IP address
Search at other sites: 
--47.94.20.102
Shodan(more info)
Passive DNS
- IP blacklists
- OTX pulses
-
[66d826f2f61254f51a48bbe7] 2024-09-04 09:22:57.362000 | Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion
Author name: AlienVault Pulse modified: 2024-09-04 09:22:57.362000 Indicator created: 2024-09-04 09:22:59 Indicator role: None Indicator title: Indicator expiration: 2024-10-04 09:00:00
- Origin AS
- AS37963 - CNNIC-ALIBABA-CN-NET-AP
- BGP Prefix
- 47.94.0.0/15
- geo
- China, Beijing
- 🕑 Asia/Shanghai
- hostname
- (null)
- Address block ('inetnum' or 'NetRange' in whois database)
- 47.92.0.0 - 47.95.255.255
- last_activity
- 2024-09-04 12:04:18.235000
- reserved_range
- 0
- Shodan's InternetDB
- Open ports: 20, 23, 43, 53, 111, 113, 175, 264, 503, 515, 554, 992, 1099, 1177, 1433, 1515, 1604, 2087, 2154, 2376, 2404, 3075, 3310, 3389, 3780, 4000, 4433, 4443, 4444, 4500, 4899, 4911, 5006, 5172, 5282, 5500, 5672, 6000, 6001, 6666, 6667, 7071, 7081, 7415, 7434, 7443, 7548, 8000, 8001, 8139, 8403, 8537, 8545, 8861, 9033, 9051, 9106, 9151, 9600, 9633, 9998, 10911, 11000, 12345, 14265, 18080, 31443, 33445, 44818, 49152, 55000, 55554
- Tags: proxy, honeypot
- CPEs: cpe:/a:openbsd:openssh:7.4, cpe:/a:openbsd:openssh:7.5, cpe:/a:eset:nod32_antivirus:99, cpe:/a:microsoft:internet_information_services, cpe:/o:microsoft:windows, cpe:/a:openbsd:openssh
- ts_added
- 2024-09-04 12:04:21.191000
- ts_last_update
- 2024-10-31 12:04:30.452000
Warden event timeline
DShield event timeline
Presence on blacklists
OTX pulses