156.234.254.126 Threat Intelligence and Host Information

Aug 16, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 156.234.254.126 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 10/100

Host and Network Information

JARM: 21d14d00021d21d00042d43d00000091f9827a8676a9d9f27d421962a09b5d
View other sources: Spamhaus VirusTotal

Country: Hong Kong
Network:
Noticed: 1 times
Protocols Attacked: SSH
Passive DNS Results: indonesian-hijabblogger.com www.szsysx.com m.szsysx.com szsysx.com m.japan-planet.com wap.japan-planet.com www.japan-planet.com japan-planet.com www.amexcargo.com amexcargo.com m.amexcargo.com wap.amexcargo.com ybhuashi.com

Malware Detected on Host

Count: 6 a9a38ff89db972acd2dc74d81174bed482da90f00a8fdecce23f198b4289d8cc ba42697add6d8849f8802e43c85c89648e963525fe6354f5c8aa7b252e1487a6 08b488964ffc4c4994fc8a8f642cb5bbfba29a313e5fc05035d62c0d4157b154 f4ff40cdecb9668a587a02943ccfc2e50d7af6e681e4cc572445723827107409 8d0579220c4affb255f91d1cd58a4f43c81bbeb286ac169b32b29239e6232010 cb392872918e26c1f1ca381cd85be8a6a61e78da5a24a241f37a299e6e30e8ab

Open Ports Detected

443 80

Map

Whois Information

NetRange: 156.234.0.0 - 156.234.255.255
CIDR: 156.234.0.0/16
NetName: AFRINIC-ERX-156-234-0-0
NetHandle: NET-156-234-0-0-1
Parent: NET156 (NET-156-0-0-0-0)
NetType: Transferred to AfriNIC
OriginAS:
Organization: African Network Information Center (AFRINIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is under AFRINIC responsibility.
Comment: Please see http://www.afrinic.net/ for further details,
Ref: https://rdap.arin.net/registry/ip/156.234.0.0
OrgName: African Network Information Center
OrgId: AFRINIC
Address: Level 11ABC
Address: Raffles Tower
Address: Lot 19, Cybercity
City: Ebene
StateProv:
PostalCode:
Country: MU
RegDate: 2004-05-17
Updated: 2015-05-04
Comment: AfriNIC - http://www.afrinic.net
Comment: The African & Indian Ocean Internet Registry
Ref: https://rdap.arin.net/registry/entity/AFRINIC
OrgAbuseHandle: GENER11-ARIN
OrgAbuseName: Generic POC
OrgAbusePhone: +230 4666616
OrgAbuseEmail: abusepoc@afrinic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
OrgTechHandle: GENER11-ARIN
OrgTechName: Generic POC
OrgTechPhone: +230 4666616
OrgTechEmail: abusepoc@afrinic.net
OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
inetnum: 156.234.0.0 - 156.234.255.255
netname: YANCY_LIMITED
descr: YANCY LIMITED
country: HK
admin-c: CIS1-AFRINIC
tech-c: CIS1-AFRINIC
status: ASSIGNED PA
mnt-by: CIL1-MNT
mnt-by: LARUS-SERVICE-MNT
parent: 156.224.0.0 - 156.255.255.255
person: Cloud Innovation Support
address: Ebene
address: MU
address: Mahe
address: Seychelles
phone: tel:+248-4-610-795
nic-hdl: CIS1-AFRINIC
abuse-mailbox: abuse@cloudinnovation.org
mnt-by: CIL1-MNT
route: 156.234.0.0/16
descr: ICIDC Limited
origin: AS136800
mnt-by: LARUS-SERVICE-MNT
route: 156.234.0.0/16
descr: YANCY LIMITED
origin: AS138195
mnt-by: LARUS-SERVICE-MNT
route: 156.234.0.0/16
descr: YANCY LIMITED
origin: AS138415
mnt-by: LARUS-SERVICE-MNT

Links to attack logs

****** ****** ******

Share on: