JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.174.45

185.213.174.45 was found in our database!

This IP was reported 422 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.174.45

Whois 185.213.174.45

IP Abuse Reports for 185.213.174.45:

This IP address has been reported a total of 422 times from 209 distinct sources. 185.213.174.45 was first reported on April 14th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-23 20:39:32 (6 days ago)	ICS Labs identified 185.213.174.45 as a malicious indicator from threat intelligence.	DDoS Attack Port Scan Hacking Brute-Force Exploited Host
🇳🇱 JCB	2026-06-03 08:57:00 (3 weeks ago)	185.213.174.45 - - [02/Jun/2026:20:09:19 +0300] "GET /__/firebase/init.json HTTP/1.1" 404 236 "-" "M ... show more 185.213.174.45 - - [02/Jun/2026:20:09:19 +0300] "GET /__/firebase/init.json HTTP/1.1" 404 236 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" 185.213.174.45 - - [02/Jun/2026:20:09:22 +0300] "GET /api/config HTTP/1.1" 404 236 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" ... show less	Web App Attack Hacking
🇬🇧 consul.to	2026-06-03 01:34:48 (3 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-02 21:59:43 (3 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-01. show less	Web App Attack SSH Hacking
🇩🇪 HERA - Operations	2026-06-02 21:19:22 (3 weeks ago)	argeforum - searching for vulnerable scripts: config 2026/06/02 23:19:22	Web App Attack
🇪🇸 alferez	2026-06-02 19:43:56 (3 weeks ago)	Searching .(env\|sql\|zip\|tar\|rar) files	Hacking Exploited Host Web App Attack
🇩🇪 LRob.fr	2026-06-02 19:15:03 (3 weeks ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇦🇺 2000cn.com.au	2026-06-02 19:10:23 (3 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇬🇧 Axel	2026-06-02 18:22:37 (3 weeks ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/config ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/config Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇫🇷 ELYAZ	2026-06-02 17:45:02 (3 weeks ago)	(y3) Failed access -byebye- from 185.213.174.45 (-): (CF_ENABLE)	Hacking
🇩🇪 Starburst SysOp Team	2026-06-02 15:54:01 (3 weeks ago)	Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 45.174.213.185.rbl.malw ... show more Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 45.174.213.185.rbl.malware.expert succeeded at REQUEST_HEADERS:x-forwarded-for. (1001000-nue6-2) show less	Hacking
🇧🇪 Ivo Vynckier	2026-06-02 12:46:00 (3 weeks ago)	185.213.174.45 - - [01/Jun/2026:12:23:11 +0200] "GET /vault.env HTTP/1.1" 301 296 "-" "Mozilla/5.0 A ... show more 185.213.174.45 - - [01/Jun/2026:12:23:11 +0200] "GET /vault.env HTTP/1.1" 301 296 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot" 185.213.174.45 - - [01/Jun/2026:12:23:11 +0200] "GET /.aws/credentials HTTP/1.1" 301 303 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" 185.213.174.45 - - [01/Jun/2026:12:23:16 +0200] "GET /secrets.json HTTP/1.1" 301 299 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" show less	Hacking
🇦🇺 obiahmar	2026-06-02 10:22:51 (3 weeks ago)	This IP was detected triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇧🇪 voormedia	2026-06-02 09:33:58 (3 weeks ago)	Accessed trap at '/.aws/credentials'	Web App Attack
🇧🇪 cmbplf	2026-06-01 12:44:26 (4 weeks ago)	127 requests with url.path *.env	Brute-Force Bad Web Bot

Showing 1 to 15 of 422 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.187.176.80

🇦🇷 181.47.9.103

🇸🇪 135.116.20.17

🇨🇳 101.126.55.67

🇨🇳 101.126.54.66

🇺🇸 64.62.197.199

🇺🇸 64.62.197.129

🇺🇸 45.55.226.206

🇺🇸 20.14.79.120

🇮🇹 2.57.170.176

🇨🇱 186.64.123.124

🇺🇸 185.180.141.3

🇺🇸 185.180.141.2

🇳🇬 165.154.10.165

🇻🇳 123.25.115.189

🇸🇬 107.155.56.47

🇨🇳 106.75.185.227

🇨🇳 101.126.53.14

🇺🇸 45.40.132.150

🇺🇸 45.39.12.34