Threat LevelMEDIUM29/1001 rule type
1 incident on record · last seen 6d ago
| PTR | NXDOMAIN |
| Org / ASN | VPN-Consumer-AU |
| Country | AU |
Attack Analysis
Directory Brute-Force (Active Scan)
This IP triggered 10 or more HTTP 4xx errors within 60 seconds — the signature of a vulnerability scanner cycling through wordlists of common admin paths, config files, and endpoints. Tools like Nikto, Dirbuster, and Gobuster produce exactly this pattern.
Reports (1)
| Date | Severity | Description |
|---|---|---|
| 26 May 2026 - 12:32 | high | Rule 100316: Web: Active scan — 10+ 4xx errors in 60s |