IP address

Search at other sites:

--47.96.140.230

Shodan(more info)

Passive DNS

IP blacklists

CI Army

47.96.140.230 is listed on the CI Army blacklist.

Description: Collective Intelligence Network Security is a Threat Intelligence<br>database that provides scores for IPs. Source of unspecified malicious attacks<br>most of them will be active attackers/scanners
Type of feed: primary (feed detail page)

Last checked at: 2025-05-07 02:50:00.971000
Was present on blacklist at: 2025-05-01 02:50, 2025-05-02 02:50, 2025-05-03 02:50, 2025-05-04 02:50, 2025-05-05 02:50, 2025-05-06 02:50, 2025-05-07 02:50

DShield reports (IP summary, reports)

2025-04-24

Number of reports: 10

Distinct targets: 3

2025-04-29

Number of reports: 16

Distinct targets: 5

2025-04-30

Number of reports: 28

Distinct targets: 6

2025-05-01

Number of reports: 18

Distinct targets: 5

2025-05-03

Number of reports: 16

Distinct targets: 3

2025-05-05

Number of reports: 12

Distinct targets: 3

2025-05-06

Number of reports: 28

Distinct targets: 9

Origin AS

AS37963 - CNNIC-ALIBABA-CN-NET-AP

BGP Prefix

47.96.0.0/16

geo

China, Hangzhou

🕑 Asia/Shanghai

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

47.96.0.0 - 47.127.255.255

reserved_range

0

Shodan's InternetDB

Open ports: 11, 19, 22, 37, 43, 70, 111, 119, 122, 135, 143, 175, 179, 221, 264, 389, 444, 465, 502, 513, 515, 548, 554, 636, 666, 771, 789, 1080, 1234, 1337, 1400, 1414, 1604, 1723, 1741, 1911, 1990, 2003, 2069, 2079, 2081, 2087, 2100, 2121, 2122, 2154, 2222, 2345, 2376, 2455, 2761, 3001, 3050, 3260, 3268, 3269, 3299, 3306, 3310, 3337, 3388, 3406, 3542, 3551, 3563, 3780, 3790, 4022, 4150, 4282, 4321, 4369, 4434, 4444, 4500, 4840, 5001, 5006, 5007, 5009, 5010, 5222, 5269, 5435, 5630, 5672, 5858, 5908, 5938, 6001, 6560, 6653, 6748, 7001, 7002, 7011, 7014, 7415, 7443, 7788, 7998, 8071, 8081, 8083, 8085, 8087, 8089, 8099, 8126, 8140, 8200, 8291, 8443, 8545, 8554, 8575, 8830, 8889, 8989, 9000, 9002, 9003, 9008, 9035, 9095, 9100, 9105, 9114, 9160, 9200, 9203, 9213, 9217, 9300, 9333, 9418, 9633, 9761, 9898, 9944, 9955, 9991, 9999, 10000, 10001, 10051, 10134, 11211, 11288, 12000, 12352, 12579, 13047, 14147, 14344, 16047, 16078, 16104, 18080, 18245, 19000, 20000, 20547, 21379, 22222, 23023, 23424, 25565, 27015, 27017, 28015, 30003, 30301, 30622, 31337, 31443, 31922, 32622, 32764, 33022, 33060, 33222, 33389, 33422, 34822, 34922, 35000, 35722, 36022, 36222, 36422, 36922, 37722, 37777, 41800, 44420, 44500, 47990, 48222, 49222, 50000, 50122, 50222, 51235, 54138, 54222, 55000, 55122, 55443, 55553, 55554, 55822, 56422, 56922, 57022, 57322, 58522, 58722, 59122, 59322, 59822, 60129, 61613, 62078, 63210, 63256, 63260

Tags: honeypot, proxy, eol-product

CPEs: cpe:/a:openbsd:openssh:7.9, cpe:/o:cisco:ios, cpe:/a:openbsd:openssh:X.X, cpe:/a:openbsd:openssh:7.4, cpe:/a:openbsd:openssh:8.0, cpe:/a:filezilla-project:filezilla, cpe:/a:openbsd:openssh:6.6.1, cpe:/a:cisco:ssh:3524665.35, cpe:/o:canonical:ubuntu_linux, cpe:/a:openbsd:openssh:8.2p1, cpe:/a:openbsd:openssh:7.6p1, cpe:/a:openbsd:openssh:7.5, cpe:/a:f5:nginx, cpe:/a:apache:subversion, cpe:/a:openbsd:openssh:7.2p2, cpe:/a:f5:nginx:1.22.1, cpe:/o:microsoft:windows, cpe:/a:dovecot:dovecot

ts_added

2025-04-25 05:05:14.982000

ts_last_update

2025-05-07 05:06:31.361000

Warden event timeline

DShield event timeline

Presence on blacklists