Threat LevelMEDIUM40/1003 rule types across 2 attack categories
3 incidents on record · 3 rule types · last seen 7d ago
| PTR | N/A |
| Org / ASN | NextGenWebs |
| Country | 🇳🇱 The Netherlands |
| City | Dronten, Flevoland |
| Timezone | Europe/Amsterdam |
Attack Analysis
Drupal: Admin Path Probe
This IP probed Drupal administrative paths and received 4xx errors — a reconnaissance technique to map the CMS structure before a targeted attack. Automated scanners cycle through common admin paths to find unprotected entry points.
Backup & Database File Probe
This IP requested common backup file paths (.bak, .sql, .zip, wp-config.bak), hunting for database dumps or config files containing plaintext credentials. A single exposed wp-config.bak can hand an attacker full database access. This attack is automated and deliberate.
Git Repository Exposure Probe
This IP requested the /.git/ directory, attempting to download source code, commit history, database credentials, and API keys from an accidentally exposed Git repository. Automated tools can reconstruct an entire codebase from an exposed .git folder. No legitimate client ever requests this path.
Reports (3)
| Date | Severity | Description |
|---|---|---|
| 13 Jun 2026 - 05:23 | high | Web: Backup/database file probe |
| 13 Jun 2026 - 05:23 | high | Web: Git repo exposure probe |
| 13 Jun 2026 - 05:23 | high | Drupal: Admin path probe (4xx) |
EagleEye Intelligence