IP address

Search at other sites:
.000202.57.30.210
Shodan(more info)
Passive DNS
Tags: Scanner
IP blacklists
Spamhaus XBL CBL
202.57.30.210 was recently listed on the Spamhaus XBL CBL blacklist, but currently it is not.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-14 05:03:47.553000
Was present on blacklist at: 2026-03-05 05:03, 2026-03-12 05:03, 2026-03-19 05:03, 2026-03-26 05:04, 2026-04-16 05:06, 2026-04-30 05:04
Spamhaus SBL CSS
202.57.30.210 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-14 05:03:47.553000
Was present on blacklist at: 2026-03-19 05:03, 2026-04-23 05:06, 2026-04-30 05:04, 2026-05-07 05:04
AbuseIPDB
202.57.30.210 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-26 04:00:00.609000
Was present on blacklist at: 2026-04-20 04:00, 2026-04-26 04:00

Threat categories

TLRoleCategoryDetails
No threat category tags assigned
Warden events (46)
2026-04-27
ReconScanning (node.368407): 2
2026-04-25
ReconScanning (node.4dc198): 2
2026-04-24
IntrusionUserCompromise+AttemptExploit (node.709b07): 1
ReconScanning (node.4dc198): 5
2026-04-20
ReconScanning (node.4dc198): 3
2026-04-11
ReconScanning (node.368407): 3
ReconScanning (node.4dc198): 6
2026-04-10
ReconScanning (node.368407): 2
2026-04-07
IntrusionUserCompromise+AttemptExploit (node.9f5563): 1
2026-03-17
ReconScanning (node.368407): 1
2026-03-12
ReconScanning (node.368407): 2
2026-03-11
ReconScanning (node.368407): 1
2026-03-10
ReconScanning (node.368407): 5
2026-03-09
IntrusionUserCompromise+AttemptExploit (node.5bdc26): 1
2026-03-06
ReconScanning (node.368407): 1
2026-02-28
ReconScanning (node.4dc198): 10
DShield reports (IP summary, reports)
2026-03-04
Number of reports: 15
Distinct targets: 15
2026-03-05
Number of reports: 15
Distinct targets: 15
2026-04-21
Number of reports: 14
Distinct targets: 6
2026-04-25
Number of reports: 10
Distinct targets: 4
Origin AS
AS9341 - ICONPLN-ID-AP
BGP Prefix
202.57.30.0/24
geo
Indonesia
🕑 Asia/Jakarta
hostname
(null)
Address block ('inetnum' or 'NetRange' in whois database)
202.57.28.0 - 202.57.31.255
last_activity
2026-04-27 05:03:57
last_warden_event
2026-04-27 05:03:57
rep
0.0
reserved_range
0
Shodan's InternetDB
Open ports: 21, 22, 25, 53, 80, 143, 465, 587, 2222
Tags: starttls, self-signed
CPEs: cpe:/a:jquery:jquery_ui, cpe:/a:jquery:jquery, cpe:/a:getbootstrap:bootstrap, cpe:/a:openbsd:openssh:7.4p1, cpe:/o:debian:debian_linux, cpe:/a:postfix:postfix, cpe:/o:linux:linux_kernel, cpe:/a:proftpd:proftpd:1.3.5b, cpe:/a:datatables:datatables.net
ts_added
2026-01-01 05:03:09.601000
ts_last_update
2026-05-17 05:03:10.730000

Warden event timeline

DShield event timeline

Presence on blacklists