156.242.213.118 Threat Intelligence and Host Information

May 04, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 156.242.213.118 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 7/100

Host and Network Information

  • Country: United States
  • Network:
  • Noticed: 1 times
  • Protocols Attacked: SSH
  • Passive DNS Results: caojiao888.icu chishuai55.icu zsjesu.icu glxbh.icu gwnvpz.icu ryb181.icu xiaozheng520.top cdd8ygfw.top xg2019zkglwm.top tvnren.top wnnpe333.top xyeltxggp.top taobing33.top xgithnwy2019.top vnqbr666.top cuiya2020.top sanzhuai2020.top tebr6vd.top cddpd8t.top daoshui520.top cddq2ew.top cdd5dqy.top liangping99.top hwwwvo.top cddxbc2.top zhenmen22.top laoyue333.top zhongdong9.top bmvtna.top h71hxcv.top piezhui2020.top 9ue071o.top bkp6n2d.top f9kwfjj.top fengcha22.top 0ipatwq.top ka73k156.top xtt346.icu wstitn.icu wpox41.icu wktja.icu wmu159.icu tzs928.icu touan888.icu tnz744.icu tmnpcq.icu tiyucaipiaoapp.icu d908d2a8.icu dqudh.icu dncj4a.icu diali.icu c8wj5.icu c7g8du.icu vga828.icu sshpil.icu sva830.icu sco610.icu s41esn.icu hkatv.icu h938gtq7.icu h1mn3z.icu h1rrhyz.icu momacv.icu lbhsfg.icu luj606.icu liw801.icu lhw376.icu zxfrzo.icu zmwpp.icu zpl969.icu z980u18s.icu izo334.icu iwb64.icu qax926.icu yfiet.icu yfqzfp.icu yothb.icu ypiqfs.icu yeeosk.icu ydjdh.icu yntqfb.icu gxlama.icu jprybr.icu boyuan-tech.icu gazlvw.icu utgvqw.icu ezxdlb.icu uhxa16.icu uozgd.icu ecctqb.icu ntn030.icu u9200zci.icu nin954.icu ntl552.icu nwuhhc.icu 3z6jx.icu 3z3ae.icu 3xj5lr.icu 4485181.icu 3y9ou.icu 1238163.icu 3y4zu.icu kongbao888.icu 0itb1.icu k1d9a.icu rdw471.icu reasta.icu fug395.icu rnydaj.icu f7qc8.icu f5cp2.icu earthinhandcornstoves.com missingonion.com hanfenghotel.net gmgood.net

Malware Detected on Host

Count: 2 4b1120aeb757133f232c9d13b66d9d454ff1de6975b75e0785bea099bec6f6ab 302b70aa755d29e3a21dd3b70eb53011dd158b2085c756122be37465dab698a6

Map

Whois Information

  • NetRange: 156.242.0.0 - 156.242.255.255
  • CIDR: 156.242.0.0/16
  • NetName: AFRINIC-ERX-156-242-0-0
  • NetHandle: NET-156-242-0-0-1
  • Parent: NET156 (NET-156-0-0-0-0)
  • NetType: Transferred to AfriNIC
  • OriginAS:
  • Organization: African Network Information Center (AFRINIC)
  • RegDate: 2010-11-03
  • Updated: 2010-11-17
  • Comment: This IP address range is under AFRINIC responsibility.
  • Comment: Please see http://www.afrinic.net/ for further details,
  • Ref: https://rdap.arin.net/registry/ip/156.242.0.0
  • OrgName: African Network Information Center
  • OrgId: AFRINIC
  • Address: Level 11ABC
  • Address: Raffles Tower
  • Address: Lot 19, Cybercity
  • City: Ebene
  • StateProv:
  • PostalCode:
  • Country: MU
  • RegDate: 2004-05-17
  • Updated: 2015-05-04
  • Comment: AfriNIC - http://www.afrinic.net
  • Comment: The African & Indian Ocean Internet Registry
  • Ref: https://rdap.arin.net/registry/entity/AFRINIC
  • OrgAbuseHandle: GENER11-ARIN
  • OrgAbuseName: Generic POC
  • OrgAbusePhone: +230 4666616
  • OrgAbuseEmail: abusepoc@afrinic.net
  • OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
  • OrgTechHandle: GENER11-ARIN
  • OrgTechName: Generic POC
  • OrgTechPhone: +230 4666616
  • OrgTechEmail: abusepoc@afrinic.net
  • OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
  • inetnum: 156.242.213.0 - 156.242.213.255
  • netname: POWER_LINE_HK_CO_LIMITED
  • descr: POWER LINE HK CO LIMITED
  • country: HK
  • admin-c: CIS1-AFRINIC
  • tech-c: CIS1-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: CIL1-MNT
  • mnt-by: LARUS-SERVICE-MNT
  • parent: 156.224.0.0 - 156.255.255.255
  • person: Cloud Innovation Support
  • address: Ebene
  • address: MU
  • address: Mahe
  • address: Seychelles
  • phone: tel:+248-4-610-795
  • nic-hdl: CIS1-AFRINIC
  • abuse-mailbox: abuse@cloudinnovation.org
  • mnt-by: CIL1-MNT
  • route: 156.242.128.0/17
  • descr: Waterloo Network Company Limited
  • origin: AS132839
  • mnt-by: LARUS-SERVICE-MNT

Links to attack logs

****** ****** ******

Share on: