156.245.239.2 Threat Intelligence and Host Information

Mar 13, 2026 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 156.245.239.2 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 32/100

Host and Network Information

Tags: digital ocean, portscan, scanners, vultr
View other sources: Spamhaus VirusTotal

Country: Hong Kong
Network:
Noticed: 10 times
Protocols Attacked: portscan ssh
Passive DNS Results: arakkatu.com hhukzv.com wpgbj.top djohi.top devid.top cwa58.top mpgn9.top m4bz8.top zcemj.top uvzj1.top jp0fj.top bmdrr.top 425k7.top bvki8.top 7ozbt.top 55c8w.top u1dtr.top n443h.top ejjw1.top 2ik5r.top 2syj9.top 440uw.top kw8l9.top 8jbw0.top 64eux.top 03uq7.top 0vv4p.top sesnsei.com shlrfl.com jpwenming.cn www.jpwenming.cn www.sqbn888.com sqbn888.com www.jutonggangtie.com jutonggangtie.com ahyyf.com www.ahyyf.com www.szljktv.com szljktv.com www.zjmzdz.com zjmzdz.com wwwrebag.com www.wwwrebag.com mcuuu.com

Malware Detected on Host

Count: 2 b131caf7de9be49e304a3fd82b05b4f2c090c51eef77550728bc0b0b2a7963f3 fc3e5a73d430a09845c186f84d895568d39d6033ee36d43076c431c39115ee6b

Open Ports Detected

22 3389

Map

Whois Information

NetRange: 156.245.0.0 - 156.245.255.255
CIDR: 156.245.0.0/16
NetName: AFRINIC-ERX-156-245-0-0
NetHandle: NET-156-245-0-0-1
Parent: NET156 (NET-156-0-0-0-0)
NetType: Transferred to AfriNIC
OriginAS:
Organization: African Network Information Center (AFRINIC)
RegDate: 2010-11-03
Updated: 2010-11-17
Comment: This IP address range is under AFRINIC responsibility.
Comment: Please see http://www.afrinic.net/ for further details,
Ref: https://rdap.arin.net/registry/ip/156.245.0.0
OrgName: African Network Information Center
OrgId: AFRINIC
Address: Level 11ABC
Address: Raffles Tower
Address: Lot 19, Cybercity
City: Ebene
StateProv:
PostalCode:
Country: MU
RegDate: 2004-05-17
Updated: 2015-05-04
Comment: AfriNIC - http://www.afrinic.net
Comment: The African & Indian Ocean Internet Registry
Ref: https://rdap.arin.net/registry/entity/AFRINIC
OrgTechHandle: GENER11-ARIN
OrgTechName: Generic POC
OrgTechPhone: +230 4666616
OrgTechEmail: abusepoc@afrinic.net
OrgTechRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
OrgAbuseHandle: GENER11-ARIN
OrgAbuseName: Generic POC
OrgAbusePhone: +230 4666616
OrgAbuseEmail: abusepoc@afrinic.net
OrgAbuseRef: https://rdap.arin.net/registry/entity/GENER11-ARIN
inetnum: 156.245.239.0 - 156.245.239.255
netname: Zillion_Network_Inc
descr: Zillion Network Inc.
country: HK
admin-c: CIS1-AFRINIC
tech-c: CIS1-AFRINIC
status: ASSIGNED PA
mnt-by: CIL1-MNT
mnt-by: LARUS-SERVICE-MNT
parent: 156.224.0.0 - 156.255.255.255
person: Cloud Innovation Support
address: Ebene
address: MU
address: Mahe
address: Seychelles
phone: tel:+248-4-610-795
nic-hdl: CIS1-AFRINIC
abuse-mailbox: abuse@cloudinnovation.org
mnt-by: CIL1-MNT
route: 156.245.232.0/21
origin: AS139646
descr: Hong Kong Meccaler Technology Co., Ltd.
mnt-by: LARUS-SERVICE-MNT
route: 156.245.232.0/21
origin: AS54801
descr: Hong Kong megalayer
mnt-by: LARUS-SERVICE-MNT

Links to attack logs

digitaloceantoronto-ssh-bruteforce-ip-list-2025-10-01 bruteforce-ip-list-2025-10-01

Share on: