City: Des Moines
Region: Iowa
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 20.33.0.0 - 20.128.255.255
CIDR: 20.64.0.0/10, 20.128.0.0/16, 20.36.0.0/14, 20.34.0.0/15, 20.40.0.0/13, 20.33.0.0/16, 20.48.0.0/12
NetName: MSFT
NetHandle: NET-20-33-0-0-1
Parent: NET20 (NET-20-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2017-10-18
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/20.33.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.118.232.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 23768
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.118.232.75. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025101000 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 10 16:31:26 CST 2025
;; MSG SIZE rcvd: 10675.232.118.20.in-addr.arpa domain name pointer azpdcg6w2wu2.stretchoid.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
75.232.118.20.in-addr.arpa name = azpdcg6w2wu2.stretchoid.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 217.131.73.147 | attackbots | Honeypot attack, port: 445, PTR: host-217-131-73-147.reverse.superonline.net. |
2020-07-24 22:27:49 |
| 189.124.23.60 | attackspambots | Icarus honeypot on github |
2020-07-24 22:54:59 |
| 218.104.225.140 | attackbotsspam | Jul 24 14:33:56 vps-51d81928 sshd[97871]: Invalid user broke from 218.104.225.140 port 49014 Jul 24 14:33:56 vps-51d81928 sshd[97871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=218.104.225.140 Jul 24 14:33:56 vps-51d81928 sshd[97871]: Invalid user broke from 218.104.225.140 port 49014 Jul 24 14:33:59 vps-51d81928 sshd[97871]: Failed password for invalid user broke from 218.104.225.140 port 49014 ssh2 Jul 24 14:38:43 vps-51d81928 sshd[97936]: Invalid user ts from 218.104.225.140 port 24153 ... |
2020-07-24 22:43:16 |
| 159.65.149.139 | attackbots | 2020-07-24T20:43:23.090064billing sshd[16956]: Invalid user user from 159.65.149.139 port 43618 2020-07-24T20:43:25.022935billing sshd[16956]: Failed password for invalid user user from 159.65.149.139 port 43618 ssh2 2020-07-24T20:48:09.307943billing sshd[24579]: Invalid user info from 159.65.149.139 port 57568 ... |
2020-07-24 22:40:41 |
| 115.84.92.84 | attackspambots | xmlrpc attack |
2020-07-24 23:10:31 |
| 192.163.207.200 | attack | 192.163.207.200 - - \[24/Jul/2020:15:47:41 +0200\] "POST /wp-login.php HTTP/1.0" 200 2507 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - \[24/Jul/2020:15:47:46 +0200\] "POST /wp-login.php HTTP/1.0" 200 2473 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 192.163.207.200 - - \[24/Jul/2020:15:47:51 +0200\] "POST /wp-login.php HTTP/1.0" 200 2470 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2020-07-24 22:59:28 |
| 104.144.30.170 | attackbots | (From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-24 23:10:58 |
| 222.186.190.14 | attackspam | Jul 24 15:16:22 rocket sshd[3080]: Failed password for root from 222.186.190.14 port 62957 ssh2 Jul 24 15:16:24 rocket sshd[3080]: Failed password for root from 222.186.190.14 port 62957 ssh2 Jul 24 15:16:27 rocket sshd[3080]: Failed password for root from 222.186.190.14 port 62957 ssh2 ... |
2020-07-24 22:30:30 |
| 175.4.212.149 | attackbots | Honeypot attack, port: 81, PTR: PTR record not found |
2020-07-24 23:00:04 |
| 209.17.96.178 | attackbotsspam | port scan and connect, tcp 8443 (https-alt) |
2020-07-24 22:44:20 |
| 36.248.158.85 | attackbots | 2020-07-24T13:48:15+0000 Failed SSH Authentication/Brute Force Attack. (Server 6) |
2020-07-24 22:33:45 |
| 182.74.151.218 | attackbotsspam | Honeypot attack, port: 445, PTR: PTR record not found |
2020-07-24 22:49:10 |
| 139.99.92.181 | attackspam | Port probing on unauthorized port 19654 |
2020-07-24 22:58:01 |
| 192.144.129.193 | attack | 20 attempts against mh-misbehave-ban on cedar |
2020-07-24 22:53:32 |
| 185.220.101.20 | attackspam | 2020-07-24T09:48:09.594371mail.thespaminator.com webmin[14725]: Non-existent login as admin from 185.220.101.20 2020-07-24T09:48:13.418247mail.thespaminator.com webmin[14770]: Invalid login as root from 185.220.101.20 ... |
2020-07-24 22:34:09 |