Maximum Danger
IP 85.217.149.25 is a critical-risk address linked to 912 total abuse reports, operated by Modat B.V. under ASN AS209334 in Canada, and assessed at threat level 10/10 due to sustained, high-volume hacking activity over a six-month period with an activity frequency rating of 8/10.
Automated honeypot sensors recorded 912 reports spanning January 2026 through June 2026, with 20 of those reports explicitly categorizing the activity as hacking attempts. Detection signatures include Suricata alerts identifying SSH sessions established on unusual non-standard ports, a technique commonly used to bypass basic firewall rules and target misconfigured SSH services. The 74% confidence score reflects strong correlation with malicious behavior, though a small margin of uncertainty remains typical in automated threat assessment.
The dominant hacking classification encompasses brute-force credential attacks, vulnerability exploitation, and persistent unauthorized access attempts. This IP specifically exhibits active SSH probing on unconventional ports, indicating systematic scanning for exposed SSH daemons to compromise through credential stuffing or brute-force methods. The sustained report volume over six months demonstrates a deliberate, organized campaign rather than opportunistic scanning, posing significant risk to any exposed SSH services lacking rate limiting, strong authentication mechanisms, or proper network access controls.
Site operators should block this IP at the network perimeter given its critical threat designation and history of sustained malicious activity. Implementing automated ban tools such as fail2ban can detect and block repeated SSH connection attempts in real time. Enforcing key-based SSH authentication with strong passphrases and disabling password-based authentication eliminates the primary attack vector being exploited. Regular security audits, continuous log monitoring for unusual SSH port activity, and restricting SSH access to known IP ranges via firewall rules provide additional defensive layers against this category of threat.
FR 
BG 
UA 
GB 
CO 
VN