Showing current intelligence for this indicator.

IP Information for 85.217.149.38

Location Beauharnois, 🇨🇦 Canada
ASN AS209334 — MODAT-01, NL
BGP Prefix 85.217.149.0/24
Registry ripencc
IP Address 85.217.149.38

IOC Matches

ID Type Tag Source Last seen Comments
133251 IP honeypot 4 2026-05-21 09:19:48
  • 2026-05-21: Observed 3 times. Targeted ports: 263. Country: Bulgaria.
  • 2026-05-20: Observed 3 times. Targeted ports: 949. Country: Canada. Reputation: known attacker.
  • 2026-05-19: Observed 7 times. Targeted ports: 2484. Country: Canada.
  • 2026-05-18: Observed 6 times. Targeted ports: 335, 841. Country: Canada. Reputation: known attacker.
  • 2026-05-17: Observed 4 times. Targeted ports: 1018, 51227. Country: Canada.
  • 2026-05-16: Observed 8 times. Targeted ports: 104. Country: Canada. Reputation: known attacker.
  • 2026-05-15: Observed 3 times. Targeted ports: 242. Country: Bulgaria.
  • 2026-05-14: Observed 3 times. Targeted ports: 521. Country: Canada. Reputation: known attacker.
  • 2026-05-13: Observed 31 times. Targeted ports: 1125, 1129, 1135, 1140. Country: Canada. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM spurious retransmission.
  • 2026-05-12: Observed 36 times. Targeted ports: 1212, 1247, 1264, 1290, 1300. Country: Canada.
  • 2026-05-11: Observed 73 times. Targeted ports: 370, 1684, 1687, 1690, 1698, 1700, 1701, 1704. Country: Canada. Alert categories: Misc activity. Signatures: ET INFO SSH session in progress on Unusual Port.
  • 2026-05-10: Observed 52 times. Targeted ports: 1430, 1451, 1459, 1478, 1479. Country: Canada. Reputation: known attacker. Alert categories: Generic Protocol Command Decode. Signatures: SURICATA STREAM ESTABLISHED SYN resend with different seq.
  • 2026-05-09: Observed 9 times. Targeted ports: 376, 506, 902. Country: Canada.
  • 2026-05-08: Observed 10 times. Targeted ports: 724, 834, 855. Country: Canada. Reputation: known attacker.
  • 2026-05-07: Observed 3 times. Targeted ports: 34. Country: Canada. Reputation: known attacker.
  • 2026-05-06: Observed 3 times. Targeted ports: 583. Country: Canada. Reputation: known attacker.
  • 2026-05-05: Observed 102 times. Targeted ports: 677, 1208, 1210, 1229, 1236, 1247, 1261, 1307, 1318, 1323, 1352, 1378, 1383, 1402. Country: Canada. Reputation: known attacker.
  • 2026-05-04: Observed 4 times. Targeted ports: 12917. Country: Canada. Reputation: known attacker. Alert categories: Misc Attack. Signatures: ET CINS Active Threat Intelligence Poor Reputation IP group 126.
  • 2026-05-03: Observed 3 times. Targeted ports: 179. Country: Canada. Reputation: known attacker.
  • 2026-05-02: Observed 6 times. Targeted ports: 629, 930. Country: Canada.
  • 2026-05-01: Observed 2 times. Targeted ports: 64305. Country: Canada.
  • 2026-04-30: Observed 3 times. Targeted ports: 841. Country: Canada.
  • 2026-04-29: Observed 157 times. Targeted ports: 1043, 1766, 1768, 1770, 1776, 1780, 1792, 1806, 1807, 1815, 1842, 1845, 1854, 1856, 1869, 1882, 1886, 1892, 1898, 1901, 1907, 1912, 1920, 1931, 1939, 1941, 1942. Country: Canada.
  • 2026-04-28: Observed 7 times. Targeted ports: 1944. Country: Canada.
  • 2026-04-27: Observed 3 times. Targeted ports: 683. Country: Canada.
  • 2026-04-26: Observed 81 times. Targeted ports: 16858, 18192, 28096, 35973, 35979, 43328, 43346, 45598, 53836, 53888, 58391. Country: Canada.
  • 2026-04-23: Observed 3 times. Targeted ports: 242. Country: Canada.
  • 2026-04-22: Observed 3 times. Targeted ports: 119. Country: Canada.
  • 2026-04-21: Observed 9 times. Targeted ports: 785, 12332. Country: Canada.
  • 2026-04-10: Observed 3 times. Targeted ports: 330. Country: Canada. Reputation: known attacker.
  • 2026-03-27: Observed 15 times. Targeted ports: 1040, 1234. Country: Canada.
  • 2026-03-23: Observed 78 times. Targeted ports: 5086, 5087, 5097, 5099, 5192, 5194, 5210, 5212, 5214, 5455, 5684. Country: Canada. Reputation: known attacker.
  • 2026-03-21: Observed 8 times. Targeted ports: 2250. Country: Bulgaria.
  • 2026-03-19: Observed 39 times. Targeted ports: 32634, 50660, 54398. Country: Bulgaria.
  • 2026-03-18: Observed 36 times. Targeted ports: 29, 120, 203, 253, 279, 375, 449, 539, 607, 632, 842, 9022. Country: Canada. Reputation: known attacker.
  • 2026-03-16: Observed 47 times. Targeted ports: 1999, 2009, 2055, 2085, 2098, 2112. Country: Bulgaria.
  • 2026-03-15: Observed 9 times. Targeted ports: 1025. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-14: Observed 92 times. Targeted ports: 11362, 15165, 17875, 20634, 22237, 24072, 31302, 31486, 32229, 35360, 46435, 49249. Country: Bulgaria. Reputation: known attacker.
  • 2026-03-13: Observed 9 times. Targeted ports: 424, 9141. Country: Canada.
  • 2026-03-12: Observed 5 times. Targeted ports: 62937. Country: Canada. Reputation: known attacker.
  • 2026-03-10: Observed 8 times. Targeted ports: 8474. Country: Canada. Reputation: known attacker.
  • 2026-03-09: Observed 17 times. Targeted ports: 537, 544, 581, 662, 896, 10347. Country: Canada. Reputation: known attacker.
  • 2026-03-08: Observed 53 times. Targeted ports: 4738, 4802, 4867, 4871, 5425, 5439, 5471. Country: Bulgaria.
  • 2026-03-05: Observed 3 times. Targeted ports: 65273. Country: Canada. Reputation: known attacker.
  • 2026-03-04: Observed 36 times. Targeted ports: 1039, 1357, 1380, 1428, 1432. Country: Canada. Reputation: known attacker.

URLs on this IP

No URLs found for this IP.

Passive DNS

No pDNS records found for 85.217.149.38.

Search History

ID Source Last seen
59868 web 2026-05-21 09:28:44
55656 web 2026-05-06 13:42:33

Whois

No Whois record yet. The worker will fetch it when this IP is in the queue.