JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.128

143.20.97.128 was found in our database!

This IP was reported 65 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.128

Whois 143.20.97.128

IP Abuse Reports for 143.20.97.128:

This IP address has been reported a total of 65 times from 45 distinct sources. 143.20.97.128 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-13 12:33:32 (1 week ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇩🇪 Holger	2026-06-11 09:27:10 (1 week ago)	Bruteforce WebAttack	Brute-Force Web App Attack
🇹🇷 zadmind	2026-06-08 16:41:30 (2 weeks ago)	Blocked by automated 404 tracking monitoring system.	Hacking Web App Attack
🇫🇷 IRISIO	2026-06-08 12:36:52 (2 weeks ago)	scans/SQL injection/spam posts : 15 queries	Web App Attack SQL Injection
Anonymous	2026-06-07 20:19:41 (2 weeks ago)	Fuzzing/Looking for credentials files.	Brute-Force Web App Attack
🇫🇷 dynamix	2026-06-07 17:11:39 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇧🇷 Halux	2026-06-07 15:40:30 (2 weeks ago)	143.20.97.128 Probing protected path or service	Web App Attack
🇬🇧 consul.to	2026-06-07 13:31:41 (2 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 LRob.fr	2026-06-07 13:30:08 (2 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇺🇸 Victor López	2026-06-07 13:08:14 (2 weeks ago)	lavadodepisosbogota.com 143.20.97.128 - - [07/Jun/2026:08:08:03 -0500] "GET /.git/config HTTP/2.0" 4 ... show more lavadodepisosbogota.com 143.20.97.128 - - [07/Jun/2026:08:08:03 -0500] "GET /.git/config HTTP/2.0" 403 199 "-" "anthropic-ai" lavadodepisosbogota.com 143.20.97.128 - - [07/Jun/2026:08:08:06 -0500] "GET /.env HTTP/2.0" 404 10306 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" lavadodepisosbogota.com 143.20.97.128 - - [07/Jun/2026:08:08:13 -0500] "GET /.env.example HTTP/2.0" 404 10306 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)" ... show less	Hacking Web App Attack
🇩🇪 4server	2026-06-07 11:30:31 (2 weeks ago)	[SunJun0713:30:29.1877822026][security2:error][pid3765583:tid3765760][client143.20.97.128:0]ModSecur ... show more [SunJun0713:30:29.1877822026][security2:error][pid3765583:tid3765760][client143.20.97.128:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\\|passwd\\|group$\\|www_\?acl\)\\|global\\\\\\\\.asa\\|httpd\\\\\\\\.conf\\|boot\\\\\\\\.ini\\|web.config\)\\\\\\\\b\\|$\\|\^\\|\\\\\\\\.\\\\\\\\.$/etc/\\|/\\\\\\\\.$\?:history\\|bash_history\\|sh_history\\|env$\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/etc/\"][severity\"CRITICAL\"][hostname\"laumeiconsulting.com\"][uri\"/etc/secrets/gcp-key.json\"][unique_id\"aiVWVf7pjLapy8LWWm--oQAAAQw\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 maxpower	2026-06-07 08:31:34 (2 weeks ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 143.20.97.128 (US/United States/-): 2 in ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 143.20.97.128 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 143.20.97.128 - - [07/Jun/2026:10:31:28 +0200] "GET /.aws/credentials HTTP/2.0" 404 3714 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" "143.20.97.128" host=lasfiziosapizzeria.it 143.20.97.128 - - [07/Jun/2026:10:31:31 +0200] "GET /secrets.yml HTTP/2.0" 404 3714 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" "143.20.97.128" host=lasfiziosapizzeria.it show less	Port Scan
🇺🇸 brightenfield	2026-06-07 07:26:37 (2 weeks ago)	Web App Attack	Web App Attack
🇩🇪 laotuo	2026-06-07 05:23:57 (2 weeks ago)	143.20.97.128 - - [07/Jun/2026:07:23:57 +0200] "GET /ngsw.json HTTP/1.1" 301 6248 "-" "Mozilla/5.0 ( ... show more 143.20.97.128 - - [07/Jun/2026:07:23:57 +0200] "GET /ngsw.json HTTP/1.1" 301 6248 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" show less	Bad Web Bot
🇩🇪 raph	2026-06-07 03:59:04 (2 weeks ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack

Showing 1 to 15 of 65 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 62.60.130.219

🇺🇸 45.156.129.97

🇰🇷 222.239.251.12

🇺🇸 207.90.244.26

🇬🇧 193.32.209.226

🇸🇬 188.68.3.95

🇺🇸 184.105.247.243

🇺🇸 167.172.150.4

🇺🇸 165.154.173.141

🇫🇮 147.185.133.22

🇲🇾 113.211.215.14

🇫🇷 94.23.188.208

🇸🇪 83.226.181.38

🇮🇱 77.137.74.146

🇺🇸 65.49.1.222

🇨🇳 58.144.223.69

🇺🇸 45.74.252.118

🇺🇸 44.51.135.178

🇺🇸 44.9.203.192

🇺🇸 20.64.104.142