City: Des Moines
Region: Iowa
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 13.64.0.0 - 13.107.255.255
CIDR: 13.64.0.0/11, 13.104.0.0/14, 13.96.0.0/13
NetName: MSFT
NetHandle: NET-13-64-0-0-1
Parent: NET13 (NET-13-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2015-03-26
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/13.64.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 13.89.125.27
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 44505
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;13.89.125.27. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025092100 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Sep 22 00:06:19 CST 2025
;; MSG SIZE rcvd: 10527.125.89.13.in-addr.arpa domain name pointer azpdcsga0bij.stretchoid.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
27.125.89.13.in-addr.arpa name = azpdcsga0bij.stretchoid.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 85.132.79.170 | attackbots | 20/3/17@04:39:02: FAIL: Alarm-Network address from=85.132.79.170 ... |
2020-03-18 02:03:33 |
| 195.46.187.229 | attack | Mar 17 19:50:05 www4 sshd\[10405\]: Invalid user ts5 from 195.46.187.229 Mar 17 19:50:05 www4 sshd\[10405\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=195.46.187.229 Mar 17 19:50:07 www4 sshd\[10405\]: Failed password for invalid user ts5 from 195.46.187.229 port 32902 ssh2 ... |
2020-03-18 02:08:30 |
| 88.129.208.44 | attackbotsspam | Telnet/23 MH Probe, Scan, BF, Hack - |
2020-03-18 02:03:12 |
| 27.66.74.118 | attack | TCP src-port=32937 dst-port=25 Listed on abuseat-org barracuda spamcop (207) |
2020-03-18 01:55:39 |
| 45.143.220.10 | attackspam | Port 5073 scan denied |
2020-03-18 02:06:10 |
| 115.73.129.170 | attackbotsspam | Automatic report - Port Scan Attack |
2020-03-18 02:07:42 |
| 129.213.36.226 | attackspam | Mar 17 19:18:23 OPSO sshd\[864\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.36.226 user=root Mar 17 19:18:25 OPSO sshd\[864\]: Failed password for root from 129.213.36.226 port 38406 ssh2 Mar 17 19:22:12 OPSO sshd\[1585\]: Invalid user louis from 129.213.36.226 port 51784 Mar 17 19:22:12 OPSO sshd\[1585\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.36.226 Mar 17 19:22:14 OPSO sshd\[1585\]: Failed password for invalid user louis from 129.213.36.226 port 51784 ssh2 |
2020-03-18 02:26:16 |
| 45.125.65.42 | attackbotsspam | Mar 17 18:53:03 srv01 postfix/smtpd\[4130\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 18:54:42 srv01 postfix/smtpd\[5405\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 18:55:17 srv01 postfix/smtpd\[6074\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 18:55:34 srv01 postfix/smtpd\[5405\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Mar 17 19:09:25 srv01 postfix/smtpd\[12235\]: warning: unknown\[45.125.65.42\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2020-03-18 02:12:50 |
| 222.186.175.150 | attackspambots | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.150 user=root Failed password for root from 222.186.175.150 port 11626 ssh2 Failed password for root from 222.186.175.150 port 11626 ssh2 Failed password for root from 222.186.175.150 port 11626 ssh2 Failed password for root from 222.186.175.150 port 11626 ssh2 |
2020-03-18 01:49:13 |
| 186.122.148.216 | attack | Mar 17 02:35:40 server sshd\[19119\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.148.216 user=root Mar 17 02:35:42 server sshd\[19119\]: Failed password for root from 186.122.148.216 port 53000 ssh2 Mar 17 13:53:36 server sshd\[8398\]: Invalid user zgl from 186.122.148.216 Mar 17 13:53:36 server sshd\[8398\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=186.122.148.216 Mar 17 13:53:38 server sshd\[8398\]: Failed password for invalid user zgl from 186.122.148.216 port 36124 ssh2 ... |
2020-03-18 01:45:54 |
| 81.16.113.126 | attackspam | Icarus honeypot on github |
2020-03-18 02:03:54 |
| 138.255.0.27 | attackbotsspam | web-1 [ssh] SSH Attack |
2020-03-18 02:13:47 |
| 120.1.144.170 | attackbotsspam | Telnet/23 MH Probe, Scan, BF, Hack - |
2020-03-18 02:09:37 |
| 212.129.87.55 | attackbotsspam | Chat Spam |
2020-03-18 02:05:14 |
| 192.241.238.51 | attackbots | [SMTP/25/465/587 Probe] [SMTPD] RECEIVED: EHLO zg-0312b-100 [SMTPD] SENT: 554 5.7.1 Rejected: BAD DOMAIN in EHLO (RFC5321). *(03171338) |
2020-03-18 02:02:10 |