JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.174.51

185.213.174.51 was found in our database!

This IP was reported 437 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.174.51

Whois 185.213.174.51

IP Abuse Reports for 185.213.174.51:

This IP address has been reported a total of 437 times from 218 distinct sources. 185.213.174.51 was first reported on April 11th 2026, and the most recent report was 22 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hary74656	2026-04-28 15:27:25 (1 month ago)	[Tue Apr 28 17:27:18.320604 2026] [security2:error] [pid 116721:tid 116791] [client 185.213.174.51:3 ... show more [Tue Apr 28 17:27:18.320604 2026] [security2:error] [pid 116721:tid 116791] [client 185.213.174.51:36854] [client 185.213.174.51] ModSecurity: Access denied with code 403 (phase 2). Matched phrase ".aws/config" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: .aws/config found within REQUEST_FILENAME: /.aws/config"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "www.bienchen.at"] [uri "/.aws/config"] [unique_id "afDR1vo5ZL6Eb2Gxy_awLgAAANU"] [Tue Apr 28 17:27:19.200379 2026] [security2:error] [pid 117323:tid 117405] [client 185.213.174.51:36870] [client 185.213.174.51] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILE ... show less	Web App Attack
🇬🇧 Mendip_Defender	2026-04-28 15:05:35 (1 month ago)	185.213.174.51 - - [28/Apr/2026:16:05:05 +0100] "GET /robots.txt HTTP/1.0" 404 4848 "-" "Mozilla/5.0 ... show more 185.213.174.51 - - [28/Apr/2026:16:05:05 +0100] "GET /robots.txt HTTP/1.0" 404 4848 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Claude-SearchBot/1.0; [email protected])" 185.213.174.51 - - [28/Apr/2026:16:05:29 +0100] "GET /app-config.json HTTP/1.0" 404 4848 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 9) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36" 185.213.174.51 - - [28/Apr/2026:16:05:29 +0100] "GET /config.json HTTP/1.0" 404 4848 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0" ... show less	Hacking Web App Attack
🇩🇪 iNetWorker	2026-04-28 12:26:26 (1 month ago)	trolling for resource vulnerabilities	Web App Attack
🇳🇱 ConsulHosting	2026-04-28 12:11:35 (1 month ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇷🇴 INTEQ	2026-04-28 08:56:13 (1 month ago)	Web attack from 185.213.174.51	Web App Attack
🇦🇺 aranguren.org	2026-04-28 08:10:39 (1 month ago)	185.213.174.51 - - [28/Apr/2026:18:10:01 +1000] "GET /functions.js.map HTTP/1.1" 404 989 "-" "Mozill ... show more 185.213.174.51 - - [28/Apr/2026:18:10:01 +1000] "GET /functions.js.map HTTP/1.1" 404 989 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" 185.213.174.51 - - [28/Apr/2026:18:10:10 +1000] "GET /piwik HTTP/1.1" 404 989 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)" 185.213.174.51 - - [28/Apr/2026:18:10:10 +1000] "GET /nagios/ HTTP/1.1" 401 1223 "-" "Mozilla/5.0 (compatible; xAI-SearchBot/1.0; +https://x.ai)" 185.213.174.51 - - [28/Apr/2026:18:10:10 +1000] "GET /cgi-bin/dsc-grapher.pl HTTP/1.1" 401 1238 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)" 185.213.174.51 - - [28/Apr/2026:18:10:10 +1000] "GET /ossec/ HTTP/1.1" 404 989 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 185.213.174.51 - - [28/Apr/2026:18:10:38 +1000] "GET /asset-manifest.json HTTP/1.1" 404 989 "-" "Mozilla/5.0 (compatible; MistralBot/1.0; +https://mistral.ai)" ... show less	Bad Web Bot
🇩🇪 XICTRON	2026-04-28 07:05:05 (1 month ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇬🇧 foxxelabs	2026-04-28 05:56:58 (1 month ago)	Automated report from FoxxeLabs Sentinel. Path probed: /.git/config \| Project: anseo \| Reason(s): Kn ... show more Automated report from FoxxeLabs Sentinel. Path probed: /.git/config \| Project: anseo \| Reason(s): Known exploit path: /.git/config; AbuseIPDB score: 100/100 \| User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Sa show less	Web App Attack
Anonymous	2026-04-28 04:59:14 (1 month ago)	(mod_security) mod_security triggered on hostname [redacted] 185.213.174.51 (NL/Netherlands/-)	SQL Injection
🇺🇸 Epimetheus	2026-04-28 04:58:39 (1 month ago)	Zombie network / Bot scanner detected: [GET] /api/config [GET] /config.js [GET] /api/v1/env [GET] / ... show more Zombie network / Bot scanner detected: [GET] /api/config [GET] /config.js [GET] /api/v1/env [GET] /api/v1/settings [GET] /graphql [GET] /env.json [GET] /app-config.json [GET] /api/settings [GET] /runtime-config.js [GET] /config.json [GET] /api/env [GET] /__env.js [GET] /.env.local [GET] /app/.env [GET] /.env.bak [GET] /backend/.env [GET] /.git/config [GET] /public/.env [GET] /.env.old [GET] /.aws/credentials [GET] /.env.example [GET] /.env.development [GET] /.env.production [GET] /.env [GET] /.aws/config [GET] /_next/static/buildManifest.js [GET] /build-manifest.json [GET] /manifest.json [GET] /asset-manifest.json [GET] /sitemap.xml UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 show less	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-04-28 03:37:06 (1 month ago)	185.213.174.51 - - [28/Apr/2026:03:37:05 +0000] "GET /.env.local HTTP/1.1" 404 410 "-" "Mozilla/5.0 ... show more 185.213.174.51 - - [28/Apr/2026:03:37:05 +0000] "GET /.env.local HTTP/1.1" 404 410 "-" "Mozilla/5.0 (Linux; Android 14; SM-S921B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 rh24	2026-04-28 03:05:27 (1 month ago)	(apache-useragents) Failed apache-useragents trigger with match [redacted] from 185.213.174.51 (NL/N ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 185.213.174.51 (NL/Netherlands/-) show less	Bad Web Bot
🇺🇸 WizardsToolkit	2026-04-28 02:46:28 (1 month ago)	attempted to access /app/.env	Web App Attack
Anonymous	2026-04-28 02:40:08 (1 month ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇺🇸 wordpresshosting.solutions	2026-04-28 00:18:27 (1 month ago)	Web app vulnerability scanning detected. Evidence: 185.213.174.51 - - [28/Apr/2026:00:18:24 +0000] " ... show more Web app vulnerability scanning detected. Evidence: 185.213.174.51 - - [28/Apr/2026:00:18:24 +0000] "GET /.aws/config HTTP/1.1" 404 39691 "http://[DOMAIN]/.aws/config" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 Edg/131.0.0.0" 185.213.174.51 - - [28/Apr/2026:00:18:26 +0000] "GET /config.env HTTP/1.1" 404 39688 "http://[DOMAIN]/config.env" "Mozilla/5.0 (iPad; CPU OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Mobile/15E148 Safari/604.1" show less	Web App Attack

Showing 316 to 330 of 437 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 182.2.71.197

🇨🇳 125.124.226.217

🇰🇷 112.216.129.27

🇨🇳 106.75.188.89

🇷🇴 80.94.92.184

🇩🇪 69.5.169.95

🇦🇷 190.99.71.84

🇲🇽 187.190.35.163

🇪🇨 181.199.42.7

🇹🇼 165.154.227.8

🇨🇳 115.190.81.215

🇺🇸 64.62.156.122

🇭🇰 38.207.133.27

🇬🇧 35.203.210.245

🇷🇴 2.57.121.112

🇨🇱 190.46.217.238

🇧🇷 187.73.74.149

🇻🇳 113.169.72.178

🇮🇳 106.192.10.122

🇯🇵 104.46.226.163