I‘m getting lots of spam from few IPs. How do I find the owner of an IP address and report them to concern parties?
All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.
Find IP Address For A Host Name
For instance to find the IP address for a www.cyberciti.biz open a command line and type in:
www.cyberciti.biz has address 184.108.40.206 www.cyberciti.biz has IPv6 address 2607:f0d0:1002:11::4
220.127.116.11 is IPv4 address and 2607:f0d0:1002:11::4 is IPv6 address for www.cyberciti.biz hostname.
whois – Client For The Whois Directory Service
Type the following command to find out the owner of an IP address called 18.104.22.168:
$ whois 22.214.171.124
OrgName: SoftLayer Technologies Inc. OrgID: SOFTL Address: 1950 N Stemmons Freeway City: Dallas StateProv: TX PostalCode: 75207 Country: US ReferralServer: rwhois://rwhois.softlayer.com:4321 NetRange: 126.96.36.199 - 188.8.131.52 CIDR: 184.108.40.206/16 OriginAS: AS36351 NetName: SOFTLAYER-4-4 NetHandle: NET-74-86-0-0-1 Parent: NET-74-0-0-0-0 NetType: Direct Allocation NameServer: NS1.SOFTLAYER.COM NameServer: NS2.SOFTLAYER.COM Comment: email@example.com RegDate: 2007-05-16 Updated: 2007-11-14 RAbuseHandle: ABUSE1025-ARIN RAbuseName: Abuse RAbusePhone: +1-214-442-0605 RAbuseEmail: firstname.lastname@example.org RNOCHandle: IPADM258-ARIN RNOCName: IP Admin RNOCPhone: +1-214-442-0600 RNOCEmail: email@example.com RTechHandle: IPADM258-ARIN RTechName: IP Admin RTechPhone: +1-214-442-0600 RTechEmail: firstname.lastname@example.org OrgAbuseHandle: ABUSE1025-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-442-0605 OrgAbuseEmail: email@example.com OrgTechHandle: IPADM258-ARIN OrgTechName: IP Admin OrgTechPhone: +1-214-442-0600 OrgTechEmail: firstname.lastname@example.org # ARIN WHOIS database, last updated 2009-07-23 20:00 # Enter ? for additional hints on searching ARIN's WHOIS database. Found a referral to rwhois.softlayer.com:4321. %rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-220.127.116.11) network:Class-Name:network network:ID:NETBLK-SOFTLAYER.18.104.22.168/19 network:Auth-Area:22.214.171.124/19 network:Network-Name:SOFTLAYER-126.96.36.199 network:IP-Network:188.8.131.52/29 network:IP-Network-Block:184.108.40.206-220.127.116.11 network:Organization;I:SoftLayer Technologies, Inc. network:Street-Address:1950 Stemmons Freeway Suite 2043 network:City:Dallas network:State:TX network:Postal-Code:75207 network:Country-Code:US network:Tech-Contact;I:email@example.com network:Abuse-Contact;I:firstname.lastname@example.org network:Admin-Contact;I:IPADM258-ARIN network:Created:20070708 network:Updated:20071205 network:Updated-By:email@example.com %referral rwhois://root.rwhois.net:4321/auth-area=. %okShare this tutorial on: