JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.217.140.19

85.217.140.19 was found in our database!

This IP was reported 7,900 times. Confidence of Abuse is 100%: ?

100%

ISP	NL MODAT
Usage Type	Commercial
ASN	AS209334
Hostname(s)	o319.scanner.modat.io
Domain Name	modat.io
Country	🇫🇷 France
City	Gravelines, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.217.140.19

Whois 85.217.140.19

IP Abuse Reports for 85.217.140.19:

This IP address has been reported a total of 7,900 times from 388 distinct sources. 85.217.140.19 was first reported on February 2nd 2026, and the most recent report was 40 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 donarev419	2026-06-05 06:35:50 (40 minutes ago)	Connection to port 8587 with data transfer. Data preview:	Port Scan Hacking
🇫🇷 SiyCah	2026-06-05 06:00:16 (1 hour ago)	85.217.140.19 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time ... show more 85.217.140.19 fell into Endlessh tarpit; 0/1 total connections are currently still open. Total time wasted: 3s. Total bytes sent by tarpit: 294B. Report generated by Endlessh Report Generator v1.2.3 show less	Brute-Force Port Scan SSH Hacking
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-05 03:56:01 (3 hours ago)	Honeypot hit: SSH handshake/banner (12 bytes of payload); 12517 [1] TCP	Brute-Force SSH
🇲🇹 neilcaruana	2026-06-05 03:32:21 (3 hours ago)	Sentinel detected an attack on port [12282]	Hacking
🇭🇰 pengpeng	2026-06-05 02:38:38 (4 hours ago)	monitor: on ser162528253480 \| port: 36750 \| ttl: 127 script: github.com/sefinek/UFW-AbuseIPDB-Repor ... show more monitor: on ser162528253480 \| port: 36750 \| ttl: 127 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 COMPLEX	2026-06-05 02:32:55 (4 hours ago)	Unsolicited TCP traffic \| Action: DROP \| Port 53202	Brute-Force
🇫🇷 ✨	2026-06-05 01:08:08 (6 hours ago)	Rule : FTP IP in black list	FTP Brute-Force
🇳🇱 donarev419	2026-06-05 00:21:48 (6 hours ago)	Connection to port 8430 with data transfer. Data preview: SSH-2.0-Go	Port Scan Hacking
🇭🇰 PingMeMaybe	2026-06-04 23:29:59 (7 hours ago)	Blocked by UFW on hk [61865/tcp] Source port: 52535 TTL: 48 Packet length: 52 TOS: 0x00 This report ... show more Blocked by UFW on hk [61865/tcp] Source port: 52535 TTL: 48 Packet length: 52 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇹 abuseiphack	2026-06-04 23:19:52 (7 hours ago)	Automatic report for brute force attack	Brute-Force
🇩🇪 eskilbrun	2026-06-04 23:19:40 (7 hours ago)	2026-06-05T01:19:38.578784+02:00 linode1.eskil.net dovecot[861]: imap-login: Disconnected: Connectio ... show more 2026-06-05T01:19:38.578784+02:00 linode1.eskil.net dovecot[861]: imap-login: Disconnected: Connection closed (no auth attempts in 0 secs): user=<>, rip=85.217.140.19, lip=194.195.241.187, TLS: Connection closed, session=<22gzx3VTPNtV2YwT> 2026-06-05T01:19:39.587192+02:00 linode1.eskil.net dovecot[861]: imap-login: Disconnected: Connection closed: read(size=597) failed: Connection reset by peer (no auth attempts in 0 secs): user=<>, rip=85.217.140.19, lip=194.195.241.187, TLS handshaking: read(size=597) failed: Connection reset by peer, session=<Es5Cx3VTTNtV2YwT> 2026-06-05T01:19:39.614473+02:00 linode1.eskil.net dovecot[861]: imap-login: Disconnected: Connection closed: read(size=597) failed: Connection reset by peer (no auth attempts in 0 secs): user=<>, rip=85.217.140.19, lip=194.195.241.187, TLS handshaking: read(size=597) failed: Connection reset by peer, session=<wjhDx3VTUNtV2YwT> ... show less	Brute-Force
🇨🇭 ScanThe.Net	2026-06-04 22:07:01 (9 hours ago)	ID: 3867896467 \| PORT: 14864 \| https://85-217-140-19.scanthe.net	Port Scan
🇺🇸 mutebot.net	2026-06-04 20:47:26 (10 hours ago)	SRC=85.217.140.19, PROTO=TCP, SPT=43878, DPT=17324	Port Scan
🇩🇪 Mailguard-FRD	2026-06-04 20:07:39 (11 hours ago)	Jun 4 22:07:38 [redacted] dovecot: managesieve-login: Disconnected (no auth attempts in 0 secs): us ... show more Jun 4 22:07:38 [redacted] dovecot: managesieve-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=85.217.140.19, lip=[redacted], session=<9UiNGHNTWMlV2YwT> ... show less	Email Spam Brute-Force
🇺🇦 llighthunter	2026-06-04 18:59:51 (12 hours ago)	Jun 4 21:59:47 mail dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=85 ... show more Jun 4 21:59:47 mail dovecot: imap-login: Disconnected (no auth attempts in 1 secs): user=<>, rip=85.217.140.19, lip=192.168.1.80, TLS: Connection closed, session=<Te7iJXJT7NJV2YwT> Jun 4 21:59:48 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=85.217.140.19, lip=192.168.1.80, TLS handshaking: read(size=598) failed: Connection reset by peer, session=<0QTzJXJT+tJV2YwT> Jun 4 21:59:48 mail dovecot: imap-login: Disconnected (no auth attempts in 0 secs): user=<>, rip=85.217.140.19, lip=192.168.1.80, TLS handshaking: read(size=598) failed: Connection reset by peer, session=<TQD3JXJTBNNV2YwT> show less	Port Scan Hacking Spoofing

Showing 1 to 15 of 7900 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 202.71.141.170

🇪🇹 196.191.61.63

🇳🇱 185.242.226.8

🇺🇸 207.90.244.18

🇨🇴 191.95.146.173

🇺🇸 173.239.218.181

🇺🇸 162.216.149.90

🇨🇳 124.72.224.202

🇺🇸 47.77.176.155

🇩🇪 35.234.70.8

🇺🇸 24.60.241.40

🇺🇸 12.156.67.18

🇺🇸 209.90.232.26

🇺🇸 205.209.118.37

🇺🇸 162.216.149.225

🇮🇳 119.18.62.91

🇨🇳 118.145.245.82

🇨🇳 103.217.186.236

🇬🇷 94.71.169.178

🇺🇸 66.132.186.240