JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.48.63.209

20.48.63.209 was found in our database!

This IP was reported 80 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.48.63.209

Whois 20.48.63.209

IP Abuse Reports for 20.48.63.209:

This IP address has been reported a total of 80 times from 68 distinct sources. 20.48.63.209 was first reported on June 29th 2026, and the most recent report was 15 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-29 22:37:33 (15 minutes ago)		Brute-Force Web App Attack
🇨🇦 polycoda	2026-06-29 19:30:45 (3 hours ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based) - 📂 Directory Listings (Decay-Based) - 📊 Admin ... show more AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based) - 📂 Directory Listings (Decay-Based) - 📊 Admin Panel Scanning (Decay-Based) show less	Hacking Bad Web Bot Web App Attack
🇦🇺 QT	2026-06-29 15:47:23 (7 hours ago)	Website hack attempted at 2026-06-30 01:47:16 +1000	Web App Attack
🇫🇷 sthoyer.de	2026-06-29 15:44:29 (7 hours ago)	20.48.63.209 - - [29/Jun/2026:17:44:26 +0200] "GET /adminfuns.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 ... show more 20.48.63.209 - - [29/Jun/2026:17:44:26 +0200] "GET /adminfuns.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.63.209 - - [29/Jun/2026:17:44:27 +0200] "GET /file.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.63.209 - - [29/Jun/2026:17:44:27 +0200] "GET /admin.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇬🇷 setupgr	2026-06-29 15:42:35 (7 hours ago)	(mod_security) mod_security (id:1000001) triggered by 20.48.63.209 (JP/Japan/Tokyo/Shibuya City/-/[A ... show more (mod_security) mod_security (id:1000001) triggered by 20.48.63.209 (JP/Japan/Tokyo/Shibuya City/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Mon Jun 29 18:42:32.037988 2026] [security2:error] [pid 2347141:tid 2347291] [client 20.48.63.209:14137] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /about.php"] [severity "CRITICAL"] [tag "security"] [hostname "setworldup365.com"] [uri "/about.php"] [unique_id "akKSaHDTbhWsfxXOgZVQawAAAMg"] show less	Port Scan
🇺🇸 ipblock.com	2026-06-29 15:40:00 (7 hours ago)	IPBlock protected site ID [4055-d][s=03]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 mashamal	2026-06-29 15:35:30 (7 hours ago)	Vulnerability Probe ...	Web App Attack
🇺🇸 helios.live	2026-06-29 15:32:32 (7 hours ago)	2026/06/29 15:32:30 [error] 2442338#2442338: 229656 FastCGI sent in stderr: "Primary script unknown ... show more 2026/06/29 15:32:30 [error] 2442338#2442338: 229656 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.48.63.209, server: kocerroxy.com, request: "GET /adminfuns.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com" 20.48.63.209 - - [29/Jun/2026:15:32:30 +0000] "GET /adminfuns.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 2026/06/29 15:32:31 [error] 2442338#2442338: *229656 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.48.63.209, server: kocerroxy.com, request: "GET /file.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com" 20.48.63.209 - - [29/Jun/2026:15:32:31 +0000] "GET /file.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (K ... show less	Web App Attack
🇳🇿 Antinson	2026-06-29 15:15:45 (7 hours ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇦🇺 QT	2026-06-29 15:15:32 (7 hours ago)	Website hack attempted at 2026-06-30 01:15:31 +1000	Web App Attack
🇩🇪 Viveronese	2026-06-29 15:12:22 (7 hours ago)	HTTP vulnerability scanning	Web App Attack
🇮🇪 Jim Keir	2026-06-29 15:05:46 (7 hours ago)	2026-06-29 15:05:45 20.48.63.209 File scanning, blocking 20.48.63.209 for 5 minutes	Web App Attack
Anonymous	2026-06-29 15:03:13 (7 hours ago)	Automatically blocked after 19 security events. Observed repeated web application attack probes. Sou ... show more Automatically blocked after 19 security events. Observed repeated web application attack probes. Source: Cloudflare security controls. show less	Hacking Web App Attack
Anonymous	2026-06-29 14:45:53 (8 hours ago)	Automated Report: Fail2Ban block triggered by nginx-botsearch jail.	Brute-Force SSH
🇩🇪 MBombeck	2026-06-29 14:43:43 (8 hours ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack

Showing 1 to 15 of 80 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 221.159.119.6

🇧🇷 177.222.230.56

🇳🇱 91.92.40.233

🇫🇷 194.113.235.89

🇧🇷 187.255.99.121

🇳🇱 176.65.131.147

🇫🇮 147.185.133.188

🇮🇳 139.59.59.165

🇺🇸 104.9.60.148

🇳🇴 81.167.64.26

🇱🇹 62.60.130.238

🇳🇱 45.142.193.147

🇺🇸 45.3.34.6

🇺🇸 20.65.194.76

🇺🇸 5.78.152.32

🇩🇴 190.167.237.191

🇦🇺 149.118.68.211

🇺🇸 147.185.132.100

🇺🇸 142.93.48.137

🇺🇸 104.140.148.54