Report for IP: 216.26.236.20

Threat LevelHIGH48/1002 rule types across 2 attack categories
2 incidents on record · 2 rule types · confirmed on global blocklist · last seen 8d ago
PTR N/A
Org / ASN 3xK Tech GmbH
Country 🇺🇸 United States
City Ashburn, Virginia
Timezone America/New_York

Attack Analysis

🇺🇸 United States · Ashburn · 200373 · xk Tech GmbH
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
WordPress XML-RPC Abuse
This IP targeted xmlrpc.php, a legacy WordPress endpoint that has been abused for brute-force authentication attacks, credential stuffing, and DDoS amplification. Any direct access to xmlrpc.php is an attack or reconnaissance attempt; modern WordPress sites should disable it entirely.

Reports (2)

Date Severity Description
11 Jun 2026 - 17:09 high Web: xmlrpc.php accessed
11 Jun 2026 - 17:07 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 64

Related IPs — Same /24 Block (216.26.236.0/24)

216.26.236.163ELEVATED4 reports216.26.236.186MEDIUM1 report216.26.236.220MEDIUM1 report216.26.236.118MEDIUM1 report216.26.236.60MEDIUM1 report216.26.236.74MEDIUM1 report
Part of EagleEye Intelligence