JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.163.63.247

20.163.63.247 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.163.63.247

Whois 20.163.63.247

IP Abuse Reports for 20.163.63.247:

This IP address has been reported a total of 17 times from 14 distinct sources. 20.163.63.247 was first reported on June 11th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇭 Sawasdee	2026-06-27 19:24:04 (1 day ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 kosada.com	2026-06-27 19:11:46 (1 day ago)	Web vulnerability probing: /.git/refs/heads/main (bogus vhost/SNI)	Web App Attack
🇺🇸 RAP	2026-06-27 18:46:33 (1 day ago)	2026-06-27 18:46:33 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 RAP	2026-06-27 16:28:52 (1 day ago)	2026-06-27 16:28:52 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇳🇱 Savvii	2026-06-27 16:22:55 (1 day ago)	15 attempts against mh-modsecurity-ban on cmdb	Brute-Force Web App Attack
🇨🇿 Countryman	2026-06-24 03:54:44 (5 days ago)	IPS detection: HTPasswd.Access	Hacking
🇺🇸 MPL	2026-06-24 03:36:34 (5 days ago)	tcp/443	Port Scan
🇩🇪 itsolon	2026-06-24 03:02:45 (5 days ago)	[24/Jun/2026:05:02:41 +0200] 178227016135.482507 20.163.63.247 39333 217.154.7.177 80 [24/Jun/2026:0 ... show more [24/Jun/2026:05:02:41 +0200] 178227016135.482507 20.163.63.247 39333 217.154.7.177 80 [24/Jun/2026:05:02:42 +0200] 17822701627.300048 20.163.63.247 39341 217.154.7.177 80 [24/Jun/2026:05:02:43 +0200] 17822701632.236998 20.163.63.247 39254 217.154.7.177 80 [24/Jun/2026:05:02:43 +0200] 178227016343.569290 20.163.63.247 39309 217.154.7.177 80 [24/Jun/2026:05:02:45 +0200] 178227016594.494503 20.163.63.247 38967 217.154.7.177 80 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 02:51:39 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 20.163.63.247 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.163.63.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 22:51:34.233642 2026] [security2:error] [pid 32517:tid 32517] [client 20.163.63.247:38960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.158"] [uri "/.git/HEAD"] [unique_id "ajtGNjggltLMrTHnQcPK9wAAAC4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Gabriel Camargo	2026-06-24 01:50:11 (5 days ago)	20.163.63.247 - - [23/Jun/2026:20:50:03 -0500] "GET /.git/logs/HEAD HTTP/1.1" 404 134 "-" "Mozilla/5 ... show more 20.163.63.247 - - [23/Jun/2026:20:50:03 -0500] "GET /.git/logs/HEAD HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 20.163.63.247 - - [23/Jun/2026:20:50:09 -0500] "GET /.git/index HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" 20.163.63.247 - - [23/Jun/2026:20:50:10 -0500] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Brute-Force SSH
🇺🇸 RAP	2026-06-24 00:55:27 (5 days ago)	2026-06-24 00:55:27 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇷🇸 Scan	2026-06-24 00:45:30 (5 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-24 00:44:11 (5 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇯🇵 VXG-NET	2026-06-24 00:19:57 (5 days ago)	port=80, indicator_type=info-leak	Hacking
🇩🇪 Ano_Nym	2026-06-23 22:43:48 (5 days ago)	CrowdSec IDS alert on VPS 85.215.198.123 (DE). Scenario: crowdsecurity/http-sensitive-files	Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 188.241.57.178

🇩🇪 165.154.138.151

🇨🇳 118.81.194.148

🇸🇬 101.100.194.252

🇬🇧 87.236.176.206

🇺🇸 23.95.186.171

🇳🇱 195.178.110.30

🇮🇹 158.173.77.249

🇧🇷 138.121.222.49

🇺🇸 135.237.126.12

🇺🇸 104.243.43.55

🇧🇬 93.94.141.115

🇳🇱 89.21.67.155

🇩🇪 87.106.210.86

🇩🇪 85.215.128.133

🇵🇱 74.248.36.50

🇺🇸 66.132.172.153

🇸🇬 47.84.136.177

🇧🇷 45.228.102.150

🇦🇺 34.129.130.251