185.242.234.31 Threat Intelligence and Host Information

Oct 19, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 185.242.234.31 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Likely Malicious Host 🟠 55/100

Host and Network Information

  • Mitre ATT&CK IDs: T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force

  • Tags: brute-force, Bruteforce, Brute-Force, cowrie, scanners, ssh, SSH, tcp, vultr

  • View other sources: Spamhaus VirusTotal

  • Country: Hong Kong
  • Network:
  • Noticed: 40 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia, Spain
  • Passive DNS Results: 53f.site 56z.site 63z.site www.42b.site 42b.site 31b.site 65b.site 16f.site 61b.site 26f.site 69q.site 35q.site 15q.site 23q.site zhizhux2.site zhizhux1.site 31t.site 36t.site 12t.site 23t.site 01t.site 09t.site 19t.site 25t.site 07g.site 12g.site 65g.site 99g.site 66k.site 65k.site lfkaslkkf563.website 93k.site 92k.site www.09k.site 25k.site 26k.site 18k.site 13k.site 09k.site 01k.site www.03k.site 08k.site 05k.site 03k.site 06h.site 05h.site 35h.site 1l1l1kl11kl1k12kl2j3l1kfl.site 56y.site 39f.site zb13.site fg12.site 435h.site 693k.site 32pingguomeiba123.site 7694zz1.site 145k.site 13zx.site zx12.site 3694meiba.top 33sad.top bh34.com 31111lilulullili.site 123zzcv.site 39h.site 66h.site 98h.site 45y.site 39d.site 36f.site gangtiexiakeji42.site 13g.site 15h.site 461li1lli11li1il1ill21li1lili2l1i.site 9311lililikl1l1i1l1i1li1l1il.site 36z.site 11lilil1i1l1il1i1l1ili1l1ilili1li1l1i1l1il1i1l1i.site 55t.site 39t.site 1llilili1li1i1il1lil123li1li1.site 29k.site 65h.site 493li1li1il1ii1li1i1li1l1iii1l.site 38l.site 96l.site 48l.site 85j.site 55z.site lililsadil1li1i1i1i2i1i2i.site 32h.site 12lil21i12l1i.site 46h.site 92l.site 16z.site 123zzs1.site xianweikeji1966zx1llilicli1.site 124gzll12li1la1l.site 35a.site cmshjbly.com.cn

Open Ports Detected

1801 80

Map

Whois Information

  • inetnum: 185.242.234.0 - 185.242.235.255
  • descr: MeiPing HuLian
  • netname: Ten
  • country: HK
  • admin-c: AT17713-RIPE
  • tech-c: AT17713-RIPE
  • abuse-c: AT17713-RIPE
  • status: ASSIGNED PA
  • mnt-by: mnt-hk-sakura-1
  • created: 2023-12-15T16:14:41Z
  • last-modified: 2023-12-15T16:14:41Z
  • role: abuse ten
  • address: 1604 shanmei building taiyo st
  • abuse-mailbox: 403119887@qq.com
  • nic-hdl: AT17713-RIPE
  • mnt-by: mnt-hk-sakura-1
  • created: 2023-12-15T16:10:58Z
  • last-modified: 2023-12-15T16:10:58Z

Links to attack logs

****** vultrmadrid-ssh-bruteforce-ip-list-2023-07-27 bruteforce-ip-list-2023-08-05 ****** ******

Share on: