City: San Antonio
Region: Texas
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 20.33.0.0 - 20.128.255.255
CIDR: 20.40.0.0/13, 20.128.0.0/16, 20.33.0.0/16, 20.64.0.0/10, 20.36.0.0/14, 20.34.0.0/15, 20.48.0.0/12
NetName: MSFT
NetHandle: NET-20-33-0-0-1
Parent: NET20 (NET-20-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2017-10-18
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/20.33.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.64.106.19
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 4123
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.64.106.19. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026061702 1800 900 604800 86400
;; Query time: 7 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 18 07:00:26 CST 2026
;; MSG SIZE rcvd: 10519.106.64.20.in-addr.arpa domain name pointer azpdsgdjvea2.stretchoid.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
19.106.64.20.in-addr.arpa name = azpdsgdjvea2.stretchoid.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 185.216.140.31 | attack |
|
2020-08-27 00:06:59 |
| 154.160.6.67 | attackspambots | Wordpress attack |
2020-08-26 23:57:47 |
| 139.99.120.194 | attackspam | scans 35 times in preceeding hours on the ports (in chronological order) 2006 2007 2008 2009 2010 2010 2012 2013 2014 2015 2016 2017 2018 2021 2026 2027 2028 2029 2030 2031 2032 2010 2034 2035 2036 2037 2038 2039 2040 2041 2042 2043 2044 2045 2046 |
2020-08-26 23:59:05 |
| 94.191.23.15 | attackbotsspam | 2020-08-26T16:35:59.337713ks3355764 sshd[20696]: Invalid user kyr from 94.191.23.15 port 56950 2020-08-26T16:36:01.980342ks3355764 sshd[20696]: Failed password for invalid user kyr from 94.191.23.15 port 56950 ssh2 ... |
2020-08-26 23:38:42 |
| 103.30.151.17 | attackspambots | (sshd) Failed SSH login from 103.30.151.17 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Aug 26 12:34:00 stl1 sshd[22736]: Invalid user david from 103.30.151.17 port 24852 Aug 26 12:34:02 stl1 sshd[22736]: Failed password for invalid user david from 103.30.151.17 port 24852 ssh2 Aug 26 12:34:36 stl1 sshd[22743]: Invalid user proxy from 103.30.151.17 port 33471 Aug 26 12:34:37 stl1 sshd[22743]: Failed password for invalid user proxy from 103.30.151.17 port 33471 ssh2 Aug 26 12:35:13 stl1 sshd[22763]: Invalid user zope from 103.30.151.17 port 26997 |
2020-08-26 23:44:38 |
| 103.151.125.106 | attack | Unauthorized connection attempt from IP address 103.151.125.106 |
2020-08-27 00:02:03 |
| 62.234.156.221 | attackbotsspam | 2020-08-26T17:36:43.165084lavrinenko.info sshd[659]: Invalid user sharks from 62.234.156.221 port 58732 2020-08-26T17:36:43.172057lavrinenko.info sshd[659]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.156.221 2020-08-26T17:36:43.165084lavrinenko.info sshd[659]: Invalid user sharks from 62.234.156.221 port 58732 2020-08-26T17:36:45.508975lavrinenko.info sshd[659]: Failed password for invalid user sharks from 62.234.156.221 port 58732 ssh2 2020-08-26T17:40:25.274424lavrinenko.info sshd[746]: Invalid user token from 62.234.156.221 port 40108 ... |
2020-08-26 23:49:02 |
| 193.27.229.47 | attack | firewall-block, port(s): 11587/tcp, 11591/tcp, 11684/tcp |
2020-08-26 23:55:16 |
| 40.118.226.96 | attack | Aug 26 14:35:06 ncomp sshd[539]: Invalid user sambaup from 40.118.226.96 Aug 26 14:35:06 ncomp sshd[539]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=40.118.226.96 Aug 26 14:35:06 ncomp sshd[539]: Invalid user sambaup from 40.118.226.96 Aug 26 14:35:08 ncomp sshd[539]: Failed password for invalid user sambaup from 40.118.226.96 port 37810 ssh2 |
2020-08-26 23:47:59 |
| 213.217.1.38 | attack | firewall-block, port(s): 24149/tcp |
2020-08-26 23:40:16 |
| 120.201.0.164 | attack | Aug 26 14:11:28 sip sshd[6735]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.201.0.164 Aug 26 14:11:29 sip sshd[6735]: Failed password for invalid user anand from 120.201.0.164 port 18119 ssh2 Aug 26 14:35:32 sip sshd[13038]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=120.201.0.164 |
2020-08-26 23:19:59 |
| 111.231.202.118 | attackspambots | Aug 26 16:04:36 buvik sshd[24667]: Failed password for invalid user intel from 111.231.202.118 port 38176 ssh2 Aug 26 16:07:35 buvik sshd[25110]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.202.118 user=root Aug 26 16:07:37 buvik sshd[25110]: Failed password for root from 111.231.202.118 port 41438 ssh2 ... |
2020-08-26 23:37:11 |
| 85.209.0.158 | attack | scans 3 times in preceeding hours on the ports (in chronological order) 3128 3128 3128 |
2020-08-27 00:04:12 |
| 139.180.195.64 | attack | Aug 25 20:13:36 online-web-1 sshd[2877193]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.180.195.64 user=r.r Aug 25 20:13:38 online-web-1 sshd[2877193]: Failed password for r.r from 139.180.195.64 port 33072 ssh2 Aug 25 20:13:38 online-web-1 sshd[2877193]: Received disconnect from 139.180.195.64 port 33072:11: Bye Bye [preauth] Aug 25 20:13:38 online-web-1 sshd[2877193]: Disconnected from 139.180.195.64 port 33072 [preauth] Aug 25 20:15:11 online-web-1 sshd[2877352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.180.195.64 user=mysql Aug 25 20:15:13 online-web-1 sshd[2877352]: Failed password for mysql from 139.180.195.64 port 50618 ssh2 Aug 25 20:15:13 online-web-1 sshd[2877352]: Received disconnect from 139.180.195.64 port 50618:11: Bye Bye [preauth] Aug 25 20:15:13 online-web-1 sshd[2877352]: Disconnected from 139.180.195.64 port 50618 [preauth] Aug 25 20:16:35 online-web-1........ ------------------------------- |
2020-08-26 23:35:45 |
| 211.149.252.5 | attackbots | scans 5 times in preceeding hours on the ports (in chronological order) 3386 55555 8000 3396 3400 |
2020-08-26 23:51:23 |