JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.175.173

185.213.175.173 was found in our database!

This IP was reported 265 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.175.173

Whois 185.213.175.173

IP Abuse Reports for 185.213.175.173:

This IP address has been reported a total of 265 times from 126 distinct sources. 185.213.175.173 was first reported on April 18th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Rip	2026-05-29 08:15:57 (5 days ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
🇬🇧 consul.to	2026-05-29 08:05:47 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇨🇭 4server	2026-05-28 19:00:57 (6 days ago)	[ThuMay2821:00:51.4577462026][security2:error][pid1601440:tid1601793][client185.213.175.173:0]ModSec ... show more [ThuMay2821:00:51.4577462026][security2:error][pid1601440:tid1601793][client185.213.175.173:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"duoacaja.com\"][uri\"/.git/HEAD\"][unique_id\"ahiQ48RwdsXGJ0fzAtZ6_AAAAQg\"] show less	Hacking Web App Attack
Anonymous	2026-05-27 23:04:12 (1 week ago)	(caddyscan) Scanner path probe from 185.213.175.173 (NL/The Netherlands/-): 5 in the last 3600 secs; ... show more (caddyscan) Scanner path probe from 185.213.175.173 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 185.213.175.173 - - [27/May/2026:22:56:22 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 185.213.175.173 - - [27/May/2026:22:56:22 +0000] "GET /.git/HEAD HTTP/1.1" [REDACTED] 200 2627 185.213.175.173 - - [27/May/2026:23:04:02 +0000] "GET /.git/HEAD HTTP/1.1" [REDACTED] 200 2627 185.213.175.173 - - [27/May/2026:23:04:02 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 185.213.175.173 - - [27/May/2026:23:04:07 +0000] "GET /.git/HEAD HTTP/1.1" show less	Port Scan
🇩🇪 Blexyel	2026-05-27 23:03:50 (1 week ago)	185.213.175.173 - - [28/May/2026:01:03:50 +0200] "GET /.git/config HTTP/1.1" 404 435 "-" "Mozilla/5. ... show more 185.213.175.173 - - [28/May/2026:01:03:50 +0200] "GET /.git/config HTTP/1.1" 404 435 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" "share.fomx.gay" ... show less	Brute-Force Web App Attack
🇬🇧 Axel	2026-05-27 16:00:05 (1 week ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/config ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/config Server: UK-01 show less	Web App Attack Hacking SQL Injection
🇬🇧 consul.to	2026-05-27 11:18:46 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇩🇪 FeG Deutschland	2026-05-27 07:59:05 (1 week ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇹🇷 baku.hosting	2026-05-27 05:52:37 (1 week ago)	CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 185.213.175.173 (NL/The Nether ... show more CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 185.213.175.173 (NL/The Netherlands/-): 5 in the last 3600 secs show less	Brute-Force Web App Attack
🇧🇪 voormedia	2026-05-26 20:31:31 (1 week ago)	Accessed trap at '/.git/HEAD'	Web App Attack
🇫🇷 pm33	2026-05-26 18:46:39 (1 week ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇫🇷 Nexia	2026-05-26 17:33:07 (1 week ago)	[SENTINEL-HQ] Threat detected on geekverse.market: 💀 CRITICAL Sentinel Trap: /.git/config	Web App Attack
🇬🇧 consul.to	2026-05-26 09:50:41 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇵🇱 MatStef132	2026-05-26 00:47:25 (1 week ago)	MatShield L7: blocked on chat.justchat.icu (secret-path-probe)	DDoS Attack
🇻🇳 trung.fun	2026-05-25 23:35:45 (1 week ago)	DDoS, Hack, Brute Force, Web Attack ...	DDoS Attack Web Spam Hacking Brute-Force Web App Attack

Showing 31 to 45 of 265 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.108

🇬🇧 193.163.125.114

🇺🇸 67.207.84.8

🇨🇳 175.174.141.5

🇹🇼 165.154.227.8

🇺🇸 162.216.149.85

🇱🇾 156.38.40.109

🇧🇷 138.255.157.62

🇸🇬 103.250.11.63

🇮🇩 103.234.208.154

🇮🇩 103.160.56.142

🇿🇦 102.182.54.48

🇺🇸 47.77.229.244

🇮🇳 36.255.18.89

🇷🇼 196.12.128.158

🇨🇳 171.111.218.2

🇮🇷 171.22.27.209

🇫🇮 147.185.133.217

🇺🇸 138.113.23.170

🇸🇬 114.119.130.3