JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.217

143.20.97.217 was found in our database!

This IP was reported 78 times. Confidence of Abuse is 100%: ?

100%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.217

Whois 143.20.97.217

IP Abuse Reports for 143.20.97.217:

This IP address has been reported a total of 78 times from 60 distinct sources. 143.20.97.217 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-08 05:13:35 (1 week ago)	26 attacks on config grabbing URLs (type 2), env grabbing URLs: GET /env.json HTTP/1.1 GET /.env.doc ... show more 26 attacks on config grabbing URLs (type 2), env grabbing URLs: GET /env.json HTTP/1.1 GET /.env.docker HTTP/1.1 show less	Hacking
🇳🇱 homeshowdomain.nl	2026-06-07 21:59:25 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-07	Web App Attack SSH Hacking
🇩🇪 webanyone	2026-06-07 21:15:24 (1 week ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇺🇸 interbiznw.com	2026-06-07 20:21:50 (1 week ago)	fail2ban-ban	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 paissangroup	2026-06-07 14:55:44 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 london2038.com	2026-06-07 11:30:17 (1 week ago)	Probing for exploits 143.20.97.217 - - [07/Jun/2026:13:30:16 +0200] "GET /vault.env HTTP/2.0" 422 0 ... show more Probing for exploits 143.20.97.217 - - [07/Jun/2026:13:30:16 +0200] "GET /vault.env HTTP/2.0" 422 0 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)" 143.20.97.217 - - [07/Jun/2026:13:30:16 +0200] "GET /.vault.env HTTP/2.0" 422 0 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" show less	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-07 11:11:14 (1 week ago)	Excessive multi-domain requests	Brute-Force
🇦🇺 aranguren.org	2026-06-07 09:06:32 (1 week ago)	143.20.97.217 - - [07/Jun/2026:19:06:28 +1000] "GET /application.yml HTTP/1.1" 404 989 "-" "Mozilla/ ... show more 143.20.97.217 - - [07/Jun/2026:19:06:28 +1000] "GET /application.yml HTTP/1.1" 404 989 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" 143.20.97.217 - - [07/Jun/2026:19:06:28 +1000] "GET /secrets.json HTTP/1.1" 404 989 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 143.20.97.217 - - [07/Jun/2026:19:06:31 +1000] "GET /.aws/credentials HTTP/1.1" 404 989 "-" "anthropic-ai" 143.20.97.217 - - [07/Jun/2026:19:06:31 +1000] "GET /debug/pprof/cmdline HTTP/1.1" 404 989 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" 143.20.97.217 - - [07/Jun/2026:19:06:31 +1000] "GET /.git/config HTTP/1.1" 404 989 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 143.20.97.217 - - [07/Jun/2026:19:06:31 +1000] "GET /secrets.yml HTTP/1.1" 404 989 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" ... show less	Bad Web Bot
🇨🇭 lufi	2026-06-07 08:41:14 (1 week ago)	2026-06-07 10:41:13 143.20.97.217: blacklistedPath: /.aws/credentials ...	Web Spam Brute-Force Hacking Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-07 08:38:32 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 FeG Deutschland	2026-06-07 08:34:14 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇬🇧 Andrew	2026-06-07 06:00:25 (1 week ago)	143.20.97.217 - - [07/Jun/2026:06:00:12 +0000] "GET /.git/config HTTP/1.1" 404 18361 "http://lu7crea ... show more 143.20.97.217 - - [07/Jun/2026:06:00:12 +0000] "GET /.git/config HTTP/1.1" 404 18361 "http://lu7creative.net/.git/config" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user" 143.20.97.217 - - [07/Jun/2026:06:00:14 +0000] "GET /storage/logs/laravel.log HTTP/1.1" 404 17419 "http://lu7creative.net/storage/logs/laravel.log" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)" 143.20.97.217 - - [07/Jun/2026:06:00:15 +0000] "GET /.env HTTP/1.1" 404 18354 "http://lu7creative.net/.env" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)" 143.20.97.217 - - [07/Jun/2026:06:00:19 +0000] "GET /.env.example HTTP/1.1" 404 18362 "http://lu7creative.net/.env.example" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" 143.20.97.217 - - [07/Jun/2026:06:00:24 +0000] "GET /.env.bak HTTP/1.1" 404 18358 "http://lu7creative.net/.env.bak" "Mozilla ... show less	Hacking Web App Attack
🇬🇧 pinguin	2026-06-07 05:56:56 (1 week ago)	Triggered Cloudflare WAF (firewallManaged) from PL. Action taken: BLOCK Protocol: HTTP/2 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from PL. Action taken: BLOCK Protocol: HTTP/2 (GET method) Endpoint: /ngsw.json UA: Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇬🇧 openstrike.co.uk	2026-06-07 05:13:02 (1 week ago)	28 attacks on VC URLs, env grabbing URLs, PHP URLs, config grabbing URLs (type 2), password grabbing ... show more 28 attacks on VC URLs, env grabbing URLs, PHP URLs, config grabbing URLs (type 2), password grabbing URLs: GET /.git/config HTTP/1.1 GET /.env.docker HTTP/1.1 GET /wp-config.php~ HTTP/1.1 GET /app-config.json HTTP/1.1 GET /.aws/credentials HTTP/1.1 show less	Hacking Web App Attack
🇭🇺 DumaNet	2026-06-07 04:07:00 (1 week ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 06. 06:43:20 Source IP: 143.20 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 06. 06:43:20 Source IP: 143.20.97.217 Portion of the log(s): 143.20.97.217 - [06/Jun/2026:06:43:20 +0200] "GET /.env.backup HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" 143.20.97.217 - [06/Jun/2026:06:43:18 +0200] "GET /.env.development HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" 143.20.97.217 - [06/Jun/2026:06:43:18 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" 143.20.97.217 - [06/Jun/2026:06:43:18 +0200] "GET /.env.example HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" 143.20.97.217 - [06/Jun/2026:06:43:17 +0200] "GET /secrets.yml HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like show less	Web App Attack

Showing 1 to 15 of 78 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.149.213

🇰🇷 112.216.129.27

🇨🇳 101.71.220.37

🇨🇴 181.237.253.177

🇨🇳 116.198.232.100

🇷🇴 80.94.92.164

🇸🇬 68.178.160.25

🇺🇸 67.21.32.64

🇺🇸 66.132.224.25

🇺🇸 2607:f8b0:4003:c01::129

🇦🇷 186.19.188.69

🇧🇩 182.48.80.240

🇺🇸 91.209.228.154

🇫🇷 75.119.140.204

🇳🇱 45.148.10.157

🇬🇧 185.247.137.204

🇺🇸 162.216.150.173

🇮🇩 103.100.84.116

🇧🇪 198.235.24.192

🇨🇳 153.0.126.27