Back to IOCs

IOC Details

IP

Indicator

85.11.167.11

Tag

honeypot

Source

4

First seen

2026-04-10 08:31:23

Last seen

2026-05-30 19:50:57

Hits

608

Comment history

  • 2026-05-30

    Observed 403 times. Targeted ports: 5432, 15432. Country: Bulgaria. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM ESTABLISHED SYN resend with different seq.

  • 2026-05-29

    Observed 459 times. Targeted ports: 5432, 5433, 5434. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-28

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-27

    Observed 488 times. Targeted ports: 5432, 5434, 5435. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-26

    Observed 73 times. Targeted ports: 5432, 54322. Country: Bulgaria. Reputation: known attacker. Usernames: postgres.

  • 2026-05-25

    Observed 56 times. Targeted ports: 5432, 25432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-24

    Observed 4 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-23

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-22

    Observed 13 times. Targeted ports: 16379. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-21

    Observed 601 times. Targeted ports: 5432, 5439, 15432. Country: Bulgaria. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-05-20

    Observed 358 times. Targeted ports: 5432, 5434. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-19

    Observed 28 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker. Usernames: wog.

  • 2026-05-18

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-17

    Observed 13 times. Targeted ports: 6380. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-16

    Observed 880 times. Targeted ports: 5432, 5433, 5434. Country: Bulgaria. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM ESTABLISHED SYN resend with different seq.

  • 2026-05-15

    Observed 404 times. Targeted ports: 5432, 54321. Country: Bulgaria.

  • 2026-05-14

    Observed 375 times. Targeted ports: 5432, 5433, 5434. Country: Bulgaria. Reputation: known attacker. Usernames: postgres.

  • 2026-05-13

    Observed 56 times. Targeted ports: 5432, 5434. Country: Bulgaria. Reputation: known attacker. Usernames: postgres.

  • 2026-05-12

    Observed 60 times. Targeted ports: 5432, 5433. Country: Bulgaria. Reputation: known attacker. Usernames: postgres.

  • 2026-05-11

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-10

    Observed 191 times. Targeted ports: 5432, 65532. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-09

    Observed 188 times. Targeted ports: 5432, 54321. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-08

    Observed 1509 times. Targeted ports: 5432, 5433, 5434. Country: Bulgaria. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-05-07

    Observed 3 times. Targeted ports: 5432. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-06

    Observed 313 times. Targeted ports: 5432, 54321, 54322. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-05

    Observed 600 times. Targeted ports: 5432, 5433, 5434. Country: Bulgaria. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-05-04

    Observed 39 times. Targeted ports: 5434. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-03

    Observed 346 times. Targeted ports: 5432, 5436, 5437. Country: Bulgaria. Reputation: known attacker.

  • 2026-05-02

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria.

  • 2026-05-01

    Observed 587 times. Targeted ports: 5432, 5433, 5434. Country: Bulgaria.

  • 2026-04-30

    Observed 3 times. Targeted ports: 5432. Country: Bulgaria.

  • 2026-04-29

    Observed 1485 times. Targeted ports: 5432, 54320, 54322. Country: Bulgaria. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM Packet with invalid timestamp, SURICATA STREAM spurious retransmission.

  • 2026-04-28

    Observed 406 times. Targeted ports: 5432, 15432. Country: Bulgaria.

  • 2026-04-27

    Observed 233 times. Targeted ports: 5432, 54321. Country: Bulgaria.

  • 2026-04-26

    Observed 353 times. Targeted ports: 5432, 5434, 5435. Country: Bulgaria. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.

  • 2026-04-23

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria.

  • 2026-04-22

    Observed 2 times. Targeted ports: 5432. Country: Bulgaria.

  • 2026-04-21

    Observed 245 times. Targeted ports: 5432, 5440. Country: Bulgaria.

  • 2026-04-10

    Observed 703 times. Targeted ports: 5432, 5433. Country: Bulgaria. Reputation: known attacker.

Actions

Open Indicator Page Search for this indicator View pDNS Records View all ip IOCs View all honeypot IOCs View all from 4

Related IOCs

ID Indicator Type Tag Source Last seen Actions
20334
143.244.58.247
IP honeypot 4 2026-05-30 20:02:37 IOC Record
10831
185.168.195.70
IP honeypot 4 2026-05-30 20:02:37 IOC Record
317880
185.184.69.70
IP honeypot 4 2026-05-30 20:02:36 IOC Record
316378
222.242.237.162
IP honeypot 4 2026-05-30 20:02:36 IOC Record
55634
170.187.163.117
IP honeypot 4 2026-05-30 20:02:36 IOC Record