Fetch IP whois data from terminal using telnet

By | March 27, 2013

In a previous article we saw how to fetch the whois data of a domain from the terminal. Now here we shall see how to perform a whois for an ip address from the terminal.

Get your ip address from ipmango.com.
I got this IP :

Little Theory

The information about any ip or ip range is stored in the Regional Internet Registry.
The 5 internet registries in the world are

1. APNIC - India , China , Australia
Whois server : whois.apnic.net

2. AFRINIC - All of Africa continent
Whois server : whois.afrinic.net

3. ARIN - Usa and Canada
Whois server : whois.arin.net

4. RIPE NCC - Greenland , Russia , Europe and middle east
Whois server : whois.ripe.net

5. LACNIC - Mexico and South America continent
Whois server : whois.lacnic.net

Perform the Whois query

Open your terminal and type :

desktop:~$ telnet whois.apnic.net 43
Connected to whois.apnic.net.
Escape character is '^]'.
% [whois.apnic.net node-2]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

Now we are connected to the whois server. Now enter the IP address and hit enter
inetnum: -
netname:        BB-2-2
descr:          Broadband Project2.2, O/o DGM BB, NOC BSNL Bangalore
country:        IN
admin-c:        BH155-AP
tech-c:         DB374-AP
mnt-by:         MAINT-IN-DOT
mnt-irt:        IRT-BSNL-IN
changed:        [email protected] 20110218
source:         APNIC
descr:        BSNL Internet
country:      IN
origin:       AS9829
mnt-lower:    MAINT-IN-DOT
mnt-routes:   MAINT-IN-DOT
mnt-by:       MAINT-IN-AS9829
changed:      [email protected] 20060404
changed:      [email protected] 20060404
source:       APNIC
person:         BSNL Hostmaster
nic-hdl:        BH155-AP
e-mail:         [email protected]
address:        Broadband Networks
address:        Bharat Sanchar Nigam Limited
address:        2nd Floor, Telephone Exchange, Sector 62
address:        Noida
phone:          +91-120-2404243
fax-no:         +91-120-2404241
country:        IN
changed:        [email protected] 20021108
mnt-by:         MAINT-IN-PER-DOT
source:         APNIC
person:         DGM Broadband
address:        BSNL NOC Bangalore
country:        IN
phone:          +91-080-25805800
fax-no:         +91-080-25800022
e-mail:         [email protected]
nic-hdl:        DB374-AP
mnt-by:         MAINT-IN-PER-DOT
changed:        [email protected] 20110218
source:         APNIC
Connection closed by foreign host.

Now we get plenty of information about the IP address , like its ISP , IP Range , Country and so on.

Now lets try a different IP say :

desktop:~$ telnet whois.apnic.net 43
Connected to whois.apnic.net.
Escape character is '^]'.
% [whois.apnic.net node-1]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html
inetnum: -
netname:      ARIN-CIDR-BLOCK
descr:        Not allocated by APNIC
remarks:      ------------------------------------------------------
remarks:      Important:
remarks:      Details of networks in this range are not registered
remarks:      in the APNIC Whois Database.
remarks:      Please search the ARIN Whois, which contains
remarks:      details of IP addresses allocated in North America,
remarks:      parts of the Caribbean, and sub-equatorial Africa:
remarks:      website:  https://ws.arin.net/whois
remarks:      command line: whois.arin.net
remarks:      ------------------------------------------------------
country:      AU
admin-c:      IANA1-AP
tech-c:       IANA1-AP
mnt-by:       MAINT-APNIC-AP
mnt-lower:    MAINT-APNIC-AP
changed:      [email protected] 20030403
changed:      [email protected] 20040926
changed:      [email protected] 20090501
source:       APNIC
role:           Internet Assigned Numbers Authority
address:        see http://www.iana.org.
e-mail:         [email protected]net
admin-c:        IANA1-AP
tech-c:         IANA1-AP
nic-hdl:        IANA1-AP
remarks:        For more information on IANA services
remarks:        go to IANA web site at http://www.iana.org.
mnt-by:         MAINT-APNIC-AP
changed:        [email protected] 20110811
source:         APNIC
Connection closed by foreign host.

We see that APNIC did not provide any information about this IP, but says that this IP is allocated to ARIN registry.

So we perform whois query on the arin whois server that is whois.arin.net

desktop:~$ telnet whois.arin.net 43
Connected to whois.arin.net.
Escape character is '^]'.
# Query terms are ambiguous.  The query is assumed to be:
#     "n"
# Use "?" to get help.
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=
NetRange: -
NetName:        MICROSOFT-1BLK
NetHandle:      NET-65-52-0-0-1
Parent:         NET-65-0-0-0-0
NetType:        Direct Assignment
RegDate:        2001-02-14
Updated:        2004-12-09
Ref:            http://whois.arin.net/rest/net/NET-65-52-0-0-1
OrgName:        Microsoft Corp
OrgId:          MSFT
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        1998-07-10
Updated:        2011-04-26
Ref:            http://whois.arin.net/rest/org/MSFT
OrgNOCHandle: ZM23-ARIN
OrgNOCName:   Microsoft Corporation
OrgNOCPhone:  +1-425-882-8080
OrgNOCEmail:  [email protected]
OrgNOCRef:    http://whois.arin.net/rest/poc/ZM23-ARIN
OrgTechHandle: MSFTP-ARIN
OrgTechName:   MSFT-POC
OrgTechPhone:  +1-425-882-8080
OrgTechEmail:  [email protected]
OrgTechRef:    http://whois.arin.net/rest/poc/MSFTP-ARIN
OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName:   Hotmail Abuse
OrgAbusePhone:  +1-425-882-8080
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/HOTMA-ARIN
OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-425-882-8080
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/ABUSE231-ARIN
OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName:   MSN ABUSE
OrgAbusePhone:  +1-425-882-8080
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/MSNAB-ARIN
RTechHandle: ZM23-ARIN
RTechName:   Microsoft Corporation
RTechPhone:  +1-425-882-8080
RTechEmail:  [email protected]
RTechRef:    http://whois.arin.net/rest/poc/ZM23-ARIN
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
Connection closed by foreign host.

So now the ARIN whois server gives the required information. Similary the whois details of IPs of RIPE , AFRINIC and LACNIC regions can be found.

About Silver Moon

A Tech Enthusiast, Blogger, Linux Fan and a Software Developer. Writes about Computer hardware, Linux and Open Source software and coding in Python, Php and Javascript. He can be reached at [email protected].

One thought on “Fetch IP whois data from terminal using telnet

Leave a Reply

Your email address will not be published. Required fields are marked *