figured out a way to handle IP address whois lookup to give no domain info

2025-06-25 21:33:17 +02:00 · 2025-06-25 21:33:17 +02:00 · 7bf60eb210
commit 7bf60eb210
parent 64c09d643c
1 changed files with 17 additions and 14 deletions
--- a/flask_soc_site/src/host_lookup.py
+++ b/flask_soc_site/src/host_lookup.py
@ -37,7 +37,7 @@ class Lookedup(object):
    def url_lookup(self):
        self.domain = urlparse(self.host).netloc
        self.ip_address = socket.gethostbyname(self.domain)
-        self.metadata = domain(self.domain)
+        self.metadata = domain_info(self.domain)
        self.email_security = spf_dmarc(self.domain)
        self.vt, self.vt_dict = virustotal_api.analyse2(self.host, self.host_type)
        self.abuseipdb = abuseipdb_api.analyse(self.ip_address)
@ -46,8 +46,7 @@ class Lookedup(object):
    def ip_lookup(self):
        self.ip_address = self.host
        self.domain = socket.gethostbyaddr(self.host)[0]
-        print(f"DOMAIN OF IP IS: {self.domain}")
-        self.metadata = domain(self.host)
+        self.metadata = domain_info(self.host)
        self.domain = self.metadata["domain_name"]
        self.email_security = spf_dmarc(self.domain)
        self.vt, self.vt_dict = virustotal_api.analyse2(self.host, self.host_type)
@ -56,7 +55,7 @@ class Lookedup(object):

    def domain_lookup(self):
        self.ip_address = socket.gethostbyname(self.host)
-        self.metadata = domain(self.host)
+        self.metadata = domain_info(self.host)
        self.domain = self.metadata["domain_name"]
        self.email_security = spf_dmarc(self.domain)
        # self.vt, self.vt_dict = virustotal_api.analyse2(self.host, self.host_type)
@ -66,7 +65,7 @@ class Lookedup(object):

    def email_lookup(self):
        self.domain = self.host.split("@")[1]
-        self.metadata = domain(self.domain)
+        self.metadata = domain_info(self.domain)
        self.ip_address = socket.gethostbyname(self.domain)
        self.email_security = spf_dmarc(self.domain)
        self.vt, self.vt_dict = virustotal_api.analyse2(self.domain, self.host_type)
@ -147,19 +146,23 @@ def extract(user_input):


 # FIX: This function doesn't work for IP addresses, no usable whois() results
-def domain(host):
+def domain_info(host):
    result = dict(whois(host))
    print("RESULT IS: ", result)
+    if result["domain_name"] is not None:
        if type(result["creation_date"]) is list:
            result["creation_date"] = result["creation_date"][0].strftime("%d-%m-%Y")
-    else:
+        elif type(result["creation_date"]) is not list:
            result["creation_date"] = result["creation_date"].strftime("%d-%m-%Y")
        if type(result["domain_name"]) is list:
            result["domain_name"] = result["domain_name"][0]
-    # result["creation_date"] = result["creation_date"].isoformat()
+    elif result["domain_name"] == None:
+        result["creation_date"] = "Not available"
+        result["domain_name"] = "Not available"
+        result["registrar"] = "Not available"
+        result["regitrar_country"] = "Not available"
    included = {"domain_name", "creation_date", "registrar", "registrar_country"}
    filtered = {key: value for key, value in result.items() if key in included}
-    print("FILTERED IS: ", filtered)
    return filtered