154.92.14.191 Threat Intelligence and Host Information

Dec 11, 2025 ipinfopage

General

This page contains threat intelligence information for the IPv4 address 154.92.14.191 and was generated either as a result of observed malicious activity or as an information gathering exercise to assist with enrichment of security events and context. All information is gathered passively through aggregation of public sources, or observations through activity upon honeynets. The host score is calculated through a series of statistically weighted values and machine learning which takes into account metadata such as host information, frequency, volume and global distribution of malicious activity, association with other known malicious hosts or networks, proxying or anonymising behaviour such as with tor exit nodes, residential proxies or VPN services, and many other attributes. These values are historical and indicative only - and should not be taken to be an accurate representation of the users, businesses or networks in which they reside.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: bruteforce, Bruteforce, Brute-Force, cowrie, dionaea, fatt, heralding, honeytrap, mailoney, p0f, sensor-tagged, sentrypeer, ssh, SSH, suricata, tanner, tpot

  • View other sources: Spamhaus VirusTotal

  • Country: Hong Kong
  • Network:
  • Noticed: 18 times
  • Protocols Attacked: ssh
  • Countries Attacked: Australia
  • Passive DNS Results: xn–7gq844a.cc www.xn--7gq844a.cc 1455k.com 3m81.com 3m41.com 5k47.top 67r4.com 5y37.vip 23y7.vip 7y28.vip 5g97.top 5g25.top 5y73.top y1a1.cn 5g47.top y1a2.cn k66x2.com k33l9.com 7t83.com 8t37.com 37f4.com 7y64.com t3yy6.com 59d4.com 6k94.com 5y37.com 45r1.com 6h82.com 3y85.com s11f6.com s11c3.com h66p2.com k66n6.com s11d4.com 9g87.com 35y1.com 9k37.com y22b9.com k5nn6.com open-oss.kicktogo.com

Open Ports Detected

22 80 888

Map

Whois Information

  • inetnum: 154.92.14.0 - 154.92.14.255
  • netname: Yisu_Cloud_Ltd
  • descr: Yisu Cloud Ltd
  • country: HK
  • admin-c: CIS1-AFRINIC
  • tech-c: CIS1-AFRINIC
  • status: ASSIGNED PA
  • mnt-by: CIL1-MNT
  • mnt-by: LARUS-SERVICE-MNT
  • parent: 154.80.0.0 - 154.95.255.255
  • person: Cloud Innovation Support
  • address: Ebene
  • address: MU
  • address: Mahe
  • address: Seychelles
  • phone: tel:+248-4-610-795
  • nic-hdl: CIS1-AFRINIC
  • abuse-mailbox: abuse@cloudinnovation.org
  • mnt-by: CIL1-MNT
  • route: 154.92.14.0/24
  • descr: Yisu Cloud Ltd
  • origin: AS142403
  • mnt-by: LARUS-SERVICE-MNT

Links to attack logs

bruteforce-ip-list-2025-12-10 digitaloceanlondon-ssh-bruteforce-ip-list-2025-12-10

Share on: