IP address

Search at other sites:
.580107.189.30.69torexit.107.189.30.69.com
Shodan(more info)
Passive DNS
Tags: IP in hostname Login attempts
IP blacklists
Echelon port scan
107.189.30.69 is listed on the Echelon port scan blacklist.

Description: Scanning 5+ ports on target host
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:25:00.958000
Was present on blacklist at: 2026-04-14 09:25, 2026-04-15 09:25, 2026-04-16 09:25, 2026-04-17 09:25, 2026-04-18 09:25, 2026-04-19 09:25, 2026-04-20 09:25, 2026-04-21 09:25, 2026-04-22 09:25, 2026-04-23 09:25, 2026-04-26 09:25, 2026-04-29 09:25, 2026-04-30 09:25
Spamhaus XBL CBL
107.189.30.69 is listed on the Spamhaus XBL CBL blacklist.

Description: The Spamhaus Exploits Block List (XBL) is a realtime database of IP addresses of hijacked PCs infected by illegal 3rd party exploits, including open proxies, worms/viruses with built-in spam engines, and other types of trojan-horse exploits.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-26 09:25:10.622000
Was present on blacklist at: 2026-04-14 09:25, 2026-04-21 09:25, 2026-04-28 09:25, 2026-05-05 09:25, 2026-05-12 09:25, 2026-05-19 09:25, 2026-05-26 09:25
dan.me.uk TOR Nodes
107.189.30.69 is listed on the dan.me.uk TOR Nodes blacklist.

Description: List of TOR node IPs by dan.me.uk.
Type of feed: secondary (feed detail page)

Last checked at: 2026-06-01 08:10:00
Was present on blacklist at: 2026-04-14 08:10, 2026-04-15 08:10, 2026-04-16 08:10, 2026-04-17 08:10, 2026-04-18 08:10, 2026-04-19 08:10, 2026-04-20 08:10, 2026-04-21 08:10, 2026-04-22 08:10, 2026-04-23 08:10, 2026-04-24 12:10, 2026-04-26 04:10, 2026-04-27 08:10, 2026-04-27 08:10, 2026-04-28 08:10, 2026-04-29 08:10, 2026-04-30 08:10, 2026-05-01 08:10, 2026-05-02 08:10, 2026-05-03 08:10, 2026-05-04 08:10, 2026-05-05 08:10, 2026-05-06 08:10, 2026-05-07 08:10, 2026-05-08 08:10, 2026-05-09 08:10, 2026-05-10 08:10, 2026-05-11 08:10, 2026-05-12 08:10, 2026-05-13 08:10, 2026-05-14 08:10, 2026-05-15 08:10, 2026-05-16 08:10, 2026-05-17 08:10, 2026-05-18 08:10, 2026-05-19 08:10, 2026-05-20 08:10, 2026-05-21 08:10, 2026-05-22 08:10, 2026-05-24 04:10, 2026-05-24 08:10, 2026-05-25 08:10, 2026-05-26 08:10, 2026-05-27 08:10, 2026-05-28 08:10, 2026-05-29 08:10, 2026-05-30 08:10, 2026-05-31 08:10, 2026-06-01 08:10
TorProject
107.189.30.69 is listed on the TorProject blacklist.

Description: TorProject.org list of all current TOR exit points (TorDNSEL)
Type of feed: secondary (feed detail page)

Last checked at: 2026-06-01 08:10:00
Was present on blacklist at: 2026-04-14 08:10, 2026-04-15 08:10, 2026-04-16 08:10, 2026-04-17 08:10, 2026-04-18 08:10, 2026-04-19 08:10, 2026-04-20 08:10, 2026-04-21 08:10, 2026-04-22 08:10, 2026-04-23 08:10, 2026-04-24 12:10, 2026-04-26 04:10, 2026-04-27 08:10, 2026-04-27 08:10, 2026-04-28 08:10, 2026-04-29 08:10, 2026-04-30 08:10, 2026-05-01 08:10, 2026-05-02 08:10, 2026-05-03 08:10, 2026-05-04 08:10, 2026-05-05 08:10, 2026-05-06 08:10, 2026-05-07 08:10, 2026-05-08 08:10, 2026-05-09 08:10, 2026-05-10 08:10, 2026-05-11 08:10, 2026-05-12 08:10, 2026-05-13 08:10, 2026-05-14 08:10, 2026-05-15 08:10, 2026-05-16 08:10, 2026-05-17 08:10, 2026-05-18 08:10, 2026-05-19 08:10, 2026-05-20 08:10, 2026-05-21 08:10, 2026-05-22 08:10, 2026-05-24 04:10, 2026-05-24 08:10, 2026-05-25 08:10, 2026-05-26 08:10, 2026-05-27 08:10, 2026-05-28 08:10, 2026-05-29 08:10, 2026-05-30 08:10, 2026-05-31 08:10, 2026-06-01 08:10
FireHOL anonymizers
107.189.30.69 is listed on the FireHOL anonymizers blacklist.

Description: List of anonymizing IPs, aggregated from multiple lists by FireHOL.
Type of feed: secondary (feed detail page)

Last checked at: 2026-06-01 06:06:44
Was present on blacklist at: 2026-04-14 06:05, 2026-04-15 06:05, 2026-04-16 06:05, 2026-04-17 06:05, 2026-04-18 06:05, 2026-04-19 06:05, 2026-04-20 06:05, 2026-04-21 06:05, 2026-04-22 06:05, 2026-04-23 06:05, 2026-04-24 12:05, 2026-04-26 06:05, 2026-04-27 06:05, 2026-04-27 06:05, 2026-04-28 06:05, 2026-04-29 06:05, 2026-04-30 06:05, 2026-05-01 06:05, 2026-05-02 06:05, 2026-05-03 06:05, 2026-05-04 06:05, 2026-05-05 06:05, 2026-05-06 06:05, 2026-05-07 06:05, 2026-05-08 06:05, 2026-05-09 06:05, 2026-05-10 06:05, 2026-05-11 06:05, 2026-05-12 06:05, 2026-05-13 06:05, 2026-05-14 06:05, 2026-05-15 06:05, 2026-05-16 06:05, 2026-05-17 06:05, 2026-05-18 06:05, 2026-05-19 06:05, 2026-05-20 06:05, 2026-05-21 06:05, 2026-05-22 06:05, 2026-05-24 06:05, 2026-05-24 06:05, 2026-05-25 06:05, 2026-05-26 06:05, 2026-05-27 06:05, 2026-05-28 06:05, 2026-05-29 06:05, 2026-05-30 06:05, 2026-05-31 06:05, 2026-06-01 06:06
Echelon TLS/SSL crawler
107.189.30.69 is listed on the Echelon TLS/SSL crawler blacklist.

Description: TLS/SSL connection fingerprinting detected via Suricata
Type of feed: primary (feed detail page)

Last checked at: 2026-05-04 09:40:01.239000
Was present on blacklist at: 2026-04-23 09:40, 2026-04-29 09:40, 2026-04-30 09:40, 2026-05-01 09:40, 2026-05-04 09:40
Echelon web crawler
107.189.30.69 is listed on the Echelon web crawler blacklist.

Description: HTTP web crawling activity detected on web honeypots
Type of feed: primary (feed detail page)

Last checked at: 2026-05-04 09:50:01.332000
Was present on blacklist at: 2026-04-23 09:50, 2026-04-29 09:50, 2026-04-30 09:50, 2026-05-01 09:50, 2026-05-03 09:50, 2026-05-04 09:50
Echelon admin panel hunt
107.189.30.69 is listed on the Echelon admin panel hunt blacklist.

Description: Scanning for administrative interfaces
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:05:01.539000
Was present on blacklist at: 2026-04-26 09:05, 2026-04-29 09:05, 2026-04-30 09:05
Echelon CMS enumeration
107.189.30.69 is listed on the Echelon CMS enumeration blacklist.

Description: Content management system discovery and enumeration
Type of feed: primary (feed detail page)

Last checked at: 2026-04-30 09:05:01.550000
Was present on blacklist at: 2026-04-26 09:05, 2026-04-29 09:05, 2026-04-30 09:05
Echelon SSH bruteforce
107.189.30.69 is listed on the Echelon SSH bruteforce blacklist.

Description: Multiple SSH authentication attempts detected
Type of feed: primary (feed detail page)

Last checked at: 2026-05-01 09:35:01.069000
Was present on blacklist at: 2026-04-29 09:35, 2026-04-30 09:35, 2026-05-01 09:35
SpamCop
107.189.30.69 is listed on the SpamCop blacklist.

Description: The SpamCop Blocking List (SCBL) lists IP addresses which have transmitted reported email to SpamCop users.
Type of feed: secondary (DNSBL) (feed detail page)

Last checked at: 2026-05-26 09:25:10.622000
Was present on blacklist at: 2026-05-05 09:25, 2026-05-12 09:25, 2026-05-19 09:25, 2026-05-26 09:25
AbuseIPDB
107.189.30.69 is listed on the AbuseIPDB blacklist.

Description: AbuseIPDB is a project managed by Marathon Studios Inc.<br>Lists IPs performing a malicious activity (DDoS, spam, phishing...)
Type of feed: primary (feed detail page)

Last checked at: 2026-05-24 04:00:00.619000
Was present on blacklist at: 2026-05-07 04:00, 2026-05-22 04:00, 2026-05-24 04:00
Sblam!
107.189.30.69 is listed on the Sblam! blacklist.

Description: Sblam! is a service that effectively protects forms for<br>comments in blogs, forums and guestbooks from spam.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-01 02:15:00.143000
Was present on blacklist at: 2026-05-13 02:15, 2026-05-14 02:15, 2026-05-15 02:15, 2026-05-16 02:15, 2026-05-17 02:15, 2026-05-18 02:15, 2026-05-19 02:15, 2026-05-20 02:15, 2026-05-21 02:15, 2026-05-22 02:15, 2026-05-24 02:15, 2026-05-25 02:15, 2026-05-26 02:15, 2026-05-27 02:15, 2026-05-28 02:15, 2026-05-29 02:15, 2026-05-30 02:15, 2026-05-31 02:15, 2026-06-01 02:15
Echelon SSH connection attempt
107.189.30.69 is listed on the Echelon SSH connection attempt blacklist.

Description: SSH connection attempt detected on port 22 or 2222
Type of feed: primary (feed detail page)

Last checked at: 2026-05-29 09:35:00.334000
Was present on blacklist at: 2026-05-24 09:35, 2026-05-25 09:35, 2026-05-26 09:35, 2026-05-27 09:35, 2026-05-28 09:35, 2026-05-29 09:35
UCEPROTECT L1
107.189.30.69 is listed on the UCEPROTECT L1 blacklist.

Description: UCEPROTECT-NETWORK list of spam IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-06-01 15:45:00.548000
Was present on blacklist at: 2026-05-27 15:45, 2026-05-27 23:45, 2026-05-28 07:45, 2026-05-28 15:45, 2026-05-28 23:45, 2026-05-29 07:45, 2026-05-29 15:45, 2026-05-29 23:45, 2026-05-30 07:45, 2026-05-30 15:45, 2026-05-30 23:45, 2026-05-31 07:45, 2026-05-31 15:45, 2026-05-31 23:45, 2026-06-01 07:45, 2026-06-01 15:45

Threat categories

TLRoleCategoryDetails
40 src
30 src login protocol: ssh
port: 22, 2222
25 src spam
Warden events (12)
2026-05-26
AttemptLogin (node.40929a): 1
2026-05-19
AnomalyTraffic (node.6a1878): 2
2026-05-02
IntrusionUserCompromise (node.40929a): 2
2026-04-29
IntrusionUserCompromise (node.40929a): 1
2026-04-28
IntrusionUserCompromise (node.40929a): 1
2026-04-27
IntrusionUserCompromise (node.cfb4f7): 5
DShield reports (IP summary, reports)
2026-05-12
Number of reports: 27
Distinct targets: 5
Origin AS
AS53667 - PONYNET
BGP Prefix
107.189.30.0/23
geo
Luxembourg
🕑 Europe/Luxembourg
hostname
torexit.107.189.30.69.com
hostname_class
['ip_in_hostname']
Address block ('inetnum' or 'NetRange' in whois database)
107.189.0.0 - 107.189.31.255
last_activity
2026-05-26 03:01:29.852000
last_warden_event
2026-05-26 03:01:29.852000
rep
0.5803319373198877
reserved_range
0
Shodan's InternetDB
Open ports: 80, 9001
Tags: tor
CPEs:
ts_added
2026-04-14 09:25:03.641000
ts_last_update
2026-06-01 15:47:48.591000

Warden event timeline

DShield event timeline

Presence on blacklists