IP address

Search at other sites:

.604104.244.79.61LuxembourgTorNew32.Quetzalcoatl-relays.org

Shodan(more info)

Passive DNS

Tags:

IP blacklists

Crowdsec

104.244.79.61 is listed on the Crowdsec blacklist.

Description: Crowdsec community blacklist
Type of feed: primary (feed detail page)

Last checked at: 2026-03-04 08:45:00.074000
Was present on blacklist at: 2026-02-26 08:45, 2026-02-26 16:45, 2026-02-27 00:45, 2026-02-27 08:45, 2026-02-27 16:45, 2026-02-28 00:45, 2026-02-28 08:45, 2026-02-28 16:45, 2026-03-01 00:45, 2026-03-01 08:45, 2026-03-01 16:45, 2026-03-02 00:45, 2026-03-02 08:45, 2026-03-02 16:45, 2026-03-03 00:45, 2026-03-03 08:45, 2026-03-03 16:45, 2026-03-04 00:45, 2026-03-04 08:45

Spamhaus XBL CBL

104.244.79.61 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-25 00:45:41.085000
Was present on blacklist at: 2026-03-02 00:45, 2026-04-25 21:57, 2026-04-27 16:12, 2026-05-04 00:45, 2026-05-11 00:45, 2026-05-18 00:45, 2026-05-25 00:45

dan.me.uk TOR Nodes

104.244.79.61 is listed on the dan.me.uk TOR Nodes blacklist.

Description: List of TOR node IPs by dan.me.uk.
Type of feed: secondary (feed detail page)

Last checked at: 2026-05-27 00:10:00
Was present on blacklist at: 2026-02-27 00:10, 2026-02-28 00:10, 2026-03-01 00:10, 2026-03-02 00:10, 2026-03-03 00:10, 2026-03-04 00:10, 2026-03-05 00:10, 2026-03-06 00:10, 2026-03-09 12:10, 2026-03-10 00:10, 2026-03-11 00:10, 2026-03-12 00:10, 2026-03-13 00:10, 2026-03-14 00:10, 2026-03-15 00:10, 2026-03-16 00:10, 2026-03-17 00:10, 2026-03-18 00:10, 2026-03-19 00:10, 2026-03-20 00:10, 2026-03-21 00:10, 2026-03-22 00:10, 2026-03-23 00:10, 2026-03-24 00:10, 2026-03-25 00:10, 2026-03-26 00:10, 2026-03-27 00:10, 2026-03-28 00:10, 2026-03-29 00:10, 2026-03-30 00:10, 2026-03-31 00:10, 2026-04-01 00:10, 2026-04-02 00:10, 2026-04-03 00:10, 2026-04-04 00:10, 2026-04-05 00:10, 2026-04-06 00:10, 2026-04-07 00:10, 2026-04-08 00:10, 2026-04-09 00:10, 2026-04-10 00:10, 2026-04-11 00:10, 2026-04-12 00:10, 2026-04-13 00:10, 2026-04-14 00:10, 2026-04-15 00:10, 2026-04-16 00:10, 2026-04-17 00:10, 2026-04-18 00:10, 2026-04-19 00:10, 2026-04-20 00:10, 2026-04-21 00:10, 2026-04-22 00:10, 2026-04-23 00:10, 2026-04-24 00:10, 2026-04-25 20:10, 2026-04-26 00:10, 2026-04-27 16:10, 2026-04-28 00:10, 2026-04-29 00:10, 2026-04-30 00:10, 2026-05-01 00:10, 2026-05-02 00:10, 2026-05-03 00:10, 2026-05-04 00:10, 2026-05-05 00:10, 2026-05-06 00:10, 2026-05-07 00:10, 2026-05-08 00:10, 2026-05-09 00:10, 2026-05-10 00:10, 2026-05-11 00:10, 2026-05-12 00:10, 2026-05-13 00:10, 2026-05-14 00:10, 2026-05-15 00:10, 2026-05-16 00:10, 2026-05-17 00:10, 2026-05-18 00:10, 2026-05-19 00:10, 2026-05-20 00:10, 2026-05-21 00:10, 2026-05-22 00:10, 2026-05-23 20:10, 2026-05-24 00:10, 2026-05-25 00:10, 2026-05-26 00:10, 2026-05-27 00:10

FireHOL anonymizers

104.244.79.61 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2026-05-27 00:05:12
Was present on blacklist at: 2026-02-27 00:05, 2026-02-28 00:05, 2026-03-01 00:05, 2026-03-02 00:05, 2026-03-03 00:05, 2026-03-04 00:05, 2026-03-05 00:05, 2026-03-06 00:05, 2026-03-09 12:05, 2026-03-10 00:05, 2026-03-11 00:05, 2026-03-12 00:05, 2026-03-13 00:05, 2026-03-14 00:05, 2026-03-15 00:05, 2026-03-16 00:05, 2026-03-17 00:05, 2026-03-18 00:05, 2026-03-19 00:05, 2026-03-20 00:05, 2026-03-21 00:05, 2026-03-22 00:05, 2026-03-23 00:05, 2026-03-24 00:05, 2026-03-25 00:05, 2026-03-26 00:05, 2026-03-27 00:05, 2026-03-28 00:05, 2026-03-29 00:05, 2026-03-30 00:05, 2026-03-31 00:05, 2026-04-01 00:05, 2026-04-02 00:05, 2026-04-03 00:05, 2026-04-04 00:05, 2026-04-05 00:05, 2026-04-06 00:05, 2026-04-07 00:05, 2026-04-08 00:05, 2026-04-09 00:05, 2026-04-10 00:05, 2026-04-11 00:05, 2026-04-12 00:05, 2026-04-13 00:05, 2026-04-14 00:05, 2026-04-15 00:05, 2026-04-16 00:05, 2026-04-17 00:05, 2026-04-18 00:05, 2026-04-19 00:05, 2026-04-20 00:05, 2026-04-21 00:05, 2026-04-22 00:05, 2026-04-23 00:05, 2026-04-24 00:05, 2026-04-25 18:05, 2026-04-26 00:05, 2026-04-27 18:05, 2026-04-28 00:05, 2026-04-29 00:05, 2026-04-30 00:05, 2026-05-01 00:05, 2026-05-02 00:05, 2026-05-03 00:05, 2026-05-04 00:05, 2026-05-05 00:05, 2026-05-06 00:05, 2026-05-07 00:05, 2026-05-08 00:05, 2026-05-09 00:05, 2026-05-10 00:05, 2026-05-11 00:05, 2026-05-12 00:05, 2026-05-13 00:05, 2026-05-14 00:05, 2026-05-15 00:05, 2026-05-16 00:05, 2026-05-17 00:05, 2026-05-18 00:05, 2026-05-19 00:05, 2026-05-20 00:05, 2026-05-21 00:05, 2026-05-22 00:05, 2026-05-23 18:05, 2026-05-24 00:05, 2026-05-25 00:05, 2026-05-26 00:05, 2026-05-27 00:05

TorProject

104.244.79.61 is listed on the TorProject blacklist.

Description: TorProject.org list of all current TOR exit points (TorDNSEL)
Type of feed: secondary (feed detail page)

Last checked at: 2026-05-27 00:10:00
Was present on blacklist at: 2026-02-27 00:10, 2026-02-28 00:10, 2026-03-01 00:10, 2026-03-02 00:10, 2026-03-03 00:10, 2026-03-04 00:10, 2026-03-05 00:10, 2026-03-06 00:10, 2026-03-09 12:10, 2026-03-10 00:10, 2026-03-11 00:10, 2026-03-12 00:10, 2026-03-13 00:10, 2026-03-14 00:10, 2026-03-15 00:10, 2026-03-16 00:10, 2026-03-17 00:10, 2026-03-18 00:10, 2026-03-19 00:10, 2026-03-20 00:10, 2026-03-21 00:10, 2026-03-22 00:10, 2026-03-23 00:10, 2026-03-24 00:10, 2026-03-25 00:10, 2026-03-26 00:10, 2026-03-27 00:10, 2026-03-28 00:10, 2026-03-29 00:10, 2026-03-30 00:10, 2026-03-31 00:10, 2026-04-01 00:10, 2026-04-02 00:10, 2026-04-03 00:10, 2026-04-04 00:10, 2026-04-05 00:10, 2026-04-06 00:10, 2026-04-07 00:10, 2026-04-08 00:10, 2026-04-09 00:10, 2026-04-10 00:10, 2026-04-11 00:10, 2026-04-12 00:10, 2026-04-13 00:10, 2026-04-14 00:10, 2026-04-15 00:10, 2026-04-16 00:10, 2026-04-17 00:10, 2026-04-18 00:10, 2026-04-19 00:10, 2026-04-20 00:10, 2026-04-21 00:10, 2026-04-22 00:10, 2026-04-23 00:10, 2026-04-24 00:10, 2026-04-25 20:10, 2026-04-26 00:10, 2026-04-27 16:10, 2026-04-28 00:10, 2026-04-29 00:10, 2026-04-30 00:10, 2026-05-01 00:10, 2026-05-02 00:10, 2026-05-03 00:10, 2026-05-04 00:10, 2026-05-05 00:10, 2026-05-06 00:10, 2026-05-07 00:10, 2026-05-08 00:10, 2026-05-09 00:10, 2026-05-10 00:10, 2026-05-11 00:10, 2026-05-12 00:10, 2026-05-13 00:10, 2026-05-14 00:10, 2026-05-15 00:10, 2026-05-16 00:10, 2026-05-17 00:10, 2026-05-18 00:10, 2026-05-19 00:10, 2026-05-20 00:10, 2026-05-21 00:10, 2026-05-22 00:10, 2026-05-23 20:10, 2026-05-24 00:10, 2026-05-25 00:10, 2026-05-26 00:10, 2026-05-27 00:10

Blocklist.net.ua

104.244.79.61 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks, send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-04 11:15:01.576000
Was present on blacklist at: 2026-02-26 03:15, 2026-02-26 07:15, 2026-02-26 11:15, 2026-02-26 15:15, 2026-02-26 19:15, 2026-02-26 23:15, 2026-02-27 03:15, 2026-02-27 07:15, 2026-02-27 11:15, 2026-02-27 15:15, 2026-02-27 19:15, 2026-02-27 23:15, 2026-02-28 03:15, 2026-02-28 07:15, 2026-02-28 11:15, 2026-02-28 15:15, 2026-02-28 19:15, 2026-02-28 23:15, 2026-03-01 03:15, 2026-03-01 07:15, 2026-03-01 11:15, 2026-03-01 15:15, 2026-03-01 19:15, 2026-03-01 23:15, 2026-03-02 03:15, 2026-03-02 07:15, 2026-03-02 11:15, 2026-03-02 15:15, 2026-03-02 19:15, 2026-03-02 23:15, 2026-03-03 03:15, 2026-03-03 07:15, 2026-03-03 11:15, 2026-03-03 15:15, 2026-03-03 19:15, 2026-03-03 23:15, 2026-03-04 03:15, 2026-03-04 07:15, 2026-03-04 11:15

blocklist.de Apache

104.244.79.61 is listed on the blocklist.de Apache blacklist.

Description: Blocklist.de feed is a free and voluntary service provided by a Fraud/Abuse-specialist. IPs performing attacks on the service Apache, Apache-DDOS, RFI-Attacks.
Type of feed: primary (feed detail page)

Last checked at: 2026-03-05 05:05:05.347000
Was present on blacklist at: 2026-03-03 11:05, 2026-03-03 17:05, 2026-03-03 23:05, 2026-03-04 05:05, 2026-03-04 11:05, 2026-03-04 17:05, 2026-03-04 23:05, 2026-03-05 05:05

AbuseIPDB

104.244.79.61 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc. Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-03 04:00:00.588000
Was present on blacklist at: 2026-04-03 04:00

Sblam!

104.244.79.61 is listed on the Sblam! blacklist.

Description: Sblam! is a service that effectively protects forms for comments in blogs, forums and guestbooks from spam.
Type of feed: primary (feed detail page)

Last checked at: 2026-05-27 02:15:00.154000
Was present on blacklist at: 2026-04-09 02:15, 2026-04-10 02:15, 2026-04-11 02:15, 2026-04-12 02:15, 2026-04-13 02:15, 2026-04-14 02:15, 2026-04-15 02:15, 2026-04-16 02:15, 2026-04-17 02:15, 2026-04-18 02:15, 2026-04-19 02:15, 2026-04-20 02:15, 2026-04-21 02:15, 2026-04-22 02:15, 2026-04-23 02:15, 2026-04-24 02:15, 2026-04-26 02:15, 2026-04-28 02:15, 2026-04-29 02:15, 2026-04-30 02:15, 2026-05-01 02:15, 2026-05-02 02:15, 2026-05-03 02:15, 2026-05-04 02:15, 2026-05-05 02:15, 2026-05-06 02:15, 2026-05-07 02:15, 2026-05-08 02:15, 2026-05-19 02:15, 2026-05-20 02:15, 2026-05-21 02:15, 2026-05-22 02:15, 2026-05-24 02:15, 2026-05-25 02:15, 2026-05-26 02:15, 2026-05-27 02:15

Echelon web crawler

104.244.79.61 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:50:01.041000
Was present on blacklist at: 2026-04-11 09:50, 2026-04-12 09:50, 2026-04-14 09:50, 2026-04-15 09:50, 2026-04-16 09:50, 2026-04-17 09:50, 2026-04-23 09:50, 2026-04-29 09:50, 2026-04-30 09:50

Echelon CMS enumeration

104.244.79.61 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:05:01.550000
Was present on blacklist at: 2026-04-23 09:05, 2026-04-26 09:05, 2026-04-29 09:05, 2026-04-30 09:05

Echelon database admin hunt

104.244.79.61 is listed on the Echelon database admin hunt blacklist.

Description: Scanning for database admin interfaces (phpMyAdmin, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:10:00.771000
Was present on blacklist at: 2026-04-23 09:10, 2026-04-26 09:10, 2026-04-29 09:10, 2026-04-30 09:10

Echelon config file hunt

104.244.79.61 is listed on the Echelon config file hunt blacklist.

Description: Scanning for exposed configuration files
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:10:00.804000
Was present on blacklist at: 2026-04-23 09:10, 2026-04-26 09:10, 2026-04-29 09:10, 2026-04-30 09:10

Echelon TLS/SSL crawler

104.244.79.61 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:40:02.571000
Was present on blacklist at: 2026-04-23 09:40, 2026-04-29 09:40, 2026-04-30 09:40

Echelon web shell hunt

104.244.79.61 is listed on the Echelon web shell hunt blacklist.

Description: Scanning for web shells (WSO, c99, r57, etc.)
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:50:00.921000
Was present on blacklist at: 2026-04-23 09:50, 2026-04-29 09:50, 2026-04-30 09:50

Threat categories

TL	Role	Category
50	src	scan
25	src	—
25	src	spam

Warden events (3)

2026-05-22: AnomalyTraffic (node.6a1878): 1
2026-04-23: AnomalyTraffic (node.6a1878): 1
2026-03-15: ReconScanning (node.9c1411): 1

DShield reports (IP summary, reports)

2026-03-27: Number of reports: 14; Distinct targets: 3
2026-04-14: Number of reports: 23; Distinct targets: 4
2026-04-15: Number of reports: 23; Distinct targets: 4
2026-04-22: Number of reports: 15; Distinct targets: 4
2026-04-25: Number of reports: 11; Distinct targets: 4
2026-05-12: Number of reports: 15; Distinct targets: 6
2026-05-18: Number of reports: 34; Distinct targets: 4
2026-05-19: Number of reports: 34; Distinct targets: 4

Origin AS: AS53667 - PONYNET
BGP Prefix: 104.244.79.0/24
geo: Luxembourg, Luxembourg; 🕑 Europe/Luxembourg
hostname: LuxembourgTorNew32.Quetzalcoatl-relays.org
Address block ('inetnum' or 'NetRange' in whois database): 104.244.72.0 - 104.244.79.255
last_activity: 2026-05-22 19:23:10
last_warden_event: 2026-05-22 19:23:10
rep: 0.6038235755038629
reserved_range: 0
Shodan's InternetDB: Open ports: 9000, 9001, 9101; Tags: tor; CPEs: –
ts_added: 2025-12-29 00:45:36.414000
ts_last_update: 2026-05-27 02:15:05.680000

Warden event timeline

DShield event timeline

Presence on blacklists