I'm getting lots of spam from few IPs. How do I find the owner of an IP address and report them to concern parties?
All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.
Find IP Address For A Host Name
For instance to find the IP address for a www.cyberciti.biz open a command line and type in:
www.cyberciti.biz has address 18.104.22.168 www.cyberciti.biz has IPv6 address 2607:f0d0:1002:11::4
22.214.171.124 is IPv4 address and 2607:f0d0:1002:11::4 is IPv6 address for www.cyberciti.biz hostname.
whois - Client For The Whois Directory Service
Type the following command to find out the owner of an IP address called 126.96.36.199:
$ whois 188.8.131.52
OrgName: SoftLayer Technologies Inc. OrgID: SOFTL Address: 1950 N Stemmons Freeway City: Dallas StateProv: TX PostalCode: 75207 Country: US ReferralServer: rwhois://rwhois.softlayer.com:4321 NetRange: 184.108.40.206 - 220.127.116.11 CIDR: 18.104.22.168/16 OriginAS: AS36351 NetName: SOFTLAYER-4-4 NetHandle: NET-74-86-0-0-1 Parent: NET-74-0-0-0-0 NetType: Direct Allocation NameServer: NS1.SOFTLAYER.COM NameServer: NS2.SOFTLAYER.COM Comment: firstname.lastname@example.org RegDate: 2007-05-16 Updated: 2007-11-14 RAbuseHandle: ABUSE1025-ARIN RAbuseName: Abuse RAbusePhone: +1-214-442-0605 RAbuseEmail: email@example.com RNOCHandle: IPADM258-ARIN RNOCName: IP Admin RNOCPhone: +1-214-442-0600 RNOCEmail: firstname.lastname@example.org RTechHandle: IPADM258-ARIN RTechName: IP Admin RTechPhone: +1-214-442-0600 RTechEmail: email@example.com OrgAbuseHandle: ABUSE1025-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-442-0605 OrgAbuseEmail: firstname.lastname@example.org OrgTechHandle: IPADM258-ARIN OrgTechName: IP Admin OrgTechPhone: +1-214-442-0600 OrgTechEmail: email@example.com # ARIN WHOIS database, last updated 2009-07-23 20:00 # Enter ? for additional hints on searching ARIN's WHOIS database. Found a referral to rwhois.softlayer.com:4321. %rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-22.214.171.124) network:Class-Name:network network:ID:NETBLK-SOFTLAYER.126.96.36.199/19 network:Auth-Area:188.8.131.52/19 network:Network-Name:SOFTLAYER-184.108.40.206 network:IP-Network:220.127.116.11/29 network:IP-Network-Block:18.104.22.168-22.214.171.124 network:Organization;I:SoftLayer Technologies, Inc. network:Street-Address:1950 Stemmons Freeway Suite 2043 network:City:Dallas network:State:TX network:Postal-Code:75207 network:Country-Code:US network:Tech-Contact;I:firstname.lastname@example.org network:Abuse-Contact;I:email@example.com network:Admin-Contact;I:IPADM258-ARIN network:Created:20070708 network:Updated:20071205 network:Updated-By:firstname.lastname@example.org %referral rwhois://root.rwhois.net:4321/auth-area=. %ok
- 30 Handy Bash Shell Aliases For Linux / Unix / Mac OS X
- Top 30 Nmap Command Examples For Sys/Network Admins
- 25 PHP Security Best Practices For Sys Admins
- 20 Linux System Monitoring Tools Every SysAdmin Should Know
- 20 Linux Server Hardening Security Tips
- Linux: 20 Iptables Examples For New SysAdmins
- Top 20 OpenSSH Server Best Security Practices
- Top 20 Nginx WebServer Best Security Practices
- 20 Examples: Make Sure Unix / Linux Configuration Files Are Free From Syntax Errors
- 15 Greatest Open Source Terminal Applications Of 2012
- My 10 UNIX Command Line Mistakes
- Top 10 Open Source Web-Based Project Management Software
- Top 5 Email Client For Linux, Mac OS X, and Windows Users
- The Novice Guide To Buying A Linux Laptop