Showing current intelligence for this indicator.

IP Information for 85.217.149.12

Location Beauharnois, 🇨🇦 Canada
ASN AS209334 — MODAT-01, NL
BGP Prefix 85.217.149.0/24
Registry ripencc
IP Address 85.217.149.12

IOC Matches

ID Type Tag Source Last seen Comments
182929 IP honeypot 4 2026-05-17 13:03:29
  • 2026-05-17: Observed 6 times. Targeted ports: 333, 15557. Country: Canada.
  • 2026-05-16: Observed 4 times. Targeted ports: 350. Country: Canada. Reputation: known attacker.
  • 2026-05-15: Observed 3 times. Targeted ports: 57. Country: Bulgaria. Reputation: known attacker.
  • 2026-05-14: Observed 3 times. Targeted ports: 855. Country: Canada. Reputation: known attacker.
  • 2026-05-13: Observed 28 times. Targeted ports: 1231, 1284, 1307, 1309. Country: Canada.
  • 2026-05-12: Observed 70 times. Targeted ports: 1341, 1350, 1360, 1365, 1386, 1392, 1396, 1403, 1422. Country: Canada. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.
  • 2026-05-11: Observed 3 times. Targeted ports: 667. Country: Canada.
  • 2026-05-10: Observed 3 times. Targeted ports: 979. Country: Canada. Reputation: known attacker.
  • 2026-05-09: Observed 13 times. Targeted ports: 246, 449, 784, 11517. Country: Canada. Alert categories: Misc Attack. Signatures: ET CINS Active Threat Intelligence Poor Reputation IP group 136.
  • 2026-05-08: Observed 29 times. Targeted ports: 485, 924, 2758, 4573, 28034, 29753, 45883. Country: Canada. Reputation: known attacker.
  • 2026-05-07: Observed 7 times. Targeted ports: 753, 12912. Country: Canada. Alert categories: Misc Attack. Signatures: ET CINS Active Threat Intelligence Poor Reputation IP group 129.
  • 2026-05-06: Observed 6 times. Targeted ports: 779, 930. Country: Canada. Reputation: known attacker.
  • 2026-05-05: Observed 1 times. Targeted ports: 110. Country: Canada. Reputation: known attacker.
  • 2026-05-04: Observed 3 times. Targeted ports: 233. Country: Canada.
  • 2026-05-03: Observed 3 times. Targeted ports: 460. Country: Canada. Reputation: known attacker.
  • 2026-05-02: Observed 12 times. Targeted ports: 198, 662, 764, 778. Country: Canada. Reputation: known attacker.
  • 2026-05-01: Observed 21 times. Targeted ports: 1521. Country: Canada. Reputation: known attacker.
  • 2026-04-30: Observed 3 times. Targeted ports: 57. Country: Canada. Reputation: known attacker.
  • 2026-04-29: Observed 122 times. Targeted ports: 1557, 1567, 1580, 1601, 1623, 1624, 1634, 1644, 1652, 1654, 1671, 1703, 1704, 1714, 1727, 1754, 1755, 1757. Country: Canada. Reputation: known attacker.
  • 2026-04-28: Observed 6 times. Targeted ports: 158, 560. Country: Canada. Reputation: known attacker.
  • 2026-04-27: Observed 12 times. Targeted ports: 669, 956, 12119. Country: Canada. Reputation: known attacker.
  • 2026-04-26: Observed 5 times. Targeted ports: 9814. Country: Canada. Reputation: known attacker.
  • 2026-04-23: Observed 1 times. Targeted ports: 576. Country: Canada. Reputation: known attacker.
  • 2026-04-22: Observed 10 times. Targeted ports: 12271, 48925. Country: Canada. Reputation: known attacker.
  • 2026-04-21: Observed 10 times. Targeted ports: 123, 151, 9206. Country: Canada. Reputation: known attacker.
  • 2026-04-10: Observed 9 times. Targeted ports: 1000, 9876. Country: Canada.
  • 2026-03-28: Observed 184 times. Targeted ports: 1307, 1456, 1524, 1772, 1891, 2637, 2645, 5541, 5542, 7166, 8806, 8812, 8888, 8889, 14289, 27092, 47335, 47409, 56759, 56770, 61953, 62064, 62153, 62243. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-27: Observed 15 times. Targeted ports: 1305, 5814. Country: Canada. Reputation: known attacker.
  • 2026-03-26: Observed 23 times. Targeted ports: 33735, 33741, 33759. Country: Canada. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM ESTABLISHED SYN resend with different seq.
  • 2026-03-21: Observed 36 times. Targeted ports: 1177, 5205, 6913, 8164, 8294. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-20: Observed 59 times. Targeted ports: 8798, 8868, 8907, 9012, 9057, 9068, 9079, 9080. Country: Canada. Reputation: known attacker.
  • 2026-03-18: Observed 10 times. Targeted ports: 186, 663, 783. Country: Canada. Reputation: known attacker.
  • 2026-03-16: Observed 6 times. Targeted ports: 6995. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-15: Observed 111 times. Targeted ports: 30595, 31849, 31885, 31898, 33552, 33559, 33572, 33740, 33760, 33765, 33768, 33833, 42587, 46850. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-14: Observed 178 times. Targeted ports: 5086, 5087, 5097, 5098, 5099, 5192, 5193, 5194, 5210, 5212, 5214, 5278, 5279, 5280, 5358, 5409, 5410, 5412, 5413, 5414, 5422, 5423, 5987, 5990, 5991. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-13: Observed 3 times. Targeted ports: 793. Country: Canada. Reputation: known attacker.
  • 2026-03-12: Observed 8 times. Targeted ports: 16388. Country: Canada. Reputation: known attacker.
  • 2026-03-10: Observed 53 times. Targeted ports: 8779, 8790, 8823, 8830, 8833, 8843, 8853. Country: Canada. Reputation: known attacker.
  • 2026-03-09: Observed 107 times. Targeted ports: 6017, 6018, 6051, 6059, 6116, 6121, 6122, 6129, 6310, 7004, 7072, 7105, 7685, 7879, 7880. Country: Canada. Reputation: known attacker.
  • 2026-03-08: Observed 112 times. Targeted ports: 3772, 3790, 3824, 3825, 3828, 3869, 3882, 3947, 4050, 4064, 4084, 4133, 4134, 4360, 4429. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-07: Observed 272 times. Targeted ports: 26, 697, 3798, 3856, 3858, 3860, 3862, 3866, 3868, 3897, 3911, 3912, 3925, 8034, 8381, 8427, 8474, 8480, 8520, 8760, 8911. Country: Canada. Reputation: known attacker.
  • 2026-03-06: Observed 77 times. Targeted ports: 2253, 2255, 2277, 2296, 2329, 2361, 2543, 2567, 2568, 2585, 2587, 2620. Country: Canada. Reputation: known attacker.
  • 2026-03-05: Observed 9 times. Targeted ports: 61697, 65402, 65419. Country: Canada. Reputation: known attacker.

URLs on this IP

No URLs found for this IP.

Passive DNS

No pDNS records found for 85.217.149.12.

Search History

ID Source Last seen
58753 web 2026-05-17 13:47:23
58631 web 2026-05-17 06:03:43
46253 web 2026-03-08 15:34:37

Whois

No Whois record yet. The worker will fetch it when this IP is in the queue.