Con hacer un whois deberás tener al menos el ISP.
Los ISP suelen tener una dirección de correo para reportar abusos, mira un ejemplo de whois:
inetnum: <IP del Usuario>
netname: UNI2-NET
descr: Addresses IP for Home clients
descr: Uni2 - Woo
country: ES
admin-c: HAF10-RIPE
tech-c: HAF10-RIPE
status: ASSIGNED PA
remarks: For complaints of abuse from these addresses
remarks: please, send a mail to abuse@orange.es
mnt-by: UNI2-MNT
mnt-routes: UNI2-MNT
mnt-domains: UNI2-MNT
source: RIPE # Filtered
role: Hostmaster Administrator FTE
address: Parque Empresarial La Finca
address: Edificio 9
address: Paseo del Club Deportivo, 1
address: 28223 Pozuelo de Alarcon
address: Madrid, Spain
admin-c: HA1066-RIPE
admin-c: HA1067-RIPE
tech-c: HA1066-RIPE
tech-c: HA1067-RIPE
nic-hdl: HAF10-RIPE
remarks: spam, abuse reports....mailto: abuse@orange.es
abuse-mailbox:
mnt-by: UNI2-MNT
source: RIPE # Filtered
route: <IP del Usuario>
descr: Uni2 PA Block 1
origin: AS12479
mnt-by: UNI2-MNT