202.118.8.25 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 35/100

Host and Network Information

  • Tags: Nextray, awsau, bruteforce, cyber security, ioc, la, lafusioncenter, louisiana, malicious, mssql, phishing, tsec

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4538 china education and research network center
  • Noticed: 18 times
  • Protcols Attacked: mssql
  • Countries Attacked: Australia, Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10001 10134 1024 10243 10250 10554 110 11000 11112 11211 11300 1153 1167 1177 12000 123 1234 12345 1311 1337 14147 14265 143 1433 1471 1515 1521 1599 16992 16993 17000 1723 18245 1833 19000 19071 1911 1926 1935 1962 2000 2002 2008 20256 2062 2067 2069 2081 2083 2086 2087 2096 21 2121 21379 22 2200 2222 23 23023 2332 2345 2352 2375 2455 2480 25 25001 2506 25105 2550 2551 25565 2598 27015 2761 2762 28015 3000 3001 3058 3076 3106 3108 3115 3128 3260 3268 32764 3299 3301 3306 33060 3310 3389 3460 3541 3542 3551 3552 3689 3749 37777 3780 3790 3838 4000 4002 4040 4063 4064 4157 41800 4242 4282 4321 4369 4433 4443 44818 4500 4506 465 4782 4848 4899 4911 49152 49153 50000 5001 5005 5007 50070 5010 50100 5025 51106 51235 5201 5269 52869 54138 5432 55000 55442 5555 55553 55554 5560 5590 5601 5672 5800 5858 5900 5901 5906 5938 5985 5986 6000 60001 6002 60129 6080 62078 6443 6588 6633 6653 6664 6666 6667 6697 7001 7071 7171 7218 7415 7443 7548 7676 7779 7989 80 8008 8009 8010 8039 8081 8083 8086 8087 8089 8090 8098 8099 8101 8111 8112 8123 8126 8139 8140 8181 8200 8334 8413 8414 8416 8427 8443 8500 8513 8545 8554 8622 8728 8802 8816 8817 8819 8834 8837 8844 8863 8880 8888 8889 8988 9000 9001 9002 9009 9017 9035 9048 9070 9080 9088 9090 9097 9100 9151 9160 9191 9295 9306 9443 9595 9600 9633 9761 9800 9869 993 9943 9981 9993 9997 9998 9999

Map

Whois Information

  • inetnum: 202.112.0.0 - 202.121.255.255
  • netname: CERNET-CN
  • descr: China Education and Research Network
  • descr: China Education and Research Network Center
  • descr: Tsinghua University
  • descr: Beijing, 100084
  • country: CN
  • admin-c: CER-AP
  • tech-c: CER-AP
  • abuse-c: AC1685-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CERNET-AP
  • mnt-routes: MAINT-CERNET-AP
  • mnt-irt: IRT-CERNET-AP
  • last-modified: 2020-09-03T09:16:29Z
  • irt: IRT-CERNET-AP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • phone: +86-10-62784301
  • fax-no: +86-10-62785933
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2022-11-08T03:56:04Z
  • role: ABUSE CERNETAP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • country: ZZ
  • phone: +86-10-62784301
  • e-mail: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • nic-hdl: AC1685-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-11-08T03:56:47Z
  • role: CERNET Helpdesk
  • address: CERNET Center
  • address: Beijing 100084, China
  • country: CN
  • phone: +86-10-6278-4049
  • fax-no: +86-10-6278-5933
  • e-mail: [email protected]
  • admin-c: XL1-CN
  • tech-c: SZ2-AP
  • nic-hdl: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2020-09-03T09:14:12Z

Links to attack logs

awsau-mssql-bruteforce-ip-list-2020-08-08 mssql-bruteforce-ip-list-2021-01-28