JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 91.196.152.249

91.196.152.249 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 55%: ?

55%

ISP	FR ONYPHE
Usage Type	Commercial
ASN	AS213412
Hostname(s)	cervantes.probe.onyphe.net
Domain Name	onyphe.io
Country	🇫🇷 France
City	Roubaix, Hauts-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 91.196.152.249

Whois 91.196.152.249

IP Abuse Reports for 91.196.152.249:

This IP address has been reported a total of 177 times from 40 distinct sources. 91.196.152.249 was first reported on March 11th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-25 03:10:58 (1 day ago)	Brute force	Brute-Force
🇸🇰 KZP	2026-06-24 11:01:19 (2 days ago)	Automatic report from KZP firewall log.	Port Scan Hacking Brute-Force
🇩🇪 filstal.org	2026-06-24 08:29:12 (2 days ago)	Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels an ... show more Web reconnaissance detected: automated probing for sensitive files, backup archives, admin panels and known vulnerability paths. show less	Hacking Brute-Force Web App Attack
🇺🇸 kosada.com	2026-06-18 06:19:24 (1 week ago)	Web vulnerability probing: /CHANGELOG.txt	Web App Attack
🇪🇸 librebit	2026-06-17 04:29:56 (1 week ago)	Brute force	Brute-Force
🇺🇸 MPL	2026-06-15 20:38:56 (1 week ago)	tcp/8020 (10 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-12 05:52:31 (2 weeks ago)	tcp/8020 (5 or more attempts)	Port Scan
🇪🇸 librebit	2026-06-11 08:06:15 (2 weeks ago)	Brute force	Brute-Force
🇸🇰 KZP	2026-06-10 11:01:03 (2 weeks ago)	Automatic report from KZP firewall log.	Port Scan Hacking Brute-Force
🇩🇪 NxtGenIT	2026-06-05 18:33:58 (3 weeks ago)	CiscoASA Honeypot hit, Payload: "GET /+CSCOL+/csvrloader.jar HTTP/1.1" 404 -,	Brute-Force
🇺🇸 kosada.com	2026-06-04 06:41:47 (3 weeks ago)	Web vulnerability probing: /CHANGELOG.txt	Web App Attack
🇮🇷 mreza Rajabi	2026-06-03 12:10:00 (3 weeks ago)	Suspicious attempt for accessing ECP from Autodiscover.	Web App Attack
🇸🇮 administrator	2026-05-30 22:18:28 (3 weeks ago)	2026-05-31 00:05:52,524 fail2ban.actions [264721]: NOTICE [apache-auth] Ban 91.196.152.249 . ... show more 2026-05-31 00:05:52,524 fail2ban.actions [264721]: NOTICE [apache-auth] Ban 91.196.152.249 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇸🇮 administrator	2026-05-30 12:00:05 (3 weeks ago)	2026-05-26 00:03:30,702 fail2ban.actions [1070]: NOTICE [apache-auth] Ban 91.196.152.249 ...	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇨🇭 SOC [GOLINE SA]	2026-05-28 11:07:13 (4 weeks ago)	FortiGate detected IPS attack from IPv4 address 91.196.152.249	Hacking

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.167.205.232

🇰🇷 222.110.147.58

🇺🇸 206.189.238.249

🇷🇺 178.178.245.238

🇺🇸 165.154.255.63

🇻🇳 103.77.215.69

🇳🇱 91.92.40.176

🇨🇳 60.214.154.254

🇬🇧 35.203.211.69

🇺🇸 23.239.184.31

🇧🇬 5.188.206.66

🇨🇳 223.167.205.24

🇹🇼 218.34.159.116

🇳🇱 217.121.1.91

🇧🇩 210.4.68.72

🇸🇬 151.246.1.47

🇳🇱 91.92.40.66

🇩🇪 69.5.169.99

🇺🇸 45.79.92.218

🇨🇳 36.35.165.240