一文搞定:whois数据库查询域名信息(WHOIS)

avatar
作者
筋斗云
阅读量:15

目录

1、Whois前置知识

whois就是一个用来查询域名是否已经被注册,以及注册域名的详细信息的数据库(如域名所有人、域名注册商)。

不同域名后缀的whois信息需要到不同的whois数据库查询

参考:百度百科-whois域名查询协议

实现原理

根据域名从根服务器获取域名所在whois服务器再根据域名从域名所在whois服务器获取域名信息

domain + rootServer => targetServer
domain + targetServer => domainInfo

在这里插入图片描述

当然,如果知道了域名信息所在服务器,可以跳过第一步,直接查询域名信息

2、通过网页查询 2.1、方式一:通过原始网页查询 第一步:根据域名从根服务器获取域名所在whois服务器

根服务器网站:

在这里插入图片描述

或者直接根据域名后缀在数据库中查找对应的whois服务器地址

第二步:再根据域名从域名所在whois服务器获取域名信息

注意看到返回信息中的refer 行

refer:        whois.cnnic.cn

打开这个网站: ,继续查询,

需要注意,这里查询的是一级域名,不能携带www,只能查询xiaomi.cn

在这里插入图片描述

2.2、方式二:第三方网站查询

域名信息查询网站

这些网站可以直接查询域名信息,他们后台做了优化不用再去逐级查询,可以看到,信息返回的并不是很完整

在这里插入图片描述

3、命令行whois查询 3.1、Windows环境命令行whois查询

官网:

下载链接:

3.2、Linux 环境命令行whois查询

安装

yum install -y whois

查询示例

# 查看使用帮助
$ whois --help
# 查询域名信息
$ whois xiaomi.cn
Domain Name: xiaomi.cn
ROID: 20070518s10001s40338355-cn
Domain Status: clientTransferProhibited
Registrant: 小米科技有限责任公司
Registrant Contact Email: dns-admin@xiaomi.com
Sponsoring Registrar: 厦门易名科技股份有限公司
Name Server: ns3.dnsv5.com
Name Server: ns4.dnsv5.com
Registration Time: 2007-05-18 10:15:59
Expiration Time: 2024-06-18 10:15:59
DNSSEC: unsigned

需要注意,如果是二级域名就查询不到信息

$ whois www.xiaomi.cn
Invalid parameter:www.xiaomi.cn

4、Python代码方式实现 4.1、通过Socket实现whois查询

使用环境

$ python --version
Python 3.7.0

核心代码

# -*- coding: utf-8 -*-
import socket
def whois_request(domain: str, server: str, port=43, timeout=5) -> str:
    """
    发送http请求,获取信息
    :param domain:
    :param server:
    :param port:
    :return:
    """
    # 创建连接
    sock = socket.create_connection((server, port))
    sock.settimeout(timeout)
    # 发送请求
    sock.send(("%s\r\n" % domain).encode("utf-8"))
    # 接收数据
    buff = bytes()
    while True:
        data = sock.recv(1024)
        if len(data) == 0:
            break
        buff += data
    # 关闭链接
    sock.close()
    return buff.decode("utf-8")

1、第一步,根据域名从根服务器获取域名所在whois服务器

# 根服务器地址
root_server = 'whois.iana.org'
# 需要查询的域名
domain = 'xiaoxi.cn'
# 查询域名信息
res = whois_request(domain, root_server)
print(res)

返回数据

% IANA WHOIS server
% for more information on IANA, visit http://www.iana.org
% This query returned 1 object
refer:        whois.cnnic.cn
domain:       CN
organisation: China Internet Network Information Center (CNNIC)
address:      No. 4, South 4th Street
address:      Zhong Guan Cun
address:      Beijing 100190
address:      China
contact:      administrative
name:         Yu Zeng
organisation: China Internet Network Information Center (CNNIC)
address:      No. 4, South 4th Street
address:      Zhong Guan Cun
address:      Beijing 100190
address:      China
phone:        +8610-58813686
fax-no:       +8610-58813632
e-mail:       ceo@cnnic.cn
contact:      technical
name:         Yuedong Zhang
organisation: China Internet Network Information Center (CNNIC)
address:      No. 4, South 4th Street
address:      Zhong Guan Cun
address:      Beijing 100190
address:      China
phone:        +8610-58813202
fax-no:       +8610-58812666
e-mail:       tech@cnnic.cn
nserver:      A.DNS.CN 2001:dc7:0:0:0:0:0:1 203.119.25.1
nserver:      B.DNS.CN 203.119.26.1
nserver:      C.DNS.CN 203.119.27.1
nserver:      D.DNS.CN 2001:dc7:1000:0:0:0:0:1 203.119.28.1
nserver:      E.DNS.CN 203.119.29.1
nserver:      F.DNS.CN 195.219.8.90
nserver:      G.DNS.CN 66.198.183.65
nserver:      NS.CERNET.NET 202.112.0.44
ds-rdata:     57724 8 2 5d0423633eb24a499be78aa22d1c0c9ba36218ff49fd95a4cdf1a4ad97c67044
whois:        whois.cnnic.cn
status:       ACTIVE
remarks:      Registration information: http://www.cnnic.cn/
created:      1990-11-28
changed:      2018-03-01
source:       IANA

注意到,这就是该域名信息所在服务器

refer:        whois.cnnic.cn

2、第二步:再根据域名从域名所在whois服务器获取域名信息

# whois服务器地址
whois_server = 'whois.cnnic.cn'
# 需要查询的域名,注意不能带www
domain = 'xiaoxi.cn'
# 查询域名信息
res = whois_request(domain, whois_server)
print(res)

返回的信息

Domain Name: xiaomi.cn
ROID: 20070518s10001s40338355-cn
Domain Status: clientTransferProhibited
Registrant: 小米科技有限责任公司
Registrant Contact Email: dns-admin@xiaomi.com
Sponsoring Registrar: 厦门易名科技股份有限公司
Name Server: ns3.dnsv5.com
Name Server: ns4.dnsv5.com
Registration Time: 2007-05-18 10:15:59
Expiration Time: 2024-06-18 10:15:59
DNSSEC: unsigned

可以看到,我们查询到了和网站查询一样的信息

可以直接使用第三方整理的whois数据库对应地址

4.2、第三方库:whois

操作系统命令行工具 whois的Python封装,依赖操作系统,不推荐

安装

$ pip install whois

示例

import whois
domain = whois.query('www.baidu.com')
print(domain.__dict__)

输出

{
	'name': 'baidu.com',
	'tld': 'com',
	'registrar': 'MarkMonitor Inc.',
	'registrant_country': 'CN',
	'creation_date': datetime.datetime(1999, 10, 11, 11, 5, 17),
	'expiration_date': datetime.datetime(2026, 10, 11, 11, 5, 17),
	'last_updated': datetime.datetime(2022, 9, 1, 3, 54, 43),
	'status': 'clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited',
	'statuses': ['clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)', 'clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited', 'clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)', 'clientTransferProhibited https://icann.org/epp#clientTransferProhibited', 'clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)', 'clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited', 'serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)', 'serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited', 'serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)', 'serverTransferProhibited https://icann.org/epp#serverTransferProhibited', 'serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)', 'serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited'],
	'dnssec': False,
	'name_servers': ['ns1.baidu.com', 'ns2.baidu.com', 'ns3.baidu.com', 'ns4.baidu.com', 'ns7.baidu.com'],
	'registrant': 'Beijing Baidu Netcom Science Technology Co., Ltd.',
	'emails': ['abusecomplaints@markmonitor.com']
}

json序列化之后得到域名信息

{
    "name":"baidu.com",
    "tld":"com",
    "registrar":"MarkMonitor Inc.",
    "registrant_country":"CN",
    "creation_date":"1999-10-11 11:05:17",
    "expiration_date":"2026-10-11 11:05:17",
    "last_updated":"2022-09-01 03:54:43",
    "status":"clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited",
    "statuses":[
        "clientDeleteProhibited (https://www.icann.org/epp#clientDeleteProhibited)",
        "clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited",
        "clientTransferProhibited (https://www.icann.org/epp#clientTransferProhibited)",
        "clientTransferProhibited https://icann.org/epp#clientTransferProhibited",
        "clientUpdateProhibited (https://www.icann.org/epp#clientUpdateProhibited)",
        "clientUpdateProhibited https://icann.org/epp#clientUpdateProhibited",
        "serverDeleteProhibited (https://www.icann.org/epp#serverDeleteProhibited)",
        "serverDeleteProhibited https://icann.org/epp#serverDeleteProhibited",
        "serverTransferProhibited (https://www.icann.org/epp#serverTransferProhibited)",
        "serverTransferProhibited https://icann.org/epp#serverTransferProhibited",
        "serverUpdateProhibited (https://www.icann.org/epp#serverUpdateProhibited)",
        "serverUpdateProhibited https://icann.org/epp#serverUpdateProhibited"
    ],
    "dnssec":false,
    "name_servers":[
        "ns1.baidu.com",
        "ns2.baidu.com",
        "ns3.baidu.com",
        "ns4.baidu.com",
        "ns7.baidu.com"
    ],
    "registrant":"Beijing Baidu Netcom Science Technology Co., Ltd.",
    "emails":[
        "abusecomplaints@markmonitor.com"
    ]
}

4.3、第三方库:python-whois

经测试,不可用

$ pip install python-whois

示例

import whois
w = whois.whois('example.com')
w.expiration_date
# datetime.datetime(2022, 8, 13, 4, 0)

4.4、第三方库:whois21

经测试,可用

pip install whois21

示例

import whois21
query = 'github.com'
whois = whois21.WHOIS(query)
print(f'Creation date   : {whois.creation_date}')
print(f'Expiration date : {whois.expires_date}')
print(f'Updated date    : {whois.updated_date}')

5、使用Domain Admin

基于Python + Vue3.js 技术栈实现的域名和SSL证书监测平台

文档

安装

pip install domain-admin

启动运行

$ gunicorn 'domain_admin.main:app'

访问地址::8000

默认的管理员账号

在这里插入图片描述

6、中文域名

通过接口直接查询中文域名,会提示没有查询结果。这时候需要将中文域名进行编码

比如:小米.中国 会解析为 xn–yets76e.xn–fiqs8s/

在线编码:

其实,中文后缀的域名可以不编码,主要是中英结合的域名, 比如 中万.cn/

从浏览器直接复制过来是–chq7c.cn/

这是一种叫做:Punycode的编码方式

print("中万".encode('punycode').decode())
# chq7c

然后加上前缀xn--,就和上面的结果一致了

xn--chq7c

参考

广告一刻

为您即时展示最新活动产品广告消息,让您随时掌握产品活动新动态!