City: unknown
Region: unknown
Country: Mongolia
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
NetRange: 160.185.0.0 - 160.199.255.255
CIDR: 160.192.0.0/13, 160.186.0.0/15, 160.185.0.0/16, 160.188.0.0/14
NetName: APNIC-ERX-160-185-0-0
NetHandle: NET-160-185-0-0-1
Parent: NET160 (NET-160-0-0-0-0)
NetType: Early Registrations, Transferred to APNIC
OriginAS:
Organization: Asia Pacific Network Information Centre (APNIC)
RegDate: 2004-04-05
Updated: 2023-12-14
Comment: This IP address range is not registered in the ARIN database.
Comment: This range was transferred to the APNIC Whois Database as
Comment: part of the ERX (Early Registration Transfer) project.
Comment: For details, refer to the APNIC Whois Database via
Comment: WHOIS.APNIC.NET or http://wq.apnic.net/apnic-bin/whois.pl
Comment:
Comment: ** IMPORTANT NOTE: APNIC is the Regional Internet Registry
Comment: for the Asia Pacific region. APNIC does not operate networks
Comment: using this IP address range and is not able to investigate
Comment: spam or abuse reports relating to these addresses. For more
Comment: help, refer to http://www.apnic.net/apnic-info/whois_search2/abuse-and-spamming
Ref: https://rdap.arin.net/registry/ip/160.185.0.0
ResourceLink: https://apps.db.ripe.net/db-web-ui/query
ResourceLink: whois.apnic.net
OrgName: Asia Pacific Network Information Centre
OrgId: APNIC
Address: PO Box 3646
City: South Brisbane
StateProv: QLD
PostalCode: 4101
Country: AU
RegDate:
Updated: 2012-01-24
Ref: https://rdap.arin.net/registry/entity/APNIC
ReferralServer: whois://whois.apnic.net
ResourceLink: http://wq.apnic.net/whois-search/static/search.html
OrgAbuseHandle: AWC12-ARIN
OrgAbuseName: APNIC Whois Contact
OrgAbusePhone: +61 7 3858 3188
OrgAbuseEmail: search-apnic-not-arin@apnic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
OrgTechHandle: AWC12-ARIN
OrgTechName: APNIC Whois Contact
OrgTechPhone: +61 7 3858 3188
OrgTechEmail: search-apnic-not-arin@apnic.net
OrgTechRef: https://rdap.arin.net/registry/entity/AWC12-ARIN
#
# ARIN WHOIS data and services are subject to the Terms of Use
# available at: https://www.arin.net/resources/registry/whois/tou/
#
# If you see inaccuracies in the results, please report at
# https://www.arin.net/resources/registry/whois/inaccuracy_reporting/
#
# Copyright 1997-2026, American Registry for Internet Numbers, Ltd.
#
Found a referral to whois.apnic.net.
% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
% Information related to '160.187.40.0 - 160.187.41.255'
% Abuse contact for '160.187.40.0 - 160.187.41.255' is 'admin@itzone.mn'
inetnum: 160.187.40.0 - 160.187.41.255
netname: ITZONELLC-MN
descr: ITZone LLC
country: MN
org: ORG-IA113-AP
admin-c: ILA32-AP
tech-c: ILA32-AP
abuse-c: AI1019-AP
status: ASSIGNED PORTABLE
remarks: --------------------------------------------------------
remarks: To report network abuse, please contact mnt-irt
remarks: For troubleshooting, please contact tech-c and admin-c
remarks: Report invalid contact via www.apnic.net/invalidcontact
remarks: --------------------------------------------------------
mnt-by: APNIC-HM
mnt-routes: MAINT-ITZONELLC-MN
mnt-irt: IRT-ITZONELLC-MN
last-modified: 2024-09-12T07:02:03Z
source: APNIC
irt: IRT-ITZONELLC-MN
address: 22nd floor, Khan Tower, Ulaanbaatar, Mongolia, 15th Khoroo, Khan-Uul District, Ulaanbaatar 17010, Mongolia, Ulaanbaatar - Select One - 17010
e-mail: admin@itzone.mn
abuse-mailbox: admin@itzone.mn
admin-c: ILA32-AP
tech-c: ILA32-AP
auth: # Filtered
remarks: admin@itzone.mn is invalid
mnt-by: MAINT-ITZONELLC-MN
last-modified: 2025-11-18T00:37:56Z
source: APNIC
organisation: ORG-IA113-AP
org-name: ITZone LLC
org-type: LIR
country: MN
address: 22nd floor, Khan Tower, Ulaanbaatar, Mongolia
address: 15th Khoroo, Khan-Uul District, Ulaanbaatar 17010, Mongolia
phone: +97688117098
e-mail: info@itzone.mn
mnt-ref: APNIC-HM
mnt-by: APNIC-HM
last-modified: 2024-08-12T13:09:17Z
source: APNIC
role: ABUSE ITZONELLCMN
country: ZZ
address: 22nd floor, Khan Tower, Ulaanbaatar, Mongolia, 15th Khoroo, Khan-Uul District, Ulaanbaatar 17010, Mongolia, Ulaanbaatar - Select One - 17010
phone: +000000000
e-mail: admin@itzone.mn
admin-c: ILA32-AP
tech-c: ILA32-AP
nic-hdl: AI1019-AP
remarks: Generated from irt object IRT-ITZONELLC-MN
remarks: admin@itzone.mn is invalid
abuse-mailbox: admin@itzone.mn
mnt-by: APNIC-ABUSE
last-modified: 2025-11-12T22:41:55Z
source: APNIC
role: ITZone LLC administrator
address: 22nd floor, Khan Tower, Ulaanbaatar, Mongolia, 15th Khoroo, Khan-Uul District, Ulaanbaatar 17010, Mongolia, Ulaanbaatar - Select One - 17010
country: MN
phone: +97688117098
e-mail: admin@itzone.mn
admin-c: ILA32-AP
tech-c: ILA32-AP
nic-hdl: ILA32-AP
mnt-by: MAINT-ITZONELLC-MN
last-modified: 2024-09-11T01:30:26Z
source: APNIC
% Information related to '160.187.40.0/24AS133453'
route: 160.187.40.0/24
origin: AS133453
descr: ITZone LLC
22nd floor, Khan Tower, Ulaanbaatar, Mongolia
15th Khoroo, Khan-Uul District, Ulaanbaatar 17010, Mongolia
mnt-by: MAINT-ITZONELLC-MN
last-modified: 2024-09-12T09:18:14Z
source: APNIC
% This query was served by the APNIC Whois Service version 1.88.48 (WHOIS-AU5); <<>> DiG 9.10.3-P4-Ubuntu <<>> 160.187.40.137
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 13655
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;160.187.40.137. IN A
;; AUTHORITY SECTION:
. 30 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2026061800 1800 900 604800 86400
;; Query time: 9 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 18 16:31:02 CST 2026
;; MSG SIZE rcvd: 107Host 137.40.187.160.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 137.40.187.160.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 49.234.179.127 | attack | v+ssh-bruteforce |
2019-11-07 18:05:52 |
| 198.108.67.104 | attackspam | 11/07/2019-01:26:06.614825 198.108.67.104 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-11-07 17:54:16 |
| 13.57.137.162 | attackspambots | Nov 7 10:54:00 dedicated sshd[21472]: Invalid user raspberry from 13.57.137.162 port 32986 |
2019-11-07 18:01:26 |
| 116.7.237.134 | attackbots | Nov 7 10:53:01 ns381471 sshd[6868]: Failed password for root from 116.7.237.134 port 42884 ssh2 |
2019-11-07 18:17:11 |
| 106.12.13.138 | attack | Nov 6 23:55:17 web9 sshd\[9869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.138 user=root Nov 6 23:55:18 web9 sshd\[9869\]: Failed password for root from 106.12.13.138 port 37068 ssh2 Nov 7 00:01:34 web9 sshd\[10678\]: Invalid user nagios from 106.12.13.138 Nov 7 00:01:34 web9 sshd\[10678\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.12.13.138 Nov 7 00:01:36 web9 sshd\[10678\]: Failed password for invalid user nagios from 106.12.13.138 port 44890 ssh2 |
2019-11-07 18:20:55 |
| 103.55.91.51 | attack | Nov 6 21:01:59 php1 sshd\[1676\]: Invalid user user from 103.55.91.51 Nov 6 21:01:59 php1 sshd\[1676\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.55.91.51 Nov 6 21:02:01 php1 sshd\[1676\]: Failed password for invalid user user from 103.55.91.51 port 39722 ssh2 Nov 6 21:06:33 php1 sshd\[2928\]: Invalid user image from 103.55.91.51 Nov 6 21:06:33 php1 sshd\[2928\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.55.91.51 |
2019-11-07 17:56:02 |
| 101.36.152.13 | attack | Lines containing failures of 101.36.152.13 Nov 4 21:55:44 jarvis sshd[11261]: Invalid user zahore from 101.36.152.13 port 36434 Nov 4 21:55:44 jarvis sshd[11261]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.152.13 Nov 4 21:55:46 jarvis sshd[11261]: Failed password for invalid user zahore from 101.36.152.13 port 36434 ssh2 Nov 4 21:55:48 jarvis sshd[11261]: Received disconnect from 101.36.152.13 port 36434:11: Bye Bye [preauth] Nov 4 21:55:48 jarvis sshd[11261]: Disconnected from invalid user zahore 101.36.152.13 port 36434 [preauth] Nov 4 22:08:50 jarvis sshd[14084]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=101.36.152.13 user=r.r Nov 4 22:08:52 jarvis sshd[14084]: Failed password for r.r from 101.36.152.13 port 51558 ssh2 Nov 4 22:08:54 jarvis sshd[14084]: Received disconnect from 101.36.152.13 port 51558:11: Bye Bye [preauth] Nov 4 22:08:54 jarvis sshd[14084]: Di........ ------------------------------ |
2019-11-07 17:57:36 |
| 62.234.95.148 | attackbotsspam | Nov 7 09:30:54 server sshd\[9665\]: Invalid user la from 62.234.95.148 Nov 7 09:30:54 server sshd\[9665\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.95.148 Nov 7 09:30:56 server sshd\[9665\]: Failed password for invalid user la from 62.234.95.148 port 35203 ssh2 Nov 7 09:42:46 server sshd\[13085\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=62.234.95.148 user=root Nov 7 09:42:48 server sshd\[13085\]: Failed password for root from 62.234.95.148 port 41186 ssh2 ... |
2019-11-07 18:24:34 |
| 34.92.181.124 | attackbotsspam | until 2019-11-07T00:30:52+00:00, observations: 2, bad account names: 0 |
2019-11-07 17:52:03 |
| 27.254.136.29 | attack | Nov 7 11:24:58 hosting sshd[32154]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=27.254.136.29 user=root Nov 7 11:25:00 hosting sshd[32154]: Failed password for root from 27.254.136.29 port 57792 ssh2 ... |
2019-11-07 18:08:57 |
| 41.216.186.89 | attackbots | Port Scan 7001 |
2019-11-07 18:04:51 |
| 45.125.66.31 | attackspambots | \[2019-11-07 04:54:23\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-07T04:54:23.113-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="719401148178599002",SessionID="0x7fdf2c003608",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.31/64487",ACLName="no_extension_match" \[2019-11-07 04:54:43\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-07T04:54:43.061-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="389201148483829004",SessionID="0x7fdf2c6a6f18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.31/56339",ACLName="no_extension_match" \[2019-11-07 04:55:20\] SECURITY\[2634\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2019-11-07T04:55:20.163-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="49101148163072004",SessionID="0x7fdf2c6a6f18",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/45.125.66.31/50605",ACLName="n |
2019-11-07 17:57:07 |
| 122.228.19.80 | attackbotsspam | 07.11.2019 09:57:14 Connection to port 4949 blocked by firewall |
2019-11-07 18:05:05 |
| 46.38.144.146 | attackbotsspam | 2019-11-07T11:18:08.051594mail01 postfix/smtpd[32019]: warning: unknown[46.38.144.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-07T11:18:14.166837mail01 postfix/smtpd[5994]: warning: unknown[46.38.144.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 2019-11-07T11:18:19.394388mail01 postfix/smtpd[14106]: warning: unknown[46.38.144.146]: SASL LOGIN authentication failed: UGFzc3dvcmQ6 |
2019-11-07 18:21:12 |
| 189.213.109.57 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2019-11-07 17:49:59 |