IP Address

85.217.140.8

IPv4 Public
FR FR
AS209334
Modat B.V.
942 Reports
This IP is on the Blacklist High confidence threat - blocking recommended
8/10 Threat
75% Confidence
942 Reports

Threat Intelligence Analysis

AI-generated security assessment based on aggregated threat data

Above Average Risk
FR
FR Location
Modat B.V. ASN 209334
942 Reports
Honeypot Data Source

High Risk

IP 85.217.140.8 is a high-risk address originating from France that has been linked to 929 security reports and presents a significant and persistent threat, with a threat-level score of 8 out of 10 indicating serious malicious activity. The IP, routed through network operator Modat B.V. on ASN AS209334, was first reported in January 2026 and remains active through June 2026, demonstrating sustained engagement in hostile probing over a six-month window. Detection confidence stands at 75 percent, supported by 20 automated honeypot sensor reports that captured the address engaging in unauthorized intrusion activity. Activity frequency scores 8 out of 10, reflecting an aggressive and sustained pattern of operation rather than isolated opportunistic scanning.

The volume of abuse reports and the consistent detection across multiple honeypot sensors establish a clear pattern of malicious intent. Over the six-month reporting period, this single IP generated nearly one thousand incident submissions, placing it in the upper echelon of reported threat sources. The geographic origin in France and the professional network operator affiliation do not mitigate the apparent hostile activity; threat actors routinely operate from infrastructure that appears legitimate. The sustained nature of the reports, spanning half a year, indicates a deliberate and persistent campaign rather than transient compromise of an end-user machine.

The dominant threat category recorded against 85.217.140.8 is general hacking activity, specifically including indicators of unauthorized SSH sessions on unusual ports detected by network intrusion sensors. This pattern suggests the address is engaged in probing for exposed Secure Shell services running on non-standard port configurations, a common reconnaissance technique used to identify poorly secured remote-access infrastructure. Such activity serves as a precursor to credential brute-forcing, vulnerability exploitation or the establishment of covert persistence channels. Organizations with exposed SSH services face elevated risk from this class of automated intrusion tooling, particularly if default configurations or weak authentication mechanisms remain in place.

More threatening than 80% of monitored IPs

Threat Categories

Hacking 30

Technical Details

General hacking activity includes various intrusion attempts, exploitation of vulnerabilities, and unauthorized access attempts.

Recommended Mitigations

Keep systems patched, implement intrusion detection, and follow security best practices.

Behavioral Analysis

Activity Pattern: Consistent Activity

Steady malicious activity over 4 weeks indicates persistent threat actor operations.

First Observed 11. May 2026
Last Activity 8. June 2026
Recent (7 days) 13 incidents

Reputable Network

This IP is hosted on a network (ASN 209334) with generally good reputation. The ISP Modat B.V. maintains standard security practices.

The malicious activity may represent an isolated compromised system rather than systematic abuse.

Security Recommendations

Long-term blocking recommended.

This analysis is automatically generated from aggregated, anonymized threat intelligence data. No personal information is displayed or stored. Assessment accuracy depends on available data volume and diversity.

Reputation Summary

Threat Level 8/10 High
Critical
Activity Frequency 8/10 High
Confidence Score 75% High Confidence

Confidence History

23. May 2026 - 8. Jun 2026
75% Current
Stable Trend

The confidence score shows the reliability of the threat assessment based on the number and quality of reports.

Security Reports (30)

Date Categories Source Confidence
New Hacking Honeypot 75%
New Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
Hacking Honeypot 75%
10 of 942 shown

Technical Details

Basic Information

IP Address
85.217.140.8
IP Version
IPv4
Network Type
Public
Tor Network
No
Network Class
Class A

Geolocation

Country
FR FR
ASN
AS209334
ISP
Modat B.V.

DNS Information

Reverse DNS
o308.scanner.modat.io
PTR Record
Yes
Connection Type
Static

Statistics

Total Reports
942
First Reported
22 Jan 2026
Last Reported
8 Jun 2026, 20:39

Network Reputation

Analysis of the entire network (ASN) that this IP address belongs to, providing context about the hosting provider and network-wide threat patterns.

Network Identity

AS209334
Modat B.V.
CA CA

Network Threat Assessment

0/10
This network appears to be relatively clean with very low threat indicators.

Network Statistics

124
Total IPs Monitored
9,136
Total Reports
73.7
Reports per IP

Network Context

This IP address belongs to Modat B.V. (AS209334), which manages 124 IP addresses in our monitoring system. Out of these, 9,136 have been reported for suspicious activities, resulting in a network-wide threat level of 0/10.

Network status: This network appears to be well-maintained with low threat indicators.

Comparative Analysis

How this IP compares to others in our threat intelligence database

80 %

Global Threat Ranking

This IP is more threatening than 80% of all IPs in our database.

High Threat Percentile

Global Comparison

Compared against 199,325 reported IPs worldwide

Threat Level 8/10 avg: 5.3 ++
Total Reports 942 avg: 23 ++

Network Comparison

Compared against 124 IPs in ASN 209334

Threat Level 8/10 network avg: 9.6 -
Total Reports 942 network avg: 140 ++
Network Modat B.V. has overall threat level 0/10

Geographic Comparison

Compared against 4,067 IPs in FR

Threat Level 8/10 country avg: 5.8 +
Total Reports 942 country avg: 31 ++
Indicators:
++ Much Higher + Higher = Similar - Lower -- Much Lower

Geographic Threat Distribution

187,017 threat incidents tracked globally • Last 24h: 18,967 Logs

FEED

Top Threat Sources

  1. 01
    US
    United States US
    38,426 20.5%
  2. 02
    IN
    India IN
    28,977 15.5%
  3. 03
    CN
    China CN
    26,016 13.9%
  4. 04
    BR
    Brazil BR
    10,249 5.5%
  5. 05
    DE
    Germany DE
    7,139 3.8%
  6. 06
    SG
    Singapore SG
    6,475 3.5%
  7. 07
    ID
    Indonesia ID
    5,533 3%
  8. 08
    RU
    Russia RU
    4,701 2.5%
  9. 09
    PK
    Pakistan PK
    4,647 2.5%
  10. 10
    NL
    Netherlands NL
    4,355 2.3%

+40 more countries

THREAT LEVEL
LOW MED HIGH

Geographic data is aggregated and anonymized. No personal information displayed.

Map: simplemaps.com (MIT License)

Related IPs

Other IPs associated with this address through network or behavioral similarity

IPs from the same Autonomous System (AS) network provider.

20 Related IPs
8.3/10 Avg Threat
96% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
85.217.140.12 8/10
Confidence 96%
Reports 157
Location FR FR
8 Jun 2026
85.217.149.7 8/10
Confidence 96%
Reports 130
Location CA CA
4 Jun 2026
85.217.149.5 8/10
Confidence 96%
Reports 126
Location CA CA
9 Jun 2026
85.217.140.11 8/10
Confidence 96%
Reports 121
Location FR FR
8 Jun 2026
85.217.140.10 8/10
Confidence 96%
Reports 119
Location FR FR
9 Jun 2026
85.217.149.15 8/10
Confidence 96%
Reports 110
Location CA CA
9 Jun 2026
85.217.140.28 8/10
Confidence 96%
Reports 109
Location FR FR
8 Jun 2026
85.217.140.19 8/10
Confidence 96%
Reports 104
Location FR FR
9 Jun 2026
85.217.140.33 8/10
Confidence 96%
Reports 101
Location FR FR
9 Jun 2026
85.217.149.44 8/10
Confidence 96%
Reports 99
Location CA CA
9 Jun 2026
85.217.149.11 8/10
Confidence 96%
Reports 96
Location CA CA
7 Jun 2026
85.217.149.32 8/10
Confidence 96%
Reports 96
Location CA CA
7 Jun 2026
85.217.140.26 8/10
Confidence 96%
Reports 92
Location FR FR
8 Jun 2026
85.217.140.31 8/10
Confidence 96%
Reports 88
Location FR FR
8 Jun 2026
85.217.140.29 8/10
Confidence 96%
Reports 82
Location FR FR
8 Jun 2026
85.217.149.28 8/10
Confidence 96%
Reports 81
Location CA CA
9 Jun 2026
85.217.140.25 8/10
Confidence 96%
Reports 65
Location FR FR
9 Jun 2026
85.217.140.9 10/10
Confidence 94%
Reports 135
Location FR FR
8 Jun 2026
85.217.140.51 10/10
Confidence 94%
Reports 132
Location FR FR
9 Jun 2026
85.217.140.15 10/10
Confidence 94%
Reports 131
Location FR FR
8 Jun 2026

IPs from the same subnet range, likely same network segment.

20 Related IPs
9/10 Avg Threat
95% Avg Confidence
20 High Threat
High-risk network: Majority of related IPs are flagged
85.217.140.12 8/10
Confidence 96%
Reports 157
Location FR FR
8 Jun 2026
85.217.140.11 8/10
Confidence 96%
Reports 121
Location FR FR
8 Jun 2026
85.217.140.10 8/10
Confidence 96%
Reports 119
Location FR FR
9 Jun 2026
85.217.140.28 8/10
Confidence 96%
Reports 109
Location FR FR
8 Jun 2026
85.217.140.19 8/10
Confidence 96%
Reports 104
Location FR FR
9 Jun 2026
85.217.140.33 8/10
Confidence 96%
Reports 101
Location FR FR
9 Jun 2026
85.217.140.26 8/10
Confidence 96%
Reports 92
Location FR FR
8 Jun 2026
85.217.140.31 8/10
Confidence 96%
Reports 88
Location FR FR
8 Jun 2026
85.217.140.29 8/10
Confidence 96%
Reports 82
Location FR FR
8 Jun 2026
85.217.140.25 8/10
Confidence 96%
Reports 65
Location FR FR
9 Jun 2026
85.217.140.9 10/10
Confidence 94%
Reports 135
Location FR FR
8 Jun 2026
85.217.140.51 10/10
Confidence 94%
Reports 132
Location FR FR
9 Jun 2026
85.217.140.15 10/10
Confidence 94%
Reports 131
Location FR FR
8 Jun 2026
85.217.140.45 10/10
Confidence 94%
Reports 127
Location FR FR
7 Jun 2026
85.217.140.30 10/10
Confidence 94%
Reports 126
Location FR FR
8 Jun 2026
85.217.140.41 10/10
Confidence 94%
Reports 123
Location FR FR
9 Jun 2026
85.217.140.42 10/10
Confidence 94%
Reports 122
Location FR FR
9 Jun 2026
85.217.140.53 10/10
Confidence 94%
Reports 121
Location FR FR
8 Jun 2026
85.217.140.49 10/10
Confidence 94%
Reports 119
Location FR FR
9 Jun 2026
85.217.140.46 10/10
Confidence 94%
Reports 116
Location FR FR
8 Jun 2026

IPs from the same country with similar threat profiles.

15 Related IPs
8.9/10 Avg Threat
100% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
92.205.109.21 8/10
Confidence 100%
Reports 287
ISP Host Europe GmbH
5 Jun 2026
82.196.25.136 8/10
Confidence 100%
Reports 228
ISP Free Pro SAS
1 Jun 2026
91.227.37.60 8/10
Confidence 100%
Reports 200
ISP Eurofiber Franc...
24 May 2026
163.172.31.86 10/10
Confidence 100%
Reports 138
ISP Scaleway SAS
28 May 2026
92.205.188.156 8/10
Confidence 100%
Reports 98
ISP Host Europe GmbH
3 Jun 2026
178.18.246.56 8/10
Confidence 100%
Reports 92
ISP Contabo GmbH
18 May 2026
194.163.139.224 10/10
Confidence 100%
Reports 72
ISP Contabo GmbH
9 Jun 2026
87.106.29.151 10/10
Confidence 100%
Reports 50
ISP IONOS SE
8 Jun 2026
51.38.192.10 8/10
Confidence 100%
Reports 41
ISP OVH SAS
9 Jun 2026
54.36.102.244 8/10
Confidence 100%
Reports 34
ISP OVH SAS
8 Jun 2026
84.247.129.9 8/10
Confidence 100%
Reports 31
ISP Contabo GmbH
30 May 2026
54.37.84.217 10/10
Confidence 100%
Reports 31
ISP OVH SAS
7 May 2026
46.105.28.235 10/10
Confidence 100%
Reports 27
ISP OVH SAS
8 Jun 2026
51.91.98.45 10/10
Confidence 100%
Reports 27
ISP OVH SAS
26 May 2026
193.42.61.12 10/10
Confidence 100%
Reports 24
ISP velia.net Inter...
8 Jun 2026

IPs with similar threat level and confidence scores.

15 Related IPs
9.5/10 Avg Threat
75% Avg Confidence
15 High Threat
High-risk network: Majority of related IPs are flagged
211.253.31.30 10/10
Confidence 75%
Reports 3,142
Location KR KR
9 Jun 2026
185.156.73.62 8/10
Confidence 75%
Reports 2,865
Location UA UA
5 Apr 2026
72.79.42.117 10/10
Confidence 75%
Reports 2,126
Location US US
11 May 2026
103.132.243.250 10/10
Confidence 75%
Reports 2,030
Location IN IN
4 Jun 2026
87.98.242.75 8/10
Confidence 75%
Reports 1,718
Location DE DE
10 May 2026
80.94.92.66 10/10
Confidence 75%
Reports 1,652
Location RO RO
21 Mar 2026
187.191.2.214 10/10
Confidence 75%
Reports 1,622
Location MX MX
7 Jun 2026
45.142.193.233 8/10
Confidence 75%
Reports 1,503
Location RO RO
1 Apr 2026
45.82.78.108 10/10
Confidence 75%
Reports 1,431
Location DE DE
8 Jun 2026
157.20.207.165 10/10
Confidence 75%
Reports 1,354
Location ID ID
7 Jun 2026
102.218.89.110 10/10
Confidence 75%
Reports 956
Location UG UG
21 May 2026
85.217.140.13 8/10
Confidence 75%
Reports 944
Location FR FR
9 Jun 2026
170.39.218.32 10/10
Confidence 75%
Reports 915
Location CA CA
8 Apr 2026
80.94.92.63 10/10
Confidence 75%
Reports 907
Location RO RO
22 Apr 2026
170.39.218.251 10/10
Confidence 75%
Reports 875
Location CA CA
8 Apr 2026

Export & Firewall Rules

Download threat data or generate firewall rules to block this IP

JSON Report

Structured data format for integration with security tools and SIEM systems.

{
    "ip_address": "85.217.140.8",
    "threat_level": 8,
    "confidence_score": 75,
    "total_reports": 942,
    "country_code": "FR",
    "isp_name": "Modat B.V.",
    "asn": "209334",
    "first_reported": "2026-01-22 06:06:17",
    "last_reported": "2026-06-08 20:39:53",
    "exported_at": "2026-06-09T07:54:16+02:00",
    "source": "https://reportedip.de/ip/85.217.140.8/"
}
Download JSON

GDPR Compliant: Exports contain only IP-related threat data. No personal information or reporter details are included.

Analyzed high-risk IP addresses