JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 203.159.81.93

203.159.81.93 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 22%: ?

22%

ISP	VPN Consumer Network Services
Usage Type	Data Center/Web Hosting/Transit
ASN	AS206092
Domain Name	vpnconsumer.com
Country	🇮🇱 Israel
City	Tel Aviv, Tel Aviv

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 203.159.81.93

Whois 203.159.81.93

IP Abuse Reports for 203.159.81.93:

This IP address has been reported a total of 62 times from 31 distinct sources. 203.159.81.93 was first reported on May 26th 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 conseilgouz	2026-06-28 18:24:42 (2 days ago)	loe-7 : Trying access unauthorized files/dir=>//wp-content/themes/admin.php	Hacking
🇬🇧 consul.to	2026-06-23 01:22:11 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇯🇵 demonsword	2026-06-01 08:46:39 (4 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443 show less	Open Proxy Port Scan
🇫🇮 Shaik Sai Meera	2026-05-14 22:05:04 (1 month ago)	IM360 WAF: WordPress plugins/themes version enumeration	Brute-Force FTP Brute-Force Open Proxy
🇺🇸 nowyouknow	2026-04-21 05:22:23 (2 months ago)	(From [email protected]) Hi there, We built something called MAVIS, and it’s not just another AI ... show more (From [email protected]) Hi there, We built something called MAVIS, and it’s not just another AI tool. It’s a system that can run every major function of your business, front-end and back-end marketing, sales support, content, coding, web dev, admin, operations, all handled in one place. The difference is that it’s not just software. There’s a trained Human Virtual Assistant behind it executing everything inside the system, so things actually get done. The goal is simple: no need to hire multiple roles, no managing 10 different tools, no learning curve, and the best part you can delegate everything to the VA to get it all done. This is just one system running your entire business while you focus on growth. Are you looking for assistance? Respond YES to schedule a Zoom meeting and STOP to unsubscribe. show less	Phishing Web Spam
🇮🇹 VHosting	2026-04-16 16:23:51 (2 months ago)	Detected mail brute force attack from 4 different servers	Brute-Force
🇺🇸 ipblock.com	2026-03-27 01:39:00 (3 months ago)	IPBlock protected site ID [3192-af][s=06]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
Anonymous	2026-02-23 22:41:32 (4 months ago)	[redacted] 203.159.81.93 - - [23/Feb/2026:23:41:27 +0100] "GET /wp-admin/css/colors/ HTTP/1.1" 404 2 ... show more [redacted] 203.159.81.93 - - [23/Feb/2026:23:41:27 +0100] "GET /wp-admin/css/colors/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95" [redacted] 203.159.81.93 - - [23/Feb/2026:23:41:28 +0100] "GET /wp-admin/images/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0" [redacted] 203.159.81.93 - - [23/Feb/2026:23:41:28 +0100] "GET /wp-admin/maint/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36" [redacted] 203.159.81.93 - - [23/Feb/2026:23:41:29 +0100] "GET /wp-admin/meta/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" [redacted] 203.159.81.93 - - [23/Feb/2026:23:41:29 +0100] "GET /wp-admin/user/ HTTP/1.1" 404 236 "-" "Mozilla/5.0 ... show less	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-02-23 20:09:49 (4 months ago)	203.159.81.93 - - [23/Feb/2026:22:09:48 +0200] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 404 280 ... show more 203.159.81.93 - - [23/Feb/2026:22:09:48 +0200] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36" 203.159.81.93 - - [23/Feb/2026:22:09:48 +0200] "GET /wp-content/plugins/core-plugin/include.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; rv:11.0) like Gecko" ... show less	Web App Attack
🇫🇷 dynamix	2026-02-22 13:51:51 (4 months ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-02-06 06:24:08 (4 months ago)	Aggressive web scan	Web App Attack
🇫🇷 dynamix	2026-02-05 01:50:20 (4 months ago)	Multiple WAF Violations	Web App Attack
🇩🇪 kjaerulff	2026-01-26 20:58:42 (5 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
Anonymous	2026-01-26 02:06:15 (5 months ago)	wordpress-trap	Web App Attack
🇺🇸 myagent.site	2026-01-06 16:40:41 (5 months ago)	Blocking for trying to access an exploit file: /manager.php	Hacking

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.130.91.103

🇬🇧 2a09:bac1:28a0:840::179:221

🇺🇸 216.73.160.211

🇲🇽 201.103.94.39

🇧🇬 193.24.211.107

🇬🇹 190.151.130.5

🇮🇳 152.56.69.248

🇸🇬 43.134.23.177

🇯🇵 20.46.179.93

🇲🇽 200.77.20.167

🇦🇷 190.49.84.107

🇫🇷 144.91.104.226

🇳🇱 91.92.40.240

🇫🇮 74.125.74.19

🇳🇱 31.14.32.8

🇧🇷 200.53.68.82

🇧🇷 200.39.140.203

🇪🇨 200.6.10.8

🇹🇭 118.194.251.17

🇫🇷 91.231.89.115