Whois is simply a database that queries whether the domain name has been registered, as well as the details of the registered domain name (such as domain name owner, domain name registrar, domain name registration date, and expiration date, etc.). Through the domain name WHOIS server query, you can query the contact information of the domain owner, as well as the registration and expiration time. In general, WHOIS information is real information, through WHOIS information can find a lot of real-name registrant information, such as telephone, mailbox, NS Records, is a good source of information on the social work of the site, for security practitioners, fast access to whois information, Be able to help yourself to learn a lot of useful information about the target site.
And whois information is usually kept at all levels of domain name registration institutions, the usual we want to query Whois information is through GoDaddy, name.com, million nets, new nets and other domain name Registrar website through the query page to submit the domain name query, slow and can not bulk query, too laborious, Here I will cherish a long time I have a PS function to contribute to you, this script supports more than 140 kinds of suffixes of the domain name query, especially some obscure domain, to find a support for this domain registered registrar is not easy, now you do not need to worry about this matter.
The old rules, first code, and then explain the key operations:
===== FileName: get-whois.ps1===== function Get-whois {<# author:fuhj (powershell#live.cn, http://fuhaijun.com) # does a Raw whois query and returns the results # The simplest whois search #. Example # Get-whois Dnspod.com # This Example are one that forwards to a second WHOIS server ... #. Example # Get-whois Baidu.com-noforward # Returns The partial results you do you don ' t follow forwarding
To a new WHOIS server # get-whois n 128.11.5.98-server whois.arin.net # does ' IP lookup at arin.net #> [Cmdletbinding ()] param (# The query to send to WHOIS servers [Parameter (position=0, Valuefromremainingargumen Ts= $true)] [string] $query, # A specific whois server to search [string] $server, # Disable forwarding to New WHOIS servers [switch] $NoForward) End {$TLDs = DATA {@{". com" = "whois.verisign-grs.com", "W Hois.crsnic.net ". Net" = "whois.verisign-grs.com", "whois.crsnic.net".org "=" whois.pir.org "," Whois.publicinterestregistry.net "". Info "=" Whois.afilias.info "," Whois.afilias.net "". B Iz "=" whois.neulevel.biz "". US "=" whois.nic.us "". uk "=" whois.nic.uk "". Ca "=" whois.cira.ca ". Tel "=" Whois.nic.tel "". ie "=" whois.iedr.ie "," whois.domainregistry.ie "". It "=" whois.nic.it "". Li "=" whois.
Nic.li "". No "=" whois.norid.no "". CC "=" whois.nic.cc "". EU "=" whois.eu "". Nu "=" whois.nic.nu " ". Au" = "whois.aunic.net", "whois.ausregistry.net.au" "". de "=" whois.denic.de "". ws "=" whois.worldsite.ws "," Who Is.nic.ws "," www.nic.ws "". sc "=" whois2.afilias-grs.net "". mobi "=" whois.dotmobiregistry.net "". Pro "=" W Hois.registrypro.pro "," Whois.registry.pro "". edu "=" whois.educause.net "," whois.crsnic.net "". TV "=" whois.nic.t V "," tvwhois.verisign-grs.com "". Travel "=" Whois.nic.travel "". Name "=" Whois.nic.name "". In "=" whois.i Nregistry.net "," whois.reGistry.in ". Me" = "whois.nic.me", "Whois.meregistry.net" ". At" = "whois.nic.at" ". is" = "whois.dns.be" ". cn" = "whois.cnnic.cn", "whois.cnnic.net.cn" ". edu.cn" = "whois.edu.cn" ". Asia" = "Whois.nic.asia" ". Ru" =
"Whois.ripn.ru", "whois.ripn.net" ". Ro" = "whois.rotld.ro" ". Aero" = "Whois.aero" ". Fr" = "whois.nic.fr"
". Se" = "whois.iis.se", "whois.nic-se.se", "whois.nic.se" ". nl" = "whois.sidn.nl", "whois.domain-registry.nl" ". NZ" = "whois.srs.net.nz", "whois.domainz.net.nz" ". mx" = "whois.nic.mx" ". TW" = "whois.apnic.net", "WHOIS.TWNIC.N et.tw "". ch "=" whois.nic.ch "". HK "=" whois.hknic.net.hk "". AC "=" Whois.nic.ac "". Ae "=" whois.nic.a
E "". af "=" Whois.nic.af "". Ag "=" Whois.nic.ag "". Al "=" whois.ripe.net "". Am "=" whois.amnic.net "
". as" = "whois.nic.as" ". Az" = "whois.ripe.net" ". Ba" = "whois.ripe.net" ". BG" = "whois.register.bg" ". Bi" = "Whois.nic.bi"
". BJ" = "WWW.NIC.BJ" ". Br" = "whois.nic.br" ". br.com" = "Whois.centralnic.net" ". eu.org" = "whois.eu.or G "". BT "=" Whois.netnames.net "". By "=" Whois.ripe.net "". Bz "=" Whois.belizenic.bz "". cd "=" WHOIS.N
Ic.cd "". CK "=" Whois.nic.ck "". Cl "=" nic.cl "". Coop "=" Whois.nic.coop "". CX "=" whois.nic.cx "
". Cy" = "Whois.ripe.net" ". CZ" = "whois.nic.cz" ". DK" = "whois.dk-hostmaster.dk" ". DM" = "whois.nic.cx"
". Dz" = "whois.ripe.net" ". ee" = "whois.eenet.ee" ". Eg" = "whois.ripe.net" ". Es" = "whois.ripe.net"
". Fi" = "whois.ficora.fi" ". Fo" = "whois.ripe.net" ". GB" = "whois.ripe.net" ". Ge" = "whois.ripe.net" ". GL" = "whois.ripe.net" ". GM" = "whois.ripe.net" ". gov" = "whois.nic.gov" ". gr" = "whois.ripe.net" ". GS "=" whois.adamsnames.tc "". HM "=" Whois.registry.hm "". Hn "=" whois2.afilias-grs.net "". HR "=" Whois.ripe . Net "". Hu "=" whoiS.ripe.net "". Il = "whois.isoc.org.il" ". Int" = "whois.isi.edu" ". IQ" = "vrx.net" ". ir" = "whois.nic.
IR ". is" = "whois.isnic.is" ". Je" = "whois.je" ". JP" = "whois.jprs.jp" ". KG" = "whois.domain.kg" ". KR" = "whois.nic.or.kr" ". La" = "whois2.afilias-grs.net" ". LT" = "whois.domreg.lt" ". Lu" = "Whois.resten A.lu "". Lv "=" whois.nic.lv "". Ly "=" whois.lydomains.com "". Ma "=" whois.iam.net.ma "". Mc "=" WHOIS.R Ipe.net "". MD = "whois.nic.md" ". Mil" = "Whois.nic.mil" ". mk" = "whois.ripe.net" ". MS" = "WHOIS.NIC.M
S "". Mt "=" whois.ripe.net "". Mu "=" whois.nic.mu "". my "=" whois.mynic.net.my "". NF "=" whois.nic.cx "
". pl" = "whois.dns.pl" ". PR" = "WHOIS.NIC.PR" ". pt" = "whois.dns.pt" ". sa" = "saudinic.net.sa"
". SB" = "WHOIS.NIC.NET.SB" ". sg" = "whois.nic.net.sg" ". Sh" = "whois.nic.sh" ". Si" = "whois.arnes.si" ". SK" = "whois.sk-nic.sk"
". Sm" = "Whois.ripe.net" ". St" = "Whois.nic.st" ". Su" = "whois.ripn.net" ". TC" = "whois.adamsnames.tc
"". tf "=" WHOIS.NIC.TF "". Th "=" whois.thnic.net "". TJ "=" whois.nic.tj "". tk "=" whois.nic.tk " ". Tl" = "whois.domains.tl" ". TM" = "Whois.nic.tm" ". tn" = "whois.ripe.net" ". to" = "whois.tonic.to" " . tp "=" whois.domains.tl "". Tr "=" whois.nic.tr "". Ua "=" Whois.ripe.net "". Uy "=" Nic.uy "". Uz "=" Who Is.cctld.uz "". VA = "whois.ripe.net" ". VC" = "Whois2.afilias-grs.net" ". VE" = "whois.nic.ve" ". VG" = "Whois.adamsnames.tc" ". Yu" = "Whois.ripe.net"}} $EAP, $ErrorActionPreference = $ErrorActionPreferenc E, "Stop" $query = $query. Trim () if ($query-match "(?: \ D{1,3}\.)
{3}\d{1,3} ") {write-verbose" IP lookup! " if ($query-notmatch "") {$query = "n $query"} if (! $server) {$server = "whois.arin.net"}} Els
EIF (! $server) { $server = $TLDs. GetEnumerator () |
Where {$query-like ("*" +$_.name)} | Select-expand Value | Get-random} if (! $server) {$server = "whois.arin.net"} $maxRequery = 3 do {write-verbose "Conn Ecting to $server "$client = New-object System.Net.Sockets.TcpClient $server, $stream = $cli Ent. GetStream () write-verbose "Sending Query: $query" $data = [System.text.encoding]::ascii.getbytes ($query + "' r ' N") $stream. Write ($data, 0, $data. Length) write-verbose "Reading Response:" $reader = New-object System.IO.StreamReader $stream, [system.te Xt. Encoding]::ascii $result = $reader. ReadToEnd () if ($result-match "(? s) whois server:\s* (\s+) \s*") {write-warning "recommended Whois Server : ${server} "if (! $NoForward) {write-verbose" non-authoritative Results: ' N${result} "# C Ache, in case we can ' t get a answer at the ForwardeR if (! $cachedResult) {$cachedResult = $result $cachedServer = $server $server = $matches [1] $query = ($query-split "") [-1] $maxRequery--} El se {$maxRequery = 0}} else {$maxRequery = 0}}} finally {if ($stream) {$stream. Close () $stream. The Dispose ()}}} while ($maxRequery-gt 0) $result if ($cachedResult-and ($result-split "' N"). Count-lt 5) {write-warning "Original result from ${cachedserver}:" $cachedResult} $ErrorActionPref erence = $EAP}}
The function defines three parameters, two [string] types, one [switch] type, which is used to receive the domain name to be whois queried, specifies the WHOIS domain name server, and whether the query request is allowed to be forwarded to another domain name resolution server. A hash table of enumerated values is then created to store the correspondence between the different domain name suffixes and the WHOIS server, because the domain name information corresponding to the different domain name suffix is stored on a different server. It is necessary to emphasize that several WHOIS servers are specified for a number of domain names, such as. com,. NET,. org,. info, which has a very large number of registrations.
Next, create a System.Net.Sockets.TcpClient TCP object via New-object, which connects the 43 ports of the WHOIS server specified above to query whois information and receive WHOI through a System.IO.StreamReader object The S information returns the data and parses the data. In addition to try{}cache{}finally{} for fault-tolerant processing, in the data parsing is also used to use regular expressions to match the target string.
There are four ways to run the program:
Get-whois dnspod.com
First look at Dnspod after being bought by Tencent has not changed whois information, it seems that the Goose factory has not changed
Get-whois Jd.com–noforward
Get-whois N 128.11.5.98-server whois.arin.net
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
