202.118.8.61 Threat Intelligence and Host Information

Share on:
May 02, 2023 ipinfopage

General

This page was generated as a result of this host being detected actively attacking or scanning another host. See below for information related to the host network, location, number of days noticed, protocols attacked and other information including reverse DNS and whois.

Potentially Malicious Host 🟡 37/100

Host and Network Information

  • Tags: Nextray, awsjap, bruteforce, cyber security, ioc, malicious, mssql, phishing

  • View other sources: Spamhaus VirusTotal

  • Country: China
  • Network: AS4538 china education and research network center
  • Noticed: 6 times
  • Protcols Attacked: mssql
  • Countries Attacked: Canada, Czechia, Denmark, Estonia, France, Germany, Japan, Latvia, Lithuania, Norway, Poland, Romania, Turkey, Ukraine, United Kingdom of Great Britain and Northern Ireland, United States of America

Open Ports Detected

10001 10134 10243 10250 1029 10554 110 11112 11211 11371 1153 1177 1200 12000 1234 12345 1311 1337 13579 14147 14265 1433 1471 1515 1521 1599 16010 16993 1741 18081 19 19071 1911 1925 1935 2000 20000 2008 2012 2021 20547 2056 2062 2082 2086 21025 2121 21379 2154 22 2202 2222 2232 23 23023 2323 2332 23424 2351 2375 2376 2404 25 25001 25105 25565 2628 27015 2761 28015 28017 3075 3094 3095 3117 3128 31337 32400 3260 3268 32764 33060 3310 3388 3389 3541 3551 3563 3689 3749 37777 3790 3838 3922 4022 4040 4063 4064 4118 4157 41800 4242 4282 4321 44158 443 4482 4500 4567 465 4664 4782 4840 4899 4911 49152 4949 50000 5001 5005 50050 5007 50070 5009 5010 50100 5025 5060 5080 51106 51235 5201 5269 5280 52869 5400 54138 5432 55000 55442 55553 55554 5591 5672 5858 5900 5907 5938 5984 5986 6000 60001 6007 60129 6080 61613 61616 6352 6363 6379 6443 6580 6603 6633 6664 6666 6668 6697 6887 7001 7171 7218 7415 7474 7547 7777 7779 7989 80 8000 8008 8009 8010 8030 8034 8069 8081 8083 8087 8089 8090 8098 81 8102 8108 8123 8126 8139 8140 8200 8291 8333 8334 8403 8406 8419 8443 8500 8545 8575 8585 8586 8649 8663 8728 8800 8819 8831 8834 8846 8851 8856 8873 8879 8880 8889 8999 9000 9001 9002 9041 9042 9047 9048 9051 9080 9089 9090 9091 9100 9103 9151 9160 9191 9203 9209 9295 9303 9306 9309 9418 9530 9600 9633 9761 9800 9869 9898 993 9943 9944 9988 9998 9999

CVEs Detected

CVE-2020-1938

Map

Whois Information

  • inetnum: 202.112.0.0 - 202.121.255.255
  • netname: CERNET-CN
  • descr: China Education and Research Network
  • descr: China Education and Research Network Center
  • descr: Tsinghua University
  • descr: Beijing, 100084
  • country: CN
  • admin-c: CER-AP
  • tech-c: CER-AP
  • abuse-c: AC1685-AP
  • status: ALLOCATED PORTABLE
  • mnt-by: APNIC-HM
  • mnt-lower: MAINT-CERNET-AP
  • mnt-routes: MAINT-CERNET-AP
  • mnt-irt: IRT-CERNET-AP
  • last-modified: 2020-09-03T09:16:29Z
  • irt: IRT-CERNET-AP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • phone: +86-10-62784301
  • fax-no: +86-10-62785933
  • e-mail: [email protected]
  • abuse-mailbox: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2022-11-08T03:56:04Z
  • role: ABUSE CERNETAP
  • address: Network Research Center,
  • address: Main Bldg, Tsinghua Univ
  • address: Beijing 100084, China
  • country: ZZ
  • phone: +86-10-62784301
  • e-mail: [email protected]
  • admin-c: CER-AP
  • tech-c: CER-AP
  • nic-hdl: AC1685-AP
  • abuse-mailbox: [email protected]
  • mnt-by: APNIC-ABUSE
  • last-modified: 2022-11-08T03:56:47Z
  • role: CERNET Helpdesk
  • address: CERNET Center
  • address: Beijing 100084, China
  • country: CN
  • phone: +86-10-6278-4049
  • fax-no: +86-10-6278-5933
  • e-mail: [email protected]
  • admin-c: XL1-CN
  • tech-c: SZ2-AP
  • nic-hdl: CER-AP
  • mnt-by: MAINT-CERNET-AP
  • last-modified: 2020-09-03T09:14:12Z

Links to attack logs

awsjap-mssql-bruteforce-ip-list-2020-10-30