JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.63.68.41

20.63.68.41 was found in our database!

This IP was reported 173 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.63.68.41

Whois 20.63.68.41

IP Abuse Reports for 20.63.68.41:

This IP address has been reported a total of 173 times from 152 distinct sources. 20.63.68.41 was first reported on June 24th 2026, and the most recent report was 5 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 elleray	2026-06-25 12:17:00 (5 minutes ago)	Apache noscript intrusion Banned by Fail2Ban	Brute-Force Web App Attack Hacking
🇬🇧 cybersteve99	2026-06-25 12:12:55 (9 minutes ago)	Too many 4xx Requests -	Brute-Force Web App Attack
🇩🇪 yvoictra	2026-06-25 12:10:37 (11 minutes ago)	Bloqueado automáticamente por CrowdSec. Escenario: crowdsecurity/http-probing	Web App Attack
🇺🇸 WellSpring	2026-06-25 12:07:26 (14 minutes ago)	Automated probe detected by Ody Sentinel / WellSpr.ing. Type: wordpress_content. Path: /wp-content/p ... show more Automated probe detected by Ody Sentinel / WellSpr.ing. Type: wordpress_content. Path: /wp-content/plugins/hellopress/wp_filemanager.php. Auto-blocked after threshold exceeded. Dossier: https://wellspr.ing/dossier/sentinel-20-63-68-41 show less	Web App Attack
🇺🇸 ruusvuu	2026-06-25 12:00:34 (21 minutes ago)	Automated abuse report: 50 attack/probe requests from Microsoft Corporation / CA. Targeted paths: /w ... show more Automated abuse report: 50 attack/probe requests from Microsoft Corporation / CA. Targeted paths: /wp-content/plugins/hellopress/wp_filemanager.php, /this_is_a_new_hello_world.php, /x.php, /by.php, /cxs.php. Sample log lines: [mir-org] [6/25/2026, 5:00:34 AM] GET .mirregistry.org/koala.php 404 20.63.68.41 - 0.777 ms [mir-org] [6/25/2026, 5:00:34 AM] GET .mirregistry.org/mac.php 404 20.63.68.41 - 0.975 ms [mir-org] [6/25/2026, 5:00:34 AM] GET .mirregistry.org/25d653587fdfd1.php 404 20.63.68.41 - 1.099 ms Detected by an automated web-server log monitor. show less	Web App Attack
Anonymous	2026-06-25 11:58:13 (23 minutes ago)	[Thu Jun 25 13:58:12.544042 2026] [authz_core:error] [pid 20637] [client 20.63.68.41:59508] AH01630: ... show more [Thu Jun 25 13:58:12.544042 2026] [authz_core:error] [pid 20637] [client 20.63.68.41:59508] AH01630: client denied by server configuration: /etc/httpd/htdocs [Thu Jun 25 13:58:12.641624 2026] [authz_core:error] [pid 20637] [client 20.63.68.41:59508] AH01630: client denied by server configuration: /etc/httpd/htdocs [Thu Jun 25 13:58:12.739245 2026] [authz_core:error] [pid 20637] [client 20.63.68.41:59508] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇫🇷 airstream	2026-06-25 11:57:03 (25 minutes ago)	Brute-force / scan on app.air-stream.io	Brute-Force SSH
🇩🇪 maxpower	2026-06-25 11:54:23 (27 minutes ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.63.68.41 (CA/Canada/-): 1 in the last 3600 ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.63.68.41 (CA/Canada/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.63.68.41 - - [25/Jun/2026:13:54:16 +0200] "GET /aa2.php HTTP/1.1" 301 280 "-" "-" "-" host=neiataviaggi.com show less	Port Scan
🇩🇪 Ba-Yu	2026-06-25 11:47:11 (34 minutes ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇮🇩 Burayot	2026-06-25 11:42:33 (39 minutes ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.63.68.41 (CA/Canada/-): 2 in the ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.63.68.41 (CA/Canada/-): 2 in the last 3600 secs show less	Web App Attack
🇩🇪 maxpower	2026-06-25 11:39:18 (42 minutes ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.63.68.41 (CA/Canada/-): 1 in the last 3600 ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.63.68.41 (CA/Canada/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.63.68.41 - - [25/Jun/2026:13:39:12 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 328 "-" "-" "-" host=www.ingenioprogetti.com show less	Port Scan
🇩🇪 Skyrider	2026-06-25 11:36:55 (45 minutes ago)	crowdsecurity/http-crawl-non_statics	Bad Web Bot
🇵🇱 strefapi_com	2026-06-25 11:35:40 (46 minutes ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
Anonymous	2026-06-25 11:33:09 (48 minutes ago)	...	Web App Attack
🇵🇱 ketovoila.pl	2026-06-25 11:32:56 (49 minutes ago)	ketovoila.pl web app/PHP backdoor scan: hits=20; unique_paths=20; sample_paths=/201.php,/7.php,/bles ... show more ketovoila.pl web app/PHP backdoor scan: hits=20; unique_paths=20; sample_paths=/201.php,/7.php,/bless.php; UA=""; window=2026-06-25T11:32:56Z..2026-06-25T11:32:57Z show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 173 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 168.195.97.120

🇰🇷 134.185.115.56

🇨🇳 112.86.225.110

🇦🇺 91.124.88.16

🇳🇱 45.148.10.151

🇧🇷 45.140.192.187

🇻🇳 27.79.47.240

🇨🇳 218.13.26.42

🇬🇧 167.172.50.254

🇺🇸 135.222.40.18

🇻🇳 103.252.123.105

🇰🇷 61.76.112.4

🇺🇸 35.185.100.196

🇺🇸 34.234.206.30

🇮🇳 2401:4900:45c7:7a3b:170:4eeb:f6b7:df45

🇨🇳 182.113.184.79

🇪🇸 158.158.47.67

🇳🇱 157.245.79.182

🇳🇱 45.198.224.115

🇺🇸 155.103.69.40