Shell Script To Get Data Center Information, IP Owner, City and Country From Domain Name

in Categories Domain, Monitoring, Networking last updated March 12, 2010
#!/bin/bash
# A sample shell script to print domain ip address hosting information such as
# Location of server, city, ip address owner, country and network range.  
# This is useful to track spammers or research purpose. 
# -------------------------------------------------------------------------
# Copyright (c) 2006 nixCraft project <http://cyberciti.biz/fb/>
# This script is licensed under GNU GPL version 2.0 or above
# -------------------------------------------------------------------------
# This script is part of nixCraft shell script collection (NSSC)
# Visit http://bash.cyberciti.biz/ for more information.
# -------------------------------------------------------------------------
# Last updated on Mar/05/2010
# -------------------------------------------------------------------------
 
# Get all domains
_dom=$@
 
# Die if no domains are given
[ $# -eq 0 ] && { echo "Usage: $0 domain1.com domain2.com ..."; exit 1; }
for d in $_dom
do
	_ip=$(host $d | grep 'has add' | head -1 | awk '{ print $4}')
	[ "$_ip" == "" ] && { echo "Error: $d is not valid domain or dns error."; continue; }
	echo "Getting information for domain: $d [ $_ip ]..."
	whois "$_ip" | egrep -w 'OrgName:|City:|Country:|OriginAS:|NetRange:'
	echo ""
done

Run script as follows:
./script.sh cyberciti.biz google.com
Sample outputs:

Getting information for domain: cyberciti.biz [ 74.86.48.99 ]...
OrgName:    SoftLayer Technologies Inc. 
City:       Dallas
Country:    US
NetRange:   74.86.0.0 - 74.86.255.255 
OriginAS:   AS36351

Getting information for domain: google.com [ 209.85.231.104 ]...
OrgName:    Google Inc. 
City:       Mountain View
Country:    US
NetRange:   209.85.128.0 - 209.85.255.255 

Share this on:

15 comment

  1. Good job, script works on MAC OSX/LION:

    Arvinds-MacBook-Pro:~ arvind$ arvindsMac/work/PDI-scripts/get-dns.sh 123
    Error: 123 is not valid domain or dns error.
    Arvinds-MacBook-Pro:~ arvind$
    Arvinds-MacBook-Pro:~ arvind$ arvindsMac/work/PDI-scripts/get-dns.sh google.com
    Getting information for domain: google.com [ 74.125.236.66 ]…
    NetRange: 74.125.0.0 – 74.125.255.255
    OriginAS:
    OrgName: Google Inc.
    City: Mountain View
    Country: US

    Arvinds-MacBook-Pro:~ arvind$
    Arvinds-MacBook-Pro:~ arvind$
    Arvinds-MacBook-Pro:~ arvind$ arvindsMac/work/PDI-scripts/get-dns.sh agoogle.com
    Getting information for domain: agoogle.com [ 216.65.41.185 ]…

    Arvinds-MacBook-Pro:~ arvind$
    Arvinds-MacBook-Pro:~ arvind$

  2. I tried using above script on CentOS 6 but the same is not working and giving error as

    ./searchdomain.sh google.co.in yahoo.co.in
    ./searchdomain.sh: line 22: host: command not found
    Error: google.co.in is not valid domain or dns error.
    ./searchdomain.sh: line 22: host: command not found
    Error: yahoo.co.in is not valid domain or dns error.
    Please advise

  3. Hi I am using CentOS 5.6 (64 bit)
    I am getting nothing while running this script
    My output is —

    [root@svn ~]# ./521.sh cyberciti.biz http://www.google.com
    Getting information for domain: cyberciti.biz [ 75.126.153.206 ]…

    Getting information for domain: http://www.google.com [ 74.125.236.52 ]…

    [root@svn ~]

    Can you please help me on that

    1. Hi , i get the same as DeepakSharma , i was wondering does anyone know what this is about ? Im using Fedora 15 , 64bit .
      /e I tryed “whois” command but i dont have so i replaced it with “who” , maybe thats the reason? Any ideas in general ? :)

      1. The issue is because of the egrep command – currently its filtering the lines starting with OrgName:|City:|Country:|OriginAS:|NetRange:

        but .org .biz and some other TLDs use a bit different wording – try to change line:
        whois “$_ip” | egrep -w ‘OrgName:|City:|Country:|OriginAS:|NetRange:’

        with

        whois “$_ip” | egrep -w ‘OrgName:|City:|Country:|OriginAS:|NetRange:|inetnum|address|descr’

        at least that works good enough for me.

        Cheers,
        Stanimir

        1. How about this one? This fixed it on my centos 5.8 box:

          whois -n $_ip | egrep -wi 'OrgName|City|Country|OriginAS|NetRange|Organization|NetName' | uniq -u
  4. There is no need to use three programs if you can do it with one.

    _ip=$(host $d | grep 'has add' | head -1 | awk '{ print $4}')

    should read

    _ip=$(host $d | awk '/has add/ {x++; if (x=1) {print $NF; exit}}')
  5. – You should not use [ but [[
    – You should not use this as a valid test [ “$_ip” == “” ]
    but test the return value [[ $? -eq 0 ]]

    Have a question? Post it on our forum!