For the last few days, I have been working on an issue involving getting an overview of the networks and public IP addresses. Because I was unsure if the public IP addresses in some logs were from that company, I had to look up a lot of IPs manually using Ripe/Whois sites. This blog post shows you how you can get details for your Public IP or the address or domain name you specify.

Requirements of the script

The script should be a function that I can call quickly and shows me the details of the public IP address for my location by default, it should be possible to specify a specific IP address or domain name to get the details from that.

Running the script

Without the PublicIPaddressOrName parameter

Below is a part of the screen output of running the Get-WhoisInfo function without the PublicIPaddressOrName parameter. It shows my public IP details which, in this case (for not showing my public IP) from a tethered connection from my KPN SIM.

With the PublicIPaddressOrName parameter

Below is a part of the screen output of running the Get-WhoisInfo function with the PublicIPaddressOrName parameter, it shows the details for 8.8.8.8 in this example. You can also use Get-WhoisInfo -PublicIPaddressOrName google.com to get details from that…

The script

Below is the script itself. It needs to have the PSParseHTML installed and will install it for you when needed, which could give you a one-time installation question.

function Get-WhoisInfo {
    param(
        [parameter(Mandatory = $false)][string]$PublicIPaddressOrName
    )

    #Check if the module PSParseHTML is installed and install
    #the module if it's not installed
    if (-not (Get-Command ConvertFrom-HTMLClass -ErrorAction SilentlyContinue)) {
        Install-Module PSParseHTML -SkipPublisherCheck -Force:$true -Confirm:$false
    }

    try {
        #Get results from your own Public IP Address
        if (-not ($PublicIPaddressOrName)) {
            $ProgressPreference = "SilentlyContinue"
            $PublicIPaddressOrName = (Invoke-WebRequest -uri https://api.ipify.org?format=json | ConvertFrom-Json -ErrorAction Stop).ip
            $whoiswebresult = Invoke-Restmethod -Uri "https://who.is/whois-ip/ip-address/$($PublicIPaddressOrName)" -ErrorAction SilentlyContinue
            $whoisinfo = ConvertFrom-HTMLClass -Class 'col-md-12 queryResponseBodyKey' -Content $whoiswebresult -ErrorAction SilentlyContinue
            write-host ("Getting WHOIS details for {0}" -f $PublicIPaddressOrName) -ForegroundColor Green
        }
        #Get results from the Public IP or name specified
        else {
            $ProgressPreference = "SilentlyContinue"
            if ((($PublicIPaddressOrName).Split('.').Length -eq 4)) {
                $whoiswebresult = Invoke-Restmethod -Uri "https://who.is/whois-ip/ip-address/$($PublicIPaddressOrName)" -ErrorAction SilentlyContinue
                $whoisinfo = ConvertFrom-HTMLClass -Class 'col-md-12 queryResponseBodyKey' -Content $whoiswebresult -ErrorAction SilentlyContinue
                write-host ("Getting WHOIS details for {0}" -f $PublicIPaddressOrName) -ForegroundColor Green
            }
            else {
                $whoiswebresult = Invoke-Restmethod -Uri "https://www.who.is/whois/$($PublicIPaddressOrName)" -ErrorAction SilentlyContinue
                $whoisinfo = ConvertFrom-HTMLClass -Class 'col-md-12 queryResponseBodyValue' -Content $whoiswebresult -ErrorAction SilentlyContinue
                write-host ("Getting WHOIS details for {0}" -f $PublicIPaddressOrName) -ForegroundColor Green
            }
        }
    
        Return $whoisinfo   
    }
    catch {
        Write-Warning ("Error getting WHOIS details")
    }
}

Making it available in your PowerShell sessions

To make this function available in your PowerShell sessions, you can add it to your profile by adding this line (Use notepad $profile in a PowerShell session to open it)

. c:\data\Get-WhoisInfo.ps1

Download the script(s) from GitHub here