Back to IOCs

IOC Details

IP

Indicator

85.217.149.38

Tag

honeypot

Source

4

First seen

2026-03-04 11:36:50

Last seen

2026-05-21 08:13:27

Hits

155

Comment history

  • 2026-05-21

    Observed 4 times. Targeted ports: 573. Country: Bulgaria.

  • 2026-05-20

    Observed 3 times. Targeted ports: 949. Country: Canada. Reputation: known attacker.

  • 2026-05-19

    Observed 7 times. Targeted ports: 2484. Country: Canada.

  • 2026-05-18

    Observed 6 times. Targeted ports: 335, 841. Country: Canada. Reputation: known attacker.

  • 2026-05-17

    Observed 4 times. Targeted ports: 1018, 51227. Country: Canada.

  • 2026-05-16

    Observed 8 times. Targeted ports: 104. Country: Canada. Reputation: known attacker.

  • 2026-05-15

    Observed 3 times. Targeted ports: 242. Country: Bulgaria.

  • 2026-05-14

    Observed 3 times. Targeted ports: 521. Country: Canada. Reputation: known attacker.

  • 2026-05-13

    Observed 31 times. Targeted ports: 1125, 1129, 1135, 1140. Country: Canada. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-05-12

    Observed 36 times. Targeted ports: 1212, 1247, 1264, 1290, 1300. Country: Canada.

  • 2026-05-11

    Observed 73 times. Targeted ports: 370, 1684, 1687, 1690, 1698, 1700, 1701, 1704. Country: Canada. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.

  • 2026-05-10

    Observed 52 times. Targeted ports: 1430, 1451, 1459, 1478, 1479. Country: Canada. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM ESTABLISHED SYN resend with different seq.

  • 2026-05-09

    Observed 9 times. Targeted ports: 376, 506, 902. Country: Canada.

  • 2026-05-08

    Observed 10 times. Targeted ports: 724, 834, 855. Country: Canada. Reputation: known attacker.

  • 2026-05-07

    Observed 3 times. Targeted ports: 34. Country: Canada. Reputation: known attacker.

  • 2026-05-06

    Observed 3 times. Targeted ports: 583. Country: Canada. Reputation: known attacker.

  • 2026-05-05

    Observed 102 times. Targeted ports: 677, 1208, 1210, 1229, 1236, 1247, 1261, 1307, 1318, 1323, 1352, 1378, 1383, 1402. Country: Canada. Reputation: known attacker.

  • 2026-05-04

    Observed 4 times. Targeted ports: 12917. Country: Canada. Reputation: known attacker. Alert categories: Misc Attack. Signatures: ET CINS Active Threat Intelligence Poor Reputation IP group 126.

  • 2026-05-03

    Observed 3 times. Targeted ports: 179. Country: Canada. Reputation: known attacker.

  • 2026-05-02

    Observed 6 times. Targeted ports: 629, 930. Country: Canada.

  • 2026-05-01

    Observed 2 times. Targeted ports: 64305. Country: Canada.

  • 2026-04-30

    Observed 3 times. Targeted ports: 841. Country: Canada.

  • 2026-04-29

    Observed 157 times. Targeted ports: 1043, 1766, 1768, 1770, 1776, 1780, 1792, 1806, 1807, 1815, 1842, 1845, 1854, 1856, 1869, 1882, 1886, 1892, 1898, 1901, 1907, 1912, 1920, 1931, 1939, 1941, 1942. Country: Canada.

  • 2026-04-28

    Observed 7 times. Targeted ports: 1944. Country: Canada.

  • 2026-04-27

    Observed 3 times. Targeted ports: 683. Country: Canada.

  • 2026-04-26

    Observed 81 times. Targeted ports: 16858, 18192, 28096, 35973, 35979, 43328, 43346, 45598, 53836, 53888, 58391. Country: Canada.

  • 2026-04-23

    Observed 3 times. Targeted ports: 242. Country: Canada.

  • 2026-04-22

    Observed 3 times. Targeted ports: 119. Country: Canada.

  • 2026-04-21

    Observed 9 times. Targeted ports: 785, 12332. Country: Canada.

  • 2026-04-10

    Observed 3 times. Targeted ports: 330. Country: Canada. Reputation: known attacker.

  • 2026-03-27

    Observed 15 times. Targeted ports: 1040, 1234. Country: Canada.

  • 2026-03-23

    Observed 78 times. Targeted ports: 5086, 5087, 5097, 5099, 5192, 5194, 5210, 5212, 5214, 5455, 5684. Country: Canada. Reputation: known attacker.

  • 2026-03-21

    Observed 8 times. Targeted ports: 2250. Country: Bulgaria.

  • 2026-03-19

    Observed 39 times. Targeted ports: 32634, 50660, 54398. Country: Bulgaria.

  • 2026-03-18

    Observed 36 times. Targeted ports: 29, 120, 203, 253, 279, 375, 449, 539, 607, 632, 842, 9022. Country: Canada. Reputation: known attacker.

  • 2026-03-16

    Observed 47 times. Targeted ports: 1999, 2009, 2055, 2085, 2098, 2112. Country: Bulgaria.

  • 2026-03-15

    Observed 9 times. Targeted ports: 1025. Country: Bulgaria. Reputation: known attacker.

  • 2026-03-14

    Observed 92 times. Targeted ports: 11362, 15165, 17875, 20634, 22237, 24072, 31302, 31486, 32229, 35360, 46435, 49249. Country: Bulgaria. Reputation: known attacker.

  • 2026-03-13

    Observed 9 times. Targeted ports: 424, 9141. Country: Canada.

  • 2026-03-12

    Observed 5 times. Targeted ports: 62937. Country: Canada. Reputation: known attacker.

  • 2026-03-10

    Observed 8 times. Targeted ports: 8474. Country: Canada. Reputation: known attacker.

  • 2026-03-09

    Observed 17 times. Targeted ports: 537, 544, 581, 662, 896, 10347. Country: Canada. Reputation: known attacker.

  • 2026-03-08

    Observed 53 times. Targeted ports: 4738, 4802, 4867, 4871, 5425, 5439, 5471. Country: Bulgaria.

  • 2026-03-05

    Observed 3 times. Targeted ports: 65273. Country: Canada. Reputation: known attacker.

  • 2026-03-04

    Observed 36 times. Targeted ports: 1039, 1357, 1380, 1428, 1432. Country: Canada. Reputation: known attacker.

Actions

Open Indicator Page Search for this indicator View pDNS Records View all ip IOCs View all honeypot IOCs View all from 4

Related IOCs

ID Indicator Type Tag Source Last seen Actions
333044
13.51.79.99
IP malware 11 2026-05-21 08:25:07 IOC Record
346912
45.228.141.44
IP honeypot 4 2026-05-21 08:15:24 IOC Record
346911
18.97.5.15
IP honeypot 4 2026-05-21 08:15:24 IOC Record
315599
87.251.64.155
IP honeypot 4 2026-05-21 08:15:24 IOC Record
293134
66.132.186.217
IP honeypot 4 2026-05-21 08:15:24 IOC Record