Threat LevelCRITICAL72/1002 rule types across 2 attack categories
6 incidents on record · 2 rule types · active attack detected · last seen 6d ago
| PTR | N/A |
| Org / ASN | Aaroppe Internet Services Ltd Sti |
| Country | 🇩🇴 Dominican Republic |
| City | Santo Domingo Oeste, Santo Domingo Province |
| Timezone | America/Santo_Domingo |
Attack Analysis
Suricata IDS Alert
Suricata intrusion detection flagged this IP for malicious network behaviour — including port scanning, exploit attempts, botnet activity, or known attack signatures. The specific signature is shown in the report list below.
IDS: Database Port Scan
Suricata detected this IP scanning database ports (MySQL, PostgreSQL, Redis, MongoDB). This is reconnaissance to find exposed database services for direct exploitation or credential brute-force. Database ports should never be reachable from the internet.
Reports (6)
| Date | Severity | Description |
|---|---|---|
| 8 Jun 2026 - 00:01 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 7 Jun 2026 - 23:39 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 7 Jun 2026 - 01:25 | high | IDS: Database port scan — ET SCAN Suspicious inbound to mySQL port 3306 |
| 6 Jun 2026 - 17:54 | high | IDS: Suricata alert |
| 6 Jun 2026 - 17:54 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 6 Jun 2026 - 17:34 | high | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
EagleEye Intelligence