JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.175.173

185.213.175.173 was found in our database!

This IP was reported 265 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.175.173

Whois 185.213.175.173

IP Abuse Reports for 185.213.175.173:

This IP address has been reported a total of 265 times from 126 distinct sources. 185.213.175.173 was first reported on April 18th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 IVski	2026-05-12 01:09:11 (3 weeks ago)	IVski WAF \| Sensitive file probe detected - looking for .env, .git, backups or credentials	Port Scan Brute-Force Web App Attack
🇺🇸 kosada.com	2026-05-12 00:46:10 (3 weeks ago)	Web vulnerability probing: / (bogus vhost/SNI)	Web App Attack
🇨🇳 ThreatBook.io	2026-05-11 22:59:40 (3 weeks ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/185.213.175.173 2026-0 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/185.213.175.173 2026-05-11 09:50:34 / show less	Web App Attack
Anonymous	2026-05-11 20:50:45 (3 weeks ago)	"GET /.git/config HTTP/1.1"	Hacking Web App Attack
🇺🇸 ne1for23	2026-05-11 20:24:41 (3 weeks ago)	Attempting to probe for sensitive information accidently exposed via git config. 185.213.175.173 - ... show more Attempting to probe for sensitive information accidently exposed via git config. 185.213.175.173 - - [11/May/2026:20:24:41 +0000] "GET /.git/config HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" show less	Hacking
🇱🇻 garmtech.com	2026-05-11 08:19:00 (3 weeks ago)	Attempted access to sensitive endpoint (/.git/config) detected. Automated scan or unauthorized probi ... show more Attempted access to sensitive endpoint (/.git/config) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇺🇸 Epimetheus	2026-05-11 05:28:10 (3 weeks ago)	Unauthorized access attempts: [GET] /.git/config [GET] /.git/HEAD UA: Mozilla/5.0 (Macintosh; Inte ... show more Unauthorized access attempts: [GET] /.git/config [GET] /.git/HEAD UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 show less	Web App Attack
🇫🇷 masterguru	2026-05-11 04:48:35 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇫🇷 masterguru	2026-05-11 02:49:32 (3 weeks ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)	Hacking Web App Attack
🇫🇷 masterguru	2026-05-10 11:57:51 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇫🇷 GoodOldTOS	2026-05-10 09:14:54 (3 weeks ago)	Highly suspect IP	Hacking Web App Attack
🇫🇷 GoodOldTOS	2026-05-10 07:14:54 (3 weeks ago)	Highly suspect IP	Hacking Web App Attack
🇺🇸 aks4226	2026-05-10 05:50:19 (3 weeks ago)	Attacking common web applications. (n01)	Web App Attack
🇺🇸 Matthew Ping	2026-05-09 22:45:01 (3 weeks ago)	ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇫🇷 masterguru	2026-05-09 09:38:31 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/- ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 185.213.175.173 (NL/The Netherlands/-): 2 in the last 3600 secs (0-196) show less	Hacking

Showing 121 to 135 of 265 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 206.189.107.197

🇳🇱 185.189.182.234

🇧🇷 177.85.62.13

🇺🇸 172.239.51.96

🇫🇷 85.217.140.36

🇨🇳 58.52.70.49

🇬🇧 2a06:4880:6000::7f

🇺🇸 198.98.62.211

🇮🇩 180.243.1.112

🇺🇸 172.253.1.26

🇺🇸 165.154.206.222

🇺🇸 162.216.150.161

🇺🇸 162.216.150.132

🇺🇸 162.216.150.48

🇯🇵 126.89.52.114

🇨🇳 123.245.85.176

🇫🇷 91.231.89.1

🇫🇷 91.162.209.184

🇸🇬 47.84.112.180

🇧🇷 45.183.68.172