目录
1、Whois前置知识
whois就是一个用来查询域名是否已经被注册,以及注册域名的详细信息的数据库(如域名所有人、域名注册商)。
不同域名后缀的whois信息需要到不同的whois数据库查询
参考:百度百科-whois域名查询协议
实现原理
根据域名从根服务器获取域名所在whois服务器再根据域名从域名所在whois服务器获取域名信息
domain + rootServer => targetServer
domain + targetServer => domainInfo
当然,如果知道了域名信息所在服务器,可以跳过第一步,直接查询域名信息
2、通过网页查询 2.1、方式一:通过原始网页查询 第一步:根据域名从根服务器获取域名所在whois服务器
根服务器网站:
或者直接根据域名后缀在数据库中查找对应的whois服务器地址
第二步:再根据域名从域名所在whois服务器获取域名信息
注意看到返回信息中的refer 行
refer: whois.cnnic.cn
打开这个网站: ,继续查询,
需要注意,这里查询的是一级域名,不能携带www,只能查询xiaomi.cn
2.2、方式二:第三方网站查询
域名信息查询网站
这些网站可以直接查询域名信息,他们后台做了优化不用再去逐级查询,可以看到,信息返回的并不是很完整
3、命令行whois查询 3.1、Windows环境命令行whois查询
官网:
下载链接:
3.2、Linux 环境命令行whois查询
安装
yum install -y whois
查询示例
# 查看使用帮助
$ whois --help
# 查询域名信息
$ whois xiaomi.cn
Domain Name: xiaomi.cn
ROID: 20070518s10001s40338355-cn
Domain Status: clientTransferProhibited
Registrant: 小米科技有限责任公司
Registrant Contact Email: dns-admin@xiaomi.com
Sponsoring Registrar: 厦门易名科技股份有限公司
Name Server: ns3.dnsv5.com
Name Server: ns4.dnsv5.com
Registration Time: 2007-05-18 10:15:59
Expiration Time: 2024-06-18 10:15:59
DNSSEC: unsigned
需要注意,如果是二级域名就查询不到信息
$ whois www.xiaomi.cn
Invalid parameter:www.xiaomi.cn
4、Python代码方式实现 4.1、通过Socket实现whois查询
使用环境
$ python --version
Python 3.7.0
核心代码
# -*- coding: utf-8 -*-
import socket
def whois_request(domain: str, server: str, port=43, timeout=5) -> str:
"""
发送http请求,获取信息
:param domain:
:param server:
:param port:
:return:
"""
# 创建连接
sock = socket.create_connection((server, port))
sock.settimeout(timeout)
# 发送请求
sock.send(("%s\r\n" % domain).encode("utf-8"))
# 接收数据
buff = bytes()
while True:
data = sock.recv(1024)
if len(data) == 0:
break
buff += data
# 关闭链接
sock.close()
return buff.decode("utf-8")
1、第一步,根据域名从根服务器获取域名所在whois服务器
# 根服务器地址
root_server = 'whois.iana.org'
# 需要查询的域名
domain = 'xiaoxi.cn'
# 查询域名信息
res = whois_request(domain, root_server)
print(res)
返回数据
% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object
refer: whois.cnnic.cn
domain: CN
organisation: China Internet Network Information Center (CNNIC)
address: No. 4, South 4th Street
address: Zhong Guan Cun
address: Beijing 100190
address: China
contact: administrative
name: Yu Zeng
organisation: China Internet Network Information Center (CNNIC)
address: No. 4, South 4th Street
address: Zhong Guan Cun
address: Beijing 100190
address: China
phone: +8610-58813686
fax-no: +8610-58813632
e-mail: ceo@cnnic.cn
contact: technical
name: Yuedong Zhang
organisation: China Internet Network Information Center (CNNIC)
address: No. 4, South 4th Street
address: Zhong Guan Cun
address: Beijing 100190
address: China
phone: +8610-58813202
fax-no: +8610-58812666
e-mail: tech@cnnic.cn
nserver: A.DNS.CN 2001:dc7:0:0:0:0:0:1 203.119.25.1
nserver: B.DNS.CN 203.119.26.1
nserver: C.DNS.CN 203.119.27.1
nserver: D.DNS.CN 2001:dc7:1000:0:0:0:0:1 203.119.28.1
nserver: E.DNS.CN 203.119.29.1
nserver: F.DNS.CN 195.219.8.90
nserver: G.DNS.CN 66.198.183.65
nserver: NS.CERNET.NET 202.112.0.44
ds-rdata: 57724 8 2 5d0423633eb24a499be78aa22d1c0c9ba36218ff49fd95a4cdf1a4ad97c67044
whois: whois.cnnic.cn
status: ACTIVE
remarks: Registration information: http://www.cnnic.cn/
created: 1990-11-28
changed: 2018-03-01
source: IANA
注意到,这就是该域名信息所在服务器
refer: whois.cnnic.cn
2、第二步:再根据域名从域名所在whois服务器获取域名信息
# whois服务器地址
whois_server = 'whois.cnnic.cn'
# 需要查询的域名,注意不能带www
domain = 'xiaoxi.cn'
# 查询域名信息
res = whois_request(domain, whois_server)
print(res)
返回的信息
Domain Name: xiaomi.cn
ROID: 20070518s10001s40338355-cn
Domain Status: clientTransferProhibited
Registrant: 小米科技有限责任公司
Registrant Contact Email: dns-admin@xiaomi.com
Sponsoring Registrar: 厦门易名科技股份有限公司
Name Server: ns3.dnsv5.com
Name Server: ns4.dnsv5.com
Registration Time: 2007-05-18 10:15:59
Expiration Time: 2024-06-18 10:15:59
DNSSEC: unsigned
可以看到,我们查询到了和网站查询一样的信息
可以直接使用第三方整理的whois数据库对应地址
4.2、第三方库:whois
操作系统命令行工具 whois的Python封装,依赖操作系统,不推荐
安装
$ pip install whois
示例
import whois
domain = whois.query('www.baidu.com')
print(domain.__dict__)
输出
{
'name': 'baidu.com',
'tld': 'com',
'registrar': 'MarkMonitor Inc.',
'registrant_country': 'CN',
'creation_date': datetime.datetime(1999, 10, 11, 11, 5, 17),
'expiration_date': datetime.datetime(2026, 10, 11, 11, 5, 17),
'last_updated': datetime.datetime(2022, 9, 1, 3, 54, 43),
'status': 'clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited',
'statuses': ['clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)', 'clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited', 'clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)', 'clientTransferProhibited https://icann.org/epp#clientTransferProhibited', 'clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)', 'clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited', 'serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)', 'serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited', 'serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)', 'serverTransferProhibited https://icann.org/epp#serverTransferProhibited', 'serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)', 'serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited'],
'dnssec': False,
'name_servers': ['ns1.baidu.com', 'ns2.baidu.com', 'ns3.baidu.com', 'ns4.baidu.com', 'ns7.baidu.com'],
'registrant': 'Beijing Baidu Netcom Science Technology Co., Ltd.',
'emails': ['abusecomplaints@markmonitor.com']
}
json序列化之后得到域名信息
{
"name":"baidu.com",
"tld":"com",
"registrar":"MarkMonitor Inc.",
"registrant_country":"CN",
"creation_date":"1999-10-11 11:05:17",
"expiration_date":"2026-10-11 11:05:17",
"last_updated":"2022-09-01 03:54:43",
"status":"clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited",
"statuses":[
"clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)",
"clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited",
"clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)",
"clientTransferProhibited https://icann.org/epp#clientTransferProhibited",
"clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)",
"clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited",
"serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)",
"serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited",
"serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)",
"serverTransferProhibited https://icann.org/epp#serverTransferProhibited",
"serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)",
"serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited"
],
"dnssec":false,
"name_servers":[
"ns1.baidu.com",
"ns2.baidu.com",
"ns3.baidu.com",
"ns4.baidu.com",
"ns7.baidu.com"
],
"registrant":"Beijing Baidu Netcom Science Technology Co., Ltd.",
"emails":[
"abusecomplaints@markmonitor.com"
]
}
4.3、第三方库:python-whois
经测试,不可用
$ pip install python-whois
示例
import whois
w = whois.whois('example.com')
w.expiration_date
# datetime.datetime(2022, 8, 13, 4, 0)
4.4、第三方库:whois21
经测试,可用
pip install whois21
示例
import whois21
query = 'github.com'
whois = whois21.WHOIS(query)
print(f'Creation date : {whois.creation_date}')
print(f'Expiration date : {whois.expires_date}')
print(f'Updated date : {whois.updated_date}')
5、使用Domain Admin
基于Python + Vue3.js 技术栈实现的域名和SSL证书监测平台
文档
安装
pip install domain-admin
启动运行
$ gunicorn 'domain_admin.main:app'
访问地址::8000
默认的管理员账号
6、中文域名
通过接口直接查询中文域名,会提示没有查询结果。这时候需要将中文域名进行编码
比如:小米.中国 会解析为 xn–yets76e.xn–fiqs8s/
在线编码:
其实,中文后缀的域名可以不编码,主要是中英结合的域名, 比如 中万.cn/
从浏览器直接复制过来是–chq7c.cn/
这是一种叫做:Punycode的编码方式
print("中万".encode('punycode').decode())
# chq7c
然后加上前缀xn--,就和上面的结果一致了
xn--chq7c
参考