154.221.27.131 Threat Intelligence and Host Information

Apr 20, 2025 ipinfopage

General

IP Address
154.221.27.131
IPv4 Address
Location
🇭🇰 Hong Kong
HK
Network
AS142403
YISU CLOUD LTD
Threat Score
63/100
High Risk
BruteforceBrute-ForcecowriescansipsipvicioussshSSH
Attack Intelligence
MITRE ATT&CK Techniques
T1078 - Valid Accounts, T1083 - File and Directory Discovery, T1098.004 - SSH Authorized Keys, T1105 - Ingress Tool Transfer, T1110.004 - Credential Stuffing, T1110 - Brute Force, T1595 - Active Scanning
Open Ports Detected
22
Geographic Location
Country
Hong Kong
City
Unknown
Region
Unknown
Coordinates
22.2578, 114.1657
Network Information
ASN
AS142403
Organization
YISU CLOUD LTD
Network
AS142403 YISU CLOUD LTD
WHOIS Information
inetnum
154.221.27.0 - 154.221.27.255
netname
Yisu_Cloud_Ltd
descr
Yisu Cloud Ltd
country
HK
admin-c
CIS1-AFRINIC
tech-c
CIS1-AFRINIC
status
ASSIGNED PA
mnt-by
LARUS-SERVICE-MNT
parent
154.192.0.0 - 154.223.255.255
person
Cloud Innovation Support
address
Seychelles
phone
tel:+248-4-610-795
nic-hdl
CIS1-AFRINIC
abuse-mailbox
abuse@cloudinnovation.org
route
154.221.27.0/24
origin
AS142403
Attack Logs
Date Target Location Protocol Link
2025-04-20 Perth, Australia MULTIPLE View Log

  • Country: Hong Kong
  • Network:
  • Noticed: 4 times
  • Protocols Attacked: SSH
  • Countries Attacked: Australia
  • Passive DNS Results: association-7.com us-badger.com astoriavisual.com winlinstainlesssteel.com jamaicaschoolresources.com asldeafand.com hkoreo.com hkcloudbox.com goodprofittrade.com rw2fdyjuzkspt1h.buzz 96352.xn–80adxhks 95273.xn–80adxhks 58723.xn–80adxhks 32387.xn–80adxhks 35187.xn–80adxhks 98625.xn–80adxhks 38675.xn–90ais 16397.xn–90ais 61382.xn–j1amh 79285.xn–j1amh 32785.xn–80adxhks 26789.xn–90a3ac 56298.xn–90a3ac 29398.xn–90a3ac 27936.xn–80adxhks 57618.xn–j1amh 18693.xn–80aswg 13276.xn–q9jyb4c 23987.xn–q9jyb4c 72831.xn–q9jyb4c 82175.xn–80aswg 39-sp.ch 27-tc.ch hymun.si ezkybwg2quo3dvx.buzz 36-mj.ch 27368.xn–j1amh 67238.xn–90a3ac 269537.xn–80adxhks 19738.xn–80adxhks 68973.xn–90a3ac 52899.xn–90a3ac 975826.xn–80adxhks 27385.xn–80adxhks 37195.xn–j1amh 86293.xn–90a3ac 19823.xn–80adxhks 12379.xn–80adxhks 673519.xn–j1amh 93561.xn–90ais 26937.xn–90ais 89623.xn–80adxhks 63815.xn–90ais 29561.xn–80aswg 913672.xn–80adxhks 52699.xn–90a3ac 86273.xn–90a3ac 918357.xn–80adxhks sgodfxl9npcuha3.buzz dotujkm2ag53cw8.buzz 9jwu6yfbomqnv2g.buzz meyvzw3ojig4tbq.buzz 1qfwhsin9x4uda2.buzz 4iusng3xdo7hrce.buzz 4835sxj9hbinyd6.buzz 7uxq4ps3vbdey6w.buzz 4lv8wtk71uhxeca.buzz kxu428josa5eimw.buzz 56728.xn–80adxhks 69157.xn–80adxhks 76582.xn–90ais 51627.xn–80adxhks 72193.xn–90ais 86975.xn–90ais pwzgnk.online eswnhx.online olfxng.online pzvaq.uno faunla81326.net 51263.wang 37824.wang 28571.wang 42657.wang 63975.wang 23678.wang 17246.wang fwiyunty9388.net 695748.asia 132756.asia 825413.asia 796134.asia 374189.wang 584321.wang 954871.wang 638214.wang 893642.wang vfdhcu.us vyhibq.us rtgpvn.us pqizj.us fzyagj.us efdvkm.us cxopb.us 129568.wang nsegqj.us jnaog.us rfqyw.us mcyrg.us lkqaob.us ituhw.us ihqxo.us motzi.us nrwuck.us nzsrl.asia 68572.xn–d1alf xraknb.site ikcbjh.us kbhcji.us jhcibp.us 402135.media 742196.org 923614.org 794263.org tfakr.us lqzpv.us keuoh.us ohgbw.us jqcgy.us 792435.site 135749.site 375214.site 197342.site 937124.org 957234.org w2536.us omhjdly3tkgri.skin bcfg5uoldy2we.skin hago66r3clr4w6jc.buzz q99gi9kiy6cmh8g3.buzz lkkg8hmnqlawgj6r.buzz 68129.site 92483.site 92618.site 95386.vip 69348.vip 74839.vip 7hd38u.asia 7ty6u1.asia h37y9w.asia j71wds.asia 6twgnu.asia gt31wh.asia fj2rtm.asia d9j8u6.asia ydw13n.asia 9trs5y.asia 2jfd39.asia 1g68sj.asia mw51h3.asia mhnsdy.asia 6tum89.asia ytsr6j.asia judm61.asia gn7u8f.asia 68539.club 3grst6.asia 723561.asia drw6zyfq.asia srhm2n.asia uad30514.asia 2w1tq7k4.asia 835692.asia 5d8hrc.asia 127389.asia 569784.com 495783.com 487693.com 632798.com 723685.com 973658.com 639852.com 783962.com cgdod89u33lkg.skin lxvev2atr9csa.skin s9ntyo5afzh54.skin ta2naiz2fx3kp.skin j2m7xoe4rbgbt.skin p4b2f51vkt1y2.skin p4m3hanz4fsru.skin uwzhfpnp6empt.skin 5r4j29wye2ehg.skin 21nwxhzkb18qu.skin kxw489ib19f7t.skin 3cnbhj9otps9e.skin 78126.xn–j1amh 82599.xn–90a3ac ofrhb43l5ediw.skin 42awn608h37mi.skin f57u26qvki4dm.skin yuhb1irxd5swj.skin ipbgme4c10nux.skin 6oi3gd7hlrqvs.skin wvd1p5qzcb4ye.skin w2hcrk9ie10m6.skin xd8ceyk49qbjs.skin 9d4ujrni7bcop.skin 75941.vip 78241.vip i3h2d9p5abj17.skin ji12ac9hpdk7b.skin ibh53pc1ak927.skin i9pkhc1jd35b7.skin 3akp57c1ibd92.skin 23hj5ap71dc9i.skin kai7phjb53c91.skin k723ipcbd59hj.skin 512379.vip 913257.vip 271539.vip 372519.vip 517239.vip 573291.vip 273951.vip 297531.vip 3oluepnkg.skin nbfswyaj2.skin a9iopjudw.skin yjpe39fcs.skin 7lurt5hek.skin jy1usod9n.skin rs7copkte.skin 7byts9lka.skin 67599.xn–90a3ac 52689.xn–90a3ac 17601.xn–90a3ac 61873.xn–90a3ac yrphnqyt1t.buzz 75938.xn–80adxhks nj2td36.asia 297sru5.asia hyg9u7r.asia t675f8h.asia sn91mw5.asia rn9yjhu.asia 9utg8wj.asia n8y7mrf.asia 629m8yt.asia 1muw2yr.asia tj21us6.asia 76yrg5u.asia y8um6wn.asia 78r5h6w.asia nrf7u53.asia 39y6j87.asia r3581n7.asia gy685h9.asia 7mdywgs.asia 28r9um5.asia 56g2uf9.asia smu8jr.asia 8g51dn.asia 61nyw5.asia 5sw18m.asia hud67n.asia 8jrfmw.asia s1m6d2.asia hn3mtg.asia 398jnr.asia 86yh3t.asia u16n35.asia nj73gu.asia 398756.com 785693.com y31tsw.asia dw2f5n.asia jfmr7w.asia fstum3.asia gru6wn.asia 1udm7f.asia jtd5fh.asia 1mn9hf.asia dmf1n5.asia dt8y15.asia usgj8t.asia 976n2d.asia 78231.asia 85912.asia 62398.asia 93156.asia 67328.asia w1td2sp5m4.buzz yn234j0wbx.buzz umi6ewzhbg.buzz o90qcwha3r.buzz ul1rsvyf65.buzz 1wx6m2trjn.buzz 21875.biz 79618.biz 62957.biz 63918.biz 82569.biz 91832.biz 32675.xn–p1acf 25863.xn–p1acf 62387.xn–p1acf 26385.xn–p1acf 57238.xn–p1acf 67528.xn–p1acf 57862.xn–p1acf 28735.xn–p1acf 76832.xn–p1acf 82576.xn–p1acf 35267.xn–p1acf 76528.xn–p1acf 52867.xn–p1acf 25867.xn–p1acf 65327.xn–p1acf 37658.xn–p1acf 83275.xn–p1acf 58236.xn–p1acf 37526.xn–p1acf 86753.xn–p1acf 57196.xn–80adxhks 26517.xn–80adxhks 73895.xn–fjq720a 75923.xn–fjq720a 93627.xn–fjq720a 68319.xn–fjq720a 73826.xn–fjq720a 67281.xn–fjq720a 65729.xn–fjq720a 95783.xn–fjq720a 58971.xn–fjq720a 78561.xn–fjq720a 85371.xn–fjq720a 73856.xn–fjq720a 53167.xn–fjq720a 73295.xn–fjq720a 73598.xn–6qq986b3xl 56879.xn–6qq986b3xl 78263.xn–6qq986b3xl 96235.xn–6qq986b3xl 39756.xn–6qq986b3xl 23769.xn–6qq986b3xl 38921.xn–6qq986b3xl 56739.xn–6qq986b3xl 25936.xn–6qq986b3xl 85179.xn–6qq986b3xl 58379.xn–6qq986b3xl 97125.xn–6qq986b3xl 83769.xn–6qq986b3xl 56273.xn–6qq986b3xl 36275.xn–6qq986b3xl 75961.xn–6qq986b3xl 21863.xn–6qq986b3xl 76359.xn–6qq986b3xl 75623.xn–6qq986b3xl 13865.xn–6qq986b3xl 71528.xn–6qq986b3xl 95387.xn–6qq986b3xl 75863.xn–6qq986b3xl 98736.xn–6qq986b3xl 85372.xn–unup4y 31659.xn–unup4y 27683.xn–unup4y 85617.xn–unup4y 62835.xn–unup4y 56198.xn–unup4y 38571.xn–unup4y 53912.xn–unup4y 81537.xn–80aswg 27859.xn–80aswg 18537.xn–80aswg 32519.xn–80aswg 51329.xn–80aswg 18529.xn–80aswg 18392.xn–80aswg 71962.xn–80aswg 63957.xn–80aswg 25136.xn–80aswg 13526.xn–80aswg 27681.xn–80aswg 69718.xn–80aswg 32651.xn–80aswg 63987.xn–80aswg 18367.xn–80aswg 68351.xn–q9jyb4c 18297.xn–q9jyb4c 85962.xn–q9jyb4c 16392.xn–q9jyb4c 71256.xn–80aswg 82193.xn–q9jyb4c 93516.xn–q9jyb4c 51963.xn–q9jyb4c 32759.xn–80aswg 31758.xn–80aswg 58276.xn–q9jyb4c 76219.xn–q9jyb4c 29618.xn–q9jyb4c 61928.xn–q9jyb4c 68925.xn–q9jyb4c 85132.xn–80aswg 16785.xn–80aswg 67951.xn–80aswg 15762.xn–80aswg 32159.xn–q9jyb4c 32861.xn–80aswg 59261.xn–80aswg 73561.xn–q9jyb4c 72518.xn–q9jyb4c 52837.xn–q9jyb4c 92378.xn–q9jyb4c 52716.xn–q9jyb4c 62359.xn–q9jyb4c 86973.xn–q9jyb4c 69523.xn–q9jyb4c 32597.xn–q9jyb4c 18295.xn–q9jyb4c 25867.xn–q9jyb4c 69873.xn–q9jyb4c 57632.xn–q9jyb4c 63927.xn–q9jyb4c 76132.xn–80aswg 27536.xn–q9jyb4c 73862.xn–q9jyb4c 38675.xn–q9jyb4c 29315.xn–q9jyb4c 83652.xn–q9jyb4c 87135.xn–q9jyb4c 29168.xn–80aswg 21658.xyz 93725.dev 72856.dev 69821.dev 39275.dev 26819.dev 73921.dev 73529.dev 21876.dev 75218.dev 69312.dev 16759.work 95782.work 98632.work 95326.cfd 56178.tokyo 18597.tokyo 39512.tokyo 92836.tokyo 16825.tokyo 76983.tokyo 91675.tokyo dsjuy.win dythu.win 15729.cyou 13965.cyou 78562.cyou gjwut.win hstuj.win 2571.fit 8936.fit gfjyd.win tjwgs.win hgwts.win 53970.fit 67215.fit 18673.fit 87265.fit 18037.cloud 89673.cloud 73962.cloud 21597.cloud 72861.cloud 31567.cloud 61237.cloud 23698.cloud 17932.cloud 18539.cloud 21537.cloud 37896.art 65938.art 19582.art 31782.art 93186.art 16275.art 53271.art 71356.art 93156.art 96287.art 23675.art 85379.art 68359.art 37695.art 92563.art 535637.buzz 523637.buzz 38926.buzz 52397.buzz 592637.buzz jytdw.bid

CVEs Detected

CVE-2006-20001 CVE-2007-4723 CVE-2009-0796 CVE-2009-2299 CVE-2011-1176 CVE-2011-2688 CVE-2012-3526 CVE-2012-4001 CVE-2012-4360 CVE-2013-0941 CVE-2013-0942 CVE-2013-2765 CVE-2013-4365 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23943 CVE-2022-26377 CVE-2022-28330 CVE-2022-28614 CVE-2022-28615 CVE-2022-29404 CVE-2022-30556 CVE-2022-31813 CVE-2022-36760 CVE-2022-37436 CVE-2023-25690 CVE-2023-27522 CVE-2023-31122 CVE-2023-45802 CVE-2024-27316 CVE-2024-38474 CVE-2024-38476 CVE-2024-38477 CVE-2024-40898

Disclaimer
This page contains threat intelligence information for the IPv4 address 154.221.27.131 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.