Threat LevelCRITICAL76/1002 rule types across 2 attack categories
29 incidents · 2 rule types · active attack detected · persistent 12-day campaign · seen 13h ago
| PTR | ip-143-95-213-196.iplocal |
| Org / ASN | Newfold Digital, Inc. |
| Country | 🇺🇸 United States |
| City | Jacksonville, Florida |
| Timezone | America/New_York |
Attack Analysis
Suricata IDS Alert
Suricata intrusion detection flagged this IP for malicious network behaviour — including port scanning, exploit attempts, botnet activity, or known attack signatures. The specific signature is shown in the report list below.
IDS: SSH Port Scan
Suricata detected automated SSH port scanning from this IP. SSH scanners map targets before launching credential brute-force attacks. This is the reconnaissance phase of a larger attack campaign.
Reports (29)
| Date | Severity | Description |
|---|---|---|
| 10 Jun 2026 - 02:39 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 10 Jun 2026 - 02:39 | high | IDS: SSH port scan — ET SCAN Potential SSH Scan |
| 9 Jun 2026 - 08:04 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 9 Jun 2026 - 08:04 | high | IDS: SSH port scan — ET SCAN Potential SSH Scan |
| 8 Jun 2026 - 15:41 | high | IDS: SSH port scan — ET SCAN Potential SSH Scan |
| 8 Jun 2026 - 15:41 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 8 Jun 2026 - 01:31 | medium | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
| 8 Jun 2026 - 01:31 | high | IDS: SSH port scan — ET SCAN Potential SSH Scan |
| 7 Jun 2026 - 11:01 | high | IDS: Suricata alert — Honeypot: probe to closed SSH port 22 |
EagleEye Intelligence