JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.159.81.68

203.159.81.68 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 12%: ?

12%

ISP	VPN Consumer Network Services
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇮🇱 Israel
City	Tel Aviv, Tel Aviv

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.159.81.68

Whois 203.159.81.68

IP Abuse Reports for 203.159.81.68:

This IP address has been reported a total of 51 times from 27 distinct sources. 203.159.81.68 was first reported on May 26th 2023, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-23 04:31:14 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇳🇱 TCATERDSBE	2026-06-15 09:57:00 (1 week ago)	SQL Injection	SQL Injection
🇺🇸 myagent.site	2026-02-23 11:36:33 (4 months ago)	Blocking for trying to access an exploit file: /vendor/phpunit/phpunit/src/Util/PHP/	Hacking
🇬🇧 consul.to	2026-02-23 08:26:20 (4 months ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-02-22 22:32:29 (4 months ago)	[redacted] 203.159.81.68 - - [22/Feb/2026:23:32:22 +0100] "GET /wp-admin/wso.php HTTP/1.1" 404 236 " ... show more [redacted] 203.159.81.68 - - [22/Feb/2026:23:32:22 +0100] "GET /wp-admin/wso.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" [redacted] 203.159.81.68 - - [22/Feb/2026:23:32:24 +0100] "GET /wp-admin/maint/file.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36" [redacted] 203.159.81.68 - - [22/Feb/2026:23:32:24 +0100] "GET /.well-known/acme-challenge/admin.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36" [redacted] 203.159.81.68 - - [22/Feb/2026:23:32:25 +0100] "GET /wp-admin/theme-editor.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36" [redacted] 203.159.81.68 - - [22/Feb/2026:23:32:25 +0100] "GET /wp-admin/css/colors/blue/abc.ph ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-02-22 13:49:51 (4 months ago)	Multiple WAF Violations	Web App Attack
🇦🇺 nzhost.co.nz	2026-02-09 11:53:21 (4 months ago)	$f2bV_matches	Hacking Brute-Force
🇩🇪 kjaerulff	2026-01-26 20:15:32 (5 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
Anonymous	2026-01-26 20:08:36 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2026-01-06 19:07:07 (5 months ago)	(mod_security) mod_security (id:240000) triggered by 203.159.81.68 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 203.159.81.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 06 14:07:02.700321 2026] [security2:error] [pid 7424:tid 7424] [client 203.159.81.68:55841] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|tucek.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "tucek.org"] [uri "/images/stories/themes.php"] [unique_id "aV1dVjo3otSwAa7fJULIHQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-01-06 11:39:19 (5 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-11-26 01:56:37 (7 months ago)	wordpress-trap	Web App Attack
🇳🇱 Site.eu	2025-11-24 00:07:34 (7 months ago)	Excessive 404/403 errors	Brute-Force
🇧🇪 cmbplf	2025-11-21 20:35:09 (7 months ago)	1.291 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇨🇭 backslash	2025-11-19 22:00:44 (7 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.224.27

🇱🇹 62.60.130.219

🇧🇷 45.205.1.42

🇺🇸 35.175.245.189

🇧🇷 205.210.31.142

🇺🇸 192.3.145.26

🇨🇳 182.61.35.204

🇩🇪 167.94.146.70

🇮🇩 163.7.14.251

🇺🇸 162.216.149.196

🇯🇵 152.32.202.250

🇵🇰 103.166.150.146

🇸🇮 102.220.160.39

🇱🇹 91.224.92.82

🇺🇸 65.49.20.111

🇺🇸 47.251.121.130

🇳🇱 45.148.10.141

🇳🇱 45.148.10.121

🇪🇬 41.35.200.31

🇺🇸 2607:f8b0:4004:1001::12a