Threat LevelMEDIUM46/1001 rule type
12 incidents Β· 12 attacks/day Β· last seen 12d ago
| PTR | crawler028.deepfield.net |
| Org / ASN | AS396982 Google LLC |
| Country | π«π· France |
| City | Massy, Γle-de-France |
| Timezone | Europe/Paris |
Attack Analysis
IDS: Database Port Scan
Suricata detected this IP scanning database ports (MySQL, PostgreSQL, Redis, MongoDB). This is reconnaissance to find exposed database services for direct exploitation or credential brute-force. Database ports should never be reachable from the internet.
Reports (12)
| Date | Severity | Description |
|---|---|---|
| 9 Jun 2026 - 18:51 | high | IDS: Database port scan β ET SCAN Suspicious inbound to Oracle SQL port 1521 |
| 9 Jun 2026 - 18:49 | high | IDS: Database port scan β ET SCAN Suspicious inbound to Oracle SQL port 1521 |
| 9 Jun 2026 - 18:47 | high | IDS: Database port scan β ET SCAN Suspicious inbound to Oracle SQL port 1521 |
| 9 Jun 2026 - 18:46 | high | IDS: Database port scan β ET SCAN Suspicious inbound to Oracle SQL port 1521 |
| 9 Jun 2026 - 18:45 | high | IDS: Database port scan β ET SCAN Suspicious inbound to Oracle SQL port 1521 |
| 9 Jun 2026 - 18:44 | high | IDS: Database port scan β ET SCAN Suspicious inbound to Oracle SQL port 1521 |
| 9 Jun 2026 - 18:04 | high | IDS: Database port scan β ET SCAN Suspicious inbound to MSSQL port 1433 |
| 9 Jun 2026 - 18:02 | high | IDS: Database port scan β ET SCAN Suspicious inbound to MSSQL port 1433 |
| 9 Jun 2026 - 18:00 | high | IDS: Database port scan β ET SCAN Suspicious inbound to MSSQL port 1433 |
| 9 Jun 2026 - 17:58 | high | IDS: Database port scan β ET SCAN Suspicious inbound to MSSQL port 1433 |
| 9 Jun 2026 - 17:57 | high | IDS: Database port scan β ET SCAN Suspicious inbound to MSSQL port 1433 |
| 9 Jun 2026 - 17:56 | high | IDS: Database port scan β ET SCAN Suspicious inbound to MSSQL port 1433 |
EagleEye Intelligence