Report for IP: 91.224.92.190

Threat LevelHIGH53/1002 rule types across 2 attack categories
6 incidents on record · 2 rule types · confirmed on global blocklist · active over 6 days · last seen 7d ago
PTR srv-91-224-92-190.serveroffer.net
Org / ASN UAB Host Baltic
Country 🇱🇹 Lithuania
City Vilnius, Vilnius
Timezone Europe/Vilnius

Attack Analysis

🇱🇹 Republic of Lithuania · Vilnius · 209605 · Uab Host Baltic
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
WordPress XML-RPC Abuse
This IP targeted xmlrpc.php, a legacy WordPress endpoint that has been abused for brute-force authentication attacks, credential stuffing, and DDoS amplification. Any direct access to xmlrpc.php is an attack or reconnaissance attempt; modern WordPress sites should disable it entirely.

Reports (6)

Date Severity Description
12 Jun 2026 - 12:59 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 15
11 Jun 2026 - 15:40 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 15
11 Jun 2026 - 01:21 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 15
10 Jun 2026 - 20:45 high Web: xmlrpc.php accessed
10 Jun 2026 - 20:44 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 15
6 Jun 2026 - 12:19 high IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 15

Related IPs — Same /24 Block (91.224.92.0/24)

91.224.92.147CRITICAL186 reports91.224.92.17HIGH5 reports91.224.92.19ELEVATED14 reports91.224.92.32ELEVATED46 reports91.224.92.120ELEVATED10 reports91.224.92.82ELEVATED3 reports91.224.92.87ELEVATED6 reports91.224.92.33MEDIUM1 report
Part of EagleEye Intelligence