Fetch IP whois data from terminal using telnet

In a previous article we saw how to fetch the whois data of a domain from the terminal. Now here we shall see how to perform a whois for an ip address from the terminal.

Get your ip address from ipmango.com.
I got this IP :

Little Theory

The information about any ip or ip range is stored in the Regional Internet Registry.
The 5 internet registries in the world are

1. APNIC - India , China , Australia
Whois server : whois.apnic.net

2. AFRINIC - All of Africa continent
Whois server : whois.afrinic.net

3. ARIN - Usa and Canada
Whois server : whois.arin.net

4. RIPE NCC - Greenland , Russia , Europe and middle east
Whois server : whois.ripe.net

5. LACNIC - Mexico and South America continent
Whois server : whois.lacnic.net

Perform the Whois query

Open your terminal and type :

desktop:~$ telnet whois.apnic.net 43
Connected to whois.apnic.net.
Escape character is '^]'.
% [whois.apnic.net node-2]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

Now we are connected to the whois server. Now enter the IP address and hit enter
inetnum: -
netname:        BB-2-2
descr:          Broadband Project2.2, O/o DGM BB, NOC BSNL Bangalore
country:        IN
admin-c:        BH155-AP
tech-c:         DB374-AP
mnt-by:         MAINT-IN-DOT
mnt-irt:        IRT-BSNL-IN
changed:        [email protected] 20110218
source:         APNIC

descr:        BSNL Internet
country:      IN
origin:       AS9829
mnt-lower:    MAINT-IN-DOT
mnt-routes:   MAINT-IN-DOT
mnt-by:       MAINT-IN-AS9829
changed:      [email protected]sancharnet.in 20060404
changed:      [email protected] 20060404
source:       APNIC

person:         BSNL Hostmaster
nic-hdl:        BH155-AP
e-mail:         [email protected]
address:        Broadband Networks
address:        Bharat Sanchar Nigam Limited
address:        2nd Floor, Telephone Exchange, Sector 62
address:        Noida
phone:          +91-120-2404243
fax-no:         +91-120-2404241
country:        IN
changed:        [email protected] 20021108
mnt-by:         MAINT-IN-PER-DOT
source:         APNIC

person:         DGM Broadband
address:        BSNL NOC Bangalore
country:        IN
phone:          +91-080-25805800
fax-no:         +91-080-25800022
e-mail:         [email protected]
nic-hdl:        DB374-AP
mnt-by:         MAINT-IN-PER-DOT
changed:        [email protected] 20110218
source:         APNIC

Connection closed by foreign host.

Now we get plenty of information about the IP address , like its ISP , IP Range , Country and so on.

Now lets try a different IP say :

desktop:~$ telnet whois.apnic.net 43
Connected to whois.apnic.net.
Escape character is '^]'.
% [whois.apnic.net node-1]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html
inetnum: -
netname:      ARIN-CIDR-BLOCK
descr:        Not allocated by APNIC
remarks:      ------------------------------------------------------
remarks:      Important:
remarks:      Details of networks in this range are not registered
remarks:      in the APNIC Whois Database.
remarks:      Please search the ARIN Whois, which contains
remarks:      details of IP addresses allocated in North America,
remarks:      parts of the Caribbean, and sub-equatorial Africa:
remarks:      website:  https://ws.arin.net/whois
remarks:      command line: whois.arin.net
remarks:      ------------------------------------------------------
country:      AU
admin-c:      IANA1-AP
tech-c:       IANA1-AP
mnt-by:       MAINT-APNIC-AP
mnt-lower:    MAINT-APNIC-AP
changed:      [email protected] 20030403
changed:      [email protected] 20040926
changed:      [email protected] 20090501
source:       APNIC

role:           Internet Assigned Numbers Authority
address:        see http://www.iana.org.
e-mail:         [email protected]
admin-c:        IANA1-AP
tech-c:         IANA1-AP
nic-hdl:        IANA1-AP
remarks:        For more information on IANA services
remarks:        go to IANA web site at http://www.iana.org.
mnt-by:         MAINT-APNIC-AP
changed:        [email protected] 20110811
source:         APNIC

Connection closed by foreign host.

We see that APNIC did not provide any information about this IP, but says that this IP is allocated to ARIN registry.

So we perform whois query on the arin whois server that is whois.arin.net

desktop:~$ telnet whois.arin.net 43
Connected to whois.arin.net.
Escape character is '^]'.
# Query terms are ambiguous.  The query is assumed to be:
#     "n"
# Use "?" to get help.

# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=

NetRange: -
NetName:        MICROSOFT-1BLK
NetHandle:      NET-65-52-0-0-1
Parent:         NET-65-0-0-0-0
NetType:        Direct Assignment
RegDate:        2001-02-14
Updated:        2004-12-09
Ref:            http://whois.arin.net/rest/net/NET-65-52-0-0-1

OrgName:        Microsoft Corp
OrgId:          MSFT
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        1998-07-10
Updated:        2011-04-26
Ref:            http://whois.arin.net/rest/org/MSFT

OrgNOCHandle: ZM23-ARIN
OrgNOCName:   Microsoft Corporation
OrgNOCPhone:  +1-425-882-8080 
OrgNOCEmail:  [email protected]
OrgNOCRef:    http://whois.arin.net/rest/poc/ZM23-ARIN

OrgTechHandle: MSFTP-ARIN
OrgTechName:   MSFT-POC
OrgTechPhone:  +1-425-882-8080 
OrgTechEmail:  [email protected]
OrgTechRef:    http://whois.arin.net/rest/poc/MSFTP-ARIN

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName:   Hotmail Abuse
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/HOTMA-ARIN

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/ABUSE231-ARIN

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName:   MSN ABUSE
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/MSNAB-ARIN

RTechHandle: ZM23-ARIN
RTechName:   Microsoft Corporation
RTechPhone:  +1-425-882-8080 
RTechEmail:  [email protected]
RTechRef:    http://whois.arin.net/rest/poc/ZM23-ARIN

# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html

Connection closed by foreign host.

So now the ARIN whois server gives the required information. Similary the whois details of IPs of RIPE , AFRINIC and LACNIC regions can be found.

Last Updated On : 27th March 2013

Subscribe to get updates delivered to your inbox

About Silver Moon

Php developer, blogger and Linux enthusiast. He can be reached at [email protected]. Or find him on

1 Comment + Add Comment

  • :-))
    pls keep notified on updates & changes … thanks :))

Leave a comment

Connect with us