Fetch IP whois data from terminal using telnet

By | March 27, 2013

In a previous article we saw how to fetch the whois data of a domain from the terminal. Now here we shall see how to perform a whois for an ip address from the terminal.

Get your ip address from ipmango.com.
I got this IP : 59.93.210.154

Little Theory

The information about any ip or ip range is stored in the Regional Internet Registry.
The 5 internet registries in the world are

1. APNIC - India , China , Australia
Whois server : whois.apnic.net

2. AFRINIC - All of Africa continent
Whois server : whois.afrinic.net

3. ARIN - Usa and Canada
Whois server : whois.arin.net

4. RIPE NCC - Greenland , Russia , Europe and middle east
Whois server : whois.ripe.net

5. LACNIC - Mexico and South America continent
Whois server : whois.lacnic.net

Perform the Whois query

Open your terminal and type :

desktop:~$ telnet whois.apnic.net 43
Trying 202.12.29.220...
Connected to whois.apnic.net.
Escape character is '^]'.
% [whois.apnic.net node-2]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

Now we are connected to the whois server. Now enter the IP address and hit enter

59.93.210.154
inetnum:        59.92.0.0 - 59.95.255.255
netname:        BB-2-2
descr:          Broadband Project2.2, O/o DGM BB, NOC BSNL Bangalore
country:        IN
admin-c:        BH155-AP
tech-c:         DB374-AP
status:         ASSIGNED NON-PORTABLE
mnt-by:         MAINT-IN-DOT
mnt-irt:        IRT-BSNL-IN
changed:        [email protected] 20110218
source:         APNIC

route:        59.93.208.0/20
descr:        BSNL Internet
country:      IN
origin:       AS9829
mnt-lower:    MAINT-IN-DOT
mnt-routes:   MAINT-IN-DOT
mnt-by:       MAINT-IN-AS9829
changed:      [email protected] 20060404
changed:      [email protected] 20060404
source:       APNIC

person:         BSNL Hostmaster
nic-hdl:        BH155-AP
e-mail:         [email protected]
address:        Broadband Networks
address:        Bharat Sanchar Nigam Limited
address:        2nd Floor, Telephone Exchange, Sector 62
address:        Noida
phone:          +91-120-2404243
fax-no:         +91-120-2404241
country:        IN
changed:        [email protected] 20021108
mnt-by:         MAINT-IN-PER-DOT
source:         APNIC

person:         DGM Broadband
address:        BSNL NOC Bangalore
country:        IN
phone:          +91-080-25805800
fax-no:         +91-080-25800022
e-mail:         [email protected]
nic-hdl:        DB374-AP
mnt-by:         MAINT-IN-PER-DOT
changed:        [email protected] 20110218
source:         APNIC


Connection closed by foreign host.

Now we get plenty of information about the IP address , like its ISP , IP Range , Country and so on.

Now lets try a different IP say : 65.55.12.249

desktop:~$ telnet whois.apnic.net 43
Trying 202.12.29.220...
Connected to whois.apnic.net.
Escape character is '^]'.
% [whois.apnic.net node-1]
% Whois data copyright terms    http://www.apnic.net/db/dbcopyright.html

65.55.12.249
inetnum:      65.0.0.0 - 65.255.255.255
netname:      ARIN-CIDR-BLOCK
descr:        Not allocated by APNIC
remarks:      ------------------------------------------------------
remarks:
remarks:      Important:
remarks:
remarks:      Details of networks in this range are not registered
remarks:      in the APNIC Whois Database.
remarks:
remarks:      Please search the ARIN Whois, which contains
remarks:      details of IP addresses allocated in North America,
remarks:      parts of the Caribbean, and sub-equatorial Africa:
remarks:
remarks:      website:  https://ws.arin.net/whois
remarks:      command line: whois.arin.net
remarks:
remarks:      ------------------------------------------------------
country:      AU
admin-c:      IANA1-AP
tech-c:       IANA1-AP
mnt-by:       MAINT-APNIC-AP
mnt-lower:    MAINT-APNIC-AP
status:       ALLOCATED PORTABLE
changed:      [email protected] 20030403
changed:      [email protected] 20040926
changed:      [email protected] 20090501
source:       APNIC

role:           Internet Assigned Numbers Authority
address:        see http://www.iana.org.
country:      
phone: 
e-mail:         [email protected]
admin-c:        IANA1-AP
tech-c:         IANA1-AP
nic-hdl:        IANA1-AP
remarks:        For more information on IANA services
remarks:        go to IANA web site at http://www.iana.org.
mnt-by:         MAINT-APNIC-AP
changed:        [email protected] 20110811
source:         APNIC


Connection closed by foreign host.

We see that APNIC did not provide any information about this IP, but says that this IP is allocated to ARIN registry.

So we perform whois query on the arin whois server that is whois.arin.net

desktop:~$ telnet whois.arin.net 43
Trying 199.212.0.46...
Connected to whois.arin.net.
Escape character is '^]'.
65.55.12.249
#
# Query terms are ambiguous.  The query is assumed to be:
#     "n 65.55.12.249"
#
# Use "?" to get help.
#

#
# The following results may also be obtained via:
# http://whois.arin.net/rest/nets;q=65.55.12.249?showDetails=true&showARIN=false&ext=netref2
#

NetRange:       65.52.0.0 - 65.55.255.255
CIDR:           65.52.0.0/14
OriginAS:       
NetName:        MICROSOFT-1BLK
NetHandle:      NET-65-52-0-0-1
Parent:         NET-65-0-0-0-0
NetType:        Direct Assignment
RegDate:        2001-02-14
Updated:        2004-12-09
Ref:            http://whois.arin.net/rest/net/NET-65-52-0-0-1


OrgName:        Microsoft Corp
OrgId:          MSFT
Address:        One Microsoft Way
City:           Redmond
StateProv:      WA
PostalCode:     98052
Country:        US
RegDate:        1998-07-10
Updated:        2011-04-26
Ref:            http://whois.arin.net/rest/org/MSFT

OrgNOCHandle: ZM23-ARIN
OrgNOCName:   Microsoft Corporation
OrgNOCPhone:  +1-425-882-8080 
OrgNOCEmail:  [email protected]
OrgNOCRef:    http://whois.arin.net/rest/poc/ZM23-ARIN

OrgTechHandle: MSFTP-ARIN
OrgTechName:   MSFT-POC
OrgTechPhone:  +1-425-882-8080 
OrgTechEmail:  [email protected]
OrgTechRef:    http://whois.arin.net/rest/poc/MSFTP-ARIN

OrgAbuseHandle: HOTMA-ARIN
OrgAbuseName:   Hotmail Abuse
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/HOTMA-ARIN

OrgAbuseHandle: ABUSE231-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/ABUSE231-ARIN

OrgAbuseHandle: MSNAB-ARIN
OrgAbuseName:   MSN ABUSE
OrgAbusePhone:  +1-425-882-8080 
OrgAbuseEmail:  [email protected]
OrgAbuseRef:    http://whois.arin.net/rest/poc/MSNAB-ARIN

RTechHandle: ZM23-ARIN
RTechName:   Microsoft Corporation
RTechPhone:  +1-425-882-8080 
RTechEmail:  [email protected]
RTechRef:    http://whois.arin.net/rest/poc/ZM23-ARIN

#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/whois_tou.html
#

Connection closed by foreign host.

So now the ARIN whois server gives the required information. Similary the whois details of IPs of RIPE , AFRINIC and LACNIC regions can be found.

About Silver Moon

A Tech Enthusiast, Blogger, Linux Fan and a Software Developer. Writes about Computer hardware, Linux and Open Source software and coding in Python, Php and Javascript. He can be reached at [email protected].

One Comment

Fetch IP whois data from terminal using telnet

Leave a Reply

Your email address will not be published. Required fields are marked *