城市(city): Frankfurt am Main
省份(region): Hessen
国家(country): Germany
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 20.33.0.0 - 20.128.255.255
CIDR: 20.128.0.0/16, 20.33.0.0/16, 20.34.0.0/15, 20.36.0.0/14, 20.48.0.0/12, 20.40.0.0/13, 20.64.0.0/10
NetName: MSFT
NetHandle: NET-20-33-0-0-1
Parent: NET20 (NET-20-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2017-10-18
Updated: 2021-12-14
Ref: https://rdap.arin.net/registry/ip/20.33.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.79.254.126
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62906
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.79.254.126. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025102301 1800 900 604800 86400
;; Query time: 11 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Oct 24 12:01:28 CST 2025
;; MSG SIZE rcvd: 106Host 126.254.79.20.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 126.254.79.20.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 45.93.20.146 | attackbotsspam | firewall-block, port(s): 40941/tcp |
2019-12-02 04:56:57 |
| 80.153.160.231 | attackspam | Lines containing failures of 80.153.160.231 Dec 1 14:25:59 shared07 sshd[2534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.153.160.231 user=r.r Dec 1 14:26:01 shared07 sshd[2534]: Failed password for r.r from 80.153.160.231 port 59581 ssh2 Dec 1 14:26:01 shared07 sshd[2534]: Received disconnect from 80.153.160.231 port 59581:11: Bye Bye [preauth] Dec 1 14:26:01 shared07 sshd[2534]: Disconnected from authenticating user r.r 80.153.160.231 port 59581 [preauth] Dec 1 14:46:30 shared07 sshd[9843]: Invalid user haertel from 80.153.160.231 port 43022 Dec 1 14:46:30 shared07 sshd[9843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=80.153.160.231 Dec 1 14:46:32 shared07 sshd[9843]: Failed password for invalid user haertel from 80.153.160.231 port 43022 ssh2 Dec 1 14:46:33 shared07 sshd[9843]: Received disconnect from 80.153.160.231 port 43022:11: Bye Bye [preauth] Dec 1 14:46:33 ........ ------------------------------ |
2019-12-02 04:25:37 |
| 63.224.216.238 | attack | Automatic report - Port Scan Attack |
2019-12-02 04:45:38 |
| 181.48.116.50 | attack | Dec 1 20:49:40 v22018086721571380 sshd[25331]: Failed password for invalid user cataldo from 181.48.116.50 port 56034 ssh2 Dec 1 21:51:52 v22018086721571380 sshd[29566]: Failed password for invalid user teamspeak from 181.48.116.50 port 48228 ssh2 |
2019-12-02 05:01:30 |
| 218.92.0.178 | attackbots | Dec 1 17:50:02 firewall sshd[12992]: Failed password for root from 218.92.0.178 port 35177 ssh2 Dec 1 17:50:05 firewall sshd[12992]: Failed password for root from 218.92.0.178 port 35177 ssh2 Dec 1 17:50:09 firewall sshd[12992]: Failed password for root from 218.92.0.178 port 35177 ssh2 ... |
2019-12-02 04:51:57 |
| 83.103.98.211 | attackspam | $f2bV_matches |
2019-12-02 04:56:33 |
| 123.16.157.254 | attack | Lines containing failures of 123.16.157.254 2019-12-01 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=123.16.157.254 |
2019-12-02 04:29:29 |
| 138.197.166.110 | attackbots | Fail2Ban Ban Triggered |
2019-12-02 04:37:59 |
| 95.213.177.122 | attack | Port scan on 4 port(s): 1080 3128 8000 65531 |
2019-12-02 04:56:01 |
| 222.186.175.169 | attack | k+ssh-bruteforce |
2019-12-02 04:34:14 |
| 103.231.92.74 | attackbotsspam | Dec 1 15:22:55 mail1 sshd[15612]: Invalid user vodafone from 103.231.92.74 port 64824 Dec 1 15:22:56 mail1 sshd[15612]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.231.92.74 Dec 1 15:22:58 mail1 sshd[15612]: Failed password for invalid user vodafone from 103.231.92.74 port 64824 ssh2 Dec 1 15:22:58 mail1 sshd[15612]: Connection closed by 103.231.92.74 port 64824 [preauth] ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=103.231.92.74 |
2019-12-02 04:36:12 |
| 114.88.101.92 | attack | Dec 1 09:07:30 eola postfix/smtpd[15873]: connect from unknown[114.88.101.92] Dec 1 09:07:31 eola postfix/smtpd[15873]: lost connection after AUTH from unknown[114.88.101.92] Dec 1 09:07:31 eola postfix/smtpd[15873]: disconnect from unknown[114.88.101.92] ehlo=1 auth=0/1 commands=1/2 Dec 1 09:07:31 eola postfix/smtpd[15873]: connect from unknown[114.88.101.92] Dec 1 09:07:32 eola postfix/smtpd[15873]: lost connection after AUTH from unknown[114.88.101.92] Dec 1 09:07:32 eola postfix/smtpd[15873]: disconnect from unknown[114.88.101.92] ehlo=1 auth=0/1 commands=1/2 Dec 1 09:07:32 eola postfix/smtpd[15873]: connect from unknown[114.88.101.92] Dec 1 09:07:37 eola postfix/smtpd[15873]: lost connection after AUTH from unknown[114.88.101.92] Dec 1 09:07:37 eola postfix/smtpd[15873]: disconnect from unknown[114.88.101.92] ehlo=1 auth=0/1 commands=1/2 Dec 1 09:07:38 eola postfix/smtpd[15873]: connect from unknown[114.88.101.92] Dec 1 09:07:39 eola postfix/smtpd[15873]........ ------------------------------- |
2019-12-02 05:00:04 |
| 46.105.124.52 | attackbotsspam | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.52 user=lp Failed password for lp from 46.105.124.52 port 52703 ssh2 Invalid user www from 46.105.124.52 port 42148 pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=46.105.124.52 Failed password for invalid user www from 46.105.124.52 port 42148 ssh2 |
2019-12-02 04:26:47 |
| 104.236.112.52 | attack | Dec 1 19:11:22 l02a sshd[9668]: Invalid user fadlan from 104.236.112.52 Dec 1 19:11:22 l02a sshd[9668]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.236.112.52 Dec 1 19:11:22 l02a sshd[9668]: Invalid user fadlan from 104.236.112.52 Dec 1 19:11:24 l02a sshd[9668]: Failed password for invalid user fadlan from 104.236.112.52 port 60481 ssh2 |
2019-12-02 04:44:50 |
| 186.249.192.102 | attack | (From ashton.marshburn@outlook.com) Hi there I just checked out your website savannahhillsfamilychiropractic.com and wanted to find out if you need help for SEO Link Building ? If you aren't using SEO Software then you will know the amount of work load involved in creating accounts, confirming emails and submitting your contents to thousands of websites. With THIS SOFTWARE the link submission process will be the easiest task and completely automated, you will be able to build unlimited number of links and increase traffic to your websites which will lead to a higher number of customers and much more sales for you. IF YOU ARE INTERESTED, We offer you 7 days free trial ==> http://bit.ly/Robot_Submitter Kind Regards, Ashton Marshburn ! Business Development Manager |
2019-12-02 04:35:38 |