Threat LevelHIGH50/1001 rule type
2 incidents on record · persistent 11-day campaign · last seen 2d ago
| PTR | N/A |
| Org / ASN | Aliyun Computing Co., LTD |
| Country | 🇨🇳 China |
| City | Beijing, Beijing |
| Timezone | Asia/Shanghai |
Attack Analysis
IDS: Database Port Scan
Suricata detected this IP scanning database ports (MySQL, PostgreSQL, Redis, MongoDB). This is reconnaissance to find exposed database services for direct exploitation or credential brute-force. Database ports should never be reachable from the internet.
Reports (2)
| Date | Severity | Description |
|---|---|---|
| 20 Jun 2026 - 09:21 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
| 9 Jun 2026 - 15:38 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
EagleEye Intelligence