JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.175.164

185.213.175.164 was found in our database!

This IP was reported 139 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.175.164

Whois 185.213.175.164

IP Abuse Reports for 185.213.175.164:

This IP address has been reported a total of 139 times from 76 distinct sources. 185.213.175.164 was first reported on May 20th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-21 00:48:05 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 20:47:58.671589 2026] [security2:error] [pid 16846:tid 16846] [client 185.213.175.164:54802] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "californiabrokers.net"] [uri "/.env.production"] [unique_id "ag5WPl1jdHYwwnrotBcQdQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-21 00:15:03 (2 weeks ago)	BAD BOT - Detected and Blocked.. Matched phrase "claudebot" at REQUEST_HEADERS:User-Agent. (1100000- ... show more BAD BOT - Detected and Blocked.. Matched phrase "claudebot" at REQUEST_HEADERS:User-Agent. (1100000-135) show less	Bad Web Bot
🇩🇪 big-cloud.nl	2026-05-21 00:01:29 (2 weeks ago)	Try to access /.aws/credentials	Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 23:31:51 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 19:31:44.265770 2026] [security2:error] [pid 13128:tid 13128] [client 185.213.175.164:44510] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cajunfriedturkey.com"] [uri "/api/.env"] [unique_id "ag5EYCryf4uKRMVGLSAkdwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 23:04:41 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 19:04:33.677807 2026] [security2:error] [pid 32590:tid 32590] [client 185.213.175.164:52800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cain2016.org"] [uri "/app/.env"] [unique_id "ag4-AUzH659J9p8FlbvFKgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 cagatayakinci.com	2026-05-20 22:41:30 (2 weeks ago)	185.213.175.164 - - [21/May/2026:01:41:12 +0300] "GET /asset-manifest.json HTTP/1.1" 404 11587 "-" " ... show more 185.213.175.164 - - [21/May/2026:01:41:12 +0300] "GET /asset-manifest.json HTTP/1.1" 404 11587 "-" "DuckDuckBot/1.1; (+http://duckduckgo.com/duckduckbot.html)" 185.213.175.164 - - [21/May/2026:01:41:14 +0300] "GET /manifest.json HTTP/1.1" 404 11587 "-" "DuckDuckBot/1.1; (+http://duckduckgo.com/duckduckbot.html)" 185.213.175.164 - - [21/May/2026:01:41:17 +0300] "GET /build-manifest.json HTTP/1.1" 404 11587 "-" "Mozilla/5.0 (compatible; Baiduspider/2.0; +http://www.baidu.com/search/spider.html)" 185.213.175.164 - - [21/May/2026:01:41:18 +0300] "GET /_next/static/buildManifest.js HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected])" 185.213.175.164 - - [21/May/2026:01:41:19 +0300] "GET /_next/build-manifest.json HTTP/1.1" 404 11587 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)" 185.213.175.164 - - [21/May/2026:01:41:20 +0300] "GET /.next/build-manifest.json HTTP/1.1" 404 11587 "-" "Mozilla/ ... show less	Web App Attack Port Scan
🇫🇷 SpaceHost-Server	2026-05-20 22:28:06 (2 weeks ago)		Brute-Force Web App Attack
🇬🇧 Aetherweb Ark	2026-05-20 22:07:40 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 185.213.175.164 (ES/Spain/-): N in the last X s ... show more (mod_security) mod_security (id:949110) triggered by 185.213.175.164 (ES/Spain/-): N in the last X secs show less	Web App Attack
🇧🇪 cmbplf	2026-05-20 21:32:21 (2 weeks ago)	246 requests with url.path .env 202 requests with url.path config.json 129 requests with url.pa ... show more 246 requests with url.path .env 202 requests with url.path config.json 129 requests with url.path .ssh/ 123 requests with url.path *credentials.json show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-20 21:32:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:32:11.061323 2026] [security2:error] [pid 17001:tid 17001] [client 185.213.175.164:55896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cactusstarvineyard.com"] [uri "/public/.env"] [unique_id "ag4oW4pUP7DA-qQ_49d8mAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:12:12 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:12:09.543307 2026] [security2:error] [pid 3077:tid 3077] [client 185.213.175.164:46626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cabwebs.com"] [uri "/.env.test"] [unique_id "ag4jqd39_3QQhT0AedX-OQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-05-20 20:30:08 (2 weeks ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 20:19:02 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 185.213.175.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:18:55.057866 2026] [security2:error] [pid 24966:tid 24966] [client 185.213.175.164:49156] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caalmconsulting.com"] [uri "/admin/.env"] [unique_id "ag4XL_Ub1dWlj5mMUIDB7AAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 macrob	2026-05-20 20:15:00 (2 weeks ago)	2026/05/20 20:14:52 [error] 2949115#2949115: 243657269 access forbidden by rule, client: 185.213.17 ... show more 2026/05/20 20:14:52 [error] 2949115#2949115: 243657269 access forbidden by rule, client: 185.213.175.164, server: ca5h.win, request: "GET /.next/build-manifest.json HTTP/1.1", host: "ca5h.win" 2026/05/20 20:14:54 [error] 2949114#2949114: 243657338 access forbidden by rule, client: 185.213.175.164, server: ca5h.win, request: "GET /.vite/manifest.json HTTP/1.1", host: "ca5h.win" 2026/05/20 20:14:58 [error] 2949114#2949114: 243657338 access forbidden by rule, client: 185.213.175.164, server: ca5h.win, request: "GET /dist/.vite/manifest.json HTTP/1.1", host: "ca5h.win" ... show less	Web App Attack
🇫🇷 dynamix	2026-05-20 20:01:07 (2 weeks ago)	Multiple WAF Violations	Web App Attack

Showing 121 to 135 of 139 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 81.19.216.74

🇻🇳 42.115.213.239

🇨🇳 221.226.154.12

🇯🇵 203.25.124.119

🇪🇹 196.191.82.147

🇨🇳 183.23.61.27

🇫🇮 147.185.133.141

🇹🇷 95.0.100.48

🇺🇸 91.230.168.85

🇳🇱 62.164.177.41

🇺🇸 2600:3c02::2000:31ff:fe05:5137

🇨🇳 223.89.239.149

🇪🇸 212.30.33.208

🇰🇷 211.253.37.225

🇺🇸 192.169.180.166

🇺🇸 162.241.129.246

🇺🇸 162.216.149.142

🇺🇸 162.216.149.103

🇭🇰 152.32.168.34

🇩🇪 134.122.95.87