I use WHOIS for alot of requests every year for IP tracking and reporting (automated process). I dont need to know personal data. I just need the ISP , and their point of contact ie abuse,admin or whatever, and a method of contact.
Its incredibly rare to get a repeat attack on our devices that connect the internal and external networks as a result of chasing these people.
If its a proxy provider then the proxy is blocked.
Biting the hand that feeds IT
