JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.22.68.159

165.22.68.159 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 94%: ?

94%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.22.68.159

Whois 165.22.68.159

IP Abuse Reports for 165.22.68.159:

This IP address has been reported a total of 62 times from 34 distinct sources. 165.22.68.159 was first reported on December 9th 2020, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 Threat.live	2026-06-17 16:15:05 (12 hours ago)	Suspicious Connection Attempts	Brute-Force
🇩🇪 mondor.ro	2026-06-17 14:09:27 (14 hours ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 165.22.68.159, Reason: ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 165.22.68.159, Reason:[(mod_security) mod_security (id:210730) triggered by 165.22.68.159 (DE/Germany/-): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less	Port Scan
🇩🇪 ValtonTahiri	2026-06-17 12:12:03 (16 hours ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=165.22.68.159; proto=TCP; source_port=52038; target_port=2078; flags=SYN show less	Port Scan
🇯🇵 Kinsei Engineering Inc.	2026-06-17 09:45:32 (18 hours ago)	UFW:High-frequency access to unused ports	Port Scan
🇹🇭 Sawasdee	2026-06-17 09:42:07 (18 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇬🇧 Interceptor_HQ	2026-06-17 08:42:41 (19 hours ago)	request_uri: /.git/HEAD -- automatic report --	Brute-Force Hacking
🇺🇸 xmission.com	2026-06-17 08:09:35 (20 hours ago)	Blocked by UFW (TCP on 2078) Source port: 51032 TTL: 45 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 51032 TTL: 45 Packet length: 60 TOS: 0x08 This report (for 165.22.68.159) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 ghostwarriors	2026-06-17 05:20:15 (23 hours ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇭🇰 Harold Wong	2026-06-17 05:18:12 (23 hours ago)	$f2bV_matches	Brute-Force
🇮🇪 eyesilyurt	2026-06-17 03:47:24 (1 day ago)	c- login authenticator failed Incorrect authentication data	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-17 03:42:47 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 165.22.68.159 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 165.22.68.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 23:42:42.377038 2026] [security2:error] [pid 16068:tid 16094] [client 165.22.68.159:47794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.125"] [uri "/.git/HEAD"] [unique_id "ajIXsuTsP16WmJUjDalE0AAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-06-17 02:39:05 (1 day ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-17 02:38:03.750 \|	Web App Attack
🇫🇷 sbocquet	2026-06-17 02:11:45 (1 day ago)	Port 443 scanned from 165.22.68.159:39698.	Port Scan
🇺🇸 MPL	2026-06-17 00:53:54 (1 day ago)	tcp port scan (10 or more attempts)	Port Scan
🇷🇸 Scan	2026-06-17 00:36:23 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 129.121.47.136

🇰🇷 222.239.251.12

🇨🇳 220.189.196.134

🇹🇼 198.235.24.81

🇩🇴 190.167.237.191

🇧🇷 186.233.118.22

🇺🇸 147.185.132.156

🇿🇦 102.182.190.148

🇮🇪 54.171.140.28

🇩🇪 213.209.159.56

🇱🇦 202.137.154.202

🇺🇸 193.122.144.138

🇭🇰 185.239.84.249

🇸🇪 178.73.245.201

🇺🇸 173.69.206.248

🇰🇷 169.211.232.182

🇭🇰 168.76.131.178

🇺🇸 162.216.149.111

🇺🇸 162.216.149.50

🇸🇪 159.253.219.163