JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.159.81.92

203.159.81.92 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 15%: ?

15%

ISP	VPN Consumer Network Services
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇮🇱 Israel
City	Tel Aviv, Tel Aviv

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.159.81.92

Whois 203.159.81.92

IP Abuse Reports for 203.159.81.92:

This IP address has been reported a total of 62 times from 32 distinct sources. 203.159.81.92 was first reported on October 13th 2022, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-23 10:53:35 (19 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 Epimetheus	2026-06-22 23:46:11 (1 day ago)	Zombie network / Bot scanner detected: [GET] /wp-includes/Requests/library/ [GET] /wp-includes/bloc ... show more Zombie network / Bot scanner detected: [GET] /wp-includes/Requests/library/ [GET] /wp-includes/block-bindings/ [GET] /wp-admin/js/file/ [GET] /ALFA_DATA/alfacgiapi/ [GET] /wp-includes/blocks/group/ [GET] /wp-content/plugins/ioxi/ioxi/ [GET] /modules/ [GET] /.trash7309/ [GET] /wp-includes/l10n/ [GET] /admin/controller/extension/extension/ [GET] /wp-includes/js/dist/ [GET] /wp-content/themes/hello-element/ [GET] /wp-includes/Text/Diff/Engine/ [GET] /wp-admin/css/colors/coffee/ [GET] /.bod/.ll/ [GET] /wp-includes/Requests/src/Exception/Http/ [GET] /wp-content/plugins/seoo/ [GET] /images/images/ [GET] /wp-includes/rest-api/endpoints/ [GET] /wp-content/uploads/ [GET] /templates/beez3/ [GET] /wp-admin/css/colors/blue/ [GET] /wp-includes/SimplePie/ [GET] /wp-includes/js/jquery/ [GET] /cgi-bin/ [GET] /wp-content/themes/ [GET] /wp-content/languages/ [GET] /wp-content/upgrade/ [GET] /wp-includes/mer_gagal.php [GET] /wp-content/uploads/plugins.php [GET] /wp-includes/SimplePie/src/ ...(Truncated) show less	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-03-02 14:40:39 (3 months ago)	ALFA.TEaM.Web.Shell	Web App Attack
Anonymous	2026-02-24 02:56:27 (4 months ago)	[redacted] 203.159.81.92 - - [24/Feb/2026:03:56:19 +0100] "GET /admin/controller/extension/extension ... show more [redacted] 203.159.81.92 - - [24/Feb/2026:03:56:19 +0100] "GET /admin/controller/extension/extension/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3" [redacted] 203.159.81.92 - - [24/Feb/2026:03:56:19 +0100] "GET /admin/editor/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36" [redacted] 203.159.81.92 - - [24/Feb/2026:03:56:20 +0100] "GET /admin/images/slider/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" [redacted] 203.159.81.92 - - [24/Feb/2026:03:56:20 +0100] "GET /admin/tmp/ HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" [redacted] 203.159.81.92 - - [24/Feb/2026:03: ... show less	Hacking Web App Attack
🇫🇷 dynamix	2026-02-23 02:49:28 (4 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-02-22 16:56:56 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 203.159.81.92 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240000) triggered by 203.159.81.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 11:56:46.204064 2026] [security2:error] [pid 3103:tid 3103] [client 203.159.81.92:36491] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|whitetailridgeantiques.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "whitetailridgeantiques.com"] [uri "/images/stories/themes.php"] [unique_id "aZs1TgwV0_F34O2tU7GPCwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇦 URAN Publishing Service	2026-02-22 11:18:38 (4 months ago)	203.159.81.92 - - [22/Feb/2026:13:18:37 +0200] "GET /wp-content/edit-wolf.php HTTP/1.1" 404 282 "-" ... show more 203.159.81.92 - - [22/Feb/2026:13:18:37 +0200] "GET /wp-content/edit-wolf.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" 203.159.81.92 - - [22/Feb/2026:13:18:37 +0200] "GET /wp-content/plugins/ubh/up.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-01-26 19:56:00 (4 months ago)	wordpress-trap	Web App Attack
🇫🇷 dynamix	2026-01-06 11:38:21 (5 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2025-11-26 01:47:08 (6 months ago)	wordpress-trap	Web App Attack
🇨🇭 backslash	2025-11-19 22:00:47 (7 months ago)	block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638	Bad Web Bot
Anonymous	2025-11-17 12:12:51 (7 months ago)	\| SQL injection attempt.	Hacking SQL Injection Web App Attack
Anonymous	2025-11-05 11:43:00 (7 months ago)	SQL Injection	Hacking SQL Injection Web App Attack
🇬🇧 Globe2	2025-11-04 06:19:26 (7 months ago)	ModSec - Multiple 403s within a short period of time	Web App Attack
🇳🇱 i-turnradio.nl	2025-11-04 04:16:35 (7 months ago)	2025-11-04 @ 05:16:34 (CET) ~ Blocked based on risk assessment and prior abuse reports	Web App Attack

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇷 185.201.51.117

🇸🇬 178.128.210.15

🇺🇸 66.132.195.105

🇭🇰 45.142.154.10

🇨🇳 211.140.151.9

🇺🇸 198.46.134.48

🇻🇪 186.96.67.0

🇸🇬 172.70.93.53

🇨🇳 113.214.18.234

🇺🇸 85.239.151.34

🇺🇸 85.208.96.205

🇧🇬 79.124.58.218

🇩🇪 69.5.169.155

🇳🇱 45.142.193.70

🇿🇦 41.13.164.100

🇧🇪 34.77.150.192

🇩🇪 167.94.145.19

🇨🇳 122.192.133.99

🇨🇳 122.97.68.74

🇭🇰 119.28.140.106