Whois information of ip address
IP addresses are in the form of a.a.a.a where each letter is a number from 0-255. And every ip address has some information associated to it.
For example which isp or organisation has been allotted that ip address and where is that organisation located. This in turn tells the location of the ip address.
The information about an ip address is found through its whois data. The whois data is available at the regional internet registry of the IP address.
The inventors of internet divided the world into 5 regions, each having its own set of ip addresses to use.
These are called regional internet registries. They are
APNIC AFRINIC ARIN LACNIC RIPE NCC
Check out the wikipedia article to find out, which RIR do you fall in. Coming back to whois, the fact is that the whois information of an ip address is available at the whois server of its RIR.
The inventors of internet allotted entire sets of ip addresses to each of these regions. The allottment details can be seen at the iana website.
By looking at the allotment list we can find out the whois server of an ip address, and then query the corresponding ip address for the whois data.
IPs which have not been allotted to any RIR, will have their whois information at whois.iana.org
To fetch the whois data of an IP address , the steps are as follows
1. Contact whois.iana.org and ask for the RIR whois server of the ip address. 2. Contact the whois server of the RIR and get the whois details of the ip address.
Code
<?php /* Program to get IP whois data */ $ip = "74.65.112.23"; $whois = get_whois($ip); print $whois; /** Get the whois content of an ip by selecting the correct server */ function get_whois($ip) { $w = get_whois_from_server('whois.iana.org' , $ip); print "Response: " . PHP_EOL; print $w; print PHP_EOL; preg_match("#whois:\s*([\w.]*)#si" , $w , $data); $whois_server = $data[1]; print "Whois Server: $whois_server " . PHP_EOL; // now get actual whois data $whois_data = get_whois_from_server($whois_server , $ip); return $whois_data; } /** Get the whois result from a whois server return text */ function get_whois_from_server($server , $ip) { $data = ''; // Before connecting lets check whether server alive or not $server = trim($server); if(!strlen($server)) { print "Blank string provided for server" . PHP_EOL; die(); } // Create the socket and connect print "Connecting to server $server ..."; $f = fsockopen($server, 43, $errno, $errstr, 3); //Open a new connection if(!$f) { print "Failed"; return false; } print "Done" . PHP_EOL; // Set the timeout limit for read if(!stream_set_timeout($f , 3)) { die('Unable to set set_timeout'); #Did this solve the problem ? } // Send the IP to the whois server if($f) { print "Sending request for ip: $ip" . PHP_EOL; $message = $ip . "\r\n"; fputs($f, $message); } /* Theory : stream_set_timeout must be set after a write and before a read for it to take effect on the read operation If it is set before the write then it will have no effect : http://in.php.net/stream_set_timeout */ // Set the timeout limit for read if( !stream_set_timeout($f , 3) ) { die('Unable to stream_set_timeout'); #Did this solve the problem ? } // Set socket in non-blocking mode stream_set_blocking ($f, 0 ); // If connection still valid if($f) { print "Starting to read socket".PHP_EOL; while (!feof($f)) { //print "Read attempt...".PHP_EOL; $data .= fread($f , 128); } } // Now return the data return $data; }
The function get_whois_from_server
is a generic function that can contact any whois server and make a request based on the ip address provided. It then collects the results and returns it back.
Output
To run the program simply use the php command from the command line.
$ php whois.php
$ php whois.php Connecting to server whois.iana.org ...Done Sending request for ip: 74.65.112.23 Starting to read socket Response: % IANA WHOIS server % for more information on IANA, visit http://www.iana.org % This query returned 1 object refer: whois.arin.net inetnum: 74.0.0.0 - 74.255.255.255 organisation: ARIN status: ALLOCATED whois: whois.arin.net changed: 2005-06 source: IANA Whois Server: whois.arin.net Connecting to server whois.arin.net ...Done Sending request for ip: 74.65.112.23 Starting to read socket # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2020, American Registry for Internet Numbers, Ltd. # # # Query terms are ambiguous. The query is assumed to be: # "n 74.65.112.23" # # Use "?" to get help. # NetRange: 74.64.0.0 - 74.79.255.255 CIDR: 74.64.0.0/12 NetName: RRNY NetHandle: NET-74-64-0-0-1 Parent: NET74 (NET-74-0-0-0-0) NetType: Direct Allocation OriginAS: Organization: Charter Communications Inc (CC-3517) RegDate: 2006-03-27 Updated: 2007-01-29 Ref: https://rdap.arin.net/registry/ip/74.64.0.0 OrgName: Charter Communications Inc OrgId: CC-3517 Address: 6399 S. Fiddler's Green Circle City: Greenwood Village StateProv: CO PostalCode: 80111 Country: US RegDate: 2018-10-10 Updated: 2018-11-27 Comment: Legacy Time Warner Cable IP Assets Ref: https://rdap.arin.net/registry/entity/CC-3517 OrgAbuseHandle: ABUSE10-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-855-222-7342 OrgAbuseEmail: [email protected] OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE10-ARIN OrgTechHandle: IPADD1-ARIN OrgTechName: IPAddressing OrgTechPhone: +1-314-288-3111 OrgTechEmail: [email protected] OrgTechRef: https://rdap.arin.net/registry/entity/IPADD1-ARIN # # ARIN WHOIS data and services are subject to the Terms of Use # available at: https://www.arin.net/resources/registry/whois/tou/ # # If you see inaccuracies in the results, please report at # https://www.arin.net/resources/registry/whois/inaccuracy_reporting/ # # Copyright 1997-2020, American Registry for Internet Numbers, Ltd. #
how to written with different IP?
whois lookup perfect!
gethostbyname(‘www.google.com’);
The script has to be written to use a different IP, since outgoing traffic will utilize the server’s main IP unless the script has been written to use another IP
ouwehaaa
Hey mate i have made a powerful whois script which show whois and website information http://mkj.co.in/?p=52