JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.117

143.20.97.117 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.117

Whois 143.20.97.117

IP Abuse Reports for 143.20.97.117:

This IP address has been reported a total of 53 times from 27 distinct sources. 143.20.97.117 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-06 22:50:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 18:50:54.794107 2026] [security2:error] [pid 31542:tid 31542] [client 143.20.97.117:60204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "customdesignsbybjp.com"] [uri "/.git/config"] [unique_id "aiSkToktOBExMPPXT0rWCAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 22:39:01 (1 week ago)	Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /sitemap.xml HTTP/1.1, GET /robots.txt H ... show more Bot / scanning and/or hacking attempts: GET / HTTP/1.1, GET /sitemap.xml HTTP/1.1, GET /robots.txt HTTP/1.1, GET /config/application.properties HTTP/1.1, GET /secrets.json HTTP/1.1, GET /application.yml HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /.git/config HTTP/1.1, GET /secrets.yml HTTP/1.1, GET /debug/pprof/cmdline HTTP/1.1, GET /application.properties HTTP/1.1 show less	Hacking Web App Attack
🇦🇺 2000cn.com.au	2026-06-06 22:21:57 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇮🇹 www.tana.it	2026-06-06 22:10:13 (1 week ago)	PHP scan	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-06 22:00:26 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-06-06 21:44:09 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 17:44:04.566138 2026] [security2:error] [pid 26388:tid 26388] [client 143.20.97.117:57862] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "logosformacion.net"] [uri "/.git/config"] [unique_id "aiSUpJ_FmKQ6azdxMGNRPAAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 gamabe	2026-06-06 20:37:46 (1 week ago)	Detected crowdsecurity/http-dos-swithcing-ua attack pattern. Reported by CrowdSec IDS.	Hacking
Anonymous	2026-06-06 19:25:02 (1 week ago)	suspicious request in access.log	Web App Attack
🇩🇪 maxpower	2026-06-06 18:03:41 (1 week ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 143.20.97.117 (US/United States/-): 2 in ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 143.20.97.117 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 143.20.97.117 - - [06/Jun/2026:20:03:37 +0200] "GET /secrets.yml HTTP/2.0" 404 8470 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" "143.20.97.117" host=ctpescara.it 143.20.97.117 - - [06/Jun/2026:20:03:37 +0200] "GET /.aws/credentials HTTP/2.0" 404 8470 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user" "143.20.97.117" host=ctpescara.it show less	Port Scan
Anonymous	2026-06-06 17:19:37 (1 week ago)	Aggressive web scan	Web App Attack
🇬🇧 consul.to	2026-06-06 16:56:19 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 markawes	2026-06-06 16:19:57 (1 week ago)	[markis] Auto banned by Fail2Ban. Reason: Malicious web scan / attempted access to sensitive paths. ... show more [markis] Auto banned by Fail2Ban. Reason: Malicious web scan / attempted access to sensitive paths. Evidence: 143.20.97.117 - - [06/Jun/2026:17:19:48 +0100] "GET /.git/config HTTP/1.1" 404 431 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 143.20.97.117 - - [06/Jun/2026:17:19:48 +0100] "GET /.aws/credentials HTTP/1.1" 404 431 "-" "anthropic-ai" 143.20.97.117 - - [06/Jun/2026:17:19:54 +0100] "GET /.env.example HTTP/1.1" 404 431 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]" show less	Port Scan Hacking Web App Attack
🇩🇪 Inamin	2026-06-06 10:28:44 (1 week ago)	143.20.97.117 - - [06/Jun/2026:17:30:29 +0800] "GET /.aws/credentials HTTP/2.0" 404 36766 "-" "Mozil ... show more 143.20.97.117 - - [06/Jun/2026:17:30:29 +0800] "GET /.aws/credentials HTTP/2.0" 404 36766 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" 143.20.97.117 - - [06/Jun/2026:18:28:43 +0800] "GET /.aws/credentials HTTP/2.0" 404 28878 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" ... show less	Hacking SQL Injection
🇨🇭 zynex	2026-06-06 10:06:06 (1 week ago)	URL Probing: /.env	Web App Attack
Anonymous	2026-06-06 09:33:51 (1 week ago)	[Sat Jun 06 11:33:44.468431 2026] [authz_core:error] [pid 91693:tid 91719] [client 143.20.97.117:337 ... show more [Sat Jun 06 11:33:44.468431 2026] [authz_core:error] [pid 91693:tid 91719] [client 143.20.97.117:33780] AH01630: client denied by server configuration: /var/www/html/ [Sat Jun 06 11:33:46.858526 2026] [authz_core:error] [pid 91693:tid 91699] [client 143.20.97.117:33780] AH01630: client denied by server configuration: /var/www/html/vault.env [Sat Jun 06 11:33:49.092944 2026] [authz_core:error] [pid 91693:tid 91701] [client 143.20.97.117:33780] AH01630: client denied by server configuration: /var/www/html/robots.txt [Sat Jun 06 11:33:50.867970 2026] [authz_core:error] [pid 91693:tid 91706] [client 143.20.97.117:33832] AH01630: client denied by server configuration: /var/www/html/application.yml [Sat Jun 06 11:33:50.996029 2026] [authz_core:error] [pid 91693:tid 91713] [client 143.20.97.117:33824] AH01630: client denied by server configuration: /var/www/html/sitemap.xml ... show less	Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:fb54:99b::

🇵🇰 182.189.92.48

🇺🇸 142.93.249.226

🇺🇸 107.170.65.169

🇺🇸 107.155.87.145

🇰🇿 95.56.207.2

🇬🇧 87.236.176.2

🇷🇺 46.160.165.239

🇮🇳 20.244.18.126

🇨🇦 16.54.234.180

🇮🇩 2406:da19:776:6e01:9af7:6da1:190f:aa85

🇧🇷 205.210.31.234

🇫🇮 178.20.210.208

🇨🇳 171.217.92.33

🇨🇳 122.96.28.23

🇧🇬 79.124.62.230

🇲🇾 47.250.135.156

🇨🇳 27.215.132.121

🇯🇵 193.111.31.193

🇺🇸 193.34.72.66