Threat LevelHIGH60/1002 rule types across 2 attack categories
2 incidents on record · 2 rule types · confirmed on global blocklists · seen 15h ago
| PTR | vps26123.maxko-hosting.net |
| Org / ASN | MAXKO d.o.o |
| Country | 🇷🇸 Serbia |
| City | Belgrade, Belgrade |
| Timezone | Europe/Belgrade |
Attack Analysis
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
IDS: Tor Exit Node
This IP is a known Tor network exit node. Tor anonymizes user traffic by routing it through a series of relays; exit nodes are the final hop where traffic re-enters the public internet. While Tor has legitimate privacy uses, it is heavily abused for anonymous attacks, credential stuffing, and fraud — as the real attacker IP is concealed behind the exit node.
Reports (2)
| Date | Severity | Description |
|---|---|---|
| 4 Jun 2026 - 02:25 | high | IDS: Tor exit node — known anonymization network |
| 4 Jun 2026 - 02:25 | high | IDS: Blocklist — Spamhaus DROP listed IP |
EagleEye Intelligence