JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.123

143.20.97.123 was found in our database!

This IP was reported 60 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.123

Whois 143.20.97.123

IP Abuse Reports for 143.20.97.123:

This IP address has been reported a total of 60 times from 28 distinct sources. 143.20.97.123 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇸🇪 KIDOS	2026-06-07 08:49:01 (1 week ago)	CrowdSec detected malicious activity	DDoS Attack
🇸🇪 KIDOS	2026-06-07 08:33:58 (1 week ago)	malicious activity	Web App Attack
🇫🇷 Baking333	2026-06-07 01:31:19 (1 week ago)	[redacted] 143.20.97.123 - - [07/Jun/2026:02:31:17 +0100] "GET /.aws/credentials HTTP/1.1" 302 1574 ... show more [redacted] 143.20.97.123 - - [07/Jun/2026:02:31:17 +0100] "GET /.aws/credentials HTTP/1.1" 302 1574 0/69537 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://[redacted])" [redacted] 143.20.97.123 - - [07/Jun/2026:02:31:17 +0100] "GET /.git/config HTTP/1.1" 302 1574 0/83033 "-" "anthropic-ai" show less	Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-06-07 01:12:54 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 todix	2026-06-06 22:00:55 (1 week ago)	Web App Attack Exploid from 143.20.97.123	Web App Attack
🇮🇹 [email protected]	2026-06-06 21:33:29 (1 week ago)	[Sat Jun 06 23:33:29.033486 2026] [authz_core:error] [pid 982521:tid 982573] [client 143.20.97.123:4 ... show more [Sat Jun 06 23:33:29.033486 2026] [authz_core:error] [pid 982521:tid 982573] [client 143.20.97.123:47878] AH01630: client denied by server configuration: /var/www/html/MyWeb/Public_www/.aws show less	Brute-Force Web App Attack
Anonymous	2026-06-06 21:22:12 (1 week ago)	Bot / seems abusive / Apache connections: 24	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇩🇪 raph	2026-06-06 21:17:11 (1 week ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-06 19:09:54 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 tall1oN	2026-06-06 18:44:10 (1 week ago)	143.20.97.123 - - [06/Jun/2026:20:44:09 +0200] "GET /.aws/credentials HTTP/2.0" 200 20972 "-" "Mozil ... show more 143.20.97.123 - - [06/Jun/2026:20:44:09 +0200] "GET /.aws/credentials HTTP/2.0" 200 20972 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" "diamondliferp.cc" 143.20.97.123 - - [06/Jun/2026:20:44:09 +0200] "GET /application.yml HTTP/2.0" 200 20970 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" "diamondliferp.cc" ... show less	Web App Attack Port Scan Hacking
🇫🇷 chrisj	2026-06-06 18:34:10 (1 week ago)	2026-06-06T18:34:10.171610+00:00 www.diamondaviators.net throttler[761]: Throttle IP 143.20.97.123 w ... show more 2026-06-06T18:34:10.171610+00:00 www.diamondaviators.net throttler[761]: Throttle IP 143.20.97.123 with 25 denials ... show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-06 16:01:52 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 TPI-Abuse	2026-06-06 07:16:06 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:16:01.352738 2026] [security2:error] [pid 13623:tid 13623] [client 143.20.97.123:41256] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "freightmotivity.com"] [uri "/.git/config"] [unique_id "aiPJMZlA2E2hoA7gAd7PFQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 04:52:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 00:52:54.786606 2026] [security2:error] [pid 20770:tid 20770] [client 143.20.97.123:53638] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.franklycommerce.springmeadowventures.com"] [uri "/.git/config"] [unique_id "aiOnppFTv8Zk0mrm4fESCAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 03:24:14 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.123 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 23:24:07.738956 2026] [security2:error] [pid 16702:tid 16702] [client 143.20.97.123:38704] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "foxmm.com"] [uri "/.git/config"] [unique_id "aiOS104hf2mCGVZsAb5fnAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 60 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 2a09:bac5:65b:7af::c4:4a

🇬🇧 195.206.182.194

🇧🇷 152.32.197.159

🇺🇬 102.218.89.110

🇫🇮 95.217.11.33

🇷🇺 81.211.72.167

🇬🇧 81.102.202.221

🇳🇱 81.19.216.84

🇬🇧 51.195.215.84

🇧🇷 45.205.1.242

🇹🇭 203.172.139.110

🇬🇧 188.240.59.33

🇮🇩 182.253.50.139

🇭🇰 165.154.41.56

🇧🇷 152.32.197.121

🇺🇸 150.107.38.248

🇦🇱 130.12.209.134

🇨🇳 121.225.55.155

🇨🇳 116.177.172.47

🇮🇳 103.99.14.109