JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.213

143.20.97.213 was found in our database!

This IP was reported 75 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.213

Whois 143.20.97.213

IP Abuse Reports for 143.20.97.213:

This IP address has been reported a total of 75 times from 56 distinct sources. 143.20.97.213 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 paulshipley.com.au	2026-06-07 18:14:26 (1 week ago)	[Mon Jun 08 04:14:26.570748 2026] [security2:error] [pid 5767] [client 143.20.97.213:45790] [client ... show more [Mon Jun 08 04:14:26.570748 2026] [security2:error] [pid 5767] [client 143.20.97.213:45790] [client 143.20.97.213] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "shop.levellapromotions.com.au"] [uri "/.aws/credentials"] [unique_id "aiW1AtT2MfHIwMLz4uWNqAAAAAA"] ... show less	Web App Attack
🇩🇪 paissangroup	2026-06-07 07:24:06 (1 week ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-07 07:21:59 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 143.20.97.213 (US/United States/-)	SQL Injection
🇩🇪 FeG Deutschland	2026-06-07 06:13:44 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
Anonymous	2026-06-07 05:35:08 (1 week ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇨🇿 akac	2026-06-07 05:00:49 (1 week ago)	Web vulnerability scanning: HTTP/2 GET /.aws/credentials	Hacking Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRNP	2026-06-07 03:23:12 (1 week ago)	_:80 143.20.97.213 - - [07/Jun/2026:03:23:05 +0000] "GET /.aws/credentials HTTP/1.1" 404 118 "-" "Mo ... show more _:80 143.20.97.213 - - [07/Jun/2026:03:23:05 +0000] "GET /.aws/credentials HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" _:80 143.20.97.213 - - [07/Jun/2026:03:23:09 +0000] "GET /robots.txt HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.6; rv:132.0) Gecko/20100101 Firefox/132.0" _:80 143.20.97.213 - - [07/Jun/2026:03:23:09 +0000] "GET /application.yml HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" _:80 143.20.97.213 - - [07/Jun/2026:03:23:09 +0000] "GET /.git/config HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" _:80 143.20.97.213 - - [07/Jun/2026:03:23:09 +0000] "GET /debug/pprof/cmdline HTTP/1.1" 404 118 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]" _:80 143.20.97.213 - - [07/Jun/2026:03:23:12 +0000] "GET /sitemap.xml HTTP/1.1" 404 181 "-" "Mozi ... show less	Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-06-07 02:22:55 (1 week ago)	143.20.97.213 - - [07/Jun/2026:05:22:54 +0300] "GET /.vault.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 A ... show more 143.20.97.213 - - [07/Jun/2026:05:22:54 +0300] "GET /.vault.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" 143.20.97.213 - - [07/Jun/2026:05:22:55 +0300] "GET /vault.env HTTP/1.1" 404 628 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" ... show less	Web App Attack
Anonymous	2026-06-06 23:29:17 (1 week ago)	Blocked by ModSec and CSF	Port Scan
🇳🇱 homeshowdomain.nl	2026-06-06 22:02:54 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking
🇬🇧 consul.to	2026-06-06 21:09:20 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇦🇺 Anytech	2026-06-06 19:04:18 (1 week ago)	Blocked by Conn-Monitor	Web App Attack
🇳🇱 debestelapp	2026-06-06 18:40:07 (1 week ago)		Web App Attack
🇳🇱 Roderic	2026-06-06 18:35:11 (1 week ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted])	Bad Web Bot
🇩🇪 Viveronese	2026-06-06 18:08:32 (1 week ago)	HTTP vulnerability scanning	Web App Attack

Showing 1 to 15 of 75 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.74.196.10

🇲🇽 187.216.224.85

🇧🇴 181.188.176.242

🇨🇳 120.230.21.41

🇨🇳 112.12.159.92

🇩🇪 46.101.150.99

🇰🇷 1.235.192.214

🇺🇸 136.117.57.173

🇺🇸 135.237.126.114

🇨🇳 115.55.29.173

🇮🇳 103.175.62.33

🇮🇳 103.97.215.11

🇬🇧 87.106.44.172

🇮🇱 35.252.12.165

🇫🇮 35.228.82.22

🇨🇳 8.138.85.185

🇦🇲 178.160.228.254

🇨🇳 163.204.42.139

🇮🇩 114.10.47.235

🇵🇱 87.251.64.149