WHOIS for new TLDs

whois / php / linux / scripts

With the huge amount of new TLDs being released over the past few years, the built-in whois client in Linux can't seem to keep its builtin WHOIS server database up-to-date. Here, we'll look at an easy way to determine the registry's WHOIS server, and query it from the shell. Then generate our own whois.conf file to make future lookups seamless.

If you're short on time, jump to the end of the article for a link to the updated whois.conf file containing up-to-date WHOIS servers for the new gTLDs

Determining the correct server

Likely, you've come across a few domains that you've tried to query due to a DNS problem, or to check the registration info, and you came across a message similar to this:

jacob@minorin:~$ whois mori.moe  
No whois server is known for this kind of object.  

This is because the GNU whois program on most Linux distros comes with the WHOIS server list compiled into the binary. The good news is that you can create a /etc/whois.conf file, which contains a list of regular expressions that correspond to WHOIS servers. However, if you don't want to muck around with this, we can use the whois-servers.net DNS entries to determine the correct WHOIS server.

jacob@minorin:~$ dig +short CNAME moe.whois-servers.net  

Yay! Now that we have the WHOIS server, we can use the -h flag in whois to query that server directly. Also, before we move on, it's important to note that "official" source for WHOIS server information is whois.iana.org. For most TLDs, IANA will return an attribute titled whois. Example:

jacob@minorin:~$ whois org -h whois.iana.org | grep whois  
whois:        whois.pir.org  

Moving on to the query:

jacob@minorin:~$ whois mori.moe -h whois.nic.moe  
Domain Name:                                 MORI.MOE  
Domain ID:                                   D389770-MOE  
Sponsoring Registrar:                        BR domain Inc.  
Sponsoring Registrar IANA ID:                1898  
Registrar URL (registration services):       http://www.brdomain.jp  
Domain Status:                               clientTransferProhibited  

You can combine the two if you're lazy and don't want to re-type or copy/paste the server name, like so:

jacob@minorin:~$ whois mori.moe -h `dig +short CNAME moe.whois-servers.net`  

For 3rd level registrations, such as amazon.co.uk, you would query the WHOIS server for the top-level domain (such as uk in this example) in most cases -- however, there are certain 2nd level domains that have their own WHOIS server. If you can't find the domain in the TLD registry's database, do a WHOIS query to IANA for the 2nd level domain to determine if it has its own WHOIS server (eg. whois co.il -h whois.iana.org)

Creating a whois.conf file

For a more elegant solution, you can add the entries for each of the new TLD WHOIS servers to the /etc/whois.conf file. By default, this file doesn't exist, so you'll probably have to create it.

To automate this process, I wrote a simple PHP script which fetches the official list from IANA to enumerate all (public) TLDs, then iterates through the list to determine WHOIS server information from whois-servers.net and whois.iana.org for each of the TLDs. It then uses this information to generate a shiny new whois.conf file and a JSON file that can be used for other purposes.

yc_whoisgen (PHP source, plain text)

As of this writing (15 Mar 2015), there are over 800 top-level domains. You can simply add new entries to your whois.conf as you encounter them, or utilize the script above to generate a new list for yourself. Linked below is updated whois.conf generated by yc_whoisgen

whois.conf (plain text, 07 Mar 2017) — copy to /etc/whois.conf as root

An excerpt from an example whois.conf file showing the regular expression to match a domain on the left, and the WHOIS server where the lookup should be routed on the right side.

\.blue$ whois.afilias.net
\.moe$ whois.nic.moe
\.wtf$ whois.donuts.co
\.ninja$ whois.unitedtld.com

To get started looking up new gTLD domains, you can go ahead and grab the updated config that I've generated above and copy it to /etc/whois.conf. You can also check out the IANA Root Zone Database, if you're still curious about TLDs, or the IANA Official list of TLDs.

Checking out the new whois.conf in vim

Share on : Twitter, Facebook or Google+