202.118.8.42 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 37/100

Host and Network Information

  • Tags: Nextray, aws, bruteforce, cyber security, ioc, malicious, mssql, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4538 china education and research network center
  • Noticed: 12 times
  • Protcols Attacked: mssql
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10000 10134 10243 10443 1099 11000 11211 11371 1153 1177 12000 123 12345 1311 1337 14265 143 1433 1471 1515 1599 1604 16993 17000 1741 18245 19 1900 19000 19071 1911 1925 1935 1962 2000 20000 2002 2008 20256 20547 2057 2082 2086 2087 21 21025 2121 2126 2154 2181 2200 23 23023 2323 2332 23424 2375 2382 2455 2552 2563 2567 2628 27015 28015 28017 3000 3001 3052 3057 3058 3087 3091 3112 3119 3128 31337 3200 3260 3268 32764 3299 3306 3388 3389 3407 3409 3460 3479 3541 3542 3551 3552 37215 3950 3951 4022 4040 4157 41800 4190 4321 44158 4433 4443 44818 4482 4500 4567 4700 4786 4840 4848 4899 4911 49152 50000 5001 5005 50050 5006 5007 50070 5010 5060 5080 51106 51235 5172 5201 5222 5269 52869 5357 54138 5432 5446 55442 55443 55554 5601 5673 5800 5801 5900 5901 5907 5910 5985 5986 6000 6001 6002 60129 6080 61613 61616 6443 6550 65535 6633 6664 6666 6667 6668 7001 7071 7171 7218 7415 7474 7535 7547 7548 7657 7777 7779 7989 80 8000 8001 8003 8009 8010 8011 8012 8022 8025 8028 8045 8052 8060 8081 8083 8086 8087 8089 8090 8091 8098 8099 81 8106 8123 8126 8139 8180 8200 8237 8291 8334 8405 8409 8420 8443 8500 8554 8575 8622 8649 8728 8765 8789 8800 8803 8808 8811 8834 8843 8849 8873 8880 8888 8889 9000 9001 9002 9009 9051 9090 9095 9100 9105 9109 9160 9191 9220 9295 9299 9301 9306 9443 9527 9530 9595 9633 993 9944 9981 9998 9999

CVEs Detected

CVE-2020-1938

Map

Whois Information

  • inetnum: 202.112.0.0 - 202.121.255.255
  • netname: CERNET-CN
  • descr: China Education and Research Network
  • descr: China Education and Research Network Center
  • descr: Tsinghua University
  • descr: Beijing, 100084
  • country: CN
  • admin-c: CER-AP
  • tech-c: CER-AP
  • abuse-c: AC1685-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CERNET-AP
  • mnt-routes: MAINT-CERNET-AP
  • mnt-irt: IRT-CERNET-AP
  • last-modified: 2020-09-03T09:16:29Z
  • irt: IRT-CERNET-AP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • phone: +86-10-62784301
  • fax-no: +86-10-62785933
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2022-11-08T03:56:04Z
  • role: ABUSE CERNETAP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • country: ZZ
  • phone: +86-10-62784301
  • e-mail: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • nic-hdl: AC1685-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-11-08T03:56:47Z
  • role: CERNET Helpdesk
  • address: CERNET Center
  • address: Beijing 100084, China
  • country: CN
  • phone: +86-10-6278-4049
  • fax-no: +86-10-6278-5933
  • e-mail: [email protected]
  • admin-c: XL1-CN
  • tech-c: SZ2-AP
  • nic-hdl: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2020-09-03T09:14:12Z

Links to attack logs

aws-mssql-bruteforce-ip-list-2020-12-28