Monday, April 30, 2012

How To: Find IP Address Owner

I'm getting lots of spam from few IPs. How do I find the owner of an IP address and report them to concern parties?

All public IP address on the Internet is registered to ISP or an owner or a larger organization. Each IP address is recorded in the whois database. You can query this database to get owner name, phone, email address and so on the Internet using whois command line client.

Find IP Address For A Host Name

For instance to find the IP address for a www.cyberciti.biz open a command line and type in:
host www.cyberciti.biz
or
nslookup www.cyberciti.biz
Sample Outputs:
www.cyberciti.biz has address 74.86.48.99
www.cyberciti.biz has IPv6 address 2607:f0d0:1002:11::4
74.86.48.99 is IPv4 address and 2607:f0d0:1002:11::4 is IPv6 address for www.cyberciti.biz hostname.

whois - Client For The Whois Directory Service

Type the following command to find out the owner of an IP address called 74.86.48.99:
$ whois 74.86.48.99
Sample Outputs:
OrgName:    SoftLayer Technologies Inc.
OrgID:      SOFTL
Address:    1950 N Stemmons Freeway
City:       Dallas
StateProv:  TX
PostalCode: 75207
Country:    US
ReferralServer: rwhois://rwhois.softlayer.com:4321
NetRange:   74.86.0.0 - 74.86.255.255
CIDR:       74.86.0.0/16
OriginAS:   AS36351
NetName:    SOFTLAYER-4-4
NetHandle:  NET-74-86-0-0-1
Parent:     NET-74-0-0-0-0
NetType:    Direct Allocation
NameServer: NS1.SOFTLAYER.COM
NameServer: NS2.SOFTLAYER.COM
Comment:    abuse@softlayer.com
RegDate:    2007-05-16
Updated:    2007-11-14
RAbuseHandle: ABUSE1025-ARIN
RAbuseName:   Abuse
RAbusePhone:  +1-214-442-0605
RAbuseEmail:  abuse@softlayer.com
RNOCHandle: IPADM258-ARIN
RNOCName:   IP Admin
RNOCPhone:  +1-214-442-0600
RNOCEmail:  ipadmin@softlayer.com
RTechHandle: IPADM258-ARIN
RTechName:   IP Admin
RTechPhone:  +1-214-442-0600
RTechEmail:  ipadmin@softlayer.com
OrgAbuseHandle: ABUSE1025-ARIN
OrgAbuseName:   Abuse
OrgAbusePhone:  +1-214-442-0605
OrgAbuseEmail:  abuse@softlayer.com
OrgTechHandle: IPADM258-ARIN
OrgTechName:   IP Admin
OrgTechPhone:  +1-214-442-0600
OrgTechEmail:  ipadmin@softlayer.com
# ARIN WHOIS database, last updated 2009-07-23 20:00
# Enter ? for additional hints on searching ARIN's WHOIS database.
Found a referral to rwhois.softlayer.com:4321.
%rwhois V-1.5:003fff:00 rwhois.softlayer.com (by Network Solutions, Inc. V-1.5.9.5)
network:Class-Name:network
network:ID:NETBLK-SOFTLAYER.74.86.32.0/19
network:Auth-Area:74.86.32.0/19
network:Network-Name:SOFTLAYER-74.86.32.0
network:IP-Network:74.86.48.96/29
network:IP-Network-Block:74.86.48.96-74.86.48.103
network:Organization;I:SoftLayer Technologies, Inc.
network:Street-Address:1950 Stemmons Freeway Suite 2043
network:City:Dallas
network:State:TX
network:Postal-Code:75207
network:Country-Code:US
network:Tech-Contact;I:sysadmins@softlayer.com
network:Abuse-Contact;I:abuse@softlayer.com
network:Admin-Contact;I:IPADM258-ARIN
network:Created:20070708
network:Updated:20071205
network:Updated-By:ipadmin@softlayer.com
%referral rwhois://root.rwhois.net:4321/auth-area=.
%ok
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)