≡ Menu

How To: Find IP Address Owner

I‘m getting lots of spam from few IPs. How do I find the owner of an IP address and report them to concern parties?

All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.

Find IP Address For A Host Name

For instance to find the IP address for a www.cyberciti.biz open a command line and type in:
host www.cyberciti.biz
nslookup www.cyberciti.biz
Sample Outputs:

www.cyberciti.biz has address
www.cyberciti.biz has IPv6 address 2607:f0d0:1002:11::4 is IPv4 address and 2607:f0d0:1002:11::4 is IPv6 address for www.cyberciti.biz hostname.

whois – Client For The Whois Directory Service

Type the following command to find out the owner of an IP address called
$ whois
Sample Outputs:

OrgName:    SoftLayer Technologies Inc. 
OrgID:      SOFTL
Address:    1950 N Stemmons Freeway
City:       Dallas
StateProv:  TX
PostalCode: 75207
Country:    US

ReferralServer: rwhois://rwhois.softlayer.com:4321

NetRange: - 
OriginAS:   AS36351
NetName:    SOFTLAYER-4-4
NetHandle:  NET-74-86-0-0-1
Parent:     NET-74-0-0-0-0
NetType:    Direct Allocation
Comment:    abuse@softlayer.com
RegDate:    2007-05-16
Updated:    2007-11-14

RAbuseHandle: ABUSE1025-ARIN
RAbuseName:   Abuse 
RAbusePhone:  +1-214-442-0605
RAbuseEmail:  abuse@softlayer.com 

RNOCName:   IP Admin 
RNOCPhone:  +1-214-442-0600
RNOCEmail:  ipadmin@softlayer.com 

RTechHandle: IPADM258-ARIN
RTechName:   IP Admin 
RTechPhone:  +1-214-442-0600
RTechEmail:  ipadmin@softlayer.com 

OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName:   Abuse 
OrgAbusePhone:  +1-214-442-0605
OrgAbuseEmail:  abuse@softlayer.com

OrgTechHandle: IPADM258-ARIN
OrgTechName:   IP Admin 
OrgTechPhone:  +1-214-442-0600
OrgTechEmail:  ipadmin@softlayer.com

# ARIN WHOIS database, last updated 2009-07-23 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.

Found a referral to rwhois.softlayer.com:4321.

%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-
network:Organization;I:SoftLayer Technologies, Inc.
network:Street-Address:1950 Stemmons Freeway Suite 2043

%referral rwhois://root.rwhois.net:4321/auth-area=.
Share this tutorial on:

Like this? Follow us on Twitter OR support us by using Patreon

{ 29 comments… add one }
  • Ahmed July 24, 2009, 8:53 pm

    It doesn’t work if the spammer is sending spams from poor country.
    So what is the best solution ?
    Ignore him.

    • nixCraft July 24, 2009, 10:32 pm

      Block IP address using iptables or pf firewall.

  • burmese July 25, 2009, 6:40 pm

    I never recommend banning IPs, which is never a reliable solution these days.
    Even sending abuse report mail to network/ip owner is worthless as these emails are not monitored.
    What’s more, even calling that phone number is in vain.

    The must-do is to patch your hole.

  • Alok Khode July 27, 2009, 7:30 am

    We have to follow different ways: Block the IP in f/w, Set some rule/policy in Spam control software, black list/while list mailid. For this to be done, we have to understand header of the mail at microlevel. But its a horse race between spammer and mail admin!!!!

  • joecoder July 28, 2009, 3:34 am

    >>Block IP address using iptables or pf firewall.
    This is useless. Spam originates in hell, but it is your email provider that delivers it to you.
    To block spam, you need a spam blocking package… which is dependent on your email client. Or if you run an email server, is dependent on your email server.
    Do some googling and see what people recommend for your email situation.

  • techbrainless August 20, 2009, 10:11 pm

    Very great and interesting post. Thanks alot.

  • carolyne cowan September 25, 2009, 7:53 am

    How do I stop vicious, pornographic and violent spam being posted onto my website.
    I have gone down the road of tracing IP addresses, but they are all from Proxy services.
    I have a stat counter which gives me the IP address of all who have visited my site, even for a second, but these eroneous insertions do not show up. They are accessing it somehow else.
    I have sent emails to the abuse@ addresses but again with no response.
    I have contacted my website builder (BlueVoda) and they say they do not have a script on the guestbook which can stop these things from happening, but gave me some computer jargon about a script opening up in notebook etc….might have well been speaking Klingon!!!
    Is there a simple way to stop these insertions. I am worried about them as some are pornographic (offering Eastern Block women doing all sorts of things) and I get a lot of kids looking at my site…and fear they will see these.
    I clear at least one a day from my guestbook
    Thank you for any help.

  • sumit November 13, 2009, 8:45 am

    I just want to know one thing if i have someones I.P. address can I get his or hers personal details by that i.e. email address, name, phone nos, etc

  • Indie Rahama January 27, 2012, 9:25 pm

    Please i want to find out who has this ip address. The sender has been threatening to pour me acid:

    • Glen May 4, 2012, 4:52 pm

      It’s somebody with a blackberry in the UK.

    • sameer_13 October 11, 2012, 7:20 am belongs to RIMBLACKBERRY3 ,……. Research In Motion UK Limited
      address:-295 Phillip St., Waterloo, ON, CANADA N2L 3W8

      • casandra April 16, 2013, 2:34 am

        With ip address info, how did you get the person’s name and postal address ?

  • J February 19, 2012, 2:59 pm

    So where do I type in
    “$ whois”?

    • Glen May 4, 2012, 4:55 pm

      This one traces to:

      SoftLayer Technologies Inc.
      Dallas Texas

  • Saumitra April 1, 2012, 3:09 am

    “$ whois” is not working.m having windows 7(64-bit).Now what do i do?

  • tik August 21, 2012, 2:20 am

    I have some ones IP address… I need to know his/her address email. Can some one help me how can find the details.. plz..?

  • prema October 11, 2012, 7:39 pm

    I am getting dirty, threatening emails from IP, & can anyone trace these addresses to person, email, location, anything

  • Tamtam March 1, 2013, 2:41 am

    Please find the address of this IP address and name and any other info I am being harassed thank u ip address

  • Malu March 7, 2013, 6:20 am

    Please let me know the owner and other info of this IP address as this IP address is trying to hack my account.
    IP Address:


  • David August 1, 2013, 7:39 am

    Please help me. My daughter has run away and all I know is she is at

    please help me find her

    • Nob August 1, 2013, 9:44 am

      Contact your local PD. BTW, that ip belongs to verizon wireless.

  • Mark October 1, 2013, 11:43 am

    Please help!! This person has harassed me for two years and I’ve tried everything, I need to know name or address. Thank you so much if you help!

  • rachana April 11, 2015, 5:58 am

    i really wanted to know who is . please help its urgent ..

  • huzzain October 12, 2015, 1:36 pm

    i just wana knw ds ip address owner name….some one had hacked my account

  • lee fender March 14, 2016, 8:13 am

    can u please tell me who is hacking my account from the IP# thank u very much for any help Lee Fender

  • Andy August 22, 2016, 9:06 pm

    Hi there,
    When I try to assign an IP, it says other machine on the network already has it.
    Is there a way I can find out who owns Internal IP like in my internal network?
    I cannot ping it and the nslookup says “server can’t find”.
    Is there any other way?

Security: Are you a robot or human?

Leave a Comment

You can use these HTML tags and attributes: <strong> <em> <pre> <code> <a href="" title="">

   Tagged with: , , , , , , , , , , , , , ,