202.118.30.2 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Nextray, RDP, SSH, abuse, awsau, bruteforce, cyber security, fraud, ioc, ipqs, ipqualityscore, malicious, mssql, phishing, web attack

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4538 china education and research network center
  • Noticed: 6 times
  • Protcols Attacked: mssql
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10001 10134 1024 10243 10250 10443 10554 1099 11000 11210 11211 11300 11371 1177 123 1234 1311 13579 14147 14265 1433 1471 1515 1521 1599 16010 1604 16992 16993 1723 1741 1801 18081 18245 1883 19 1911 1925 1962 2000 20000 2002 2008 20256 2049 20547 2061 2081 2082 2083 2086 2087 21 21025 2121 21379 2154 2181 2222 2225 23 2332 2345 2404 2455 2480 25105 25565 2558 2628 27015 2761 3000 3001 3050 3055 3067 3077 3079 3107 3112 3118 3128 31337 32400 3260 3268 3269 32764 3299 33060 3307 3310 3388 3389 3405 3460 3498 35000 3541 3542 3551 3552 3555 3568 3689 37215 3749 37777 3780 3790 3954 4000 4040 4157 4242 4282 4321 44158 443 4433 4443 44818 4500 4506 4567 465 4664 4782 4840 4911 49152 49153 4949 50000 5001 5005 50050 5006 5007 50070 50100 5025 5060 51106 51235 5201 5222 5269 52869 5357 5542 55442 55443 55553 55554 5601 5602 5672 5800 5801 5858 5900 5938 5984 5985 5986 60001 60129 61613 62078 623 6264 6379 6443 6511 6601 6633 6650 6664 6667 6668 6697 7001 7004 7171 7218 7415 7443 7474 7547 7657 7700 7777 7779 7989 80 8001 8009 8019 8066 8069 8071 8072 8080 8081 8083 8086 8089 8097 8098 8099 8112 8123 8126 8181 8200 8236 8291 8333 8417 8418 8423 8443 8545 8553 8554 8575 8590 8649 8765 8790 8802 8804 8809 8830 8834 8840 8842 8860 8875 8887 8888 9000 9001 9002 9009 9011 9012 9035 9039 9043 9051 9090 9091 9100 9102 9104 9109 9151 9191 9212 9216 9221 9302 9306 9307 9418 9530 9633 9663 9761 9800 9869 9899 993 9943 995 9981 9998 9999

Map

Whois Information

  • inetnum: 202.112.0.0 - 202.121.255.255
  • netname: CERNET-CN
  • descr: China Education and Research Network
  • descr: China Education and Research Network Center
  • descr: Tsinghua University
  • descr: Beijing, 100084
  • country: CN
  • admin-c: CER-AP
  • tech-c: CER-AP
  • abuse-c: AC1685-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CERNET-AP
  • mnt-routes: MAINT-CERNET-AP
  • mnt-irt: IRT-CERNET-AP
  • last-modified: 2020-09-03T09:16:29Z
  • irt: IRT-CERNET-AP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • phone: +86-10-62784301
  • fax-no: +86-10-62785933
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2022-11-08T03:56:04Z
  • role: ABUSE CERNETAP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • country: ZZ
  • phone: +86-10-62784301
  • e-mail: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • nic-hdl: AC1685-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-11-08T03:56:47Z
  • role: CERNET Helpdesk
  • address: CERNET Center
  • address: Beijing 100084, China
  • country: CN
  • phone: +86-10-6278-4049
  • fax-no: +86-10-6278-5933
  • e-mail: [email protected]
  • admin-c: XL1-CN
  • tech-c: SZ2-AP
  • nic-hdl: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2020-09-03T09:14:12Z

Links to attack logs

awsau-mssql-bruteforce-ip-list-2020-08-23