JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.227.141.209

20.227.141.209 was found in our database!

This IP was reported 220 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇦🇺 Australia
City	Canberra, Australian Capital Territory

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.227.141.209

Whois 20.227.141.209

IP Abuse Reports for 20.227.141.209:

This IP address has been reported a total of 220 times from 127 distinct sources. 20.227.141.209 was first reported on April 15th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-22 05:20:03 (9 hours ago)	IP Address black-listed by anti-spam (blocked).	Email Spam
🇺🇸 sargetun	2026-06-11 16:25:28 (1 week ago)	Honeypot: Auto-ban: 24 hour idle after honeypot interaction. Auto-reported from VPS honeypot.	Brute-Force SSH Hacking
🇺🇸 rjdefrancisco	2026-06-11 07:07:13 (1 week ago)	Unwanted traffic detected by honeypot on June 10, 2026: brute force and hacking attacks (4 over teln ... show more Unwanted traffic detected by honeypot on June 10, 2026: brute force and hacking attacks (4 over telnet). show less	Port Scan Brute-Force SSH
🇩🇪 NxtGenIT	2026-06-10 16:21:52 (1 week ago)	Cowrie Honeypot hit, Event Type: cowrie.command.input, Command: CMD: uname -m	Brute-Force
🇺🇸 ShadowWhisperer	2026-06-10 15:58:39 (1 week ago)	TELNET port scan / probe. dropped before login	Port Scan IoT Targeted
🇩🇪 dispaisyenterprises	2026-06-10 15:52:05 (1 week ago)	Honeypot [fra-de-honeypot]: Brute-force attack detected on 23/TELNET • Credential used: root:root • ... show more Honeypot [fra-de-honeypot]: Brute-force attack detected on 23/TELNET • Credential used: root:root • Number of login attempts: 1 • 3 command(s) were executed during the session Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking
🇩🇪 NxtGenIT	2026-06-10 15:50:19 (1 week ago)	Cowrie Honeypot hit, Event Type: cowrie.command.input, Command: CMD: exit	Brute-Force
🇨🇭 m_vlasov	2026-06-10 15:44:26 (1 week ago)	SSH/Telnet honeypot: 1 login attempts, 1 sessions, 2 shell commands.	Port Scan Brute-Force SSH Hacking IoT Targeted
🇫🇷 COMAITE	2026-06-10 15:42:39 (1 week ago)	Honeypot login success	Brute-Force
🇬🇷 Xev	2026-06-10 15:42:36 (1 week ago)	Telnet credentials BruteForce Date: 2026-06-10 15:42:34 UTC Destination port: 23 Credentials used: ... show more Telnet credentials BruteForce Date: 2026-06-10 15:42:34 UTC Destination port: 23 Credentials used: Username: root Password: root Targeted device: Raspberry Pi show less	Brute-Force IoT Targeted
🇩🇪 anycast_ac	2026-06-10 15:42:22 (1 week ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: b'root':b'' Commands captured: $ uname -m $ exit show less	DDoS Attack IoT Targeted Brute-Force
🇩🇪 licen777	2026-06-10 15:42:02 (1 week ago)	Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-10T15:42:01Z and 2026-06-1 ... show more Cowrie Honeypot: 5 unauthorised SSH/Telnet login attempts between 2026-06-10T15:42:01Z and 2026-06-10T15:42:02Z show less	Brute-Force SSH
🇯🇵 SentinalX by uzumaru	2026-06-03 07:36:14 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 128.116.51.3:443 show less	Open Proxy Port Scan
🇯🇵 SentinalX by uzumaru	2026-05-30 05:28:57 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 128.116.51.3:443 show less	Open Proxy Port Scan
🇧🇷 SOC PR	2026-05-22 08:53:40 (1 month ago)	IPS: Command Injection Over HTTP.	Web App Attack

Showing 1 to 15 of 220 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9634:1001

🇨🇳 222.88.163.204

🇺🇬 196.0.120.6

🇳🇬 152.32.141.176

🇮🇳 103.174.111.73

🇸🇬 45.78.204.246

🇧🇷 20.226.100.179

🇺🇸 208.97.187.39

🇺🇸 172.13.170.169

🇫🇷 85.217.140.8

🇫🇮 80.223.190.179

🇳🇱 77.83.39.10

🇮🇳 185.244.11.117

🇳🇱 176.65.139.181

🇺🇸 165.154.172.181

🇮🇩 163.7.3.26

🇺🇸 104.18.50.34

🇵🇱 89.186.26.237

🇳🇱 85.11.167.11

🇩🇪 69.5.169.181