JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.116

143.20.97.116 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.116

Whois 143.20.97.116

IP Abuse Reports for 143.20.97.116:

This IP address has been reported a total of 71 times from 38 distinct sources. 143.20.97.116 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Aetherweb Ark	2026-06-07 17:37:27 (1 week ago)	(mod_security) mod_security (id:949110) triggered by 143.20.97.116 (US/United States/-): N in the la ... show more (mod_security) mod_security (id:949110) triggered by 143.20.97.116 (US/United States/-): N in the last X secs show less	Web App Attack
🇬🇧 Marten Mark	2026-06-07 14:18:19 (1 week ago)	143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /serviceAccountKey.json HTTP/2.0" 404 4597 "-" " ... show more 143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /serviceAccountKey.json HTTP/2.0" 404 4597 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" 143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /firebase-adminsdk.json HTTP/2.0" 404 4597 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" 143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /firebase-adminsdk.json HTTP/2.0" 404 4597 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" 143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /debug/pprof/cmdline HTTP/2.0" 404 4597 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" 143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /debug/pprof/cmdline HTTP/2.0" 404 4597 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" 143.20.97.116 - - [07/Jun/2026:14:18:15 +0000] "GET /admin/credentials.json HTTP/2.0" 404 4597 "-" "Mozilla/5.0 (compatible; Google-Extend ... show less	Port Scan Web App Attack
Anonymous	2026-06-07 06:29:12 (1 week ago)	143.20.97.116 - - [07/Jun/2026:08:28:53 +0200] "GET /secrets.yml HTTP/1.1" 404 29752 143.20.97.116 - ... show more 143.20.97.116 - - [07/Jun/2026:08:28:53 +0200] "GET /secrets.yml HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:53 +0200] "GET /secrets.json HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:53 +0200] "GET /application.yml HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:53 +0200] "GET /debug/pprof/cmdline HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:55 +0200] "GET /storage/logs/laravel.log HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:57 +0200] "GET /application.properties HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:57 +0200] "GET /config/application.properties HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:28:57 +0200] "GET /config/secrets.yml HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:29:09 +0200] "GET /credentials.json HTTP/1.1" 404 29752 143.20.97.116 - - [07/Jun/2026:08:29:09 +0200] "GET /service-account.json HTTP/1.1" 404 29752 ... show less	Web Spam Web App Attack
🇩🇪 EnthecSolutions	2026-06-07 06:01:54 (1 week ago)	Detected by Enthec Solutions. \| Attempts: 102 in 24h \| Target port: 443	Port Scan Hacking
🇳🇱 wlt-blocker	2026-06-07 05:36:30 (1 week ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 todix	2026-06-07 05:29:50 (1 week ago)	Web App Attack Exploid from 143.20.97.116	Web App Attack
Anonymous	2026-06-07 04:21:03 (1 week ago)	Bot / scanning and/or hacking attempts: GET /service-account-key.json HTTP/2.0, GET /credentials/goo ... show more Bot / scanning and/or hacking attempts: GET /service-account-key.json HTTP/2.0, GET /credentials/google.json HTTP/2.0, GET /admin/credentials.json HTTP/2.0, GET / HTTP/1.1, [0/0] init, [4/4] done: stream 7, GET /config.js show less	Hacking Web App Attack
🇩🇰 ScamAware	2026-06-07 03:12:33 (1 week ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 11. Unique request paths counted internally: 10. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 03:10:52 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:10:48.444465 2026] [security2:error] [pid 18061:tid 18061] [client 143.20.97.116:48450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cromaki.com"] [uri "/.git/config"] [unique_id "aiThOLr2W97991UVSowYMwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 gadix	2026-06-07 01:02:03 (1 week ago)	[07/Jun/2026:03:01:50.433676 +0200] aiTC_kSJlqJA9QmBzmOvtAAAAAY 143.20.97.116 52438 127.0.0.1 7080 [ ... show more [07/Jun/2026:03:01:50.433676 +0200] aiTC_kSJlqJA9QmBzmOvtAAAAAY 143.20.97.116 52438 127.0.0.1 7080 [07/Jun/2026:03:02:00.008125 +0200] aiTDCK6z4WI3ubjOcoMyuQAAAAI 143.20.97.116 38088 127.0.0.1 7080 [07/Jun/2026:03:02:00.084909 +0200] aiTDCESJlqJA9QmBzmOvtQAAAAY 143.20.97.116 38104 127.0.0.1 7080 ... show less	Web App Attack
🇬🇧 andypiper	2026-06-07 01:00:30 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇬🇧 Marten Mark	2026-06-06 23:56:05 (1 week ago)	143.20.97.116 - - [06/Jun/2026:23:56:04 +0000] "GET /.aws/credentials HTTP/2.0" 401 176 "-" "Mozilla ... show more 143.20.97.116 - - [06/Jun/2026:23:56:04 +0000] "GET /.aws/credentials HTTP/2.0" 401 176 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" ... show less	Web App Attack Bad Web Bot
Anonymous	2026-06-06 23:24:06 (1 week ago)	Web App Attack	Brute-Force Exploited Host Web App Attack
🇫🇷 masterguru	2026-06-06 22:57:48 (1 week ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-195)	Hacking Web App Attack
Anonymous	2026-06-06 22:34:36 (1 week ago)	Aggressive web scan	Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 210.211.99.176

🇲🇦 196.77.63.175

🇧🇷 190.115.84.25

🇰🇷 112.216.129.27

🇫🇷 90.54.55.102

🇳🇴 88.92.199.194

🇩🇪 69.5.169.157

🇹🇼 42.76.189.99

🇩🇪 35.198.139.161

🇷🇺 31.173.247.254

🇺🇸 216.9.236.161

🇫🇮 178.20.210.208

🇺🇸 165.154.202.145

🇺🇸 98.237.118.142

🇬🇧 87.236.176.102

🇬🇧 45.82.76.108

🇺🇸 44.228.200.154

🇺🇸 20.29.57.244

🇺🇸 8.229.243.88

🇵🇸 1.178.141.160