I got mail from snapchat that my account is logged in and they also sent some data about who logged into my account like IP address(49.206.223.160). I AM not the one who logged into my account then I got to know that someone has hacked the account. The only clue with which I was left is IP address which I am sure is that the attacker is not using any VPN. When I checked about the IP address data in https://whatismyipaddress.com/ it shows attacker is using ACT fibernet(ISP).
Now can I know about the information like area where this IP address is served by ISP.
Such tools actually exist. I'm familiar with MaxMind, which is commercial.
They apparently have a free demo. I fed the IP 49.206.222.39 and got:
Country Code: IN
Location: Hyderabad, Telangana, India, Asia
Network: 49.206.220.0/22
Postal Code: 500001
Approximate Coordinates: 17.3846, 78.4574
Accuracy Radius (km): 1
ISP: ACT Fibernet
Organization: ACT Fibernet
Domain: actcorp.in
Metro Code: (empty)
Related
My website suddenly stopped working.
When I search for the domain name in WHOIS websites it is showing the correct server ip address and correct DNS IP address.
I can reach the website by its IP address but somehow when I am trying the domain name in browser its not working and its showing "This site can’t be reached"!
There is no error in my server log.
I tried different browsers and different systems and it is same issue.
I am really confused. Even when I am sending GET requests with Postman to my domain, it not reachable but sending request to IP is working!
whois and DNS resolution are two separate things and one does not imply anything for the other, so in short, except in very specific cases, if you have a DNS resolution problem you should use DNS troubleshooting tools, not the whois and especially not web-based whois (the only relevant whois is the registry one).
Now you are giving so few details that noone can really help.
Among the possible ideas to check and probable problems:
you forgot to renew the domain, your registrar put it on hold or worse deleted it (that you can see in whois)
you did a change in the DNS resolution and now it does not work anymore, use online troubleshooting tools like Zonemaster or DNSViz; alternatively your registrar and/or webhosting company should be able to help (since you are neither giving here the domain name nor details about the troubleshooting you do: for DNS problems, the browser is not the first tool to use, look instead at dig).
in appear that the problem was DNS on our local system. we changed it to 8.8.8.8 and then we could access to our domain!
it's usually because you use an addon domain, not the main domain for hosting orders that are set up on cpanel whm
I'm helping my uncle who has a website that he doesn't remember anything about, whatsoever. He has had it for years and he's very unstructured. I tried getting him to find a bill from the hosting-company, where he has his website - but he says he's paying to so many things that he doens't know what is, so that wasn't an option.
I tried running a whois on his domain, but it's pointing to a free online DNS-redelegation tool ( www.gratisDNS.dk - the nameservers are called ns1.gratisdns.dk, ns2.gratisdns.dk, ...). I know that many companies use this tool to redirect the traffic to their own hosting-solution (since gratisdns means 'free dns').
So the question is, if I can find the hosting company some other way, by having the domain name and the name-servers? I would assume that the answer is 'no' (just FYI).
The WHOIS protocol works for IP addresses, as well as domain names. If you find the IP address the site is hosted on and look it up, it should return information about the owner of the IP address and therefore who hosts the website.
For example, for stackoverflow.com:
$ ping stackoverflow.com
PING stackoverflow.com (104.16.33.249) 56(84) bytes of data.
...
$ whois 104.16.33.249
...
NetRange: 104.16.0.0 - 104.31.255.255
CIDR: 104.16.0.0/12
NetName: CLOUDFLARENET
NetHandle: NET-104-16-0-0-1
Parent: NET104 (NET-104-0-0-0-0)
NetType: Direct Assignment
OriginAS: AS13335
Organization: CloudFlare, Inc. (CLOUD14)
RegDate: 2014-03-28
Updated: 2015-10-01
Comment: https://www.cloudflare.com
Ref: http://whois.arin.net/rest/net/NET-104-16-0-0-1
...
find hostnames associated with IP's. Do whois look up.
WHois tool is the best tool to find the details of a host. All you have to do is visit whois and enter domain name in the search box and hit the search button. All the information will be displayed on your screen along with hosting company and domain name registrar.
I had a website at http://berkelilingkesemua.info/ and I also had a specifically IP address for visitors like this http://74.82.164.10/ and what is term for that ?.
How could I make an IP address can be accessed by visitors like domain name ?. I got information from my server administrator. He told to me, I have to parked my an IP address such as parked a domain name. But I do not know, what is term for that ?.
Indonesia country has blocked many websites such as vimeo.com and other website. Not only that, in my country also blocks "Public DNS" such as Google Public DNS like this https://developers.google.com/speed/public-dns/ and you definitely know it.
My country is very extreme for blocks a website. You definitely know about my country had very extreme laws or very extreme constitutions such as censor or blur on local TV, porn laws, etc. Almost the same like ISIS laws or other terrorist laws. Maybe parliament in my country has controlled by terrorist or for corruption with many reasons like blocks a website. You definitely know that.
Therefore, many websites use a specifically IP address for visitors to avoid censor. So, visitors do not need PPTP VPN, other VPN or Proxy to unblock a website. They can be directly to a website which is blocked without domain name. But I do not know, what is term for that ?.
Do you know term for that ?.
Colloquially, "numeric IP address".
More technically, "IP address" is always numeric; format like 74.82.164.10 is "dotted decimal IPv4 address", as opposed to, say, hexadecimal IPv6 addresses, or pure decimal, where 74.82.164.10 is equivalent to 1246929930 (here, try it: http://1246929930/).
berkelilingkesemua.info is technically not an IP address, as it cannot be used directly in Internet Protocol (IP), but has to be first resolved to a real (numeric) IP address. It is a "fully qualified domain name", or FQDN.
"Parking an IP address" does not make sense to me. "Parking a domain name" is the practice of pointing a domain name to a temporary IP address while you don't have a real server to point it to yet, in order to keep the domain name registered to you while you don't have a real server to point it to. I am not sure how it is related to the other part of your question.
I have setup a subdomain as 'gallery' for my website, which is eastwest.org. We are using Big Cartel as an ecommerce store, so in order to point to gallery.eastwest.org, I've created the CNAME with Alias as 'gallery' and Host Name as 'ewministries.bigcartel.com.'
I'm remote and outside the company network, so I can see the site just fine. However, employees inside of our office network, cannot reach the page before it times out.
Any thoughts on how to get this to work inside the company too? I'm sure I'm missing some simple DNS change.
Thanks!
Chelsea
Not fully sure what the web address you are checking is but try this:
From a computer within your company network:
Open command prompt
type: nslookup
type: set type=all
type: the address of the website
Post the result
My site still gets requests from one IP address - 195.210.29.12.
When I tried nslookup for that it shown me
Name: data12.websupport.sk
Address: 195.210.29.12
That is the hostname of one hosting provider. When I tried to realize which domain it is by using http://www.yougetsignal.com/tools/web-sites-on-web-server/ it gave ma about 500 results.
My question is - is it possible to realize which domain it was?
Thanks.
Every Provider has an abuse Mailbox. If anyone tries to hack you page or sth like that, you can write a mail to the Provider. In this case following mail to:
abuse-mailbox: abuse#websupport.sk