IP address

Search at other sites:
--47.94.223.124
Shodan(more info)
Passive DNS
Tags:
IP blacklists
Spamhaus PBL
47.94.223.124 is listed on the Spamhaus PBL blacklist.

Description: The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2024-10-30 12:04:20.586000
Was present on blacklist at: 2024-09-04 12:04, 2024-09-11 12:04, 2024-09-18 12:04, 2024-09-25 12:04, 2024-10-02 12:04, 2024-10-09 12:04, 2024-10-16 12:04, 2024-10-23 12:04, 2024-10-30 12:04
OTX pulses
[66d826f2f61254f51a48bbe7] 2024-09-04 09:22:57.362000 | Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion
Author name:AlienVault
Pulse modified:2024-09-04 09:22:57.362000
Indicator created:2024-09-04 09:22:59
Indicator role:None
Indicator title:
Indicator expiration:2024-10-04 09:00:00
Origin AS
AS37963 - CNNIC-ALIBABA-CN-NET-AP
BGP Prefix
47.94.0.0/15
geo
China, Beijing
🕑 Asia/Shanghai
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
47.92.0.0 - 47.95.255.255
last_activity
2024-09-04 12:04:18.268000
reserved_range
0
Shodan's InternetDB
Open ports: 11, 13, 17, 19, 26, 49, 53, 70, 79, 80, 82, 89, 102, 104, 106, 110, 113, 122, 135, 175, 179, 195, 264, 311, 389, 427, 465, 502, 503, 554, 587, 666, 772, 789, 873, 880, 902, 995, 1022, 1025, 1050, 1177, 1200, 1224, 1234, 1337, 1360, 1366, 1414, 1433, 1515, 1599, 1604, 1723, 1741, 1800, 1801, 1833, 1911, 1926, 1962, 2000, 2064, 2067, 2079, 2081, 2086, 2087, 2100, 2121, 2154, 2200, 2221, 2222, 2245, 2323, 2345, 2351, 2375, 2376, 2382, 2404, 2548, 2552, 2560, 2568, 2628, 2761, 3001, 3049, 3050, 3053, 3066, 3089, 3108, 3260, 3268, 3269, 3299, 3300, 3306, 3310, 3324, 3337, 3388, 3389, 3402, 3521, 3551, 3689, 3749, 3790, 4063, 4064, 4241, 4242, 4282, 4369, 4430, 4433, 4443, 4444, 4500, 4506, 4734, 4786, 4840, 4899, 4949, 4995, 5004, 5005, 5006, 5007, 5009, 5010, 5025, 5080, 5201, 5222, 5432, 5542, 5590, 5591, 5601, 5634, 5672, 5697, 5986, 6000, 6001, 6002, 6085, 6265, 6363, 6379, 6543, 6602, 6622, 6664, 6666, 6668, 6697, 6955, 7000, 7001, 7010, 7071, 7081, 7171, 7316, 7434, 7443, 7548, 7557, 7634, 7998, 7999, 8000, 8001, 8009, 8020, 8022, 8039, 8040, 8044, 8081, 8085, 8089, 8093, 8096, 8099, 8112, 8126, 8139, 8180, 8181, 8200, 8238, 8291, 8406, 8480, 8500, 8545, 8554, 8575, 8649, 8728, 8806, 8809, 8821, 8826, 8836, 8838, 8857, 8858, 8862, 8866, 8869, 8880, 8889, 9000, 9001, 9006, 9013, 9030, 9040, 9042, 9046, 9082, 9090, 9100, 9103, 9160, 9199, 9201, 9207, 9212, 9418, 9444, 9530, 9595, 9600, 9633, 9761, 9876, 9898, 9943, 9998, 10000, 10250, 10554, 10911, 11000, 11211, 11300, 12000, 12345, 12767, 14147, 14344, 16993, 18081, 18245, 18553, 19000, 20547, 20880, 21027, 21379, 22000, 22021, 23023, 25001, 25565, 27015, 27017, 28000, 28080, 30002, 30003, 30301, 31443, 32764, 33060, 33445, 38333, 39388, 42093, 42113, 44818, 47990, 49152, 50000, 51235, 51413, 54138, 55554, 61000, 61613, 61616, 62078, 62163, 62357, 63210
Tags: proxy, honeypot, videogame
CPEs: cpe:/a:openbsd:openssh:7.4, cpe:/a:openbsd:openssh:7.9, cpe:/a:cisco:telnet, cpe:/a:openbsd:openssh:7.5, cpe:/a:openbsd:openssh:5.3, cpe:/a:openbsd:openssh:8.0, cpe:/h:cisco:aironet_1200, cpe:/a:xiongmaitech:uc-httpd:1.0.0, cpe:/a:openbsd:openssh:6.6.1, cpe:/a:microsoft:internet_information_services, cpe:/o:microsoft:windows, cpe:/a:openbsd:openssh, cpe:/a:postfix:postfix, cpe:/a:mysql:mysql:5.7.44-log, cpe:/a:f5:nginx
ts_added
2024-09-04 12:04:18.276000
ts_last_update
2024-10-31 12:04:20.297000

Warden event timeline

DShield event timeline

Presence on blacklists

OTX pulses