In a previous article we saw how to fetch the whois data of a domain from the terminal. Now here we shall see how to perform a whois for an ip address from the terminal.
Get your ip address from ipmango.com.
I got this IP : 126.96.36.199
The information about any ip or ip range is stored in the Regional Internet Registry.
The 5 internet registries in the world are
1. APNIC - India , China , Australia Whois server : whois.apnic.net 2. AFRINIC - All of Africa continent Whois server : whois.afrinic.net 3. ARIN - Usa and Canada Whois server : whois.arin.net 4. RIPE NCC - Greenland , Russia , Europe and middle east Whois server : whois.ripe.net 5. LACNIC - Mexico and South America continent Whois server : whois.lacnic.net
Perform the Whois query
Open your terminal and type :
desktop:~$ telnet whois.apnic.net 43 Trying 188.8.131.52... Connected to whois.apnic.net. Escape character is '^]'. % [whois.apnic.net node-2] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
Now we are connected to the whois server. Now enter the IP address and hit enter
184.108.40.206 inetnum: 220.127.116.11 - 18.104.22.168 netname: BB-2-2 descr: Broadband Project2.2, O/o DGM BB, NOC BSNL Bangalore country: IN admin-c: BH155-AP tech-c: DB374-AP status: ASSIGNED NON-PORTABLE mnt-by: MAINT-IN-DOT mnt-irt: IRT-BSNL-IN changed: [email protected] 20110218 source: APNIC route: 22.214.171.124/20 descr: BSNL Internet country: IN origin: AS9829 mnt-lower: MAINT-IN-DOT mnt-routes: MAINT-IN-DOT mnt-by: MAINT-IN-AS9829 changed: [email protected] 20060404 changed: [email protected] 20060404 source: APNIC person: BSNL Hostmaster nic-hdl: BH155-AP e-mail: hostma[email protected] address: Broadband Networks address: Bharat Sanchar Nigam Limited address: 2nd Floor, Telephone Exchange, Sector 62 address: Noida phone: +91-120-2404243 fax-no: +91-120-2404241 country: IN changed: [email protected] 20021108 mnt-by: MAINT-IN-PER-DOT source: APNIC person: DGM Broadband address: BSNL NOC Bangalore country: IN phone: +91-080-25805800 fax-no: +91-080-25800022 e-mail: [email protected] nic-hdl: DB374-AP mnt-by: MAINT-IN-PER-DOT changed: [email protected] 20110218 source: APNIC Connection closed by foreign host.
Now we get plenty of information about the IP address , like its ISP , IP Range , Country and so on.
Now lets try a different IP say : 126.96.36.199
desktop:~$ telnet whois.apnic.net 43 Trying 188.8.131.52... Connected to whois.apnic.net. Escape character is '^]'. % [whois.apnic.net node-1] % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html 184.108.40.206 inetnum: 220.127.116.11 - 18.104.22.168 netname: ARIN-CIDR-BLOCK descr: Not allocated by APNIC remarks: ------------------------------------------------------ remarks: remarks: Important: remarks: remarks: Details of networks in this range are not registered remarks: in the APNIC Whois Database. remarks: remarks: Please search the ARIN Whois, which contains remarks: details of IP addresses allocated in North America, remarks: parts of the Caribbean, and sub-equatorial Africa: remarks: remarks: website: https://ws.arin.net/whois remarks: command line: whois.arin.net remarks: remarks: ------------------------------------------------------ country: AU admin-c: IANA1-AP tech-c: IANA1-AP mnt-by: MAINT-APNIC-AP mnt-lower: MAINT-APNIC-AP status: ALLOCATED PORTABLE changed: [email protected] 20030403 changed: [email protected] 20040926 changed: [email protected] 20090501 source: APNIC role: Internet Assigned Numbers Authority address: see http://www.iana.org. country: phone: e-mail: [email protected] admin-c: IANA1-AP tech-c: IANA1-AP nic-hdl: IANA1-AP remarks: For more information on IANA services remarks: go to IANA web site at http://www.iana.org. mnt-by: MAINT-APNIC-AP changed: [email protected] 20110811 source: APNIC Connection closed by foreign host.
We see that APNIC did not provide any information about this IP, but says that this IP is allocated to ARIN registry.
So we perform whois query on the arin whois server that is whois.arin.net
So now the ARIN whois server gives the required information. Similary the whois details of IPs of RIPE , AFRINIC and LACNIC regions can be found.