the case of the dns whois lookup
3 min readNov 17, 2020
1. registrars VS hosts
- DOMAIN REGISTRAR is the subject where domain names are finally purchased
- DNS HOST is the service / server authoritative for hosting your DNS records
- there are hosting providers that offer domain registration registrars that offer DNS hosting, but the two should not be confused
- selecting a domain name is the first step you make when building a web site
- this semantical layer of the internet, technically, computers are connected with ip addresses
- registration means going through DNS REGISTRAR, which is a company that directly deals with the REGISTRY OPERATORS FOR THE TOP LEVEL DOMAIN
- the global list of domain names is managed by IANA (International Assigned Numbers Authority)
2. IANA
- IANA is a department of ICANN (Internet Corporation for Assigned Names and Numbers) a nonprofit running the root zone management in the DNS
whoiscommand is querying the domain name registry- but the registrar is too up in the hierarchy to the common customers
- usually, a domain name is purchased through a WEB HOSTING PROVIDER that does the work for them and register a domain through the registries on the customer’s behalf
- DNS HOST are servers hosted by DNS HOSTING PROVIDERS and these servers authoritatively respond for your domain
- Sometimes, registrars also offer DNS hosting, but it should not be confused
- DNS Host is mentioned by names of nameservers in the NAMESERVERS part of the whois lookup
3. whois as a protocol
- whois is a query and response protocol for querying DBs storing registered users/assignees of internet resources (domain names, IP address blocks)
- whois is a standard drafted by the internet society
- documented in RFC 3912 — WHOIS Protocol Specification
4. script
- the following script is creating and parsing a whois request
- note: it is relying on jsonwhois.io where you need to register to get your own
$apiKey
param(
[Parameter(Mandatory = $true)][string]$domainName,
[string]$apiKey = "JKS2XytCLNfkYg7i490AnSDo4QZ74lxn"
)
$domainIntro = @"_|___|__
___|___| mrPaul's WHOIS in Terminal
_|___|__
___|___|___|___|___|___|___|___|___|___|___|___|__
_|___|___|___|___|___|___|___|___|___|___|___|___| "@$domainInfo = curl "https://api.jsonwhois.io/whois/domain?key=$apiKey&domain=$domainName" | ConvertFrom-Json
Write-Host $domainIntro -ForegroundColor CyanWrite-Host "1. THE BASICS" -ForegroundColor Cyan
$domainInfo.result | Select-Object name, created, changed, expires, dnssec, registered | Format-ListWrite-Host "2. REGISTRAR" -ForegroundColor Cyan
$domainInfo.result.registrar | Format-ListWrite-Host "3. NAMESERVERS`n" -ForegroundColor Cyan
$domainInfo.result.nameservers | Format-List | Write-Host "`n"
5. demo
whoiscmdlet whois.ps1 at command pipeline position 1
Supply values for the following parameters:
domainName: amazon.com
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 850 100 850 0 0 850 0 0:00:01 --:--:-- 0:00:01 1158_|___|__
___|___| mrPaul's WHOIS in Terminal
_|___|__
___|___|___|___|___|___|___|___|___|___|___|___|__
_|___|___|___|___|___|___|___|___|___|___|___|___| 1. THE BASICSname : amazon.com
created : 1994-11-01 05:00:00
changed : 2019-05-07 20:09:37
expires : 2024-10-31 04:00:00
dnssec : True
registered : True
2. REGISTRARid : 292
name : MarkMonitor Inc.
email :
url :3. NAMESERVERS
NS1.P31.DYNECT.NET
NS2.P31.DYNECT.NET
NS3.P31.DYNECT.NET
NS4.P31.DYNECT.NET
PDNS1.ULTRADNS.NET
PDNS6.ULTRADNS.CO.UK
