant Street: REDACTED FOR PRIVACY Registrant City: REDACTED FOR PRIVACY Registrant State/Province: DATA REDACTED Registrant Postal Code: REDACTED FOR PRIVACY Registrant Country: US Registrant Phone: REDACTED FOR PRIVACY Registrant Phone Ext: REDACTED FOR PRIVACY Registrant Fax: REDACTED FOR PRIVACY Registrant Fax Ext: REDACTED FOR PRIVACY
And you’re not even in the US. This is what my .coms look like. It includes my state.
Registrar: Cloudflare, Inc. Registrar IANA ID: 1910 Domain Status: clienttransferprohibited https://icann.org/epp#clienttransferprohibited Registry Registrant ID: Registrant Name: DATA REDACTED Registrant Organization: DATA REDACTED Registrant Street: DATA REDACTED Registrant City: DATA REDACTED Registrant State/Province: California Registrant Postal Code: DATA REDACTED Registrant Country: US Registrant Phone: DATA REDACTED Registrant Phone Ext: DATA REDACTED Registrant Fax: DATA REDACTED Registrant Fax Ext: DATA REDACTED Registrant Email: DATA REDACTED Registry Admin ID:
From what I can tell Cloudflare does reveal the state/province and country of the registrant.
@eva2000, welcome to America!
Confirmed here, I see the province and country (, 'eh?). This doesn’t seem unreasonable to me, although I can understand how some might be uncomfortable with this information being public.
Not only that but here’s a question: why
DNSSEC: unsigned, when it should be signed? That is for a .com, whereas a .xyz is:
DNSSEC: signedDelegation. Also that particlar WHOIS record is proxied which works well to mask Geo-info. Also in addition to Geo information being specific to user-locations, the nameservers are exposed. That’s for any . .
I checked a few domains and the DNSSEC status is correct. Including a .com. Perhaps post the domain or see what DNSViz says about the DNSSEC status?
Nameservers are public by definition (they must be to resolve DNS records within the zone), so adding them to WHOIS is harmless, and useful.
I did after initially moving it over to CloudFlare; I’ll do it now again and get right back. Understood re: nameservers; just something else that can be used maliciously, such as ns blacklisting.
Okay, so for one more .com according to a whois query, it’s unsigned. Both .coms when looked at using Verisign’s GUI (sort of their GUI as it’s not actually their web property, I think) both look fine via DNSViz. And lastly my .ch is all good @ nic.ch and using DNSViz.
There is literally nothing malicious you can do with nameservers in the WHOIS, since they need to be published to the public in DNS to work. Adding them to a purely informational source doesn’t add any harm.
Well, not today. Before you could use nameserver trickery to mess with WHOIS for those who didn’t know how to query properly. But this just worked on humans and had no operational impact on anything but meat.
I wonder if I showed up as US country in my whois as my previous provider used whois privacy so registrant public listed was a US country ? Though my CF whois profile is Australian
I would think so; however the domain would need to be registered with the provider using WHOIS privacy. Whois proxy services (such as Dreamhost’s) or straight redaction. It’s worth checking out if you’d like to be part of Das Trümpf-Vaterland…
This seems to be limited to a small number of TLDs, with .com being one of them. I am guessing this is because Cloudflare REDACTS versus use a “Privacy, Inc” style which other registrars tend to go for.
This is still an issue with .com domains and probably others.
The “Registrant State/Province” and “Registrant Country” is showing the original personal details of the registrant with no redactions.
According to Cloudflare’s own documentation:
WHOIS redaction removes all contact information categorized as personal data from the published WHOIS record for a domain (registrant name, email address, postal address). Fields will read “Data Redacted”. The nameserver, domain lock information, and date records for a domain are still available publicly.
This statement is unclear because the postal address should include the state and country. If there is a reason that these fields must be kept unredacted, Cloudflare should apply a single consistent value to these fields to maintain registrant privacy.
For example, the registrar Namecheap’s Whoisguard privacy service assigns a value of “Panama” to these fields for all customers, effectively maintaining registrant privacy in a “I am Spartacus” fashion.
Can Cloudflare please fix this long-standing issue?
Well, as far as I know, WHOIS PrivacyGuard is not the same as neither Cloudflare’s and neither the other ones as showing up as “REDACTED FOR PRIVACY” on WHOIS.
There is also a known “delay” for DNSSEC as long as I have checked years ago, if the domain is showing up as “signed” or “unsigned”.
It can be signed for 2-3 years, but on WHOIS it shows “unsigned”.
Also, have to mention, when the domain was not DNSSEC signed, and then transfered to new registar and signed, then it showed up as “signed” finally.
Similar goes with newely registered domains.
Could be some bug elsewhere…
This topic was automatically closed 24 hours after the last reply. New replies are no longer allowed.