Get WHOIS information using PowerShell

For the last few days, I have been working on an issue involving getting an overview of the networks and public IP addresses. Because I was unsure if the public IP addresses in some logs were from that company, I had to look up a lot of IPs manually using Ripe/Whois sites. This blog post shows you how to get details for your Public IP or the address or domain name you specify.

Requirements of the script

The script should be a function that I can call quickly and shows me the details of the public IP address for my location by default, and it should be possible to specify a specific IP address or domain name to get the details from that.

Running the script

Without the PublicIPaddressOrName parameter

Below is a part of the screen output of running the Get-WhoisInfo function without the PublicIPaddressOrName parameter. It shows my public IP details which, in this case (for not showing my public IP) from a tethered connection from my KPN SIM.

With the PublicIPaddressOrName parameter

Below is a part of the screen output of running the Get-WhoisInfo function with the PublicIPaddressOrName parameter. It shows the details for 8.8.8.8 in this example. You can also use Get-WhoisInfo -PublicIPaddressOrName google.com to get details from that…

The script

Below is the script itself. It needs to have the PSParseHTML installed and will install it for you when needed, which could give you a one-time installation question.

Note: You sometimes get time-outs from the whois.com website, and then no results are returned 🙁 This is mainly the case for domain names. Ip- addresses seem to work just fine.

function Get-WhoisInfo {
    param(
        [parameter(Mandatory = $false)][string]$PublicIPaddressOrName
    )

    #Check if the module PSParseHTML is installed and install
    #the module if it's not installed
    if (-not (Get-Command ConvertFrom-HTMLClass -ErrorAction SilentlyContinue)) {
        Install-Module PSParseHTML -SkipPublisherCheck -Force:$true -Confirm:$false
    }

    try {
        #Get results from your own Public IP Address
        if (-not ($PublicIPaddressOrName)) {
            $ProgressPreference = "SilentlyContinue"
            $PublicIPaddressOrName = (Invoke-WebRequest -uri https://api.ipify.org?format=json | ConvertFrom-Json -ErrorAction Stop).ip
            $whoiswebresult = Invoke-Restmethod -Uri "https://www.whois.com/whois/$($PublicIPaddressOrName)" -TimeoutSec 15 -ErrorAction SilentlyContinue
            $whoisinfo = ConvertFrom-HTMLClass -Class 'whois-data' -Content $whoiswebresult -ErrorAction SilentlyContinue
            write-host ("Getting WHOIS details for {0}" -f $PublicIPaddressOrName) -ForegroundColor Green
        }
        #Get results from the Public IP or name specified
        else {
            $ProgressPreference = "SilentlyContinue"
            if ((($PublicIPaddressOrName).Split('.').Length -eq 4)) {
                $whoiswebresult = Invoke-Restmethod -Uri "https://www.whois.com/whois/$($PublicIPaddressOrName)" -TimeoutSec 15 -ErrorAction SilentlyContinue
                $whoisinfo = ConvertFrom-HTMLClass -Class 'whois-data' -Content $whoiswebresult -ErrorAction SilentlyContinue
                write-host ("Getting WHOIS details for {0}" -f $PublicIPaddressOrName) -ForegroundColor Green
            }
            else {
                $whoiswebresult = Invoke-Restmethod -Uri "https://www.who.is/whois/$($PublicIPaddressOrName)" -TimeoutSec 30 -ErrorAction SilentlyContinue
                $whoisinfo = ConvertFrom-HTMLClass -Class 'df-raw' -Content $whoiswebresult -ErrorAction SilentlyContinue
                write-host ("Getting WHOIS details for {0}" -f $PublicIPaddressOrName) -ForegroundColor Green
            }
        }
    
        Return $whoisinfo   
    }
    catch {
        Write-Warning ("Error getting WHOIS details")
    }
}

Making it available in your PowerShell sessions

To make this function available in your PowerShell sessions, you can add it to your profile by adding this line (Use notepad $profile in a PowerShell session to open it)

. c:\data\Get-WhoisInfo.ps1

Download the script(s) from GitHub here

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.