JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.216

143.20.97.216 was found in our database!

This IP was reported 87 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.216

Whois 143.20.97.216

IP Abuse Reports for 143.20.97.216:

This IP address has been reported a total of 87 times from 69 distinct sources. 143.20.97.216 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 andreighitan	2026-06-12 11:16:33 (1 week ago)	Coordinated attack against 84.46.253.134. Webshell scanning, PHPUnit RCE, credential harvesting, PHP ... show more Coordinated attack against 84.46.253.134. Webshell scanning, PHPUnit RCE, credential harvesting, PHP vuln scanning. Active June 7-11 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Web App Attack Brute-Force
🇩🇪 pscriptos	2026-06-07 17:30:33 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇩🇪 MBombeck	2026-06-07 17:26:09 (2 weeks ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇩🇪 Reinhard	2026-06-07 13:49:16 (2 weeks ago)	Unknown activity, but too many attacks with too many users.	Hacking
🇫🇮 as211431.net	2026-06-07 12:52:55 (2 weeks ago)	Triggered Cloudflare WAF (firewallCustom) from PL. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 ... show more Triggered Cloudflare WAF (firewallCustom) from PL. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: /openapi.json UA: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇭🇺 DumaNet	2026-06-07 05:58:00 (2 weeks ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 05. 21:54:45 Source IP: 143.20 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 05. 21:54:45 Source IP: 143.20.97.216 Portion of the log(s): 143.20.97.216 - [05/Jun/2026:21:54:43 +0200] "GET /config/secrets.yml HTTP/1.1" 404 153 "http://[removed].eu/config/secrets.yml" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user" 143.20.97.216 - [05/Jun/2026:21:54:41 +0200] "GET /.env.local HTTP/1.1" 404 153 "http://[removed].eu/.env.local" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" 143.20.97.216 - [05/Jun/2026:21:54:40 +0200] "GET /.env HTTP/1.1" 404 153 "http://[removed].eu/.env" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" 143.20.97.216 - [05/Jun/2026:21:54:40 +0200] "GET /.env.production HTTP/1.1" 404 153 "http://[removed].eu/.env.production" "anthropic-ai" 143.20.97.216 - [05/Jun/2026:21:54:40 +0200] "GET /.env.example HTTP/1.1" 404 show less	Web App Attack Hacking
🇬🇧 openstrike.co.uk	2026-06-07 05:13:20 (2 weeks ago)	40 attacks on VC URLs, env grabbing URLs, config grabbing URLs (type 2), password grabbing URLs: GET ... show more 40 attacks on VC URLs, env grabbing URLs, config grabbing URLs (type 2), password grabbing URLs: GET /.git/config HTTP/1.1 GET /.env.bak HTTP/1.1 GET /env.json HTTP/1.1 GET /.aws/credentials HTTP/1.1 show less	Hacking
🇳🇱 e.fierstra	2026-06-07 02:25:46 (2 weeks ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-07 01:06:50 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇬🇧 andypiper	2026-06-07 01:00:51 (2 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇲🇾 Rizzy	2026-06-07 00:59:28 (2 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇳🇱 i-turnradio.nl	2026-06-07 00:37:00 (2 weeks ago)	2026-06-07 @ 02:36:59 (CET) ~ Blocked for trying to access: /.aws/credentials	Web App Attack
🇳🇱 i-turnradio.nl	2026-06-07 00:15:39 (2 weeks ago)	2026-06-07 @ 02:15:39 (CET) ~ Blocked for trying to access: /secrets.json	Web App Attack
🇫🇷 mrcrassi	2026-06-07 00:15:07 (2 weeks ago)	Triggered Cloudflare WAF (firewallManaged) from PL. Action taken: BLOCK Protocol: HTTP/2 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from PL. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /health UA: Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-06-06 22:00:54 (2 weeks ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking

Showing 1 to 15 of 87 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.246

🇺🇸 143.137.165.92

🇺🇸 143.137.165.81

🇧🇿 45.227.254.155

🇸🇬 35.240.150.235

🇨🇭 34.65.50.58

🇶🇦 34.18.133.4

🇫🇷 2a01:e0a:987:2e60:5c8a:d13f:b28d:6e3d

🇷🇴 193.46.255.86

🇩🇪 176.110.104.103

🇺🇸 162.216.150.35

🇺🇸 143.137.165.75

🇺🇸 143.137.165.69

🇺🇸 143.137.165.63

🇺🇸 143.137.165.60

🇫🇷 88.166.28.185

🇮🇳 52.140.124.214

🇳🇱 45.148.10.152

🇸🇬 43.172.198.181

🇬🇧 35.203.210.19