In short: is there any way to get the full whois
-details for domains like apple.com
, using the command line on Max OS X?
Running whois
on the command line for, for example, apple.com
is like searching for all domains that include that phrase. So, thanks to whois-spam, this gets one the following on a Mac or on FreeBSD:
$ whois apple.com Whois Server Version 2.0 [..] APPLE.COM.WWW.BEYONDWHOIS.COM APPLE.COM.MORE.INFO.AT.WWW.BEYONDWHOIS.COM APPLE.COM.IS.OWN3D.BY.NAKEDJER.COM APPLE.COM.IS.0WN3D.BY.GULLI.COM APPLE.COM.BEYONDWHOIS.COM APPLE.COM.AT.WWW.BEYONDWHOIS.COM APPLE.COM To single out one record, look it up with "xxx", where xxx is one of the of the records displayed above. If the records are the same, look them up with "=xxx" to receive a full display for each record.
To get some extra info for all these domains, I can run the command for =apple.com
, like:
$ whois =apple.com Whois Server Version 2.0 [..] Server Name: APPLE.COM.WWW.BEYONDWHOIS.COM IP Address: 203.36.226.2 Registrar: TUCOWS INC. Whois Server: whois.tucows.com Referral URL: http://domainhelp.opensrs.net [..] Domain Name: APPLE.COM Registrar: MARKMONITOR INC. Whois Server: whois.markmonitor.com Referral URL: http://www.markmonitor.com Name Server: NSERVER.APPLE.COM Name Server: NSERVER.ASIA.APPLE.COM [..] Updated Date: 21-jan-2009 Creation Date: 19-feb-1987 Expiration Date: 20-feb-2011
Still, this does not give me the full record, like the one including the contact information:
$ whois -h whois.markmonitor.com apple.com [..] Administrative Contact: Apple Inc. Apple Inc. 1 Infinite Loop Cupertino CA 95014 US [..]
(On Redhat Linux, jwhois
shows only apple.com
but without the contact information; on Debian whois
version 4.7.20 yields summaries of all domains like above, and additional detailed info for the exact matched domain, apparently by doing an additional query at whois.markmonitor.com
for that exact match.)
I even tried to telnet directly, but cannot come up with anything I cannot do using the whois
-command, so I guess that is useless:
$ telnet com.whois-servers.net 43 Trying 199.7.55.74... Connected to whois.verisign-grs.com. Escape character is '^]'. apple.com [..]
So: is there any easier way to get the full details for such domain (for only the exact matched domain), using the command line?
(Thinking that command line whois
would soon be banned in favour of captcha-enabled web interfaces, this never bothered me a lot. But still, I'm curious…)
Best Answer
The whois command looks for the string "Whois Server:" in the output and, if found, will issue the same query again to that server. This is what you want, except it only works for the first match. You can use a command like
whois "domain apple.com"
to get just one match from the default server, but markmonitor (used by apple.com) does not accept that syntax. It would work if you could send "domain apple.com
" to the default server, and thenapple.com
to the second server, like this:However this is specific to these whois servers so will not necessarily work for domains on other whois servers. A robust implementation would probably need to have knowledge of specific query and output formats used by a variety of whois server implementations.