JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.217.140.227

48.217.140.227 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.217.140.227

Whois 48.217.140.227

IP Abuse Reports for 48.217.140.227:

This IP address has been reported a total of 19 times from 19 distinct sources. 48.217.140.227 was first reported on September 10th 2025, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 femboy.cat	2026-06-16 09:51:26 (2 hours ago)	Port scan to tcp/2078 from 48.217.140.227	Brute-Force
🇦🇹 urnilxfgbez	2026-06-14 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇨🇭 Kepler-1649c	2026-06-14 10:05:15 (2 days ago)	Detected Attack: HTPasswd.Access	Hacking
🇺🇸 xmission.com	2026-06-14 04:34:23 (2 days ago)	Blocked by UFW (TCP on 8443) Source port: 17500 TTL: 48 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8443) Source port: 17500 TTL: 48 Packet length: 60 TOS: 0x00 This report (for 48.217.140.227) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇦 Blinker73	2026-06-14 04:31:30 (2 days ago)	2026-06-14T00:31 kernel: OUT= SRC=48.217.140.227 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=6806 DF P ... show more 2026-06-14T00:31 kernel: OUT= SRC=48.217.140.227 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=6806 DF PROTO=TCP SPT=18596 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-14T00:31 kernel: OUT= SRC=48.217.140.227 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=22876 DF PROTO=TCP SPT=18610 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-14T00:31 kernel: OUT= SRC=48.217.140.227 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=7607 DF PROTO=TCP SPT=18567 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP= show less	Port Scan
Anonymous	2026-06-14 03:24:59 (2 days ago)	Bot detected scanning for vulnerable pages	Port Scan
🇹🇷 Threat.live	2026-06-14 02:25:03 (2 days ago)	Suspicious Connection Attempts	Brute-Force
🇧🇾 lns.bz	2026-06-14 01:33:21 (2 days ago)	Too many 404 requests [BY]	Web App Attack
🇷🇸 Scan	2026-06-14 00:45:13 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇫🇷 polido	2026-06-14 00:02:28 (2 days ago)	Unauthorized connection attempt to port 443 from 48.217.140.227	Port Scan
🇺🇸 Axel	2026-06-13 23:49:56 (2 days ago)	Blocked by UFW on MVI [2087/tcp] \| SPT: 17901 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2087/tcp] \| SPT: 17901 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 PTScreens	2026-06-13 23:35:27 (2 days ago)	CrowdSec blocked attack: Http-Sensitive-Files attempt(s) from 48.217.140.227 (MICROSOFT-CORP-MSN-AS- ... show more CrowdSec blocked attack: Http-Sensitive-Files attempt(s) from 48.217.140.227 (MICROSOFT-CORP-MSN-AS-BLOCK). 5 events detected in the last 300 seconds. show less	Web App Attack
Anonymous	2026-06-13 23:35:26 (2 days ago)	Repeated unauthorized connection attempts to restricted service observed.	Port Scan Hacking Bad Web Bot
🇺🇸 OceanTreasure	2026-06-13 23:10:11 (2 days ago)	tcp/80; /.env* dotfile probe (R21): "GET /.env" @ 2026-06-13T23:07:33Z	Web App Attack
🇺🇸 juguemosalacarioca.com	2026-05-06 21:27:23 (1 month ago)	(sshd) Failed SSH login from 48.217.140.227 (US/United States/-): 5 in the last 3600 secs; Ports: ; ... show more (sshd) Failed SSH login from 48.217.140.227 (US/United States/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_SSHD; Logs: May 6 21:27:19 arachne sshd[29001]: Did not receive identification string from 48.217.140.227 port 14761 May 6 21:27:19 arachne sshd[29002]: Invalid user ubuntu from 48.217.140.227 port 14730 May 6 21:27:20 arachne sshd[29004]: Invalid user ubuntu from 48.217.140.227 port 14723 May 6 21:27:20 arachne sshd[29007]: Invalid user ubuntu from 48.217.140.227 port 14729 May 6 21:27:21 arachne sshd[29009]: Invalid user ubuntu from 48.217.140.227 port 14768 show less	Port Scan

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.190.43.162

🇺🇸 172.208.48.177

🇺🇸 20.46.252.234

🇺🇸 2607:f8b0:4001:c0c::127

🇺🇸 195.184.76.209

🇷🇺 194.85.69.22

🇮🇩 182.8.129.233

🇨🇳 171.217.92.33

🇨🇦 86.106.90.226

🇨🇳 27.150.188.148

🇺🇸 13.217.95.0

🇷🇴 2.57.121.25

🇮🇳 202.62.72.98

🇩🇪 167.94.146.35

🇺🇸 152.232.14.186

🇨🇳 116.178.155.143

🇮🇳 103.70.158.234

🇳🇱 209.85.218.71

🇩🇪 167.172.187.11

🇺🇸 145.223.7.17