Threat LevelHIGH54/1001 rule type
4 incidents on record · persistent 13-day campaign · seen 13h ago
| PTR | N/A |
| Org / ASN | BeiJing Wish Network Technology CO., LTD. |
| Country | 🇨🇳 China |
| City | Dongfeng, Beijing |
| Timezone | Asia/Shanghai |
Attack Analysis
IDS: Database Port Scan
Suricata detected this IP scanning database ports (MySQL, PostgreSQL, Redis, MongoDB). This is reconnaissance to find exposed database services for direct exploitation or credential brute-force. Database ports should never be reachable from the internet.
Reports (4)
| Date | Severity | Description |
|---|---|---|
| 21 Jun 2026 - 16:54 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
| 21 Jun 2026 - 09:01 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
| 15 Jun 2026 - 08:47 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
| 8 Jun 2026 - 10:47 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
EagleEye Intelligence