reverse ip lookup
- Thread starter Webferret
- Start date
- Status
RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
ARIN: WHOIS Database Search
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
ARIN: WHOIS Database Search
IP Address:90.153.128.13
Hostname:no reverse DNS for this IP
90.153.128.13 is found in Syrian Arab Republic
person: Yarub ALZONI
address: Suk Sarouja Street
Abedeen Building 3thrd floor
Bahsa - damascus - Syria
phone: +963 93 442550
nic-hdl: YAL1-RIPE
changed: yal@aya.sy 20061106
source: RIPE
OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
ReferralServer: whois://whois.ripe.net:43
NetRange: 90.0.0.0 - 90.255.255.255
CIDR: 90.0.0.0/8
NetName: 90-RIPE
NetHandle: NET-90-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: SUNIC.SUNET.SE
NameServer: TINNIE.ARIN.NET
NameServer: NS.LACNIC.NET
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at Query the RIPE Database
RegDate: 2005-06-30
Updated: 2005-07-22
# ARIN WHOIS database, last updated 2008-06-15 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
Results returned from whois.ripe.net:
% This is the RIPE Whois query server #1.% The objects are in RPSL format.%% Rights restricted by copyright.% See http://www.ripe.net/db/copyright.html% Information related to '90.153.128.0 - 90.153.255.255'inetnum: 90.153.128.0 - 90.153.255.255netname: SY-AYA-ISP-20061107descr: AYA Internet Service Providercountry: SYorg: ORG-AISP2-RIPEadmin-c: YAL1-RIPEtech-c: YAL1-RIPEstatus: ALLOCATED PAmnt-by: RIPE-NCC-HM-MNTmnt-lower: yarub-mntmnt-routes: yarub-mntnotify: yal@aya.sychanged: hostmaster@ripe.net 20061107source: RIPEorganisation: ORG-AISP2-RIPEorg-name: AYA Internet Service Providerorg-type: LIRaddress: SAROUJA STREET - BAHSA ABEDEEN BUILDINaddress: 00963address: DAMASCUSaddress: Syrian Arab Republicphone: +96393442550fax-no: +9631144670061e-mail: yal@aya.symnt-ref: yarub-mntmnt-ref: RIPE-NCC-HM-MNTmnt-by: RIPE-NCC-HM-MNTchanged: hostmaster@ripe.net 20061009changed: bitbucket@ripe.net 20061031changed: hostmaster@ripe.net 20061107changed: bitbucket@ripe.net 20061107source: RIPEperson: Yarub ALZONIaddress: Suk Sarouja Street Abedeen Building 3thrd floor Bahsa - damascus - Syriaphone: +963 93 442550nic-hdl: YAL1-RIPEchanged: yal@aya.sy 20061106source: RIPE
Hostname:no reverse DNS for this IP
90.153.128.13 is found in Syrian Arab Republic
person: Yarub ALZONI
address: Suk Sarouja Street
Abedeen Building 3thrd floor
Bahsa - damascus - Syria
phone: +963 93 442550
nic-hdl: YAL1-RIPE
changed: yal@aya.sy 20061106
source: RIPE
OrgName: RIPE Network Coordination Centre
OrgID: RIPE
Address: P.O. Box 10096
City: Amsterdam
StateProv:
PostalCode: 1001EB
Country: NL
ReferralServer: whois://whois.ripe.net:43
NetRange: 90.0.0.0 - 90.255.255.255
CIDR: 90.0.0.0/8
NetName: 90-RIPE
NetHandle: NET-90-0-0-0-1
Parent:
NetType: Allocated to RIPE NCC
NameServer: NS-PRI.RIPE.NET
NameServer: SEC1.APNIC.NET
NameServer: SEC3.APNIC.NET
NameServer: SUNIC.SUNET.SE
NameServer: TINNIE.ARIN.NET
NameServer: NS.LACNIC.NET
Comment: These addresses have been further assigned to users in
Comment: the RIPE NCC region. Contact information can be found in
Comment: the RIPE database at Query the RIPE Database
RegDate: 2005-06-30
Updated: 2005-07-22
# ARIN WHOIS database, last updated 2008-06-15 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.
Results returned from whois.ripe.net:
% This is the RIPE Whois query server #1.% The objects are in RPSL format.%% Rights restricted by copyright.% See http://www.ripe.net/db/copyright.html% Information related to '90.153.128.0 - 90.153.255.255'inetnum: 90.153.128.0 - 90.153.255.255netname: SY-AYA-ISP-20061107descr: AYA Internet Service Providercountry: SYorg: ORG-AISP2-RIPEadmin-c: YAL1-RIPEtech-c: YAL1-RIPEstatus: ALLOCATED PAmnt-by: RIPE-NCC-HM-MNTmnt-lower: yarub-mntmnt-routes: yarub-mntnotify: yal@aya.sychanged: hostmaster@ripe.net 20061107source: RIPEorganisation: ORG-AISP2-RIPEorg-name: AYA Internet Service Providerorg-type: LIRaddress: SAROUJA STREET - BAHSA ABEDEEN BUILDINaddress: 00963address: DAMASCUSaddress: Syrian Arab Republicphone: +96393442550fax-no: +9631144670061e-mail: yal@aya.symnt-ref: yarub-mntmnt-ref: RIPE-NCC-HM-MNTmnt-by: RIPE-NCC-HM-MNTchanged: hostmaster@ripe.net 20061009changed: bitbucket@ripe.net 20061031changed: hostmaster@ripe.net 20061107changed: bitbucket@ripe.net 20061107source: RIPEperson: Yarub ALZONIaddress: Suk Sarouja Street Abedeen Building 3thrd floor Bahsa - damascus - Syriaphone: +963 93 442550nic-hdl: YAL1-RIPEchanged: yal@aya.sy 20061106source: RIPE
yeah - somehow, I don't think google are operating out of 'Syrian Arab Republic' nowadays.
SAROUJA STREET - BAHSA ABEDEEN BUILDIN
address: 00963
address: DAMASCUS
address: Syrian Arab Republic
phone: +96393442550
fax-no: +9631144670061
e-mail: yal@aya.sy
SAROUJA STREET - BAHSA ABEDEEN BUILDIN
address: 00963
address: DAMASCUS
address: Syrian Arab Republic
phone: +96393442550
fax-no: +9631144670061
e-mail: yal@aya.sy
You can ban him by doing something like this
iptables -A INPUT -s 90.153.128.13 -j DROP
Your server will appear as 'down' to that IP address until the next time you reboot it. If you want to do it permanently, you'll have to do a little more magic.
This will only be effective if he is spamming from one IP. You'll have to add one line for each IP. If he is doing something like a DDOS scrape (multi-IPs) you're outta luck.
I recently had my black hat bullshit content site scraped via a zombie network. IPs were everywhere. I just disabled the site for 24 hours and redirected all traffic to fbi.gov. I've heard of other people doing this. I'm sure it doesn't help but it did stop the attack.
iptables -A INPUT -s 90.153.128.13 -j DROP
Your server will appear as 'down' to that IP address until the next time you reboot it. If you want to do it permanently, you'll have to do a little more magic.
This will only be effective if he is spamming from one IP. You'll have to add one line for each IP. If he is doing something like a DDOS scrape (multi-IPs) you're outta luck.
I recently had my black hat bullshit content site scraped via a zombie network. IPs were everywhere. I just disabled the site for 24 hours and redirected all traffic to fbi.gov. I've heard of other people doing this. I'm sure it doesn't help but it did stop the attack.
- Status