I‘m getting lots of spam from few IPs. How do I find the owner of an IP address and report them to concern parties?
All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.
Find IP Address For A Host Name
For instance to find the IP address for a sxi.io open a command line and type in:
sxi.io has address 126.96.36.199 sxi.io has IPv6 address 2607:f0d0:1002:11::4
188.8.131.52 is IPv4 address and 2607:f0d0:1002:11::4 is IPv6 address for sxi.io hostname.
whois – Client For The Whois Directory Service
Type the following command to find out the owner of an IP address called 184.108.40.206:
$ whois 220.127.116.11
OrgName: SoftLayer Technologies Inc. OrgID: SOFTL Address: 1950 N Stemmons Freeway City: Dallas StateProv: TX PostalCode: 75207 Country: US ReferralServer: rwhois://rwhois.softlayer.com:4321 NetRange: 18.104.22.168 - 22.214.171.124 CIDR: 126.96.36.199/16 OriginAS: AS36351 NetName: SOFTLAYER-4-4 NetHandle: NET-74-86-0-0-1 Parent: NET-74-0-0-0-0 NetType: Direct Allocation NameServer: NS1.SOFTLAYER.COM NameServer: NS2.SOFTLAYER.COM Comment: [email protected] RegDate: 2007-05-16 Updated: 2007-11-14 RAbuseHandle: ABUSE1025-ARIN RAbuseName: Abuse RAbusePhone: +1-214-442-0605 RAbuseEmail: [email protected] RNOCHandle: IPADM258-ARIN RNOCName: IP Admin RNOCPhone: +1-214-442-0600 RNOCEmail: [email protected] RTechHandle: IPADM258-ARIN RTechName: IP Admin RTechPhone: +1-214-442-0600 RTechEmail: [email protected] OrgAbuseHandle: ABUSE1025-ARIN OrgAbuseName: Abuse OrgAbusePhone: +1-214-442-0605 OrgAbuseEmail: [email protected] OrgTechHandle: IPADM258-ARIN OrgTechName: IP Admin OrgTechPhone: +1-214-442-0600 OrgTechEmail: [email protected] # ARIN WHOIS database, last updated 2009-07-23 20:00 # Enter ? for additional hints on searching ARIN's WHOIS database. Found a referral to rwhois.softlayer.com:4321. %rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-188.8.131.52) network:Class-Name:network network:ID:NETBLK-SOFTLAYER.184.108.40.206/19 network:Auth-Area:220.127.116.11/19 network:Network-Name:SOFTLAYER-18.104.22.168 network:IP-Network:22.214.171.124/29 network:IP-Network-Block:126.96.36.199-188.8.131.52 network:Organization;I:SoftLayer Technologies, Inc. network:Street-Address:1950 Stemmons Freeway Suite 2043 network:City:Dallas network:State:TX network:Postal-Code:75207 network:Country-Code:US network:Tech-Contact;I:[email protected] network:Abuse-Contact;I:[email protected] network:Admin-Contact;I:IPADM258-ARIN network:Created:20070708 network:Updated:20071205 network:Updated-By:[email protected] %referral rwhois://root.rwhois.net:4321/auth-area=. %ok