Threat LevelMEDIUM40/1002 rule types across 2 attack categories
2 incidents on record · 2 rule types · last seen 7d ago
| PTR | henoggnedi.info |
| Org / ASN | AS135450 PT Berkah Solusi Teknologi Informasi |
| Country | 🇮🇩 Indonesia |
| City | Jakarta, Jakarta |
| Timezone | Asia/Jakarta |
Attack Analysis
Drupal: Maintenance Script Accessed
This IP requested a Drupal maintenance or install script (install.php, update.php, cron.php). These scripts can expose sensitive configuration data or allow unauthorized site modifications if not properly protected.
Directory Brute-Force (Active Scan)
This IP triggered 10 or more HTTP 4xx errors within 60 seconds — the signature of a vulnerability scanner cycling through wordlists of common admin paths, config files, and endpoints. Tools like Nikto, Dirbuster, and Gobuster produce exactly this pattern.
Reports (2)
| Date | Severity | Description |
|---|---|---|
| 10 Jun 2026 - 18:23 | high | Web: Active scan — 10+ 4xx errors in 60s |
| 10 Jun 2026 - 18:23 | high | Drupal: Maintenance script accessed |
EagleEye Intelligence