154.211.13.206 Threat Intelligence and Host Information

Mar 17, 2024 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 154.211.13.206 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Possibly Malicious Host 🟢 24/100

Host and Network Information

  • Country: Hong Kong
  • Network: AS142403 yisu cloud ltd
  • Noticed: 2 times
  • Protocols Attacked: SSH
  • Passive DNS Results: lmfs.online lmfs888.icu lmfsjy.icu lmfs666.icu lmfsjy.club www.amazon-jpcs.top traveler.cyou amazon-jpcs.top 71377h.com 94138.cc 71377n.com 71377t.com 71277d.com 71277t.com 1099955.vip 245xx.com 71377d.com 71277g.com 71277f.com 1099922.vip 71277b.com 71277l.com 71377i.com 1099944.vip 71277j.com 71277m.com 71277o.com 71377g.com 71277a.com p872.com 71377j.com 71377x.com x2700.com v38138.net 32263xpj.com www.32263xpj.com www.32263a.com 32263a.com www.jsjyjc99.com jsjyjc99.com fc9513.com

Open Ports Detected

21 22 80 8888

CVEs Detected

CVE-2007-2768 CVE-2008-3844 CVE-2016-20012 CVE-2017-15906 CVE-2018-15473 CVE-2018-15919 CVE-2018-20685 CVE-2019-6109 CVE-2019-6110 CVE-2019-6111 CVE-2020-14145 CVE-2020-15778 CVE-2021-36368 CVE-2021-41617 CVE-2023-38408 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2023-51767

Map

Whois Information

  • inetnum: 154.211.13.0 - 154.211.13.255
  • netname: Guangzhou_Yisu_Cloud_Limited
  • descr: Guangzhou Yisu Cloud Limited
  • country: HK
  • admin-c: CIS1-AFRINIC
  • tech-c: CIS1-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: CIL1-MNT
  • mnt-by: LARUS-SERVICE-MNT
  • parent: 154.192.0.0 - 154.223.255.255
  • person: Cloud Innovation Support
  • address: Ebene
  • address: MU
  • address: Mahe
  • address: Seychelles
  • phone: tel:+248-4-610-795
  • nic-hdl: CIS1-AFRINIC
  • abuse-mailbox: abuse@cloudinnovation.org
  • mnt-by: CIL1-MNT
  • route: 154.192.0.0/11
  • descr: Cloud
  • origin: AS328608
  • mnt-by: LARUS-SERVICE-MNT

Links to attack logs

****** ****** ******

Share on: