City: Phoenix
Region: Arizona
Country: United States
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#
NetRange: 20.160.0.0 - 20.175.255.255
CIDR: 20.160.0.0/12
NetName: MSFT
NetHandle: NET-20-160-0-0-1
Parent: NET20 (NET-20-0-0-0-0)
NetType: Direct Allocation
OriginAS:
Organization: Microsoft Corporation (MSFT)
RegDate: 2017-02-22
Updated: 2017-02-22
Ref: https://rdap.arin.net/registry/ip/20.160.0.0
OrgName: Microsoft Corporation
OrgId: MSFT
Address: One Microsoft Way
City: Redmond
StateProv: WA
PostalCode: 98052
Country: US
RegDate: 1998-07-10
Updated: 2025-06-10
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Comment:
Comment: For SPAM and other abuse issues, such as Microsoft Accounts, please contact:
Comment: * abuse@microsoft.com.
Comment:
Comment: To report security vulnerabilities in Microsoft products and services, please contact:
Comment: * secure@microsoft.com.
Comment:
Comment: For legal and law enforcement-related requests, please contact:
Comment: * msndcc@microsoft.com
Comment:
Comment: For routing, peering or DNS issues, please
Comment: contact:
Comment: * IOC@microsoft.com
Ref: https://rdap.arin.net/registry/entity/MSFT
OrgTechHandle: BEDAR6-ARIN
OrgTechName: Bedard, Dawn
OrgTechPhone: +1-425-538-6637
OrgTechEmail: dabedard@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/BEDAR6-ARIN
OrgAbuseHandle: MAC74-ARIN
OrgAbuseName: Microsoft Abuse Contact
OrgAbusePhone: +1-425-882-8080
OrgAbuseEmail: abuse@microsoft.com
OrgAbuseRef: https://rdap.arin.net/registry/entity/MAC74-ARIN
OrgTechHandle: IPHOS5-ARIN
OrgTechName: IPHostmaster, IPHostmaster
OrgTechPhone: +1-425-538-6637
OrgTechEmail: iphostmaster@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/IPHOS5-ARIN
OrgTechHandle: MRPD-ARIN
OrgTechName: Microsoft Routing, Peering, and DNS
OrgTechPhone: +1-425-882-8080
OrgTechEmail: IOC@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/MRPD-ARIN
OrgTechHandle: SINGH683-ARIN
OrgTechName: Singh, Prachi
OrgTechPhone: +1-425-707-5601
OrgTechEmail: pracsin@microsoft.com
OrgTechRef: https://rdap.arin.net/registry/entity/SINGH683-ARIN
OrgRoutingHandle: CHATU3-ARIN
OrgRoutingName: Chaturmohta, Somesh
OrgRoutingPhone: +1-425-882-8080
OrgRoutingEmail: someshch@microsoft.com
OrgRoutingRef: https://rdap.arin.net/registry/entity/CHATU3-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2025, American Registry for Internet Numbers, Ltd.
#; <<>> DiG 9.10.3-P4-Ubuntu <<>> 20.169.49.231
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57383
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;20.169.49.231. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2025120300 1800 900 604800 86400
;; Query time: 13 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Dec 03 22:31:39 CST 2025
;; MSG SIZE rcvd: 106231.49.169.20.in-addr.arpa domain name pointer azpdwsru14bl.stretchoid.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
231.49.169.20.in-addr.arpa name = azpdwsru14bl.stretchoid.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 58.65.136.170 | attack | Aug 31 04:38:03 ubuntu-2gb-nbg1-dc3-1 sshd[19405]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=58.65.136.170 Aug 31 04:38:06 ubuntu-2gb-nbg1-dc3-1 sshd[19405]: Failed password for invalid user qw from 58.65.136.170 port 52080 ssh2 ... |
2019-08-31 14:19:06 |
| 23.129.64.180 | attackbots | Aug 31 03:26:04 Server10 sshd[18769]: User root from 23.129.64.180 not allowed because not listed in AllowUsers Aug 31 03:26:06 Server10 sshd[18769]: Failed password for invalid user root from 23.129.64.180 port 41632 ssh2 Aug 31 03:26:09 Server10 sshd[18769]: Failed password for invalid user root from 23.129.64.180 port 41632 ssh2 Aug 31 03:26:13 Server10 sshd[18769]: Failed password for invalid user root from 23.129.64.180 port 41632 ssh2 Aug 31 03:26:18 Server10 sshd[19015]: User root from 23.129.64.180 not allowed because not listed in AllowUsers Aug 31 03:26:20 Server10 sshd[19015]: Failed password for invalid user root from 23.129.64.180 port 45343 ssh2 |
2019-08-31 14:40:56 |
| 18.204.48.107 | attack | by Amazon Technologies Inc. |
2019-08-31 14:49:36 |
| 157.230.57.112 | attack | Aug 30 15:45:32 php2 sshd\[12628\]: Invalid user camel from 157.230.57.112 Aug 30 15:45:32 php2 sshd\[12628\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.57.112 Aug 30 15:45:34 php2 sshd\[12628\]: Failed password for invalid user camel from 157.230.57.112 port 41676 ssh2 Aug 30 15:49:42 php2 sshd\[13002\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.57.112 user=root Aug 30 15:49:44 php2 sshd\[13002\]: Failed password for root from 157.230.57.112 port 57436 ssh2 |
2019-08-31 14:53:55 |
| 203.24.50.229 | attackbotsspam | Unauthorized connection attempt from IP address 203.24.50.229 on Port 445(SMB) |
2019-08-31 14:50:11 |
| 80.82.77.33 | attack | 08/31/2019-00:07:23.629876 80.82.77.33 Protocol: 6 ET CINS Active Threat Intelligence Poor Reputation IP group 84 |
2019-08-31 14:35:03 |
| 43.226.69.182 | attackbotsspam | Aug 31 08:06:39 vps01 sshd[26825]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=43.226.69.182 Aug 31 08:06:41 vps01 sshd[26825]: Failed password for invalid user infa from 43.226.69.182 port 55698 ssh2 |
2019-08-31 14:20:06 |
| 176.44.0.245 | attackbotsspam | 2019-08-31T01:34:32.856Z CLOSE host=176.44.0.245 port=49699 fd=4 time=20.004 bytes=7 ... |
2019-08-31 14:05:06 |
| 89.248.172.85 | attackbotsspam | Port scan attempt detected by AWS-CCS, CTS, India |
2019-08-31 14:47:22 |
| 107.170.227.141 | attack | Aug 30 15:46:04 web9 sshd\[11085\]: Invalid user project from 107.170.227.141 Aug 30 15:46:04 web9 sshd\[11085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 Aug 30 15:46:06 web9 sshd\[11085\]: Failed password for invalid user project from 107.170.227.141 port 34968 ssh2 Aug 30 15:50:18 web9 sshd\[11847\]: Invalid user hsherman from 107.170.227.141 Aug 30 15:50:18 web9 sshd\[11847\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=107.170.227.141 |
2019-08-31 14:50:48 |
| 179.191.96.166 | attackspam | Invalid user arnold from 179.191.96.166 port 59522 |
2019-08-31 14:42:38 |
| 49.88.112.80 | attackspambots | 31.08.2019 06:27:34 SSH access blocked by firewall |
2019-08-31 14:31:58 |
| 209.97.174.205 | attackbots | Aug 31 05:08:00 web8 sshd\[10830\]: Invalid user kafka from 209.97.174.205 Aug 31 05:08:00 web8 sshd\[10830\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.174.205 Aug 31 05:08:01 web8 sshd\[10830\]: Failed password for invalid user kafka from 209.97.174.205 port 12206 ssh2 Aug 31 05:13:03 web8 sshd\[13161\]: Invalid user ng from 209.97.174.205 Aug 31 05:13:03 web8 sshd\[13161\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=209.97.174.205 |
2019-08-31 14:49:09 |
| 158.69.192.200 | attack | Automated report - ssh fail2ban: Aug 31 07:34:59 wrong password, user=root, port=40128, ssh2 Aug 31 07:35:03 wrong password, user=root, port=40128, ssh2 Aug 31 07:35:08 wrong password, user=root, port=40128, ssh2 Aug 31 07:35:12 wrong password, user=root, port=40128, ssh2 |
2019-08-31 14:07:28 |
| 167.71.203.148 | attack | Aug 31 05:43:39 ip-172-31-1-72 sshd\[27132\]: Invalid user mahern from 167.71.203.148 Aug 31 05:43:39 ip-172-31-1-72 sshd\[27132\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.148 Aug 31 05:43:41 ip-172-31-1-72 sshd\[27132\]: Failed password for invalid user mahern from 167.71.203.148 port 54308 ssh2 Aug 31 05:50:31 ip-172-31-1-72 sshd\[27276\]: Invalid user ic from 167.71.203.148 Aug 31 05:50:31 ip-172-31-1-72 sshd\[27276\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.203.148 |
2019-08-31 14:06:39 |