IP address

Passive DNS

Tags:

IP blacklists

Blocklist.net.ua

61.80.110.108 is listed on the Blocklist.net.ua blacklist.

Description: BlockList contains IP addresses that perform attacks,<br>send spam or brute force passwords to the blocking list.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-06 11:15:01.528000
Was present on blacklist at: 2025-12-23 23:15, 2025-12-24 03:15, 2025-12-24 07:15, 2025-12-24 11:15, 2025-12-24 15:15, 2025-12-24 19:15, 2025-12-27 15:15, 2025-12-27 19:15, 2025-12-27 23:15, 2025-12-28 03:15, 2025-12-28 07:15, 2025-12-28 11:15, 2025-12-30 15:15, 2025-12-30 19:15, 2025-12-30 23:15, 2025-12-31 03:15, 2025-12-31 07:15, 2025-12-31 11:15, 2025-12-31 15:15, 2025-12-31 19:15, 2025-12-31 23:15, 2026-01-01 03:15, 2026-01-01 07:15, 2026-01-01 11:15, 2026-01-01 15:15, 2026-01-01 19:15, 2026-01-01 23:15, 2026-01-02 03:15, 2026-01-02 07:15, 2026-01-02 11:15, 2026-01-02 15:15, 2026-01-02 19:15, 2026-01-02 23:15, 2026-01-03 03:15, 2026-01-03 07:15, 2026-01-03 11:15, 2026-01-03 15:15, 2026-01-03 19:15, 2026-01-03 23:15, 2026-01-04 03:15, 2026-01-04 07:15, 2026-01-04 11:15, 2026-01-04 15:15, 2026-01-04 19:15, 2026-01-04 23:15, 2026-01-05 03:15, 2026-01-05 07:15, 2026-01-05 11:15, 2026-01-05 15:15, 2026-01-05 19:15, 2026-01-05 23:15, 2026-01-06 03:15, 2026-01-06 11:15

Turris greylist

61.80.110.108 is listed on the Turris greylist blacklist.

Description: Greylist is the output of the Turris research project by CZ.NIC,<br>which collects data of malicious IPs.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-11 22:15:00.153000
Was present on blacklist at: 2025-12-26 22:15, 2025-12-27 22:15, 2025-12-29 22:15, 2026-01-01 22:15, 2026-01-09 22:15, 2026-01-11 22:15

blocklist.de FTP

61.80.110.108 is listed on the blocklist.de FTP blacklist.

Description: Blocklist.de feed is a free and voluntary service<br>provided by a Fraud/Abuse-specialist. IPs performing attacks<br>on the Service FTP.
Type of feed: primary (feed detail page)

Last checked at: 2026-01-03 17:05:00.385000
Was present on blacklist at: 2026-01-01 23:05, 2026-01-02 05:05, 2026-01-02 11:05, 2026-01-02 17:05, 2026-01-02 23:05, 2026-01-03 05:05, 2026-01-03 11:05, 2026-01-03 17:05

Warden events (13959)

2026-01-12: IntrusionUserCompromise (node.cfb4f7): 930
2026-01-10: IntrusionUserCompromise (node.cfb4f7): 727
2026-01-09: IntrusionUserCompromise (node.cfb4f7): 726
2026-01-08: IntrusionUserCompromise (node.cfb4f7): 2312; ReconScanning (node.86eb21): 9
2026-01-03: IntrusionUserCompromise (node.cfb4f7): 685
2025-12-31: IntrusionUserCompromise (node.cfb4f7): 2444
2025-12-28: IntrusionUserCompromise (node.cfb4f7): 930
2025-12-27: IntrusionUserCompromise (node.cfb4f7): 1860
2025-12-26: IntrusionUserCompromise (node.cfb4f7): 927
2025-12-25: IntrusionUserCompromise (node.cfb4f7): 643
2025-12-24: IntrusionUserCompromise (node.cfb4f7): 836
2025-12-23: IntrusionUserCompromise (node.cfb4f7): 930

Origin AS: AS4766 - KIXS-AS-KR KIXS-AS-KR-KR
BGP Prefix: 61.80.0.0/14
geo: South Korea, Buk-gu; 🕑 Asia/Seoul
hostname: (null)
Address block ('inetnum' or 'NetRange' in whois database): 61.80.0.0 - 61.83.255.255
last_activity: 2026-01-12 02:22:28
last_warden_event: 2026-01-12 02:22:28
rep: 0.28095238095238095
reserved_range: 0
Shodan's InternetDB: Open ports: 1433, 10243, 12380, 42235; Tags: database, eol-os; CPEs: cpe:/a:microsoft:sql_server:10.50.4042.0
ts_added: 2025-12-23 08:35:12.280000
ts_last_update: 2026-01-12 02:57:40.849000

Warden event timeline

DShield event timeline

Presence on blacklists