IP address

Search at other sites:

.50062.60.130.223

Shodan(more info)

Passive DNS

IP blacklists

Spamhaus SBL

62.60.130.223 is listed on the Spamhaus SBL blacklist.

Description: The Spamhaus Block List ("SBL") Advisory is a database of IP addresses from which Spamhaus does not recommend the acceptance of electronic mail.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-14 02:10:40.333000
Was present on blacklist at: 2025-12-31 02:10, 2026-01-07 02:10, 2026-01-14 02:10

Spamhaus SBL CSS

62.60.130.223 was recently listed on the Spamhaus SBL CSS blacklist, but currently it is not.

Description: The Spamhaus CSS is part of the SBL. CSS listings will have return code 127.0.0.3 to differentiate from regular SBL listings, which have return code 127.0.0.2.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-14 02:10:40.333000
Was present on blacklist at: 2025-12-31 02:10

Spamhaus DROP

62.60.130.223 is listed on the Spamhaus DROP blacklist.

Description: Spamhaus DROP (Don't Route Or Peer) list. Netblocks controlled by spammers or cyber criminals. The DROP lists are a tiny subset of the SBL, designed for use by firewalls and routing equipment to filter out the malicious traffic from these netblocks.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-01-14 02:10:40.333000
Was present on blacklist at: 2025-12-31 02:10, 2026-01-07 02:10, 2026-01-14 02:10

Turris greylist

62.60.130.223 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-18 22:15:00.169000
Was present on blacklist at: 2026-01-03 22:15, 2026-01-06 22:15, 2026-01-09 22:15, 2026-01-11 22:15, 2026-01-12 22:15, 2026-01-14 22:15, 2026-01-15 22:15, 2026-01-16 22:15, 2026-01-17 22:15, 2026-01-18 22:15

DataPlane SMTP greeting

62.60.130.223 is listed on the DataPlane SMTP greeting blacklist.

Description: DataPlane.org is a community-powered Internet data, feeds,<br>and measurement resource for operators, by operators. IPs that are<br>identified as SMTP clients issuing unsolicited HELO or EHLO commands.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-08 07:10:01.129000
Was present on blacklist at: 2026-01-06 11:10, 2026-01-06 15:10, 2026-01-06 19:10, 2026-01-06 23:10, 2026-01-07 03:10, 2026-01-07 07:10, 2026-01-07 11:10, 2026-01-07 15:10, 2026-01-07 19:10, 2026-01-07 23:10, 2026-01-08 03:10, 2026-01-08 07:10

blocklist.de IMAP

62.60.130.223 is listed on the blocklist.de IMAP blacklist.

Description: Blocklist.de feed is a free and voluntary service<br>provided by a Fraud/Abuse-specialist. IPs performing attacks<br>on the Service imap, sasl, pop3.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-18 23:05:00.280000
Was present on blacklist at: 2026-01-10 23:05, 2026-01-11 05:05, 2026-01-11 11:05, 2026-01-11 17:05, 2026-01-11 23:05, 2026-01-12 05:05, 2026-01-12 11:05, 2026-01-12 17:05, 2026-01-17 23:05, 2026-01-18 05:05, 2026-01-18 11:05, 2026-01-18 17:05, 2026-01-18 23:05

blocklist.de mail

62.60.130.223 is listed on the blocklist.de mail blacklist.

Description: Blocklist.de feed is a free and voluntary service provided<br>by a Fraud/Abuse-specialist. IPs performing Mail attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-18 23:05:00.257000
Was present on blacklist at: 2026-01-10 23:05, 2026-01-11 05:05, 2026-01-11 11:05, 2026-01-11 17:05, 2026-01-11 23:05, 2026-01-12 05:05, 2026-01-12 11:05, 2026-01-12 17:05, 2026-01-17 23:05, 2026-01-18 05:05, 2026-01-18 11:05, 2026-01-18 17:05, 2026-01-18 23:05

Warden events (36366)

2026-01-19

IntrusionUserCompromise (node.cfb4f7): 238

2026-01-18

IntrusionUserCompromise (node.cfb4f7): 2807

2026-01-17

IntrusionUserCompromise (node.cfb4f7): 2695

2026-01-16

IntrusionUserCompromise (node.cfb4f7): 3418

2026-01-15

IntrusionUserCompromise (node.cfb4f7): 4296

2026-01-14

IntrusionUserCompromise (node.cfb4f7): 7828

2026-01-13

IntrusionUserCompromise (node.cfb4f7): 4214

2026-01-12

IntrusionUserCompromise (node.cfb4f7): 3238

2026-01-11

IntrusionUserCompromise (node.cfb4f7): 3632

2026-01-10

IntrusionUserCompromise (node.cfb4f7): 853

2026-01-09

IntrusionUserCompromise (node.cfb4f7): 373

2026-01-08

IntrusionUserCompromise (node.cfb4f7): 41

2026-01-07

IntrusionUserCompromise (node.cfb4f7): 434

2026-01-06

IntrusionUserCompromise (node.cfb4f7): 359

2026-01-05

IntrusionUserCompromise (node.cfb4f7): 37

2026-01-04

IntrusionUserCompromise (node.cfb4f7): 465

2026-01-03

IntrusionUserCompromise (node.cfb4f7): 401

2026-01-02

IntrusionUserCompromise (node.cfb4f7): 46

2026-01-01

IntrusionUserCompromise (node.cfb4f7): 513

2025-12-31

IntrusionUserCompromise (node.cfb4f7): 478

Origin AS

AS215930 - COD

BGP Prefix

62.60.130.0/24

geo

Iran, Tehran

🕑 Asia/Tehran

hostname

(null)

Address block ('inetnum' or 'NetRange' in whois database)

62.60.128.0 - 62.60.255.255

last_activity

2026-01-19 01:59:08

last_warden_event

2026-01-19 01:59:08

rep

0.5

reserved_range

0

Shodan's InternetDB

Open ports: 3389

Tags: self-signed

CPEs: –

ts_added

2025-12-31 02:10:31.602000

ts_last_update

2026-01-19 02:36:02.878000

Warden event timeline

DShield event timeline

Presence on blacklists