JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 85.217.140.44

85.217.140.44 was found in our database!

This IP was reported 6,800 times. Confidence of Abuse is 100%: ?

100%

ISP	NL MODAT
Usage Type	Commercial
ASN	AS209334
Hostname(s)	o343.scanner.modat.io
Domain Name	modat.io
Country	🇫🇷 France
City	Gravelines, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 85.217.140.44

Whois 85.217.140.44

IP Abuse Reports for 85.217.140.44:

This IP address has been reported a total of 6,800 times from 362 distinct sources. 85.217.140.44 was first reported on March 4th 2026, and the most recent report was 46 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 2048	2026-05-30 23:04:18 (3 days ago)	2026-05-31T01:03:40.835941+02:00 machodeer kernel: [2890138.836992] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-31T01:03:40.835941+02:00 machodeer kernel: [2890138.836992] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=47231 PROTO=TCP SPT=42921 DPT=48192 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-31T01:04:01.629495+02:00 machodeer kernel: [2890159.630762] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=50 ID=38103 PROTO=TCP SPT=46724 DPT=54901 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-31T01:04:17.530377+02:00 machodeer kernel: [2890175.531702] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=28986 PROTO=TCP SPT=35540 DPT=24938 WINDOW=65535 RES=0x00 SYN URGP=0 show less	Port Scan
Anonymous	2026-05-30 22:33:25 (4 days ago)	Kept connecting and disconnecting without issuing any commands	DDoS Attack
🇺🇸 shabi	2026-05-30 22:02:49 (4 days ago)	UFW Blocked [39053/TCP] Source: 85.217.140.44:49994 TTL: 53 Lenth: 52 TOS: 0x00	Port Scan
🇺🇸 mutebot.net	2026-05-30 22:02:23 (4 days ago)	SRC=85.217.140.44, PROTO=TCP, SPT=43428, DPT=52119	Port Scan
🇩🇪 2048	2026-05-30 19:55:26 (4 days ago)	2026-05-30T21:54:26.719227+02:00 machodeer kernel: [2878784.660624] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-30T21:54:26.719227+02:00 machodeer kernel: [2878784.660624] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=54873 PROTO=TCP SPT=59779 DPT=48985 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-30T21:54:37.126276+02:00 machodeer kernel: [2878795.067715] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=23770 PROTO=TCP SPT=44892 DPT=60448 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-30T21:55:24.971728+02:00 machodeer kernel: [2878842.913393] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=51 ID=9423 PROTO=TCP SPT=52667 DPT=32028 WINDOW=65535 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 www.fransveldman.world	2026-05-30 19:28:32 (4 days ago)	May 30 19:28:31 mail postfix/smtps/smtpd[3339260]: lost connection after CONNECT from o343.scanner.m ... show more May 30 19:28:31 mail postfix/smtps/smtpd[3339260]: lost connection after CONNECT from o343.scanner.modat.io[85.217.140.44] May 30 19:28:31 mail postfix/smtps/smtpd[3339260]: lost connection after CONNECT from o343.scanner.modat.io[85.217.140.44] ... show less	Brute-Force Email Spam
🇳🇴 tmiland	2026-05-30 19:27:25 (4 days ago)	Suricata Detected 28 attacks from 85.217.140.44.; GPL DNS named version attempt; IP: 85.217.140.44; ... show more Suricata Detected 28 attacks from 85.217.140.44.; GPL DNS named version attempt; IP: 85.217.140.44; Ports: 38553; Direction: to_server; Trigger: DNS; Category: Attempted Information Leak; Severity: 2 show less	Brute-Force
🇵🇱 sefinek.net	2026-05-30 18:39:37 (4 days ago)	Honeypot hit: Unauthorized traffic (243 bytes of payload); 6572 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (243 bytes of payload); 6572 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇬🇧 gbzret4d	2026-05-30 17:03:52 (4 days ago)	Honeypot [uk-production01]: Unauthorized traffic (3 bytes of payload); 20076 [1], 19411 [1], 20049 [ ... show more Honeypot [uk-production01]: Unauthorized traffic (3 bytes of payload); 20076 [1], 19411 [1], 20049 [1] TCP show less	Port Scan
🇩🇪 2048	2026-05-30 17:01:41 (4 days ago)	2026-05-30T19:01:08.695308+02:00 machodeer kernel: [2868386.595383] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-30T19:01:08.695308+02:00 machodeer kernel: [2868386.595383] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=23851 PROTO=TCP SPT=34455 DPT=146 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-30T19:01:22.721651+02:00 machodeer kernel: [2868400.621820] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=52 ID=8075 PROTO=TCP SPT=43411 DPT=11803 WINDOW=65535 RES=0x00 SYN URGP=0 2026-05-30T19:01:40.112981+02:00 machodeer kernel: [2868418.010453] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=85.217.140.44 DST=REDACTED LEN=52 TOS=0x00 PREC=0x00 TTL=49 ID=47852 PROTO=TCP SPT=42018 DPT=378 WINDOW=65535 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 dispaisyenterprises	2026-05-30 16:42:08 (4 days ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (19 bytes of payload); 5855 [1], 6625 [1], 8511 [1] ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (19 bytes of payload); 5855 [1], 6625 [1], 8511 [1], 4133 [1], 8575 [1], 16162 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-30 16:40:35 (4 days ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (3 bytes of payload); 5819 [1], 5813 [1], 5935 [1 ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (3 bytes of payload); 5819 [1], 5813 [1], 5935 [1], 2648 [1], 5957 [1], 5855 [1] TCP Reported by: Justin F. show less	Port Scan
🇦🇺 LiftUp Hosting	2026-05-30 16:40:05 (4 days ago)	Honeypot hit: Unauthorized traffic (19 bytes of payload); 9934 [1], 9819 [1], 24444 [1] TCP	Port Scan
🇺🇸 podril1ak2.ru	2026-05-30 13:49:15 (4 days ago)	Blocked by UFW on reporterUS [34173/tcp] \| SPT: 34081 \| TTL: 53 \| LEN: 52 \| TOS: 0x00 • Reported by: ... show more Blocked by UFW on reporterUS [34173/tcp] \| SPT: 34081 \| TTL: 53 \| LEN: 52 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇭🇰 PingMeMaybe	2026-05-30 13:17:40 (4 days ago)	Blocked by UFW on hk [36247/tcp] Source port: 37222 TTL: 48 Packet length: 52 TOS: 0x00 This report ... show more Blocked by UFW on hk [36247/tcp] Source port: 37222 TTL: 48 Packet length: 52 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 91 to 105 of 6800 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 109.122.196.113

🇩🇪 213.209.159.158

🇱🇹 195.12.191.130

🇳🇱 176.65.139.130

🇺🇸 142.248.80.245

🇫🇷 91.196.152.177

🇫🇷 88.138.20.172

🇸🇬 47.128.112.216

🇳🇱 45.148.10.152

🇨🇳 42.193.139.14

🇺🇸 172.202.118.47

🇩🇪 172.71.164.53

🇺🇸 162.243.147.237

🇮🇳 136.232.157.230

🇩🇪 43.228.157.229

🇻🇳 14.177.234.24

🇨🇳 14.103.116.87

🇺🇿 185.203.236.212

🇸🇬 152.32.218.244

🇵🇭 138.84.127.67