城市(city): Madrid
省份(region): Comunidad de Madrid
国家(country): Spain
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 68.218.0.0 - 68.221.255.255
CIDR: 68.218.0.0/15, 68.220.0.0/15
NetName: MSFT
NetHandle: NET-68-218-0-0-2
Parent: NET68 (NET-68-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2019-12-11
Updated: 2019-12-11
Ref: https://rdap.arin.net/registry/ip/68.218.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 68.221.139.109
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12928
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;68.221.139.109. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026032300 1800 900 604800 86400
;; Query time: 5 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Mar 23 17:30:02 CST 2026
;; MSG SIZE rcvd: 107Host 109.139.221.68.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 109.139.221.68.in-addr.arpa: NXDOMAIN| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 187.16.96.35 | attackbots | Dec 23 05:47:56 auw2 sshd\[20683\]: Invalid user jandl from 187.16.96.35 Dec 23 05:47:56 auw2 sshd\[20683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mvx-187-16-96-35.mundivox.com Dec 23 05:47:58 auw2 sshd\[20683\]: Failed password for invalid user jandl from 187.16.96.35 port 46120 ssh2 Dec 23 05:54:15 auw2 sshd\[21241\]: Invalid user telford from 187.16.96.35 Dec 23 05:54:15 auw2 sshd\[21241\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=mvx-187-16-96-35.mundivox.com |
2019-12-24 01:12:54 |
| 90.150.205.173 | attack | DATE:2019-12-23 15:58:27, IP:90.150.205.173, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2019-12-24 00:56:48 |
| 145.239.91.88 | attackspambots | Feb 20 23:29:26 dillonfme sshd\[417\]: Invalid user user from 145.239.91.88 port 44662 Feb 20 23:29:26 dillonfme sshd\[417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 Feb 20 23:29:28 dillonfme sshd\[417\]: Failed password for invalid user user from 145.239.91.88 port 44662 ssh2 Feb 20 23:35:07 dillonfme sshd\[562\]: Invalid user user from 145.239.91.88 port 35768 Feb 20 23:35:07 dillonfme sshd\[562\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=145.239.91.88 ... |
2019-12-24 00:51:57 |
| 31.41.195.206 | attack | Unauthorized connection attempt detected from IP address 31.41.195.206 to port 1433 |
2019-12-24 00:43:40 |
| 124.156.54.249 | attackbotsspam | MultiHost/MultiPort Probe, Scan, Hack - |
2019-12-24 00:54:31 |
| 106.12.3.189 | attackspam | $f2bV_matches |
2019-12-24 00:44:53 |
| 149.56.131.73 | attackbots | Dec 23 15:20:04 pi sshd\[18286\]: Failed password for invalid user admin from 149.56.131.73 port 42508 ssh2 Dec 23 15:25:52 pi sshd\[18500\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.131.73 user=root Dec 23 15:25:54 pi sshd\[18500\]: Failed password for root from 149.56.131.73 port 48582 ssh2 Dec 23 15:31:35 pi sshd\[18738\]: Invalid user webadmin from 149.56.131.73 port 54652 Dec 23 15:31:35 pi sshd\[18738\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.56.131.73 ... |
2019-12-24 01:25:05 |
| 129.213.18.41 | attackbots | Dec 1 14:22:49 yesfletchmain sshd\[2851\]: Invalid user dalsanto from 129.213.18.41 port 41366 Dec 1 14:22:49 yesfletchmain sshd\[2851\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.18.41 Dec 1 14:22:51 yesfletchmain sshd\[2851\]: Failed password for invalid user dalsanto from 129.213.18.41 port 41366 ssh2 Dec 1 14:28:37 yesfletchmain sshd\[3261\]: User games from 129.213.18.41 not allowed because not listed in AllowUsers Dec 1 14:28:37 yesfletchmain sshd\[3261\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.18.41 user=games ... |
2019-12-24 00:52:37 |
| 91.219.89.97 | attackbots | Unauthorized connection attempt detected from IP address 91.219.89.97 to port 445 |
2019-12-24 00:59:16 |
| 185.175.93.14 | attack | Fail2Ban Ban Triggered |
2019-12-24 01:13:59 |
| 49.233.141.224 | attackbotsspam | Dec 23 16:58:35 OPSO sshd\[18371\]: Invalid user rpc from 49.233.141.224 port 50442 Dec 23 16:58:35 OPSO sshd\[18371\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.141.224 Dec 23 16:58:37 OPSO sshd\[18371\]: Failed password for invalid user rpc from 49.233.141.224 port 50442 ssh2 Dec 23 17:05:43 OPSO sshd\[19727\]: Invalid user nfs from 49.233.141.224 port 42288 Dec 23 17:05:43 OPSO sshd\[19727\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.141.224 |
2019-12-24 01:01:05 |
| 129.213.153.229 | attackspam | Feb 19 13:42:59 dillonfme sshd\[15703\]: Invalid user netflow from 129.213.153.229 port 65043 Feb 19 13:42:59 dillonfme sshd\[15703\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.153.229 Feb 19 13:43:01 dillonfme sshd\[15703\]: Failed password for invalid user netflow from 129.213.153.229 port 65043 ssh2 Feb 19 13:48:23 dillonfme sshd\[15913\]: Invalid user testftp from 129.213.153.229 port 32405 Feb 19 13:48:23 dillonfme sshd\[15913\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=129.213.153.229 ... |
2019-12-24 01:02:41 |
| 181.236.247.136 | attack | 181.236.247.136 - - [23/Dec/2019:09:58:23 -0500] "GET /index.cfm?page=..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&manufacturerID=15&collectionID=161 HTTP/1.1" 200 19262 "https:// /index.cfm?page=..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd&manufacturerID=15&collectionID=161" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" ... |
2019-12-24 00:55:35 |
| 183.203.96.56 | attack | Dec 23 21:23:06 vibhu-HP-Z238-Microtower-Workstation sshd\[31156\]: Invalid user domaratsky from 183.203.96.56 Dec 23 21:23:06 vibhu-HP-Z238-Microtower-Workstation sshd\[31156\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.203.96.56 Dec 23 21:23:08 vibhu-HP-Z238-Microtower-Workstation sshd\[31156\]: Failed password for invalid user domaratsky from 183.203.96.56 port 43482 ssh2 Dec 23 21:29:59 vibhu-HP-Z238-Microtower-Workstation sshd\[31430\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.203.96.56 user=root Dec 23 21:30:01 vibhu-HP-Z238-Microtower-Workstation sshd\[31430\]: Failed password for root from 183.203.96.56 port 58546 ssh2 ... |
2019-12-24 01:07:11 |
| 211.21.193.189 | attackspambots | Unauthorized connection attempt detected from IP address 211.21.193.189 to port 445 |
2019-12-24 01:09:08 |