JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.213.174.71

185.213.174.71 was found in our database!

This IP was reported 531 times. Confidence of Abuse is 100%: ?

100%

ISP	NextGenWebs, S.L.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS41608
Domain Name	nextgenwebs.es
Country	🇳🇱 Netherlands
City	Dronten, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.213.174.71

Whois 185.213.174.71

IP Abuse Reports for 185.213.174.71:

This IP address has been reported a total of 531 times from 249 distinct sources. 185.213.174.71 was first reported on April 11th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 FeG Deutschland	2026-06-13 10:47:23 (3 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247	Exploited Host Web App Attack
🇳🇱 Webhoster	2026-06-13 09:19:23 (4 hours ago)	CrowdSec scenario: crowdsecurity/http-sensitive-files	Hacking
🇩🇪 bsoft.de	2026-06-13 09:08:22 (4 hours ago)	185.213.174.71 - - [13/Jun/2026:11:08:21 +0200] "GET /env.js HTTP/1.1" 301 169 "-" "Mozilla/5.0 (com ... show more 185.213.174.71 - - [13/Jun/2026:11:08:21 +0200] "GET /env.js HTTP/1.1" 301 169 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" show less	Bad Web Bot Web App Attack
Anonymous	2026-06-13 05:01:02 (9 hours ago)	(caddyscan) Scanner path probe from 185.213.174.71 (NL/The Netherlands/-): 5 in the last 3600 secs; ... show more (caddyscan) Scanner path probe from 185.213.174.71 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 185.213.174.71 - - [13/Jun/2026:05:00:53 +0000] "GET /.env.example HTTP/1.1" [REDACTED] 200 2627 185.213.174.71 - - [13/Jun/2026:05:00:53 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 185.213.174.71 - - [13/Jun/2026:05:00:58 +0000] "GET /.aws/credentials HTTP/1.1" [REDACTED] 200 2627 185.213.174.71 - - [13/Jun/2026:05:00:58 +0000] "GET /.env.production HTTP/1.1" [REDACTED] 200 2627 185.213.174.71 - - [13/Jun/2026:05:00:58 +0000] "GET /admin/.env HTTP/1.1" show less	Port Scan
🇩🇪 ger-stg-sifi1	2026-06-13 04:05:27 (10 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇳🇱 e.fierstra	2026-06-13 01:29:59 (12 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 edena	2026-06-12 20:31:55 (17 hours ago)	185.213.174.71 - - [12/Jun/2026:22:31:55 +0200] "GET /.env.example HTTP/1.1" 403 303 "-" "Mozilla/5. ... show more 185.213.174.71 - - [12/Jun/2026:22:31:55 +0200] "GET /.env.example HTTP/1.1" 403 303 "-" "Mozilla/5.0 (compatible; Google-Extended/1.0; +http://www.google.com/bot.html)" 185.213.174.71 - - [12/Jun/2026:22:31:55 +0200] "GET /secrets.json HTTP/1.1" 403 303 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Perplexity-User/1.0; +https://perplexity.ai/perplexity-user" 185.213.174.71 - - [12/Jun/2026:22:31:55 +0200] "GET /.env HTTP/1.1" 403 303 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" ... show less	Web App Attack Bad Web Bot
🇩🇪 igerman	2026-06-12 20:14:55 (17 hours ago)	caddy probes: admin-panel: GET /admin/.env(DROP) \| api: GET /api/config(DROP) \| cloud-creds: GET /.a ... show more caddy probes: admin-panel: GET /admin/.env(DROP) \| api: GET /api/config(DROP) \| cloud-creds: GET /.aws/credentials(DROP) \| env-probe: GET /.env(DROP), GET /.env.backup(DROP), GET /.env.bak(DROP), GET /.env.development(DROP), GET /.env.example(DROP), GET /.env.local(DROP), GET /.env.old(DROP), GET /.env.production(DROP), GET /.env.staging(DROP), GET /.env.test(DROP), GET /api/.env(DROP), GET /app/.env(DROP), GET /backend/.env(DROP), GET /config.env(DROP), GET /public/.env(DROP) \| git-repo: GET /.git/config(DROP) \| web: GET /application.properties(DROP), GET /application.yml(DROP), GET /config/secrets.yml(DROP), GET /google-services.json(404), GET /secrets.json(DROP), GET /secrets.yml(DROP) show less	Web App Attack
🇫🇷 Donovan	2026-06-12 19:29:24 (18 hours ago)	Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)	Web App Attack
🇩🇪 Dominik Lysiak	2026-06-12 19:27:01 (18 hours ago)	185.213.174.71 - - [12/Jun/2026:21:26:56 +0200] "GET /.env.example HTTP/1.1" 301 162 "-" "CCBot/2.0 ... show more 185.213.174.71 - - [12/Jun/2026:21:26:56 +0200] "GET /.env.example HTTP/1.1" 301 162 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 185.213.174.71 - - [12/Jun/2026:21:27:00 +0200] "GET /.env HTTP/1.1" 301 162 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" 185.213.174.71 - - [12/Jun/2026:21:27:00 +0200] "GET /.aws/credentials HTTP/1.1" 301 162 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; GPTBot/1.2; +https://openai.com/gptbot" ... show less	Web App Attack
🇩🇪 macrob	2026-06-12 17:37:18 (20 hours ago)	2026/06/12 17:37:17 [error] 2228934#2228934: 300977709 access forbidden by rule, client: 185.213.17 ... show more 2026/06/12 17:37:17 [error] 2228934#2228934: 300977709 access forbidden by rule, client: 185.213.174.71, server: fn.binixo.es, request: "GET /api/.env HTTP/2.0", host: "n0.eu.cloud.awi.systems" 2026/06/12 17:37:17 [error] 2228934#2228934: 300977709 access forbidden by rule, client: 185.213.174.71, server: fn.binixo.es, request: "GET /.aws/credentials HTTP/2.0", host: "n0.eu.cloud.awi.systems" 2026/06/12 17:37:17 [error] 2228934#2228934: 300977709 access forbidden by rule, client: 185.213.174.71, server: fn.binixo.es, request: "GET /.env.example HTTP/2.0", host: "n0.eu.cloud.awi.systems" ... show less	Web App Attack
🇺🇸 MaxSmartCode	2026-06-12 17:35:39 (20 hours ago)	Credential brute-force attacks on webpage.	Brute-Force SSH
🇺🇸 sandap1	2026-06-12 15:25:01 (22 hours ago)	Blocked by os-abuseipdb; 6 hits, proto=tcp, ports=443,80,src_ip=185.213.174.71	Port Scan Hacking
🇺🇦 URAN Publishing Service	2026-06-12 04:09:10 (1 day ago)	185.213.174.71 - - [12/Jun/2026:07:09:10 +0300] "GET /api/.env HTTP/1.1" 404 689 "-" "meta-externala ... show more 185.213.174.71 - - [12/Jun/2026:07:09:10 +0300] "GET /api/.env HTTP/1.1" 404 689 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)" ... show less	Web App Attack
🇳🇱 thedreamer.nl	2026-06-12 03:35:10 (1 day ago)	185.213.174.71 - - [12/Jun/2026:05:29:33 +0200] "GET /.env HTTP/2.0" 200 995 "-" "Mozilla/5.0 (compa ... show more 185.213.174.71 - - [12/Jun/2026:05:29:33 +0200] "GET /.env HTTP/2.0" 200 995 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)" "NL" "Dronten" "52.53780" "5.69660" 185.213.174.71 - - [12/Jun/2026:05:29:33 +0200] "GET /.env.example HTTP/2.0" 200 995 "-" "Mozilla/5.0 (compatible; Claude-Web/1.0; +https://www.anthropic.com)" "NL" "Dronten" "52.53780" "5.69660" 185.213.174.71 - - [12/Jun/2026:05:29:36 +0200] "GET /.env.backup HTTP/2.0" 200 995 "-" "CCBot/2.0 (https://commoncrawl.org/faq/)" "NL" "Dronten" "52.53780" "5.69660" 185.213.174.71 - - [12/Jun/2026:05:29:36 +0200] "GET /app/.env HTTP/2.0" 200 995 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ClaudeBot/1.0; +mailto:[email protected]" "NL" "Dronten" "52.53780" "5.69660" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 531 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4002:c0f::12e

🇨🇳 222.176.201.133

🇨🇳 106.12.15.118

🇸🇬 47.84.204.99

🇬🇧 35.203.210.6

🇺🇸 184.105.247.247

🇧🇷 177.87.181.87

🇧🇩 118.179.155.233

🇫🇷 91.231.89.189

🇫🇮 35.228.27.129

🇺🇸 34.186.22.18

🇺🇸 34.30.220.113

🇪🇪 31.59.160.12

🇺🇸 13.90.206.6

🇺🇸 2607:f8b0:4002:c2c::12d

🇸🇬 178.128.23.27

🇻🇳 160.30.172.107

🇫🇷 91.231.89.117

🇧🇬 78.128.113.74

🇩🇪 78.51.12.103