IP Address

85.217.140.4

IPv4 Public
FR FR
AS209334
Modat B.V.
531 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
77% Confidence
531 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
FR
FR Location
Modat B.V. ASN 209334
531 Reports
Honeypot Data Source

High Risk

IP address 85.217.140.4 is a high-risk address based in France with a threat level of 8 out of 10, linked primarily to active hacking activity including unauthorized access attempts and exploitation of vulnerable services. This IP has accumulated 513 total abuse reports with an activity frequency rated at 8 out of 10, indicating persistent and aggressive behavior over its observed operational window between January and June 2026.

Detection data shows 513 reports attributed to this single address, with the dominant threat category being general hacking activity as reported by 20 distinct automated honeypot sensors deployed across the threat intelligence network. The network is operated by Modat B.V. under ASN AS209334, and the observed attack patterns include SSH sessions initiated on non-standard ports, a technique frequently employed by threat actors to evade detection by conventional security monitoring tools that focus only on default service ports.

Hacking activity encompasses a broad range of intrusion techniques including vulnerability exploitation, brute-force attempts, and unauthorized access probing. The detection of SSH sessions on unusual ports specifically suggests this actor is attempting to establish persistent footholds while avoiding signature-based detection systems that expect standard port 22 traffic. With a confidence score of 78 percent, there is strong evidentiary support for this IP posing a genuine risk to any exposed services, particularly those with SSH, Telnet, or other remote-access protocols accessible from the internet.

Organizations should implement immediate defensive measures including blocking this IP address at the network perimeter firewall, deploying or strengthening fail2ban or equivalent rate-limiting solutions to throttle repeated connection attempts, and ensuring all internet-facing services run on non-standard ports where feasible alongside strong authentication requirements. Regular review of authentication logs for the source IP range and implementation of intrusion detection signatures for anomalous SSH behavior on unusual ports will further reduce exposure to this threat actor.

More threatening than 80% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 3 weeks indicates persistent threat actor operations.

First Observed 17. May 2026
Last Activity 13. June 2026
Recent (7 days) 9 incidents

Reputable Network

This IP is hosted on a network (ASN 209334) with generally good reputation. The ISP Modat B.V. maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 77% Verified

Confidence History

25. May 2026 - 13. Jun 2026
77% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 531 shown

Technical Details

Basic Information

IP Address
85.217.140.4
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
FR FR
ASN
AS209334
ISP
Modat B.V.

DNS Information

Reverse DNS
o304.scanner.modat.io
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
531
First Reported
20 Jan 2026
Last Reported
13 Jun 2026, 00:02

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS209334
Modat B.V.
CA CA

Network Threat Assessment

0/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

124
Total IPs Monitored
9,136
Total Reports
73.7
Reports per IP

Network Context

This IP address belongs to Modat B.V. (AS209334), which manages 124 IP addresses in our monitoring system. Out of these, 9,136 have been reported for suspicious activities, resulting in a network-wide threat level of 0/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

80 %

Global Threat Ranking

This IP is more threatening than 80% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 209,101 reported IPs worldwide

Threat Level 8/10 avg: 5.4 +
Total Reports 531 avg: 22 ++

Network Comparison

Compared against 124 IPs in ASN 209334

Threat Level 8/10 network avg: 9.6 -
Total Reports 531 network avg: 144 ++
Network Modat B.V. has overall threat level 0/10

Geographic Comparison

Compared against 4,225 IPs in FR

Threat Level 8/10 country avg: 5.9 +
Total Reports 531 country avg: 31 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

196,134 threat incidents tracked globally • Last 24h: 17,485 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    40,101 20.4%
  2. 02
    IN
    India IN
    31,292 16%
  3. 03
    CN
    China CN
    26,714 13.6%
  4. 04
    BR
    Brazil BR
    10,642 5.4%
  5. 05
    DE
    Germany DE
    7,421 3.8%
  6. 06
    SG
    Singapore SG
    6,672 3.4%
  7. 07
    ID
    Indonesia ID
    5,835 3%
  8. 08
    PK
    Pakistan PK
    5,071 2.6%
  9. 09
    RU
    Russia RU
    5,011 2.6%
  10. 10
    NL
    Netherlands NL
    4,563 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
8.3/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
85.217.140.12 8/10
Confidence 96%
Reports 160
Location FR FR
13 Jun 2026
85.217.149.7 8/10
Confidence 96%
Reports 135
Location CA CA
13 Jun 2026
85.217.149.5 8/10
Confidence 96%
Reports 133
Location CA CA
13 Jun 2026
85.217.140.11 8/10
Confidence 96%
Reports 124
Location FR FR
12 Jun 2026
85.217.140.10 8/10
Confidence 96%
Reports 122
Location FR FR
13 Jun 2026
85.217.149.15 8/10
Confidence 96%
Reports 114
Location CA CA
13 Jun 2026
85.217.140.28 8/10
Confidence 96%
Reports 112
Location FR FR
10 Jun 2026
85.217.140.33 8/10
Confidence 96%
Reports 111
Location FR FR
12 Jun 2026
85.217.140.19 8/10
Confidence 96%
Reports 106
Location FR FR
13 Jun 2026
85.217.149.44 8/10
Confidence 96%
Reports 103
Location CA CA
13 Jun 2026
85.217.149.32 8/10
Confidence 96%
Reports 102
Location CA CA
13 Jun 2026
85.217.149.11 8/10
Confidence 96%
Reports 100
Location CA CA
13 Jun 2026
85.217.140.26 8/10
Confidence 96%
Reports 95
Location FR FR
13 Jun 2026
85.217.140.31 8/10
Confidence 96%
Reports 91
Location FR FR
12 Jun 2026
85.217.149.28 8/10
Confidence 96%
Reports 84
Location CA CA
11 Jun 2026
85.217.140.29 8/10
Confidence 96%
Reports 84
Location FR FR
13 Jun 2026
85.217.140.25 8/10
Confidence 96%
Reports 67
Location FR FR
13 Jun 2026
85.217.140.51 10/10
Confidence 94%
Reports 139
Location FR FR
13 Jun 2026
85.217.140.15 10/10
Confidence 94%
Reports 138
Location FR FR
13 Jun 2026
85.217.140.9 10/10
Confidence 94%
Reports 137
Location FR FR
12 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
85.217.140.12 8/10
Confidence 96%
Reports 160
Location FR FR
13 Jun 2026
85.217.140.11 8/10
Confidence 96%
Reports 124
Location FR FR
12 Jun 2026
85.217.140.10 8/10
Confidence 96%
Reports 122
Location FR FR
13 Jun 2026
85.217.140.28 8/10
Confidence 96%
Reports 112
Location FR FR
10 Jun 2026
85.217.140.33 8/10
Confidence 96%
Reports 111
Location FR FR
12 Jun 2026
85.217.140.19 8/10
Confidence 96%
Reports 106
Location FR FR
13 Jun 2026
85.217.140.26 8/10
Confidence 96%
Reports 95
Location FR FR
13 Jun 2026
85.217.140.31 8/10
Confidence 96%
Reports 91
Location FR FR
12 Jun 2026
85.217.140.29 8/10
Confidence 96%
Reports 84
Location FR FR
13 Jun 2026
85.217.140.25 8/10
Confidence 96%
Reports 67
Location FR FR
13 Jun 2026
85.217.140.51 10/10
Confidence 94%
Reports 139
Location FR FR
13 Jun 2026
85.217.140.15 10/10
Confidence 94%
Reports 138
Location FR FR
13 Jun 2026
85.217.140.9 10/10
Confidence 94%
Reports 137
Location FR FR
12 Jun 2026
85.217.140.45 10/10
Confidence 94%
Reports 131
Location FR FR
13 Jun 2026
85.217.140.41 10/10
Confidence 94%
Reports 130
Location FR FR
13 Jun 2026
85.217.140.30 10/10
Confidence 94%
Reports 130
Location FR FR
13 Jun 2026
85.217.140.42 10/10
Confidence 94%
Reports 126
Location FR FR
12 Jun 2026
85.217.140.53 10/10
Confidence 94%
Reports 126
Location FR FR
13 Jun 2026
85.217.140.48 10/10
Confidence 94%
Reports 125
Location FR FR
12 Jun 2026
85.217.140.46 10/10
Confidence 94%
Reports 123
Location FR FR
12 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.7/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
92.205.109.21 8/10
Confidence 100%
Reports 287
ISP Host Europe GmbH
5 Jun 2026
82.196.25.136 8/10
Confidence 100%
Reports 228
ISP Free Pro SAS
1 Jun 2026
91.227.37.60 8/10
Confidence 100%
Reports 200
ISP Eurofiber Franc...
24 May 2026
163.172.31.86 10/10
Confidence 100%
Reports 138
ISP Scaleway SAS
28 May 2026
92.205.188.156 8/10
Confidence 100%
Reports 98
ISP Host Europe GmbH
3 Jun 2026
178.18.246.56 8/10
Confidence 100%
Reports 92
ISP Contabo GmbH
18 May 2026
194.163.139.224 10/10
Confidence 100%
Reports 90
ISP Contabo GmbH
13 Jun 2026
51.15.160.8 8/10
Confidence 100%
Reports 50
ISP Scaleway SAS
10 Jun 2026
87.106.29.151 10/10
Confidence 100%
Reports 50
ISP IONOS SE
8 Jun 2026
62.210.185.4 8/10
Confidence 100%
Reports 45
ISP Scaleway S.a.s.
13 Jun 2026
51.38.192.10 8/10
Confidence 100%
Reports 42
ISP OVH SAS
9 Jun 2026
46.105.28.235 10/10
Confidence 100%
Reports 41
ISP OVH SAS
11 Jun 2026
54.36.102.244 8/10
Confidence 100%
Reports 34
ISP OVH SAS
8 Jun 2026
84.247.129.9 8/10
Confidence 100%
Reports 31
ISP Contabo GmbH
30 May 2026
54.37.84.217 10/10
Confidence 100%
Reports 31
ISP OVH SAS
7 May 2026

IPs with similar threat level and confidence scores.

15 Related IPs
8.9/10 Avg Threat
77% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
207.90.244.20 8/10
Confidence 77%
Reports 20,418
Location US US
13 Jun 2026
64.23.161.101 8/10
Confidence 77%
Reports 14,809
Location US US
13 Jun 2026
164.92.106.15 8/10
Confidence 77%
Reports 14,763
Location US US
13 Jun 2026
64.62.197.92 8/10
Confidence 77%
Reports 1,828
Location US US
13 Jun 2026
65.49.20.68 8/10
Confidence 77%
Reports 1,091
Location US US
13 Jun 2026
202.125.94.71 10/10
Confidence 77%
Reports 799
Location ID ID
16 May 2026
79.137.123.148 10/10
Confidence 77%
Reports 765
Location FR FR
5 Dec 2025
45.144.212.240 8/10
Confidence 77%
Reports 645
Location UA UA
29 Jan 2026
34.58.124.191 10/10
Confidence 77%
Reports 645
Location US US
11 Jun 2026
85.217.140.3 8/10
Confidence 77%
Reports 555
Location FR FR
8 Jun 2026
87.120.191.124 10/10
Confidence 77%
Reports 547
Location US US
5 Dec 2025
213.209.143.65 10/10
Confidence 77%
Reports 543
Location DE DE
16 Dec 2025
92.118.39.30 10/10
Confidence 77%
Reports 479
Location RO RO
12 Apr 2026
207.46.224.84 10/10
Confidence 77%
Reports 414
Location SG SG
4 Feb 2026
94.100.132.100 7/10
Confidence 77%
Reports 367
Location DE DE
13 Jun 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "85.217.140.4",
    "threat_level": 8,
    "confidence_score": 77,
    "total_reports": 531,
    "country_code": "FR",
    "isp_name": "Modat B.V.",
    "asn": "209334",
    "first_reported": "2026-01-20 12:05:56",
    "last_reported": "2026-06-13 00:02:36",
    "exported_at": "2026-06-13T19:47:04+02:00",
    "source": "https://reportedip.de/ip/85.217.140.4/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses