网络扫描:WHOIS信息查询
2021-07-30
来源:计算机与网络安全
WHOIS(读作Who is,非缩写)是用来查询域名的IP及所有者等信息的传输协议。简单说,WHOIS就是一个用来查询域名是否已经被注册,以及已经注册域名的详细信息的数据库(如域名所有人、域名注册商、域名注册日期和过期日期等)。通过域名Whois服务器查询,可以查询域名归属者联系方式,以及注册和到期时间。本文介绍实施WHOIS信息查询的方法。
1. WHOIS查询网址
通过访问网址http://whois.chinaz.com/,可以快速地查询到某域名的相关信息。在浏览器的地址栏中输入网址http://whois.chinaz.com/,访问成功后,显示界面如图1所示。
图1 Whois查询站点
在如图1所示的文本框中输入要查询的域名,并单击“查询”按钮,即可获取到对应的信息。例如,查询域名qq.com的相关信息。查询完成后,显示如图2和图3所示。因为无法截取所有信息,所以这里只截取了两个图。
图2 域名信息
图3 Whois查询
在图2中显示了域名qq.com的信息,包括该域名的注册商、联系邮箱、电话、创建时间、过期时间和域名服务器等。
在图3中显示了域名qq.com的WHOIS信息,包括注册域名ID、注册WHOIS服务器、注册的URL、更新时间和创建时间等。
2. 使用Whois工具
Whois工具是用来查找并显示指定账号(或域名)的用户相关信息。下面介绍使用Whois工具来实现WHOIS信息查询的方法。使用Whois工具的语法格式如下:
whois [域名]
使用Whois工具查询域名baidu.com的相关信息。执行命令如下:
root@daxueba:~# whois baidu.com
Domain Name: BAIDU.COM #域名
Registry Domain ID: 11181110_DOMAIN_COM-VRSN #注册域名ID
Registrar WHOIS Server: whois.markmonitor.com #注册WHOIS服务器
Registrar URL: http://www.markmonitor.com #注册者URL
Updated Date: 2021-07-23T02:36:28Z #更新时间
Creation Date: 1999-10-11T11:05:17Z #创建时间
Registry Expiry Date: 2026-10-11T11:05:17Z #过期时间
Registrar: MarkMonitor Inc. #注册者
Registrar IANA ID: 292 #注册者IANA ID
Registrar Abuse Contact Email: abusecomplaints@markmonitor.com #注册滥用电子邮箱联系人
Registrar Abuse Contact Phone: +1.2083895740 #注册者滥用电话号码
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDelete
Prohibited #域名状态
Domain Status: clientTransferProhibited https://icann.org/epp#client
TransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#client
UpdateProhibited
Domain Status: serverDeleteProhibited https://icann.org/epp#server
DeleteProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#server
TransferProhibited
Domain Status: serverUpdateProhibited https://icann.org/epp#server
UpdateProhibited
Name Server: DNS.BAIDU.COM #域名服务器
Name Server: NS2.BAIDU.COM
Name Server: NS3.BAIDU.COM
Name Server: NS4.BAIDU.COM
Name Server: NS7.BAIDU.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2021-07-23T09:26:13Z <<< #最后更新WHOIS数据库时间
……省略部分内容
Web-based WHOIS: #基于Web的WHOIS信息
https://domains.markmonitor.com/whois
If you have a legitimate interest in viewing the non-public WHOIS details, send
your request and the reasons for your request to whoisrequest@markmonitor.com
and specify the domain name in the subject line. We will review that request and
may ask for supporting documentation and explanation.
The data in MarkMonitor's WHOIS database is provided for information purposes,
and to assist persons in obtaining information about or related to a domain
name's registration record. While MarkMonitor believes the data to ben accurate,
the data is provided “as is” with no guarantee or warranties regarding itsaccuracy.
By submitting a WHOIS query, you agree that you will use this data only for
lawful purposes and that, under no circumstances will you use this data to:
(1) allow, enable, or otherwise support the transmission by email,telephone,or facsimile of mass, unsolicited, commercial advertising, or spam; or
(2) enable high volume, automated, or electronic processes that send queries,data, or email to MarkMonitor (or its systems) or the domain name contacts (orits systems)。
MarkMonitor.com reserves the right to modify these terms at any time.
By submitting this query, you agree to abide by this policy.
MarkMonitor is the Global Leader in Online Brand Protection.
MarkMonitor Domain Management(TM)
MarkMonitor Brand Protection(TM)
MarkMonitor AntiCounterfeiting(TM)
MarkMonitor AntiPiracy(TM)
MarkMonitor AntiFraud(TM)
Professional and Managed Services
Visit MarkMonitor at https://www.markmonitor.com
Contact us at +1.8007459229
In Europe, at +44.02032062220
从以上输出信息可以看到获取到域名baidu.com的相关WHOIS信息。例如,注册商域名ID为11181110_DOMAIN_COM-VRSN、注册的WHOIS服务器为whois.markmonitor.com、创建时间为1999-10-11T11:05:17Z等。
3. 使用DMitry工具
DMitry工具是用来查询IP或域名WHOIS信息的。使用该工具查询WHOIS信息的语法格式如下:
dmitry -w [domain]
以上语法中的选项及含义如下:
-w:对指定的域名实施WHOIS查询。
domain:指定查询的域名。
使用DMitry工具查询域名baidu.com的WHOIS信息。执行命令如下:
root@daxueba:~# dmitry -w baidu.com
Deepmagic Information Gathering Tool
“There be some deep magic going on”
HostIP:123.125.115.110 #主机IP地址
HostName:baidu.com #主机名
Gathered Inic-whois information for baidu.com #生成的WHOIS信息
---------------------------------
Domain Name: BAIDU.COM #域名
Registry Domain ID: 11181110_DOMAIN_COM-VRSN #注册域名ID
Registrar WHOIS Server: whois.markmonitor.com #注册WHOIS服务器
Registrar URL: http://www.markmonitor.com #注册者URL
Updated Date: 2021-07-23T02:36:28Z #更新时间
Creation Date: 1999-10-11T11:05:17Z #创建时间
Registry Expiry Date: 2026-10-11T11:05:17Z #过期时间
Registrar: MarkMonitor Inc. #注册者
Registrar IANA ID: 292 #注册者IANA ID
Registrar Abuse Contact Email: abusecomplaints@markmonitor.com #注册者滥用邮件联系人
Registrar Abuse Contact Phone: +1.2083895740 #注册者滥用电话号码
Domain Status: clientDeleteProhibited https://icann.org/epp#clientDelete
Prohibited #域名状态
Domain Status: clientTransferProhibited https://icann.org/epp#client
TransferProhibited
Domain Status: clientUpdateProhibited https://icann.org/epp#client
UpdateProhibited
Domain Status: serverDeleteProhibited https://icann.org/epp#server
DeleteProhibited
Domain Status: serverTransferProhibited https://icann.org/epp#server
TransferProhibited
Domain Status: serverUpdateProhibited https://icann.org/epp#server
UpdateProhibited
Name Server: DNS.BAIDU.COM #域名服务器
Name Server: NS2.BAIDU.COM
Name Server: NS3.BAIDU.COM
Name Server: NS4.BAIDU.COM
Name Server: NS7.BAIDU.COM
DNSSEC: unsigned
URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.
org/wicf/
>>> Last update of whois database: 2021-07-23T10:19:04Z <<<
#最后更新WHOIS数据库时间
For more information on Whois status codes, please visit https://icann.org/epp
NOTICE: The expiration date displayed in this record is the date the
registrar's sponsorship of the domain name registration in the registry is currently set to expire. This date does not necessarily reflect the expiration date of the domain name registrant's agreement with the sponsoring registrar. Users may consult the sponsoring registrar's Whois database to view the registrar's reported date of expiration for this registration.TERMS OF USE: You are not authorized to access or query our Whois database through the use of electronic processes that are high-volume and automated except as reasonably necessary to register domain names or modify existing registrations; the Data in VeriSign Global Registry Services' (“VeriSign”) Whois database is provided by VeriSign for information purposes only, and to assist persons in obtaining information about or related to a domain name registration record. VeriSign does not guarantee its accuracy. By submitting a Whois query, you agree to abide by the following terms of use: You agree that you may use this Data only for lawful purposes and that under no circumstances will you use this Data to: (1) allow, enable, or otherwise support the transmission of mass unsolicited, commercial advertising or solicitations via e-mail, telephone,or facsimile; or (2) enable high volume, automated, electronic processes that apply to VeriSign (or its computer systems)。 The compilation,repackaging, dissemination or other use of this Data is expressly prohibited without the prior written consent of VeriSign. You agree not to use electronic processes that are automated and high-volume to access or query the Whois database except as reasonably necessary to register domain names or modify existing registrations. VeriSign reserves the right to restrict your access to the Whois database in its sole discretion to ensure operational stability. VeriSign may restrict or terminate your access to the Whois database for failure to abide by these terms of use. VeriSign reserves the right to modify these terms at any time.The Registry database contains ONLY .COM, .NET, .EDU domains and Registrars.
All scans completed, exiting
从以上输出信息中可以看到,成功获取到了域名baidu.com相关的WHOIS信息。
