Dashboard›🇬🇪 GE›91.151.137.4

THREAT REPORT

IP Threat Report
91.151.137.4

ABUSE.MOM — BEHAVE OR GET EXPOSED

Generated: 2026-05-27 20:35:13

First seen: 2026-03-06 02:00:07

Last seen: 2026-03-06 02:00:07

Geolocation & Classification

IP Address

91.151.137.4

Type

Mobile

Country

🇬🇪 GE

City

Tbilisi

ISP

Geocell mobile user network range

Organization

Geocell LLC

Autonomous System

AS42082 JSC "Silknet"

Hit Count

Detection Signatures

Signature	Description	Points
Danger strong hits: 3	High-risk paths: shells, RCE vectors, exploits	+75
Danger medium hits: 2	Medium-risk: admin panels, config files	+20
POST requests present	Behavioral anomaly detected by automated analysis	+8

Σ = 103

Observed Activity

Reconstructed HTTP requests from server access logs. Target domains redacted for security.

[redacted]

GET

200

Requests shown: 1 · HTTP 404: 0 · Dangerous patterns: 0

* Typical request patterns for detected signatures. Actual target domains are redacted.

Timeline

2026-03-06 02:00:07

First malicious request detected

IP entered monitoring from server access logs

During observation

Multiple detection signatures triggered

Danger strong hits: 3 (+75), Danger medium hits: 2 (+20), POST requests present (+8)

2026-03-06 02:00:07

Last malicious request observed

Total score reached: 103/100

Next cycle

IP blocked — all subsequent requests denied (HTTP 403)

Added to blocklist automatically

Network Provider

Geocell mobile user network range

AS42082 · 🇬🇪 GE

Recommendations

Actions taken & recommended

IP 91.151.137.4 is blocked at application level (HTTP 403)
Consider blocking at firewall level (iptables/CSF) to reduce server load
Report abuse to the network provider via their abuse contact
Ensure sensitive files (.env, .git, backups) are not accessible from the web

⚙️ General Security

Add 91.151.137.4 to your firewall blocklist. Review logs for successful connections. Enable comprehensive logging on all public-facing services.

Blacklist Status (DNSBL)

This IP was checked against major DNS-based blacklists used by mail servers and firewalls worldwide.

⛔ LISTED

Spamhaus ZEN

Checked: Spamhaus, SpamCop, Barracuda, SORBS, CBL, UCEProtect. Results may change over time.

Threat Analysis

91.151.137.4 has been assigned a threat score of 103/100 (Critical). This represents a critical risk level. Our detection systems have flagged multiple high-confidence indicators of malicious intent from this address.

📊 Threat Analysis

Network traffic from 91.151.137.4, located in Tbilisi, GE, operating on the network of Geocell mobile user network range, has been classified as malicious by our automated threat scoring engine. The address has been active for 1 days in our monitoring system, producing 1 flagged requests at a rate of ~1/day. The address belongs to a mobile carrier network. The sustained pattern of malicious requests indicates either a compromised device or deliberate abuse. Our records show 41 malicious IPs originating from GE, positioning it as a notable contributor to global threat activity. At 103/100, this is an extremely high-risk address. All traffic should be considered hostile.

Related Threats

🇬🇪 Top threats from GE

89.249.72.141 (105)89.249.72.136 (105)72.56.59.23 (105)89.249.72.145 (105)72.56.50.17 (105)View all →

🏢 Same network: AS42082

View all →

Security Intelligence

💡 WordPress-Specific Attack Vectors

WordPress sites face constant automated attacks targeting xmlrpc.php for brute force amplification, wp-login.php for credential theft, and vulnerable plugins for remote code execution. Over 90% of CMS-based attacks specifically target WordPress installations.

💡 IPv6 Scanning Challenges

The vast IPv6 address space makes traditional sequential scanning impractical. However, attackers use DNS records, certificate transparency logs, and predictable address patterns to identify active IPv6 hosts, adapting their techniques to the expanded address space.

🔍 Check Any IP Address

Share this report:

IP Threat Report91.151.137.4

⛔ Verdict: BLOCK