JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 159.65.0.220

159.65.0.220 was found in our database!

This IP was reported 109 times. Confidence of Abuse is 20%: ?

20%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇸🇬 Singapore
City	Singapore

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 159.65.0.220

Whois 159.65.0.220

IP Abuse Reports for 159.65.0.220:

This IP address has been reported a total of 109 times from 40 distinct sources. 159.65.0.220 was first reported on October 6th 2022, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇻🇪 LUISE	2026-06-23 04:25:52 (6 days ago)	Vulnerability scanning for Web/phpMyAdmin files on ULA server 72-23.	Hacking Bad Web Bot
🇨🇦 smithoo4	2026-06-12 14:12:35 (2 weeks ago)	159.65.0.220 - - [12/Jun/2026:10:12:33 -0400] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Li ... show more 159.65.0.220 - - [12/Jun/2026:10:12:33 -0400] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 12; Pixel 4a (5G)) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.61 Mobile Safari/537.36" 159.65.0.220 - - [12/Jun/2026:10:12:33 -0400] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; Konqueror/4.4; Linux 2.6.32-22-generic; X11; en_US) KHTML/4.4.3 (like Gecko) Kubuntu" ... show less	Port Scan Bad Web Bot
🇧🇪 boxed-it	2026-06-02 19:37:15 (3 weeks ago)	GET /.git/config (Tarpitted for 1d15h8m27s, wasted 8.06MB)	Web App Attack
🇧🇪 boxed-it	2026-06-01 04:49:58 (4 weeks ago)	GET /.git/config (Tarpitted for 21m6s, wasted 74.3kB)	Web App Attack
🇩🇪 Hugopvigo	2026-06-01 04:38:50 (4 weeks ago)	159.65.0.220 - - [01/Jun/2026:06:38:50 +0200] "GET /.git/config HTTP/1.1" 403 7861 "-" "Mozilla/5.0 ... show more 159.65.0.220 - - [01/Jun/2026:06:38:50 +0200] "GET /.git/config HTTP/1.1" 403 7861 "-" "Mozilla/5.0 (Linux; Android 11; AC2001) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Mobile Safari/537.36" ... show less	Hacking Brute-Force Web App Attack SSH
🇩🇪 DEV-DNS	2025-12-31 02:27:37 (5 months ago)	(mod_security) mod_security triggered on hostname [redacted])	SQL Injection
🇫🇷 dynamix	2025-08-16 06:47:13 (10 months ago)	Multiple WAF Violations	Web App Attack
🇧🇪 cmbplf	2025-08-16 06:21:26 (10 months ago)	678 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2025-08-16 05:34:24 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 159.65.0.220 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 159.65.0.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 16 01:34:17.078045 2025] [security2:error] [pid 21695:tid 21960] [client 159.65.0.220:60186] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cibernetic.com"] [uri "/pressdossier/files/basic-html/.git/config"] [unique_id "aKAYWYKfyGkOKLV-7-4mjAAAAQQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-16 05:07:56 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 159.65.0.220 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 159.65.0.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 16 01:07:48.955273 2025] [security2:error] [pid 12566:tid 12566] [client 159.65.0.220:44302] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cityofhaleyville.com"] [uri "/2016/02/12/.git/config"] [unique_id "aKASJDeS22-pSuL4kJ2wvwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2023-03-28 21:20:23 (3 years ago)	Distributed DDOS attempts for multiple sites	DDoS Attack Bad Web Bot
🇦🇺 MAGIC	2023-03-25 00:06:50 (3 years ago)	Distributed DDOS attempts for multiple sites	DDoS Attack Bad Web Bot
Anonymous	2023-03-24 22:40:05 (3 years ago)	Too many 4XX's	Hacking Web App Attack
🇵🇭 sumnone	2023-02-08 13:32:14 (3 years ago)	Vulnerability probing: Error 404. The requested page (/admin/index.php) was not found	Bad Web Bot Exploited Host Web App Attack
🇨🇦 swrlly	2023-02-07 19:26:19 (3 years ago)	attempt to exploit known webserver vulnerabilities	Web App Attack

Showing 1 to 15 of 109 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.86.176.224

🇺🇸 57.141.20.45

🇺🇸 49.51.33.159

🇺🇸 193.151.188.181

🇨🇳 123.168.100.124

🇮🇳 122.164.127.47

🇹🇷 88.229.5.184

🇳🇱 81.19.216.88

🇮🇹 72.146.2.133

🇺🇸 49.51.253.83

🇫🇮 31.56.197.158

🇳🇵 27.34.110.14

🇧🇷 20.226.81.217

🇪🇸 5.182.83.231

🇮🇹 172.213.2.229

🇻🇳 115.78.93.253

🇵🇭 112.198.104.167

🇭🇷 78.134.217.172

🇺🇸 66.132.172.236

🇺🇸 23.234.105.58