Extracting Organization ID from WhoIs Query

Asked Apr 11 '16 at 15:12

Active Apr 11 '16 at 15:12

Viewed 82 times

I am trying to extract OrgId from whois query to detect malicious servers.

whois 69.59.28.19 | grep OrgId: | awk '{print $2}'

But for some IPs there are multiple OrgId entries.

whois 69.59.28.19

whois 208.115.113.93

What is the reason of this kind of double Organization information in WhoIs answers?

And which OrgId should be chosen to detect malicious IP owner?

asked Apr 11 '16 at 15:12

NecNecco

0 Answers0