JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.217.140.18

85.217.140.18 was found in our database!

This IP was reported 8,047 times. Confidence of Abuse is 100%: ?

100%

ISP	NL MODAT
Usage Type	Commercial
ASN	AS209334
Hostname(s)	o318.scanner.modat.io
Domain Name	modat.io
Country	🇫🇷 France
City	Gravelines, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.217.140.18

Whois 85.217.140.18

IP Abuse Reports for 85.217.140.18:

This IP address has been reported a total of 8,047 times from 393 distinct sources. 85.217.140.18 was first reported on February 2nd 2026, and the most recent report was 14 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 LiftUp Hosting	2026-05-31 02:51:58 (4 days ago)	Honeypot hit: Unauthorized traffic (1 bytes of payload); 6611 [1], 10979 [1], 10998 [1] TCP	Port Scan
🇵🇱 sefinek.net	2026-05-31 02:33:34 (4 days ago)	Honeypot hit: Unauthorized traffic (3 bytes of payload); 10460 [1], 11117 [1], 11061 [1], 11062 [1], ... show more Honeypot hit: Unauthorized traffic (3 bytes of payload); 10460 [1], 11117 [1], 11061 [1], 11062 [1], 6225 [1], 6769 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇯🇵 mkaraki	2026-05-31 02:10:50 (4 days ago)	1780193449 # Service_probe # SIGNATURE_SEND # source_ip:85.217.140.18 # dst_port:2710 ...	Port Scan
🇳🇱 donarev419	2026-05-31 01:58:23 (4 days ago)	Connection to port 10789 with data transfer. Data preview: SSH-2.0-Go	Port Scan Hacking
🇳🇱 ByeByte API	2026-05-30 22:16:42 (4 days ago)	Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 10044, 10652, 11577, 1240 ... show more Port scan from this IP. Firewall dropped every packet. Targeted TCP ports: 10044, 10652, 11577, 12403, 17047, 20663, 22314, 2383. Activity window: 2026-05-24 08:44 UTC to 2026-05-30 22:16 UTC. show less	Port Scan
🇺🇸 podril1ak2.ru	2026-05-30 22:16:31 (4 days ago)	Blocked by UFW on reporterUS [17047/tcp] \| SPT: 50895 \| TTL: 52 \| LEN: 52 \| TOS: 0x00 • Reported by: ... show more Blocked by UFW on reporterUS [17047/tcp] \| SPT: 50895 \| TTL: 52 \| LEN: 52 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇭🇰 PingMeMaybe	2026-05-30 22:16:13 (4 days ago)	Blocked by UFW on hk [51540/tcp] Source port: 58930 TTL: 47 Packet length: 52 TOS: 0x00 This report ... show more Blocked by UFW on hk [51540/tcp] Source port: 58930 TTL: 47 Packet length: 52 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 mutebot.net	2026-05-30 22:16:12 (4 days ago)	SRC=85.217.140.18, PROTO=TCP, SPT=37546, DPT=51540	Port Scan
🇬🇧 gbzret4d	2026-05-30 20:45:53 (4 days ago)	Honeypot [uk-production01]: Unauthorized traffic (1 bytes of payload); 10952 [1], 11018 [1], 10986 [ ... show more Honeypot [uk-production01]: Unauthorized traffic (1 bytes of payload); 10952 [1], 11018 [1], 10986 [1] TCP show less	Port Scan
🇦🇺 LiftUp Hosting	2026-05-30 20:33:58 (4 days ago)	Honeypot hit: Unauthorized traffic (1 bytes of payload); 10105 [1] TCP	Port Scan
🇩🇪 2048	2026-05-30 19:36:10 (4 days ago)	2026-05-30T21:34:54.382675+02:00 machodeer kernel: [2877612.319171] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-30T21:34:54.382675+02:00 machodeer kernel: [2877612.319171] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.18 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=4917 PROTO=TCP SPT=57567 DPT=15243 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-30T21:35:15.281978+02:00 machodeer kernel: [2877633.218484] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.18 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=17586 PROTO=TCP SPT=40019 DPT=17968 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-30T21:36:09.693099+02:00 machodeer kernel: [2877687.630198] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.18 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=53469 PROTO=TCP SPT=40469 DPT=17340 WINDOW=65535 RES=0x00 SYN URGP=0 show less	Port Scan
Anonymous	2026-05-30 19:20:50 (4 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/postfix-spam	Web App Attack Brute-Force
🇵🇱 sefinek.net	2026-05-30 18:45:36 (4 days ago)	Honeypot hit: Unauthorized traffic (1 bytes of payload); 10940 [1] TCP Reported by: https://github.c ... show more Honeypot hit: Unauthorized traffic (1 bytes of payload); 10940 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-05-30 18:18:50 (4 days ago)	Honeypot hit: SSH handshake/banner (12 bytes of payload); 27005 [1] TCP	Brute-Force SSH
🇩🇪 Justin F. \| AS204464	2026-05-30 17:46:34 (4 days ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 10155 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 10155 [1] TCP Reported by: Justin F. show less	Port Scan

Showing 106 to 120 of 8047 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 200.127.62.32

🇨🇴 186.179.100.0

🇭🇰 185.239.84.249

🇩🇪 164.92.244.132

🇳🇱 77.83.39.94

🇩🇪 64.226.65.160

🇺🇸 64.207.225.55

🇨🇳 49.112.136.3

🇺🇸 18.226.72.170

🇭🇰 8.210.88.252

🇺🇸 2602:80d:1008::23

🇰🇷 220.126.215.120

🇮🇶 212.237.122.106

🇨🇳 180.188.45.179

🇦🇫 180.94.74.82

🇧🇷 177.76.134.111

🇵🇰 121.52.147.5

🇷🇺 95.165.142.8

🇷🇺 94.25.40.30

🇷🇺 81.22.51.64