JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 143.20.97.222

143.20.97.222 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 84%: ?

84%

ISP	Internet Utilities Europe and Asia Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS214481
Domain Name	netutils.io
Country	🇵🇱 Poland
City	Warsaw, Mazovia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 143.20.97.222

Whois 143.20.97.222

IP Abuse Reports for 143.20.97.222:

This IP address has been reported a total of 35 times from 19 distinct sources. 143.20.97.222 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Matthew Ping	2026-06-06 00:46:21 (1 week ago)	ModSecurity rule 949110 triggered on wp1. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 floreriaexpress	2026-06-05 10:09:53 (1 week ago)	FakeADS-Anti: fake_bot:fake_googlebot \| https://floreriaexpresschile.cl/server.env	Bad Web Bot Web App Attack
Anonymous	2026-06-05 06:39:18 (1 week ago)	by Attack Lagwatch(gw)	DDoS Attack Web Spam Hacking Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 06:32:01 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 02:31:58.326239 2026] [security2:error] [pid 20094:tid 20094] [client 143.20.97.222:52112] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cerrovictoria.com"] [uri "/.git/config"] [unique_id "aiJtXlGNDMnoJ32LFaiEOgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 05:48:44 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 01:48:38.560455 2026] [security2:error] [pid 4474:tid 4474] [client 143.20.97.222:48736] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "centrovision21.opticasprisma.com"] [uri "/.git/config"] [unique_id "aiJjNrpiYabscqr4SfOuiAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-05 04:06:41 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 03:53:11 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:53:04.216971 2026] [security2:error] [pid 11990:tid 11990] [client 143.20.97.222:35920] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "celebritybikinigossip.com"] [uri "/.git/config"] [unique_id "aiJIIP-a3umBUcqm2Nj-JgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 alferez	2026-06-05 02:57:33 (1 week ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇩🇪 paissangroup	2026-06-05 02:39:16 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 mw	2026-06-05 02:20:02 (1 week ago)	GET /vault.env HTTP/1.1	Web App Attack
🇺🇸 Vianpyro	2026-06-05 02:01:05 (1 week ago)	Honeypot: 64 request(s) in 0 min. Paths: /, /.aws/credentials, /vault.env, /application.yml, /.git/c ... show more Honeypot: 64 request(s) in 0 min. Paths: /, /.aws/credentials, /vault.env, /application.yml, /.git/config. Method(s): GET. UA: meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters. ASN: 214481 (NET 143 20 97 0 24). show less	Web App Attack Bad Web Bot Hacking Brute-Force
🇩🇪 Skyrider	2026-06-05 01:41:07 (1 week ago)	crowdsecurity/http-sensitive-files	Hacking
🇺🇸 TPI-Abuse	2026-06-05 00:40:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 20:40:45.259466 2026] [security2:error] [pid 30559:tid 30559] [client 143.20.97.222:56356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cdn.heavyglare.com"] [uri "/.git/config"] [unique_id "aiIbDVFGiC8pJeozkkY97AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 00:12:58 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 143.20.97.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 20:12:51.254059 2026] [security2:error] [pid 20375:tid 20375] [client 143.20.97.222:60014] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cdn.customdesignsbybjp.com"] [uri "/.git/config"] [unique_id "aiIUg_LfTVuTxIOwK6qLmwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-06-04 23:17:10 (1 week ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 143.20.97.222 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 143.20.97.222 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.247.127.250

🇳🇱 195.178.110.204

🇯🇴 176.29.79.19

🇭🇰 152.32.170.55

🇨🇳 122.6.190.94

🇨🇳 111.225.148.249

🇫🇷 91.196.152.104

🇧🇷 35.198.46.177

🇺🇸 20.168.122.88

🇦🇷 200.114.101.109

🇲🇽 187.161.231.238

🇧🇷 187.9.247.58

🇧🇷 179.127.37.248

🇿🇦 165.165.120.169

🇫🇷 144.91.92.0

🇺🇸 135.237.124.21

🇮🇩 119.47.90.19

🇨🇳 116.114.84.246

🇨🇳 114.217.10.60

🇨🇳 111.225.148.238