JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.239.206.69

91.239.206.69 was found in our database!

This IP was reported 44 times. Confidence of Abuse is 30%: ?

30%

ISP	Proservice LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47810
Hostname(s)	mail.gocash.ge
Domain Name	proservice.ge
Country	🇬🇪 Georgia
City	Tbilisi, Tbilisi

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.239.206.69

Whois 91.239.206.69

IP Abuse Reports for 91.239.206.69:

This IP address has been reported a total of 44 times from 28 distinct sources. 91.239.206.69 was first reported on June 6th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-12 19:41:41 (1 week ago)	(smtpauth) Failed SMTP AUTH login from 91.239.206.69 (GE/Georgia/mail.gocash.ge)	Brute-Force
🇧🇷 rdlmda	2026-06-07 15:45:00 (2 weeks ago)	IRC phishing campaign	Phishing
Anonymous	2026-06-04 16:45:11 (2 weeks ago)	Attac	Brute-Force
Anonymous	2026-06-03 23:38:19 (2 weeks ago)	91.239.206.69 - - [04/Jun/2026:01:37:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.1 ... show more 91.239.206.69 - - [04/Jun/2026:01:37:58 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.1; WordPress/6.4; http://site89541866.com" 91.239.206.69 - - [04/Jun/2026:01:38:00 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.1; WordPress/6.4; http://site89541866.com" 91.239.206.69 - - [04/Jun/2026:01:38:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" 91.239.206.69 - - [04/Jun/2026:01:38:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)" 91.239.206.69 - - [04/Jun/2026:01:38:18 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/13.0; WordPress/6.3; http://site91716137.com" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 23:12:50 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:12:44.372267 2026] [security2:error] [pid 18616:tid 18616] [client 91.239.206.69:23829] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 91.239.206.69 (+1 hits since last alert)\|ohanameetup.party\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ohanameetup.party"] [uri "/xmlrpc.php"] [unique_id "aiC07HATlCO8B6YVudXdTwAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-03 17:46:04 (2 weeks ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 20:44:09 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 16:44:02.957500 2026] [security2:error] [pid 5866:tid 5866] [client 91.239.206.69:24643] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 91.239.206.69 (+1 hits since last alert)\|yerevanpress.am\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yerevanpress.am"] [uri "/xmlrpc.php"] [unique_id "ah9AkokHh0drmxfAyfY5VwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:43:26 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:43:19.488326 2026] [security2:error] [pid 18266:tid 18304] [client 91.239.206.69:23187] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 91.239.206.69 (+1 hits since last alert)\|maryschalkdesign.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "maryschalkdesign.com"] [uri "/xmlrpc.php"] [unique_id "ah8yV-QyR2rJJ3CbcdEbAAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 18:55:26 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:55:21.469596 2026] [security2:error] [pid 17574:tid 17574] [client 91.239.206.69:36365] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 91.239.206.69 (+1 hits since last alert)\|hiidied.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hiidied.com"] [uri "/xmlrpc.php"] [unique_id "ah8nGZZaj65ps0pKKofnxQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 16:53:21 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 3 ... show more (mod_security) mod_security (id:240335) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 12:53:15.066638 2026] [security2:error] [pid 9505:tid 9505] [client 91.239.206.69:37619] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 91.239.206.69 (+1 hits since last alert)\|drjasonkolber.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drjasonkolber.com"] [uri "/xmlrpc.php"] [unique_id "ah8Ke_lHwwBKH9iifVdY5gAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 00:14:14 (2 weeks ago)	Attac	Brute-Force
🇺🇸 threatintelligence_bvc	2026-03-26 23:23:50 (2 months ago)		Brute-Force
🇧🇪 cmbplf	2026-02-07 02:28:00 (4 months ago)	224 requests with url.path /.well-known/acme-challenge/.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-02-06 21:54:40 (4 months ago)	(mod_security) mod_security (id:240000) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 3 ... show more (mod_security) mod_security (id:240000) triggered by 91.239.206.69 (mail.gocash.ge): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 06 16:54:33.059896 2026] [security2:error] [pid 25824:tid 25824] [client 91.239.206.69:49135] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|literarylights.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "literarylights.com"] [uri "/images/stories/themes.php"] [unique_id "aYZjGR-udcee2xT7h9tyWwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-02-06 21:42:56 (4 months ago)	Scraping with a high error ratio and request rate	Bad Web Bot

Showing 1 to 15 of 44 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇫 149.54.62.66

🇮🇳 147.93.152.181

🇮🇳 117.221.136.101

🇧🇩 103.158.206.236

🇺🇸 73.27.33.174

🇺🇸 66.132.172.135

🇺🇸 38.148.249.2

🇺🇸 195.184.76.34

🇭🇰 193.176.211.51

🇵🇰 160.187.180.175

🇺🇸 107.150.102.199

🇮🇳 103.159.44.140

🇮🇳 103.39.245.69

🇺🇸 67.207.95.203

🇺🇸 65.110.40.249

🇩🇪 47.254.149.208

🇵🇷 24.50.227.93

🇸🇬 15.235.224.64

🇦🇺 209.38.80.203

🇳🇵 202.70.72.87