no whois info ?
william(at)elan.net
william at elan.net
Thu Dec 9 16:17:19 UTC 2004
On Thu, 9 Dec 2004, Mike Tancsa wrote:
> While doing a quick sample of my spam to see where spamvertized web sites
> were hosted and registered, I came across the domain vestigial3had.com
>
> shell1% whois vestigial3had.com
...
> No match for "VESTIGIAL3HAD.COM".
> What gives ? How can their be no whois info anywhere ?
Read NANOG archives - Verisign now allows immediate (well, within about 10
minutes) updates of .com/.net zones (also same for .biz) while whois data
is still updated once or twice a day. That means if spammer registers new
domain he'll be able to use it immediatly and it'll not yet show up in
whois (and so not be immediatly identifiable to spam reporting tools) -
and spammers are in fact using this "feature" more and more!
Now it so happens that I've long ago added internal dns resolver code
into completewhois engine to find list of nameservers (because whois
for some CCtld was not showing it and sometimes even for internic it
was wrong) and now this is done by default on ALL domains (no matter
if they show up in whois or not) and if nameservers from whois are
available they are compared to the list of the nameservers reported
from dns and both are shown. For your domain I see the following
(which nicely explains it to those who are surprised about not
seeing real whois):
$ whois -h whois.completewhois.com vestigial3had.com
[whois.completewhois.com]
Elan Completewhois.Com Whois Server, Version 0.91a16, compiled on Dec 7, 2004
Please see http://www.completewhois.com/help.htm for command-line options
Use of this server and any information obtained here is allowed only
if you follow our policies at http://www.completewhois.com/policies.htm
[DOMAIN whois information for VESTIGIAL3HAD.COM ]
Domain Name: VESTIGIAL3HAD.COM
Namespace: ICANN Unsponsored Generic TLD - http://www.icann.org
TLD Info: See IANA Whois - http://www.iana.org/root-whois/com.htm
Registry: VeriSign, Inc. - http://www.verisign-grs.com
Registrar: Whois data parsing problem, no registrar information found
Whois Server: rs.internic.net
Name Server[from dns, dns ip]: NS2.KRONUNA.BIZ 219.154.96.29
Name Server[from dns, dns ip]: NS1.KRONUNA.BIZ 200.124.75.9
Domain VESTIGIAL3HAD.COM not found in registry whois server.
But this domain appears to be deligated in dns. This is either an error
with registrar whois database or it is possible this domain was recently
registered and whois data is not yet available. Completewhois domain
information above should list current nameservers as has been found in
dns, for more information regarding this domain, please do whois lookup on
these nameservers or ips
P.S. If you're going to do whois on nameserver ips next, then you can
do the following combined lookup:
$ whois -h whois.completewhois.com "nsips vestigial3had.com"
But so you don't all overwhelm the engine with same query, I saved you the
results, you can retreive with "whois -h completewhois.com R#75944680" or at
http://www.completewhois.com/cgi-bin/whois.cgi?query=75944680&options=retrieve
---
William Leibzon
Elan Networks
william at elan.net
More information about the NANOG
mailing list