JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.215

143.20.97.215 was found in our database!

This IP was reported 88 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.215

Whois 143.20.97.215

IP Abuse Reports for 143.20.97.215:

This IP address has been reported a total of 88 times from 68 distinct sources. 143.20.97.215 was first reported on June 4th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-07 22:25:52 (3 days ago)		Brute-Force Web App Attack
🇩🇪 MBombeck	2026-06-07 06:01:17 (4 days ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇩🇪 halo.habith.eu	2026-06-07 01:10:02 (4 days ago)	Automated report from halo.habith.eu (NGINX access log). Detected 9 suspicious requests in last 200 ... show more Automated report from halo.habith.eu (NGINX access log). Detected 9 suspicious requests in last 20000 lines. Sample log lines: 143.20.97.215 - - [06/Jun/2026:06:21:29 +0200] "GET /vault.env HTTP/2.0" 403 123 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/supp\n143.20.97.215 - - [06/Jun/2026:06:21:40 +0200] "GET /.git/config HTTP/2.0" 404 3440 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/s\n143.20.97.215 - - [06/Jun/2026:06:21:40 +0200] "GET /.env HTTP/2.0" 403 123 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)"\n143.20.97.215 - - [06/Jun/2026:06:21:43 +0200] "GET /.env.production HTTP/2.0" 404 3440 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Per\n143.20.97.215 - - [06/Jun/2026:06:21:43 +0200] "GET /.env.bak HTTP/2.0" 403 123 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityB\n143.20.97.215 - - [06/Jun/2026:06:21:43 +0200] "GET /.env.d show less	DDoS Attack Ping of Death Hacking
🇨🇭 TheCoon	2026-06-06 23:30:01 (4 days ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇫🇷 SpaceHost-Server	2026-06-06 22:25:43 (4 days ago)		Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-06 22:04:47 (4 days ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking
🇬🇧 SilverZippo	2026-06-06 18:41:25 (4 days ago)	Web App Attack	Web App Attack
🇩🇪 Séfora Srl	2026-06-06 18:01:53 (5 days ago)	Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ... show more Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail show less	Bad Web Bot
🇩🇪 macrob	2026-06-06 16:52:11 (5 days ago)	2026/06/06 16:52:08 [error] 1182561#1182561: 285294705 access forbidden by rule, client: 143.20.97. ... show more 2026/06/06 16:52:08 [error] 1182561#1182561: 285294705 access forbidden by rule, client: 143.20.97.215, server: fn.binixo.es, request: "GET /.git/config HTTP/2.0", host: "li1822-160.members.linode.com" 2026/06/06 16:52:08 [error] 1182561#1182561: 285294705 access forbidden by rule, client: 143.20.97.215, server: fn.binixo.es, request: "GET /.aws/credentials HTTP/2.0", host: "li1822-160.members.linode.com" 2026/06/06 16:52:10 [error] 1182561#1182561: 285294705 access forbidden by rule, client: 143.20.97.215, server: fn.binixo.es, request: "GET /storage/logs/laravel.log HTTP/2.0", host: "li1822-160.members.linode.com" ... show less	Web App Attack
Anonymous	2026-06-06 13:54:56 (5 days ago)	(caddyscan) Scanner path probe from 143.20.97.215 (PL/Poland/-): 5 in the last 3600 secs; Ports: ; ... show more (caddyscan) Scanner path probe from 143.20.97.215 (PL/Poland/-): 5 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 143.20.97.215 - - [06/Jun/2026:13:54:49 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 143.20.97.215 - - [06/Jun/2026:13:54:49 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 143.20.97.215 - - [06/Jun/2026:13:54:52 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 143.20.97.215 - - [06/Jun/2026:13:54:52 +0000] "GET /.env.example HTTP/1.1" [REDACTED] 200 2627 143.20.97.215 - - [06/Jun/2026:13:54:52 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇺🇦 URAN Publishing Service	2026-06-06 12:42:04 (5 days ago)	143.20.97.215 - - [06/Jun/2026:15:41:50 +0300] "GET /vault.env HTTP/1.1" 404 650 "-" "Mozilla/5.0 (c ... show more 143.20.97.215 - - [06/Jun/2026:15:41:50 +0300] "GET /vault.env HTTP/1.1" 404 650 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" 143.20.97.215 - - [06/Jun/2026:15:42:03 +0300] "GET /.vault.env HTTP/1.1" 404 650 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]" ... show less	Web App Attack
🇩🇪 dbmwebdesign	2026-06-06 11:50:15 (5 days ago)	Bot detected and blocked by Fail2Ban in bytespider jail	Bad Web Bot
🇸🇬 pusathosting.com	2026-06-06 11:50:05 (5 days ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 09:36:24 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.215 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:36:20.845417 2026] [security2:error] [pid 7824:tid 7881] [client 143.20.97.215:44808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arrowsinthequiver.com"] [uri "/.env.dev"] [unique_id "aiPqFFJ4ALtFPzfZAdNzlwAAAM0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Selckie	2026-06-06 08:49:55 (5 days ago)	fail2ban: NGINX unusual impact	Web App Attack

Showing 1 to 15 of 88 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.30

🇨🇦 198.50.200.193

🇲🇽 187.191.48.9

🇩🇪 178.27.90.142

🇩🇪 176.65.132.149

🇭🇰 123.58.210.86

🇺🇸 108.181.3.205

🇱🇹 77.90.185.78

🇩🇪 69.5.169.115

🇨🇴 179.32.33.161

🇨🇱 152.173.104.202

🇺🇸 136.118.133.144

🇨🇳 115.190.14.210

🇸🇪 104.23.223.54

🇮🇩 103.147.159.91

🇱🇹 81.30.98.44

🇺🇸 34.16.249.240

🇧🇪 198.235.24.136

🇨🇳 180.184.160.246

🇳🇱 176.65.139.99