Like

IP Address Whois Lookup

Platform:  mIRC
Published  Oct 21, 2011
Updated  Jun 25, 2012
1,386  11
Simple IP Whois Check. This script is self-explanatory as always.

Usage: !track <IP Here>

UPDATE - 6/24/12 - Revised the incorrect match under sockread due to source code change. I removed the regsubex stripping method and the unncessary while loop.

UPDATE - 6/25/12 - Added bold in the output to make the IP result easier to spot and read. on *:exit:{
if ($file(whois).shortfn) .remove $v1
}
on *:sockclose:w...*:{
.play $gettok($sock($sockname).mark,2,124) whois 2000
}
on *:text:$($iif(!track* iswm $strip($1),$1)):*:{
if ($file(whois).shortfn) write -c $v1
if ($regex($strip($2),/((\d{1,3}\.){3}\d{1,3})/S)) {
var %ipinfo = $regml(1)
if ($play(#)) || ($play($nick)) {
.notice $nick Please wait until I've finished the IP lookup!
halt
}
.msg $iif(#,#,$nick) Please wait while I fetch the IP info...
var %w $+(w...,$r(1,$ticks))
sockopen %w www.fr2.cyberabuse.org 80
sockmark %w $+(%ipinfo,|,$iif(#,#,$nick))
halt
}
.notice $nick That's not an IP address. Syntax: !track <IP>
}
on *:sockopen:w...*:{
if ($sockerr) {
$gettok($sock($sockname).mark,2,124) * Error Connecting to Website!
halt
}
var %? = sockwrite -nt $sockname
var %?? = $+(IP=,$gettok($sock($sockname).mark,1,124),&OK=OK&OK=OK&dns=OK)
%? POST /whois/?page=whois_server HTTP/1.1
%? Host: $sock($sockname).addr
%? Referer: $+(http://,$sock($sockname).addr,/whois/?page=whois_server)
%? Content-Type: application/x-www-form-urlencoded
%? Connection: close
%? Content-Length: $len(%??)
%? $+($crlf,%??)
}
on *:sockread:w...*:{
if ($sockerr) {
$gettok($sock($sockname).mark,2,124) * Error Reading Website!
halt
}
if (error isin %whois) {
.msg $gettok($sock($sockname).mark,2,124) Invalid IP Address!
halt
}
var %whois, %data = (Infos|Country|Abuse E-mail|Source)
sockread %whois
if ($chr(37) !isin %whois) && ($regex($v2,/ $+ %data $+ /)) {
if ($regex(%whois,/(.*) $+ $+($chr(60),br,$chr(62)) $+ /)) {
write whois $regsubex($remove($regml(1),:),$&
/ $+ %data $+ /g,$+($chr(2),\1 :,$chr(2)))
}
}
}

Comments

Sign in to comment.
horstefan   -  Oct 14, 2012
Ripe information fails for me

[17:52:35] <Steef> !track 46.105.168.133
[17:52:36] <StatsBot> Please wait while I fetch the IP info...
[17:52:39] <StatsBot> Source : RIPE
 Respond  
cptpan   -  Sep 30, 2012
How can I make this all return on one line? The bot will flood like all fukc otherwise..
 Respond  
RIcko   -  Jun 25, 2012
Yep, works like a charm! thanks :)
 Respond  
Jethro   -  Jun 25, 2012
Done. Bold request has been added to the script update. Please see to it. ^^
 Respond  
RIcko   -  Jun 25, 2012
Thanks Jethro, + like

Just to make sure that it works for others to see:

_____________________________________________________
(Jun-Mon-25)(12:56:11:pm) <Pedo> Please wait while I fetch the IP info...
(Jun-Mon-25)(12:56:15:pm) <Pedo> [ Informations about 182.179.116.118 ]
(Jun-Mon-25)(12:56:17:pm) <Pedo> Infos : DSLAM Central Infrastructure
(Jun-Mon-25)(12:56:19:pm) <Pedo> Country : Pakistan (PK)
(Jun-Mon-25)(12:56:21:pm) <Pedo> Abuse E-mail : ahmed.imtiaz@ptcl.net.pk
(Jun-Mon-25)(12:56:23:pm) <Pedo> Source : APNIC
____________________________________________________


Just a little request if you don't mind, i don't want to mess up the script by doing so, but can you make it look like this:

http://i.imgur.com/yfKoc.png

With the bold added to it

thanks

 Respond  
Jethro   -  Jun 24, 2012
Rlcko, this script has been fixed and working again. Have fun and enjoy it.
 Respond  
Jethro   -  Jun 24, 2012
Yes, this script has broken on account of site source being altered. I'll have to fix it later.
 Respond  
RIcko   -  Jun 24, 2012
1
Great and useful Snippet but these are the results:
____________________________________________________________________________________
(Jun-Mon-25)(12:46:05:am) <07Ricko> !track 109.125.152.196
(Jun-Mon-25)(12:46:06:am) <03@Pedo> Please wait while I fetch the IP info...
(Jun-Mon-25)(12:46:09:am) <03@Pedo> d44
(Jun-Mon-25)(12:46:16:am) <03@Pedo> WHOIS.CYBERABUSE.ORG
(Jun-Mon-25)(12:46:26:am) <03@Pedo> body font-family : Arial, Helvetica, sans-serif ; font-size : 10pt;
(Jun-Mon-25)(12:46:28:am) <03@Pedo> td font-family : Arial, Helvetica, sans-serif ; font-size : 10pt;
(Jun-Mon-25)(12:46:30:am) <03@Pedo> form font-family : Arial, Helvetica, sans-serif ; font-size : 8pt;
____________________________________________________________________________________

I think the script is fine, but the site has moved or isn't working, can you please check because i really need this snippet!
 Respond  
toclafane1   -  Jan 09, 2012
This is good. Thanks :)
 Respond  
gabu8balls   -  Jan 09, 2012
Is there something wrong with v7.22 of mIRC?
I was trying to use many snippets that seems not to work, but I'm starting to think that the problem is with the client itself.
I'm using a clear installation of mIRC!! The only .ini loaded contains exactly the code above.
When I type "!track 208.67.222.222" (without the quotes, of course) nothing happen.
Same problem for all snippets that I must to type something.

Strange think: For remote users it works perfecly!
I've tried this:


on *:text:*TEST*:#:{
echo IT WORKS!
}

And when somebody type "TEST" I can see "IT WORKS" on the console.

Somebody knows what can be happening?

Thanks you and congratulations to Jethro for all those snippets :-)
 Respond  
alabama   -  Oct 22, 2011
will try it out soon, loks good jet
 Respond  
Are you sure you want to unfollow this person?
Are you sure you want to delete this?
Click "Unsubscribe" to stop receiving notices pertaining to this post.
Click "Subscribe" to resume notices pertaining to this post.