Whois
The whois information of a domain name provides various details like registrar, owner, registration date, expiry date etc.
The whois information is provided by the corresponding whois servers of the registrars.
The information is available for free and most whois servers run a whois service on port 43 which provides whois data associated with a domain name.
The first step is to contact whois.iana.org which provides the actual whois server of a domain name.
Next the particular whois server is contacted which provides the full whois data of the domain.
Implementation is quite simple and python makes it even simpler.
Code
#!/usr/bin/python
'''
Program to fetch whois information of a domain name
'''
import socket, sys
#Perform a generic whois query to a server and get the reply
def perform_whois(server , query) :
#socket connection
s = socket.socket(socket.AF_INET , socket.SOCK_STREAM)
s.connect((server , 43))
#send data
s.send(query + '\r\n')
#receive reply
msg = ''
while len(msg) < 10000:
chunk = s.recv(100)
if(chunk == ''):
break
msg = msg + chunk
return msg
#End
#Function to perform the whois on a domain name
def get_whois_data(domain):
#remove http and www
domain = domain.replace('http://','')
domain = domain.replace('www.','')
#get the extension , .com , .org , .edu
ext = domain[-3:]
#If top level domain .com .org .net
if(ext == 'com' or ext == 'org' or ext == 'net'):
whois = 'whois.internic.net'
msg = perform_whois(whois , domain)
#Now scan the reply for the whois server
lines = msg.splitlines()
for line in lines:
if ':' in line:
words = line.split(':')
if 'Whois' in words[0] and 'whois.' in words[1]:
whois = words[1].strip()
break;
#Or Country level - contact whois.iana.org to find the whois server of a particular TLD
else:
#Break again like , co.uk to uk
ext = domain.split('.')[-1]
#This will tell the whois server for the particular country
whois = 'whois.iana.org'
msg = perform_whois(whois , ext)
#Now search the reply for a whois server
lines = msg.splitlines()
for line in lines:
if ':' in line:
words = line.split(':')
if 'whois.' in words[1] and 'Whois Server (port 43)' in words[0]:
whois = words[1].strip()
break;
#Now contact the final whois server
msg = perform_whois(whois , domain)
#Return the reply
return msg
# end
# get the domain name from command line argument
domain_name = sys.argv[1]
print get_whois_data(domain_name)
Run the program by issuing the following command at the terminal.
$ python whois.py stackoverflow.com
The commandline argument should contain the domain name. The output would be the whois data.
The output data would look something like this:
$ python whois.py stackoverflow.com Domain Name: STACKOVERFLOW.COM Registry Domain ID: 108907621_DOMAIN_COM-VRSN Registrar WHOIS Server: whois.name.com Registrar URL: http://www.name.com Updated Date: 2020-01-08T15:08:40Z Creation Date: 2003-12-26T19:18:07Z Registry Expiry Date: 2021-02-02T11:59:59Z Registrar: Name.com, Inc. Registrar IANA ID: 625 Registrar Abuse Contact Email: [email protected] Registrar Abuse Contact Phone: 7202492374 Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited Name Server: NS-1033.AWSDNS-01.ORG Name Server: NS-358.AWSDNS-44.COM Name Server: NS-CLOUD-E1.GOOGLEDOMAINS.COM Name Server: NS-CLOUD-E2.GOOGLEDOMAINS.COM DNSSEC: unsigned URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/ >>> Last update of whois database: 2020-08-06T14:05:09Z <<< For more information on Whois status codes, please visit https://icann.org/epp NOTICE: The expiration date displayed in this record is the date the registrar's sponsorship of the domain name registration in the registry is currently set to expire. This date does not necessarily reflect the expiration date of the domain name registrant's agreement with the sponsoring registrar. Users may consult the sponsoring registrar's Whois database to view the registrar's reported date of expiration for this registration.
The above shows does not contain the full whois information about the domain. Instead it points to the registrar domain name like this:
Registrar WHOIS Server: whois.name.com
So the primary whois server "whois.internic.net" tells us the registrar whois. Next we have to contact the registrar whois server in the same way and we shall get the full whois details of the domain name.
Conclusion
To learn the basics of socket programming in Python check out this post:
Python socket programming Tutorial - How to Code Client and Server
For Latest Script Check Here : http://bitforestinfo.blogspot.com/2017/01/python-script-to-fetch-domain-whois.html
Working perfectly as described.
Thanks!
had this error:
File “C:/Users/ryanc/Desktop/test.py”, line 17, in perform_whois
s.send(query + ‘rn’)
TypeError: ‘str’ does not support the buffer interface
With a url string like http://www.whatheverwww.com or https://www.site.com or http://www1.test.com , your script will not work . It is better using this to remove http(s):// and www[1|2|3..]. :
def return_root(self, uri):
#remove http and www
p = re.compile(‘(https?://)?(www.*?.)?|/’)
root = p.sub(”,uri)
return root
its showing invalid syntax
what is the exact error ?