Report for IP: 216.26.240.81

Threat LevelHIGH51/1002 rule types across 2 attack categories
3 incidents on record · 2 rule types · confirmed on global blocklist · active over 2 days · last seen 7d ago
PTR N/A
Org / ASN 3xK Tech GmbH
Country 🇧🇷 Brazil
City São Paulo, São Paulo
Timezone America/Sao_Paulo

Attack Analysis

🇧🇷 Brazil · São Paulo · 200373 · xk Tech GmbH
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
WordPress XML-RPC Abuse
This IP targeted xmlrpc.php, a legacy WordPress endpoint that has been abused for brute-force authentication attacks, credential stuffing, and DDoS amplification. Any direct access to xmlrpc.php is an attack or reconnaissance attempt; modern WordPress sites should disable it entirely.

Reports (3)

Date Severity Description
12 Jun 2026 - 21:12 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 64
10 Jun 2026 - 18:55 high Web: xmlrpc.php accessed
10 Jun 2026 - 18:55 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 64

Related IPs — Same /24 Block (216.26.240.0/24)

216.26.240.87MEDIUM1 report216.26.240.119MEDIUM1 report216.26.240.245MEDIUM2 reports216.26.240.234MEDIUM1 report216.26.240.46MEDIUM1 report216.26.240.60MEDIUM1 report216.26.240.9MEDIUM1 report216.26.240.117MEDIUM1 report
Part of EagleEye Intelligence