JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.175.173

185.213.175.173 was found in our database!

This IP was reported 265 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.175.173

Whois 185.213.175.173

IP Abuse Reports for 185.213.175.173:

This IP address has been reported a total of 265 times from 126 distinct sources. 185.213.175.173 was first reported on April 18th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 pm33	2026-05-17 12:07:15 (2 weeks ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
Anonymous	2026-05-17 09:22:19 (2 weeks ago)	FortiWeb WAF: 12 attacks detected. Threat Score: 9600. Types: Client Management(6), Block IP List(6) ... show more FortiWeb WAF: 12 attacks detected. Threat Score: 9600. Types: Client Management(6), Block IP List(6). Origin: Netherlands. show less	Web App Attack
🇳🇱 informedclearly.com	2026-05-16 18:40:59 (2 weeks ago)	WAF_BAN reason=ENV_PROBE rule=ENV_PATH hits=2 path=/.git/HEAD? ua=Mozilla/5.0 (Macintosh; Intel Mac ... show more WAF_BAN reason=ENV_PROBE rule=ENV_PATH hits=2 path=/.git/HEAD? ua=Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 show less	Hacking
🇫🇷 masterguru	2026-05-16 06:46:20 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇨🇭 4server	2026-05-16 01:39:49 (2 weeks ago)	[SatMay1603:39:47.0162482026][security2:error][pid3635969:tid3635994][client185.213.175.173:0]ModSec ... show more [SatMay1603:39:47.0162482026][security2:error][pid3635969:tid3635994][client185.213.175.173:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"mail.shadowdrummer.com\"][uri\"/.git/HEAD\"][unique_id\"agfK48OR91oRPyvdxgpQ0QAAABc\"] show less	Hacking Web App Attack
🇳🇴 tmiland	2026-05-15 23:50:25 (2 weeks ago)	(nginx_404) Dot directory Honeypot Trap 185.213.175.173 (ES/Spain/-): 2 in the last 3600 secs; IP: 1 ... show more (nginx_404) Dot directory Honeypot Trap 185.213.175.173 (ES/Spain/-): 2 in the last 3600 secs; IP: 185.213.175.173; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 185.213.175.173 - - [16/May/2026:01:50:22 +0200] "GET /.git/HEAD HTTP/1.1" 404 1890 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" 185.213.175.173 - - [16/May/2026:01:50:22 +0200] "GET /.git/config HTTP/1.1" 404 1890 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" show less	Brute-Force
🇨🇦 TechnoSolutions CL	2026-05-15 17:47:08 (2 weeks ago)	185.213.175.173 - - [15/May/2026:17:47:07 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 ... show more 185.213.175.173 - - [15/May/2026:17:47:07 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" 185.213.175.173 - - [15/May/2026:17:47:08 +0000] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-05-15 17:34:45 (2 weeks ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇫🇮 sw0ok	2026-05-15 15:30:57 (2 weeks ago)	time="2026-05-15T15:30:55Z" level=info msg="Access to https://portainer.sw0ok.dev/ (method GET) is n ... show more time="2026-05-15T15:30:55Z" level=info msg="Access to https://portainer.sw0ok.dev/ (method GET) is not authorized to user <anonymous>, responding with status code 401 with location redirect to https://auth.sw0ok.dev/?rd=https%3A%2F%2Fportainer.sw0ok.dev%2F&rm=GET" method=GET path=/api/authz/forward-auth remote_ip=185.213.175.173 time="2026-05-15T15:30:55Z" level=info msg="Access to https://portainer.sw0ok.dev/.git/config (method GET) is not authorized to user <anonymous>, responding with status code 401 with location redirect to https://auth.sw0ok.dev/?rd=https%3A%2F%2Fportainer.sw0ok.dev%2F.git%2Fconfig&rm=GET" method=GET path=/api/authz/forward-auth remote_ip=185.213.175.173 time="2026-05-15T15:30:55Z" level=info msg="Access to https://portainer.sw0ok.dev/.git/HEAD (method GET) is not authorized to user <anonymous>, responding with status code 401 with location redirect to https://auth.sw0ok.dev/?rd=https%3A%2F%2Fportainer.sw0ok.dev%2F.git%2FHEAD&rm=GET" method=GET path=/api/authz/fo ... show less	Brute-Force
🇫🇷 masterguru	2026-05-15 11:55:05 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/-): 2 in the last 3600 secs (0-196) show less	Hacking
Anonymous	2026-05-15 09:22:35 (2 weeks ago)	FortiWeb WAF: 32 attacks detected. Threat Score: 6800. Types: Client Management(16), Block IP List(1 ... show more FortiWeb WAF: 32 attacks detected. Threat Score: 6800. Types: Client Management(16), Block IP List(16). Origin: Netherlands. show less	Web App Attack
🇫🇷 masterguru	2026-05-15 06:47:48 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/-): 2 in the last 3600 secs (0-193) show less	Hacking
🇮🇹 Inartis	2026-05-15 03:08:39 (2 weeks ago)	185.213.175.173 - - [15/May/2026:05:08:38 +0200] "GET /.git/HEAD HTTP/1.1" 200 54684 "-" "Mozilla/5. ... show more 185.213.175.173 - - [15/May/2026:05:08:38 +0200] "GET /.git/HEAD HTTP/1.1" 200 54684 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Thibault Millant	2026-05-15 02:21:49 (2 weeks ago)	185.213.175.173 - - [15/May/2026:02:21:35 +0000] "GET /.git/config HTTP/1.1" 404 118 "-" "Mozilla/5. ... show more 185.213.175.173 - - [15/May/2026:02:21:35 +0000] "GET /.git/config HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" ... show less	Brute-Force Exploited Host SSH
🇩🇪 big-cloud.nl	2026-05-14 10:49:39 (2 weeks ago)	Try to access /.git/HEAD	Web App Attack

Showing 91 to 105 of 265 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.140.11.123

🇷🇺 91.226.105.59

🇺🇸 74.82.47.52

🇺🇸 71.6.233.183

🇵🇾 181.103.2.67

🇮🇳 168.144.124.12

🇰🇷 125.138.175.113

🇻🇳 103.75.182.178

🇷🇴 89.37.116.208

🇺🇸 71.6.147.254

🇨🇳 47.97.127.96

🇰🇷 39.115.195.164

🇹🇼 218.161.98.129

🇨🇳 122.114.12.133

🇳🇱 86.54.31.34

🇺🇸 65.49.1.37

🇸🇬 47.128.32.124

🇱🇹 45.227.254.170

🇳🇱 45.148.10.147

🇦🇲 5.77.206.66