JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.174.22

185.213.174.22 was found in our database!

This IP was reported 505 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.174.22

Whois 185.213.174.22

IP Abuse Reports for 185.213.174.22:

This IP address has been reported a total of 505 times from 231 distinct sources. 185.213.174.22 was first reported on April 13th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 netclix.gr	2026-06-02 17:06:35 (1 day ago)	(mod_security) mod_security triggered on hostname [redacted] 185.213.174.22 (-): (CF_ENABLE)	SQL Injection
🇦🇺 FireGuard Server	2026-06-02 14:55:03 (1 day ago)	Blocked by OPNsense firewall; 6 hits, proto=tcp, ports=443	Port Scan Hacking
🇫🇷 France Artisanat	2026-06-02 08:49:47 (1 day ago)	ATTAQUE BRUTEFORCE EN COURS	Web Spam
🇳🇱 e.fierstra	2026-06-02 07:10:23 (1 day ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇿🇦 slartybartfast69420blazit	2026-06-01 20:17:09 (2 days ago)	Fail2ban picked up 185.213.174.22 attacking nginx	Web App Attack
Anonymous	2026-06-01 15:31:21 (2 days ago)	(caddyscan) Scanner path probe from 185.213.174.22 (NL/The Netherlands/-): 5 in the last 3600 secs; ... show more (caddyscan) Scanner path probe from 185.213.174.22 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 185.213.174.22 - - [01/Jun/2026:15:31:12 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 185.213.174.22 - - [01/Jun/2026:15:31:12 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 185.213.174.22 - - [01/Jun/2026:15:31:18 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 185.213.174.22 - - [01/Jun/2026:15:31:18 +0000] "GET /.env.local HTTP/1.1" [REDACTED] 200 2627 185.213.174.22 - - [01/Jun/2026:15:31:18 +0000] "GET /.env.example HTTP/1.1" show less	Port Scan
🇩🇪 Nevermind	2026-06-01 14:57:08 (2 days ago)	185.213.174.22 - - [01/Jun/2026:16:56:56 +0200] "GET /.aws/credentials HTTP/1.1" 404 4183 "http://fa ... show more 185.213.174.22 - - [01/Jun/2026:16:56:56 +0200] "GET /.aws/credentials HTTP/1.1" 404 4183 "http://falkensee.info/.aws/credentials" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" 185.213.174.22 - - [01/Jun/2026:16:56:58 +0200] "GET /.git/config HTTP/1.1" 403 4186 "http://falkensee.info/.git/config" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot" 185.213.174.22 - - [01/Jun/2026:16:56:58 +0200] "GET /secrets.json HTTP/1.1" 404 4183 "http://falkensee.info/secrets.json" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user" 185.213.174.22 - - [01/Jun/2026:16:57:07 +0200] "GET /.env HTTP/1.1" 403 4186 "http://falkensee.info/.env" "Mozilla/5.0 (compatible; Bytespider; [email protected])" ... show less	Web App Attack
🇩🇪 itsolon	2026-06-01 14:36:02 (2 days ago)	[01/Jun/2026:16:35:58 +0200] 178032455837.946704 185.213.174.22 58662 217.154.7.177 80 [01/Jun/2026: ... show more [01/Jun/2026:16:35:58 +0200] 178032455837.946704 185.213.174.22 58662 217.154.7.177 80 [01/Jun/2026:16:35:59 +0200] 178032455935.965762 185.213.174.22 35984 217.154.7.177 80 [01/Jun/2026:16:35:59 +0200] 178032455944.894773 185.213.174.22 58662 217.154.7.177 80 [01/Jun/2026:16:35:59 +0200] 178032455959.504162 185.213.174.22 35926 217.154.7.177 80 [01/Jun/2026:16:36:01 +0200] 178032456154.811881 185.213.174.22 35956 217.154.7.177 80 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇫🇷 Lunix	2026-06-01 14:06:55 (2 days ago)		Brute-Force Web App Attack
🇬🇧 consul.to	2026-06-01 11:04:46 (2 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Matthew Ping	2026-06-01 11:00:01 (2 days ago)	ModSecurity rule 949110 triggered on wp1. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 kosada.com	2026-06-01 10:06:37 (2 days ago)	Web vulnerability probing: /.env	Web App Attack
🇳🇱 RobotOilInc	2026-06-01 09:58:27 (2 days ago)	[Coraza - Automated] Found User-Agent associated with restricted user agent. Data: Matched Data: fo ... show more [Coraza - Automated] Found User-Agent associated with restricted user agent. Data: Matched Data: found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (compatible; Bytespider; [email protected]) show less	Hacking Bad Web Bot
🇩🇪 Gwyneth Llewelyn	2026-06-01 09:47:14 (2 days ago)	2026/06/01 10:47:05 [error] 1725770#1725770: 877083 access forbidden by rule, client: 185.213.174.2 ... show more 2026/06/01 10:47:05 [error] 1725770#1725770: 877083 access forbidden by rule, client: 185.213.174.22, server: betatechnologies.info, request: "GET /.env HTTP/2.0", host: "betatechnologies.info" 185.213.174.22 - - [01/Jun/2026:10:47:05 +0100] "GET /.env HTTP/2.0" 403 1045 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 2026/06/01 10:47:12 [error] 1725770#1725770: *877083 access forbidden by rule, client: 185.213.174.22, server: betatechnologies.info, request: "GET /app/.env HTTP/2.0", host: "betatechnologies.info" show less	Brute-Force Web App Attack
🇦🇹 Pingger Shikkoken	2026-06-01 08:40:07 (2 days ago)	2026-06-01T08:40:07+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC ... show more 2026-06-01T08:40:07+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=185.213.174.22 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=8506 DF PROTO=TCP SPT=42190 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-01T08:40:07+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=185.213.174.22 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=24316 DF PROTO=TCP SPT=45590 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-01T08:40:08+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT=ServerBridge MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=185.213.174.22 DST=10.1.1.2 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=24317 DF PROTO=TCP SPT=45590 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Hacking Bad Web Bot

Showing 16 to 30 of 505 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.77

🇩🇪 172.71.172.65

🇺🇸 147.185.132.37

🇮🇳 122.177.246.105

🇺🇸 103.234.62.70

🇳🇱 45.144.212.98

🇬🇧 35.176.11.152

🇵🇹 213.255.248.188

🇩🇪 195.230.103.243

🇨🇱 186.10.86.130

🇮🇩 180.244.24.144

🇺🇸 166.62.41.190

🇮🇳 136.232.11.10

🇮🇳 117.247.23.131

🇩🇪 43.228.157.234

🇬🇭 41.204.63.118

🇺🇸 13.67.236.135

🇰🇷 1.234.27.159

🇺🇸 2607:f8b0:4001:c07::12a

🇺🇸 205.210.31.88