JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.63.63.224

20.63.63.224 was found in our database!

This IP was reported 149 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.63.63.224

Whois 20.63.63.224

IP Abuse Reports for 20.63.63.224:

This IP address has been reported a total of 149 times from 132 distinct sources. 20.63.63.224 was first reported on May 31st 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 masterguru	2026-05-31 17:31:13 (3 days ago)	Too much 404 requests in 1 hour. Operator GE matched 50 at IP:block_script. (44020-123)	Hacking
🇳🇱 ConsulHosting	2026-05-31 17:28:49 (3 days ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇧🇷 dominioz	2026-05-31 17:28:44 (3 days ago)	2026-05-31 17:28:28 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.63.63.224 HTTP/1.1 ... show more 2026-05-31 17:28:28 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.63.63.224 HTTP/1.1 - - 404 104631 2026-05-31 17:28:30 GET /core/init.php - - 20.63.63.224 HTTP/1.1 - - 404 104631 2026-05-31 17:28:30 GET /aa.php - - 20.63.63.224 HTTP/1.1 - - 404 104631 2026-05-31 17:28:31 GET /xmrlpc.php - - 20.63.63.224 HTTP/1.1 - - 404 104631 ... show less	Web App Attack
🇺🇸 Operator873	2026-05-31 17:23:51 (3 days ago)	2026/05/31 12:23:49 [error] 1423675#0: 3503086 access forbidden by rule, client: 20.63.63.224, serv ... show more 2026/05/31 12:23:49 [error] 1423675#0: 3503086 access forbidden by rule, client: 20.63.63.224, server: [OBFUSCATED], request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "[OBFUSCATED]" 2026/05/31 12:23:49 [error] 1423675#0: 3503086 access forbidden by rule, client: 20.63.63.224, server: [OBFUSCATED], request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "[OBFUSCATED]" 2026/05/31 12:23:49 [error] 1423675#0: 3503086 access forbidden by rule, client: 20.63.63.224, server: [OBFUSCATED], request: "GET /core/init.php HTTP/1.1", host: "[OBFUSCATED]" 2026/05/31 12:23:49 [error] 1423675#0: 3503086 access forbidden by rule, client: 20.63.63.224, server: [OBFUSCATED], request: "GET /core/init.php HTTP/1.1", host: "[OBFUSCATED]" 2026/05/31 12:23:49 [error] 1423675#0: 3503086 access forbidden by rule, client: 20.63.63.224, server: [OBFUSCATED], request: "GET /aa.php HTTP/1.1", host: "[OBFUSCATED]" ... show less	Brute-Force Web App Attack
🇫🇷 guillaume illien	2026-05-31 17:22:02 (3 days ago)	20.63.63.224 - - [31/May/2026:17:21:59 +0000] "GET /wp-file.php HTTP/1.1" 301 178 "-" "-" 20.63.63.2 ... show more 20.63.63.224 - - [31/May/2026:17:21:59 +0000] "GET /wp-file.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:22:00 +0000] "GET /default.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:22:00 +0000] "GET /mah.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:22:01 +0000] "GET /plugins.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:22:01 +0000] "GET /sf.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:22:01 +0000] "GET /a.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:22:02 +0000] "GET /k.php HTTP/1.1" 301 178 "-" "-" ... show less	Hacking Brute-Force Web App Attack SSH
Anonymous	2026-05-31 17:20:55 (3 days ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
🇩🇪 macrob	2026-05-31 17:20:23 (3 days ago)	2026/05/31 17:20:07 [error] 238249#238249: 270809281 access forbidden by rule, client: 20.63.63.224 ... show more 2026/05/31 17:20:07 [error] 238249#238249: 270809281 access forbidden by rule, client: 20.63.63.224, server: finami.ph, request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/2.0", host: "www.finami.ph" 2026/05/31 17:20:11 [error] 238249#238249: 270809305 access forbidden by rule, client: 20.63.63.224, server: finami.ph, request: "GET /adminfuns.php HTTP/2.0", host: "www.finami.ph" 2026/05/31 17:20:22 [error] 238249#238249: 270809281 access forbidden by rule, client: 20.63.63.224, server: finami.ph, request: "GET /wp-class.php HTTP/2.0", host: "www.finami.ph" ... show less	Web App Attack
🇬🇧 rakkor	2026-05-31 17:15:52 (3 days ago)	2026-05-31T18:15:52+01:00 NAS [Sun May 31 18:15:52.219341 2026] [proxy_fcgi:error] [pid 32024:tid 32 ... show more 2026-05-31T18:15:52+01:00 NAS [Sun May 31 18:15:52.219341 2026] [proxy_fcgi:error] [pid 32024:tid 32032] [client 20.63.63.224:52690] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Hacking
🇩🇪 igerman	2026-05-31 17:12:44 (3 days ago)	caddy probes: admin-panel: GET /adminfuns.php(DROP) \| web: GET /166.php(DROP), GET /222.php(DROP), G ... show more caddy probes: admin-panel: GET /adminfuns.php(DROP) \| web: GET /166.php(DROP), GET /222.php(DROP), GET /CDX2.php(DROP), GET /aa.php(DROP), GET /about.php(DROP), GET /as.php(DROP), GET /bb.php(DROP), GET /class.php(DROP), GET /core/init.php(DROP), GET /edit.php(DROP), GET /goods.php(DROP), GET /info.php(DROP), GET /ioxi-o.php(DROP), GET /php8.php(DROP), GET /phpinfo/info.php(DROP), GET /profile.php(DROP), GET /sid3.php(DROP), GET /test.php(DROP), GET /test1.php(DROP), GET /wp.php(DROP), GET /xmrlpc.php(DROP) \| wordpress: GET /wp-content/plugins/hellopress/wp_filemanager.php(DROP), GET /wp-mail.php(DROP), GET /wp-the.php(DROP) show less	Web App Attack
Anonymous	2026-05-31 17:12:21 (3 days ago)	Banned by Fail2Ban on server	Web App Attack
🇵🇱 strefapi_com	2026-05-31 17:10:37 (3 days ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇫🇮 Christopher Hughes	2026-05-31 17:08:59 (3 days ago)	[Sun May 31 17:58:58.149165 2026] [proxy_fcgi:error] [pid 259330:tid 139774702626368] [client 20.63. ... show more [Sun May 31 17:58:58.149165 2026] [proxy_fcgi:error] [pid 259330:tid 139774702626368] [client 20.63.63.224:16565] AH01071: Got error 'Primary script unknown' [Sun May 31 17:58:58.283108 2026] [proxy_fcgi:error] [pid 259330:tid 139774736197184] [client 20.63.63.224:16565] AH01071: Got error 'Primary script unknown' [Sun May 31 17:58:58.441630 2026] [proxy_fcgi:error] [pid 259330:tid 139773662455360] [client 20.63.63.224:16565] AH01071: Got error 'Primary script unknown' [Sun May 31 18:08:58.795757 2026] [proxy_fcgi:error] [pid 259330:tid 139774258042432] [client 20.63.63.224:4546] AH01071: Got error 'Primary script unknown' [Sun May 31 18:08:58.928472 2026] [proxy_fcgi:error] [pid 259330:tid 139774744589888] [client 20.63.63.224:4546] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇺🇸 mnsf	2026-05-31 17:06:12 (3 days ago)	Too many Status 40X (12)	Brute-Force Web App Attack
🇫🇷 guillaume illien	2026-05-31 17:01:48 (3 days ago)	20.63.63.224 - - [31/May/2026:17:01:45 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.63.63.224 - - [31/May/2026:17:01:45 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:01:46 +0000] "GET /core/init.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:01:47 +0000] "GET /aa.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:01:47 +0000] "GET /xmrlpc.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:01:47 +0000] "GET /class.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:01:47 +0000] "GET /goods.php HTTP/1.1" 301 178 "-" "-" 20.63.63.224 - - [31/May/2026:17:01:48 +0000] "GET /info.php HTTP/1.1" 301 178 "-" "-" ... show less	Hacking Brute-Force Web App Attack SSH
Anonymous	2026-05-31 17:01:02 (3 days ago)	20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /core/init.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /aa.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /xmrlpc.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /class.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:26 +0200] "GET /goods.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:27 +0200] "GET /info.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:27 +0200] "GET /as.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:27 +0200] "GET /bb.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:27 +0200] "GET /about.php HTTP/1.1" 404 502 "-" "-" 20.63.63.224 - - [31/May/2026:19:00:27 +0200] "GET /222.php HTTP/1.1" 404 502 "-" "-" ... show less	DDoS Attack

Showing 106 to 120 of 149 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.151.75.242

🇹🇷 131.222.250.186

🇺🇸 91.230.168.141

🇺🇸 91.193.232.234

🇱🇹 81.30.98.44

🇹🇷 212.16.87.65

🇳🇱 195.178.110.30

🇨🇦 99.234.135.34

🇬🇧 89.37.172.136

🇫🇷 31.59.105.179

🇺🇸 172.203.149.63

🇺🇸 147.185.132.226

🇬🇧 87.236.176.217

🇱🇹 81.30.98.62

🇷🇴 80.94.95.211

🇷🇴 80.94.92.186

🇷🇴 80.94.92.177

🇺🇸 66.132.195.22

🇬🇧 45.129.72.245

🇺🇸 45.79.92.218