Threat LevelHIGH70/1002 rule types across 2 attack categories
18 incidents · 2 rule types · confirmed on global blocklist · persistent 8-day campaign · seen 17h ago
| PTR | N/A |
| Org / ASN | AS205759 Ghosty Networks LLC |
| Country | 🇱🇺 Luxembourg |
| City | Schieren, Diekirch |
| Timezone | Europe/Luxembourg |
Attack Analysis
IDS: Blocklist — Spamhaus DROP
This IP is on the Spamhaus DROP list — a dataset of netblocks hijacked or leased by professional spam and cybercrime operations with no legitimate users. Traffic from DROP-listed ranges is considered hostile by design. Blocking is unconditional.
Drupal: Admin Path Probe
This IP probed Drupal administrative paths and received 4xx errors — a reconnaissance technique to map the CMS structure before a targeted attack. Automated scanners cycle through common admin paths to find unprotected entry points.
Reports (18)
| Date | Severity | Description |
|---|---|---|
| 13 Jun 2026 - 04:28 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 12 Jun 2026 - 23:26 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 12 Jun 2026 - 00:44 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 11 Jun 2026 - 22:35 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 11 Jun 2026 - 20:31 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 11 Jun 2026 - 17:42 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 10 Jun 2026 - 05:47 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 10 Jun 2026 - 00:24 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 8 Jun 2026 - 23:54 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 8 Jun 2026 - 21:43 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 8 Jun 2026 - 19:41 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 8 Jun 2026 - 16:59 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 7 Jun 2026 - 06:15 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 7 Jun 2026 - 00:48 | high | IDS: Blocklist — Spamhaus DROP listed IP — ET DROP Spamhaus DROP Listed Traffic Inbound group 9 |
| 5 Jun 2026 - 19:44 | high | IDS: Blocklist — Spamhaus DROP listed IP |
| 5 Jun 2026 - 17:47 | high | IDS: Blocklist — Spamhaus DROP listed IP |
| 5 Jun 2026 - 15:09 | medium | Drupal: Admin path probe (4xx) |
| 5 Jun 2026 - 15:05 | high | IDS: Blocklist — Spamhaus DROP listed IP |
EagleEye Intelligence