JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.217.140.25

85.217.140.25 was found in our database!

This IP was reported 5,606 times. Confidence of Abuse is 100%: ?

100%

ISP	NL MODAT
Usage Type	Commercial
ASN	AS209334
Hostname(s)	o324.scanner.modat.io
Domain Name	modat.io
Country	🇫🇷 France
City	Gravelines, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.217.140.25

Whois 85.217.140.25

IP Abuse Reports for 85.217.140.25:

This IP address has been reported a total of 5,606 times from 347 distinct sources. 85.217.140.25 was first reported on February 10th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 gbzret4d	2026-06-05 09:57:51 (2 hours ago)	Honeypot [uk-production01]: Empty payload (likely service probe); 8209 [1], 8141 [1] TCP	Port Scan
🇲🇹 neilcaruana	2026-06-05 09:21:25 (3 hours ago)	Sentinel detected an attack on port [11134]	Hacking
🇦🇺 LiftUp Hosting	2026-06-05 07:09:57 (5 hours ago)	Honeypot hit: Unauthorized traffic (1 bytes of payload); 8310 [1], 50063 [1], 50054 [1], 50082 [1] T ... show more Honeypot hit: Unauthorized traffic (1 bytes of payload); 8310 [1], 50063 [1], 50054 [1], 50082 [1] TCP show less	Port Scan
🇺🇸 mutebot.net	2026-06-05 05:54:07 (6 hours ago)	SRC=85.217.140.25, PROTO=TCP, SPT=46221, DPT=24954	Port Scan
🇲🇳 Public CSIRT/CC of Mongolia	2026-06-05 03:28:50 (8 hours ago)	Honeypot hit: Unauthorized traffic (19 bytes of payload); 44500 [1] TCP	Port Scan
🇭🇰 pengpeng	2026-06-05 02:42:39 (9 hours ago)	monitor: on ser162528253480 \| port: 39385 \| ttl: 43 script: github.com/sefinek/UFW-AbuseIPDB-Report ... show more monitor: on ser162528253480 \| port: 39385 \| ttl: 43 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 ✨	2026-06-05 02:39:07 (9 hours ago)	Rule : FTP 2026-06-05 02:32:13 85.217.140.25 - *hidden-privacy* 21 HELO - 500 87 0 56 6 0 b4fd2b ... show more Rule : FTP 2026-06-05 02:32:13 85.217.140.25 - *hidden-privacy* 21 HELO - 500 87 0 56 6 0 b4fd2bad-fe32-4611-8e71-552b618522c5 - show less	FTP Brute-Force
🇳🇱 COMPLEX	2026-06-05 02:33:42 (9 hours ago)	Unsolicited TCP traffic \| Action: DROP \| Port 24099	Brute-Force
🇩🇪 dispaisyenterprises	2026-06-05 02:06:00 (10 hours ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (1 bytes of payload); 50556 [1], 50516 [1], 50460 [ ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (1 bytes of payload); 50556 [1], 50516 [1], 50460 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-05 02:04:43 (10 hours ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 50555 [1], 50501 [1], 50583 ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (1 bytes of payload); 50555 [1], 50501 [1], 50583 [1], 50473 [1] TCP Reported by: Justin F. show less	Port Scan
🇭🇰 pengpeng	2026-06-05 01:27:08 (10 hours ago)	monitor: on ser162528253480 \| port: 3746 \| ttl: 46 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on ser162528253480 \| port: 3746 \| ttl: 46 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 wiredalter	2026-06-05 01:25:17 (10 hours ago)	Blocked by UFW on dVPS [19709/tcp] Source Port: 40764 TTL: 54 Packet Length: 52 TOS: 0x00 Analyzed ... show more Blocked by UFW on dVPS [19709/tcp] Source Port: 40764 TTL: 54 Packet Length: 52 TOS: 0x00 Analyzed by https://ip.wiredalter.com show less	Port Scan Brute-Force
🇳🇱 COMPLEX	2026-06-05 01:24:16 (10 hours ago)	Unsolicited TCP traffic \| Action: DROP \| Port 35402	Brute-Force
🇳🇱 donarev419	2026-06-05 00:25:05 (11 hours ago)	Connection to port 4436 with data transfer. Data preview:	Port Scan Hacking
🇺🇸 shabi	2026-06-04 23:27:10 (12 hours ago)	UFW Blocked [800/TCP] Source: 85.217.140.25:35599 TTL: 51 Lenth: 52 TOS: 0x00	Port Scan

Showing 1 to 15 of 5606 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.233.182.39

🇵🇱 195.164.49.144

🇵🇱 188.212.135.45

🇨🇳 183.31.11.139

🇫🇷 173.249.0.223

🇺🇸 165.154.173.20

🇭🇰 103.106.188.32

🇮🇳 103.24.63.85

🇺🇦 91.221.179.36

🇺🇸 63.42.245.167

🇧🇷 189.50.142.82

🇵🇱 188.212.135.28

🇺🇸 162.216.150.71

🇫🇮 147.185.133.231

🇧🇷 129.121.33.174

🇻🇳 103.130.213.223

🇭🇰 103.43.8.71

🇺🇸 17.132.79.6

🇸🇦 5.163.240.14

🇺🇸 162.240.150.48