I‘m getting lots of spam from few IPs. How do I find the owner of an IP address and report them to concern parties?
All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.
Find IP Address For A Host Name
For instance to find the IP address for a www.cyberciti.biz open a command line and type in:
www.cyberciti.biz has address 188.8.131.52 www.cyberciti.biz has IPv6 address 2607:f0d0:1002:11::4
184.108.40.206 is IPv4 address and 2607:f0d0:1002:11::4 is IPv6 address for www.cyberciti.biz hostname.
whois – Client For The Whois Directory Service
Type the following command to find out the owner of an IP address called 220.127.116.11:
$ whois 18.104.22.168
OrgName: SoftLayer Technologies Inc. OrgID: SOFTL Address: 1950 N Stemmons Freeway City: Dallas StateProv: TX PostalCode: 75207 Country: US ReferralServer: rwhois://rwhois.softlayer.com:4321 NetRange: 22.214.171.124 - 126.96.36.199 CIDR: 188.8.131.52/16 OriginAS: AS36351 NetName: SOFTLAYER-4-4 NetHandle: NET-74-86-0-0-1 Parent: NET-74-0-0-0-0 NetType: Direct Allocation NameServer: NS1.SOFTLAYER.COM NameServer: NS2.SOFTLAYER.COM Comment: firstname.lastname@example.org RegDate: 2007-05-16 Updated: 2007-11-14 RAbuseHandle: ABUSE1025-ARIN RAbuseName: Abuse RAbusePhone: +1-214-442-0605 RAbuseEmail: email@example.com RNOCHandle: IPADM258-ARIN RNOCName: IP Admin RNOCPhone: +1-214-442-0600 RNOCEmail: firstname.lastname@example.org RTechHandle: IPADM258-ARIN RTechName: IP Admin RTechPhone: +1-214-442-0600 RTechEmail: email@example.com OrgAbuseHandle: ABUSE1025-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-442-0605 OrgAbuseEmail: firstname.lastname@example.org OrgTechHandle: IPADM258-ARIN OrgTechName: IP Admin OrgTechPhone: +1-214-442-0600 OrgTechEmail: email@example.com # ARIN WHOIS database, last updated 2009-07-23 20:00 # Enter ? for additional hints on searching ARIN's WHOIS database. Found a referral to rwhois.softlayer.com:4321. %rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-184.108.40.206) network:Class-Name:network network:ID:NETBLK-SOFTLAYER.220.127.116.11/19 network:Auth-Area:18.104.22.168/19 network:Network-Name:SOFTLAYER-22.214.171.124 network:IP-Network:126.96.36.199/29 network:IP-Network-Block:188.8.131.52-184.108.40.206 network:Organization;I:SoftLayer Technologies, Inc. network:Street-Address:1950 Stemmons Freeway Suite 2043 network:City:Dallas network:State:TX network:Postal-Code:75207 network:Country-Code:US network:Tech-Contact;I:firstname.lastname@example.org network:Abuse-Contact;I:email@example.com network:Admin-Contact;I:IPADM258-ARIN network:Created:20070708 network:Updated:20071205 network:Updated-By:firstname.lastname@example.org %referral rwhois://root.rwhois.net:4321/auth-area=. %ok