城市(city): Phoenix
省份(region): Arizona
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 20.160.0.0 - 20.175.255.255
CIDR: 20.160.0.0/12
NetName: MSFT
NetHandle: NET-20-160-0-0-1
Parent: NET20 (NET-20-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2017-02-22
Updated: 2017-02-22
Ref: https://rdap.arin.net/registry/ip/20.160.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.168.7.106
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 45571
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.168.7.106. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026070101 1800 900 604800 86400
;; Query time: 34 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jul 02 02:30:10 CST 2026
;; MSG SIZE rcvd: 105
106.7.168.20.in-addr.arpa domain name pointer azpdwgts2fhe.stretchoid.com.
Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
106.7.168.20.in-addr.arpa name = azpdwgts2fhe.stretchoid.com.
Authoritative answers can be found from:
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 159.203.201.236 | attack | Unauthorized connection attempt detected from IP address 159.203.201.236 to port 119 |
2019-12-13 08:53:16 |
| 222.186.175.182 | attackbots | 2019-12-13T04:56:15.890293abusebot-7.cloudsearch.cf sshd\[16781\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.182 user=root 2019-12-13T04:56:18.308295abusebot-7.cloudsearch.cf sshd\[16781\]: Failed password for root from 222.186.175.182 port 48088 ssh2 2019-12-13T04:56:21.176044abusebot-7.cloudsearch.cf sshd\[16781\]: Failed password for root from 222.186.175.182 port 48088 ssh2 2019-12-13T04:56:24.267340abusebot-7.cloudsearch.cf sshd\[16781\]: Failed password for root from 222.186.175.182 port 48088 ssh2 |
2019-12-13 13:00:56 |
| 106.13.101.21 | attackbots | 'IP reached maximum auth failures for a one day block' |
2019-12-13 13:00:05 |
| 110.38.10.56 | attackspambots | Unauthorized connection attempt from IP address 110.38.10.56 on Port 445(SMB) |
2019-12-13 09:12:12 |
| 125.231.45.24 | attack | Unauthorized connection attempt detected from IP address 125.231.45.24 to port 445 |
2019-12-13 08:59:33 |
| 217.75.217.242 | attackbotsspam | Dec 13 05:50:40 jane sshd[941]: Failed password for root from 217.75.217.242 port 52630 ssh2 Dec 13 05:56:15 jane sshd[5021]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=217.75.217.242 ... |
2019-12-13 13:09:28 |
| 209.85.216.68 | attack | Spam/Phish - smtp.mailfrom=yqppkfcuk6vc4grshvvb1.com; live.com; dkim=pass (signature wasReceived: from HE1EUR01HT099.eop-EUR01.prod.protection.outlook.com Received: from HE1EUR01FT029.eop-EUR01.prod.protection.outlook.com Received: from mail-pj1-f68.google.com (209.85.216.68) by Received: by mail-pj1-f68.google.com with SMTP id w5so149728pjh.11 |
2019-12-13 09:09:49 |
| 103.35.64.73 | attackbotsspam | Dec 13 05:49:42 vps647732 sshd[4149]: Failed password for root from 103.35.64.73 port 47566 ssh2 Dec 13 05:57:25 vps647732 sshd[4372]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.35.64.73 ... |
2019-12-13 13:06:26 |
| 191.55.50.194 | attackbots | Unauthorized connection attempt from IP address 191.55.50.194 on Port 445(SMB) |
2019-12-13 09:05:44 |
| 202.80.213.218 | attackbotsspam | Unauthorized connection attempt from IP address 202.80.213.218 on Port 445(SMB) |
2019-12-13 09:10:14 |
| 212.144.102.107 | attackspam | Dec 13 07:50:40 server sshd\[13528\]: Invalid user backup from 212.144.102.107 Dec 13 07:50:40 server sshd\[13528\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 Dec 13 07:50:41 server sshd\[13528\]: Failed password for invalid user backup from 212.144.102.107 port 60850 ssh2 Dec 13 07:56:22 server sshd\[15211\]: Invalid user joomla from 212.144.102.107 Dec 13 07:56:22 server sshd\[15211\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=212.144.102.107 ... |
2019-12-13 13:03:57 |
| 180.215.120.2 | attack | Dec 12 14:26:16 tdfoods sshd\[1095\]: Invalid user hungkang from 180.215.120.2 Dec 12 14:26:16 tdfoods sshd\[1095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.215.120.2 Dec 12 14:26:18 tdfoods sshd\[1095\]: Failed password for invalid user hungkang from 180.215.120.2 port 42312 ssh2 Dec 12 14:32:11 tdfoods sshd\[1683\]: Invalid user pi from 180.215.120.2 Dec 12 14:32:11 tdfoods sshd\[1683\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.215.120.2 |
2019-12-13 08:46:55 |
| 78.128.113.125 | attackbotsspam | Dec 13 01:09:08 srv01 postfix/smtpd\[19957\]: warning: unknown\[78.128.113.125\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 13 01:09:16 srv01 postfix/smtpd\[15511\]: warning: unknown\[78.128.113.125\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 13 01:13:31 srv01 postfix/smtpd\[19957\]: warning: unknown\[78.128.113.125\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 13 01:13:39 srv01 postfix/smtpd\[19957\]: warning: unknown\[78.128.113.125\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 Dec 13 01:15:37 srv01 postfix/smtpd\[19957\]: warning: unknown\[78.128.113.125\]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 ... |
2019-12-13 08:45:34 |
| 203.195.152.247 | attackbots | fail2ban |
2019-12-13 08:51:29 |
| 36.81.29.191 | attackspambots | Unauthorized connection attempt detected from IP address 36.81.29.191 to port 445 |
2019-12-13 13:05:55 |