Threat LevelMEDIUM47/1001 rule type
3 incidents on record · active over 4 days · last seen 2d ago
| PTR | p2eqnwrh.superdnsserver.net |
| Org / ASN | AS201200 SuperHosting.BG Ltd. |
| Country | 🇧🇬 Bulgaria |
| City | Sofia, Sofia-Capital |
| Timezone | Europe/Sofia |
Attack Analysis
IDS: Database Port Scan
Suricata detected this IP scanning database ports (MySQL, PostgreSQL, Redis, MongoDB). This is reconnaissance to find exposed database services for direct exploitation or credential brute-force. Database ports should never be reachable from the internet.
Reports (3)
| Date | Severity | Description |
|---|---|---|
| 20 Jun 2026 - 15:47 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
| 20 Jun 2026 - 15:46 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
| 16 Jun 2026 - 15:50 | high | IDS: Database port scan — ET SCAN Suspicious inbound to MSSQL port 1433 |
EagleEye Intelligence