JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.63.103.165

20.63.103.165 was found in our database!

This IP was reported 128 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.63.103.165

Whois 20.63.103.165

IP Abuse Reports for 20.63.103.165:

This IP address has been reported a total of 128 times from 122 distinct sources. 20.63.103.165 was first reported on June 13th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-14 19:08:45 (3 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-14 05:13:43 (17 hours ago)	142 attacks on PHP URLs: GET /whv.php HTTP/1.1	Web App Attack
🇩🇰 Leif Neland	2026-06-14 01:00:02 (22 hours ago)	Detected by CrowdSec on slim	Brute-Force
Anonymous	2026-06-13 23:48:23 (23 hours ago)	Web App Attack	Brute-Force Web App Attack
🇺🇸 nasset	2026-06-13 23:39:04 (23 hours ago)	20.63.103.165 - - [13/Jun/2026:16:39:03 -0700] "GET /BDKR28WP.php HTTP/1.1" 403 584 "-" "-" 20.63.10 ... show more 20.63.103.165 - - [13/Jun/2026:16:39:03 -0700] "GET /BDKR28WP.php HTTP/1.1" 403 584 "-" "-" 20.63.103.165 - - [13/Jun/2026:16:39:03 -0700] "GET /f35.php HTTP/1.1" 403 584 "-" "-" 20.63.103.165 - - [13/Jun/2026:16:39:04 -0700] "GET /xxx.php HTTP/1.1" 403 584 "-" "-" 20.63.103.165 - - [13/Jun/2026:16:39:04 -0700] "GET /sx_pms.php HTTP/1.1" 403 584 "-" "-" 20.63.103.165 - - [13/Jun/2026:16:39:04 -0700] "GET /wp-info.php HTTP/1.1" 403 584 "-" "-" ... show less	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 23:37:07 (23 hours ago)	20.63.103.165 - - [14/Jun/2026:02:36:51 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.63.103.165 - - [14/Jun/2026:02:36:51 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 712 "-" "-" 20.63.103.165 - - [14/Jun/2026:02:37:06 +0300] "GET /file17.php HTTP/1.1" 404 628 "-" "-" ... show less	Web App Attack
🇳🇱 Brict IT	2026-06-13 23:33:44 (23 hours ago)		Bad Web Bot Web App Attack
🇧🇷 Halux	2026-06-13 23:31:44 (23 hours ago)	20.63.103.165 Probing protected path or service	Web App Attack
🇩🇪 IVski	2026-06-13 23:27:38 (23 hours ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-13 23:22:01 (23 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇬🇧 venus.launch.bz	2026-06-13 23:15:52 (23 hours ago)	(wpscan) WordPress probe detected from 20.63.103.165 (CA/Canada/-)	Hacking
🇮🇹 eliosbrocchi	2026-06-13 23:14:59 (23 hours ago)	[Sun Jun 14 01:14:56.209839 2026] [proxy_fcgi:error] [pid 1998829:tid 1998889] [client 20.63.103.165 ... show more [Sun Jun 14 01:14:56.209839 2026] [proxy_fcgi:error] [pid 1998829:tid 1998889] [client 20.63.103.165:14824] AH01071: Got error 'Primary script unknown' [Sun Jun 14 01:14:56.608934 2026] [proxy_fcgi:error] [pid 1998829:tid 1998904] [client 20.63.103.165:14824] AH01071: Got error 'Primary script unknown' [Sun Jun 14 01:14:56.861369 2026] [proxy_fcgi:error] [pid 1998829:tid 1998909] [client 20.63.103.165:14824] AH01071: Got error 'Primary script unknown' [Sun Jun 14 01:14:57.289635 2026] [proxy_fcgi:error] [pid 1998829:tid 1998917] [client 20.63.103.165:14824] AH01071: Got error 'Primary script unknown' [Sun Jun 14 01:14:57.537396 2026] [proxy_fcgi:error] [pid 1998829:tid 1998916] [client 20.63.103.165:14824] AH01071: Got error 'Primary script unknown' ... show less	VPN IP
🇬🇧 Apache	2026-06-13 22:47:49 (1 day ago)	(mod_security) mod_security (id:942100) triggered by 20.63.103.165 (CA/Canada/-): 5 in the last 300 ... show more (mod_security) mod_security (id:942100) triggered by 20.63.103.165 (CA/Canada/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇮🇹 sssrit	2026-06-13 22:35:01 (1 day ago)	20.63.103.165 - - [14/Jun/2026:00:35:00 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.63.103.165 - - [14/Jun/2026:00:35:00 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 146 "-" "-" ... show less	Web App Attack
Anonymous	2026-06-13 22:32:14 (1 day ago)	TACHIDE WEBEXPLOIT 20.63.103.165 (20.63.103.165)	Web App Attack

Showing 1 to 15 of 128 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400c:c06::126

🇪🇸 188.26.221.175

🇺🇸 147.185.132.213

🇷🇺 138.124.77.177

🇨🇳 119.23.73.148

🇭🇰 118.193.36.149

🇫🇷 85.217.140.15

🇵🇱 83.168.95.29

🇺🇸 66.132.195.114

🇩🇪 213.209.159.238

🇺🇸 205.210.31.85

🇹🇼 198.235.24.68

🇪🇸 185.226.228.251

🇳🇱 172.94.9.158

🇩🇪 167.94.146.73

🇯🇵 104.198.112.123

🇦🇪 92.98.155.117

🇺🇸 91.230.168.144

🇺🇸 2604:a880:400:d1:0:4:9635:b001

🇲🇴 182.93.50.90