91.196.152.156

Basic Info

City: Roubaix

Region: Hauts-de-France

Country: France

Internet Service Provider: AT&T

Hostname: unknown

Organization: unknown

Usage Type: unknown

Comments:

Make a comment on this IP

No discussion about this IP yet. Click above link to make one.

Comments on same subnet:

IP	Type	Details	Datetime
91.196.152.52	attack	Bad IP	2025-03-20 22:02:16

Whois info:

% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See https://docs.db.ripe.net/terms-conditions.html

% Note: this output has been filtered.
%       To receive output for a database update, use the "-B" flag.

% Information related to '91.196.152.0 - 91.196.152.255'

% Abuse contact for '91.196.152.0 - 91.196.152.255' is 'abuse@onyphe.io'

inetnum:        91.196.152.0 - 91.196.152.255
geofeed:        https://www.onyphe.io/geofeed.csv
descr:          -----BEGIN TOKEN-----a98a05ac40ade1d4135ddd523e9353074e373301e28e7d88a7e6349edb03e450ee409b1aaa323d36638426dbd62e6793ac822688db8516dac3225ddbf3e04be5-----END TOKEN-----
remarks:        We are conducting Internet-scale network scanning to provide information
remarks:        for cyber defense purposes. We scan the full IPv4 address space and part
remarks:        of IPv6 address space. We are in no way targeting you specifically, you
remarks:        are just part of what is connected on the Internet. Our complete list
remarks:        of our IP ranges is available here: https://www.onyphe.io/ip-ranges.txt
remarks:        Opt-out by sending your IP ranges at: abuse at onyphe dot io
netname:        FR-ONYPHE-20221220
country:        FR
org:            ORG-OS381-RIPE
admin-c:        AA44525-RIPE
tech-c:         AA44525-RIPE
status:         ALLOCATED PA
mnt-by:         lir-fr-onyphe-1-MNT
mnt-by:         RIPE-NCC-HM-MNT
created:        2025-02-13T11:06:31Z
last-modified:  2025-03-09T09:40:40Z
source:         RIPE

organisation:   ORG-OS381-RIPE
org-name:       ONYPHE SAS
country:        FR
org-type:       LIR
address:        5 place Franois Mic
address:        29233
address:        Clder
address:        FRANCE
phone:          +33 (0) 972 66 1884
admin-c:        AA44525-RIPE
tech-c:         AA44525-RIPE
abuse-c:        AR77640-RIPE
mnt-ref:        lir-fr-onyphe-1-MNT
mnt-by:         RIPE-NCC-HM-MNT
mnt-by:         lir-fr-onyphe-1-MNT
created:        2025-02-05T16:10:26Z
last-modified:  2025-11-13T14:10:50Z
source:         RIPE # Filtered

role:           Admin
address:        FRANCE
address:        Clder
address:        29233
address:        5 place Franois Mic
phone:          +33 (0) 972 66 1884
nic-hdl:        AA44525-RIPE
mnt-by:         lir-fr-onyphe-1-MNT
created:        2025-02-05T16:10:25Z
last-modified:  2025-11-26T10:39:42Z
source:         RIPE # Filtered

% Information related to '91.196.152.0/24AS213412'

route:          91.196.152.0/24
origin:         AS213412
mnt-by:         lir-fr-onyphe-1-MNT
created:        2025-02-14T13:01:03Z
last-modified:  2025-02-14T13:01:03Z
source:         RIPE

% This query was served by the RIPE Database Query Service version 1.121.2 (BUSA)

Dig info:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 91.196.152.156
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 43972
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;91.196.152.156.			IN	A

;; AUTHORITY SECTION:
.			29	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2026042500 1800 900 604800 86400

;; Query time: 32 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Apr 25 19:31:04 CST 2026
;; MSG SIZE  rcvd: 107

Host info

156.152.196.91.in-addr.arpa domain name pointer laura.probe.onyphe.net.

Nslookup info:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
156.152.196.91.in-addr.arpa	name = laura.probe.onyphe.net.

Authoritative answers can be found from:

Related IP info:

Related comments:

IP	Type	Details	Datetime
70.132.28.148	attackbotsspam	Automatic report generated by Wazuh	2019-08-31 00:22:14
27.71.208.194	attackspambots	Unauthorized connection attempt from IP address 27.71.208.194 on Port 445(SMB)	2019-08-30 23:33:53
117.6.133.148	attackbotsspam	Unauthorized connection attempt from IP address 117.6.133.148 on Port 445(SMB)	2019-08-31 00:19:58
139.255.87.189	attackspambots	SMB Server BruteForce Attack	2019-08-31 00:12:01
151.237.174.46	attackbotsspam	Unauthorized connection attempt from IP address 151.237.174.46 on Port 445(SMB)	2019-08-30 23:37:34
109.202.25.217	attackspam	Unauthorized connection attempt from IP address 109.202.25.217 on Port 445(SMB)	2019-08-30 23:36:52
139.210.54.99	attack	Unauthorised access (Aug 30) SRC=139.210.54.99 LEN=40 TTL=49 ID=61377 TCP DPT=23 WINDOW=25385 SYN	2019-08-31 00:14:49
42.231.227.41	attackspambots	firewall-block, port(s): 23/tcp	2019-08-31 00:30:04
51.254.53.32	attack	Repeated brute force against a port	2019-08-30 23:59:30
137.63.184.100	attack	Aug 30 17:15:45 minden010 sshd[31495]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.63.184.100 Aug 30 17:15:48 minden010 sshd[31495]: Failed password for invalid user samples from 137.63.184.100 port 41350 ssh2 Aug 30 17:20:57 minden010 sshd[5573]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=137.63.184.100 ...	2019-08-30 23:38:21
14.142.99.134	attack	Unauthorized connection attempt from IP address 14.142.99.134 on Port 445(SMB)	2019-08-31 00:31:16
185.189.115.37	attackspambots	Aug 30 16:50:30 [host] sshd[19585]: Invalid user master from 185.189.115.37 Aug 30 16:50:30 [host] sshd[19585]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=185.189.115.37 Aug 30 16:50:33 [host] sshd[19585]: Failed password for invalid user master from 185.189.115.37 port 26012 ssh2	2019-08-31 00:02:33
5.135.101.228	attackspam	Aug 30 10:39:22 hb sshd\[15475\]: Invalid user jboss from 5.135.101.228 Aug 30 10:39:22 hb sshd\[15475\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=noxia.org Aug 30 10:39:24 hb sshd\[15475\]: Failed password for invalid user jboss from 5.135.101.228 port 36118 ssh2 Aug 30 10:43:24 hb sshd\[15808\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=noxia.org user=root Aug 30 10:43:26 hb sshd\[15808\]: Failed password for root from 5.135.101.228 port 53474 ssh2	2019-08-30 23:54:51
59.124.85.195	attackspam	Aug 30 18:32:35 MK-Soft-Root1 sshd\[26431\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.85.195 user=root Aug 30 18:32:38 MK-Soft-Root1 sshd\[26431\]: Failed password for root from 59.124.85.195 port 45072 ssh2 Aug 30 18:38:30 MK-Soft-Root1 sshd\[27326\]: Invalid user administrues from 59.124.85.195 port 60874 Aug 30 18:38:30 MK-Soft-Root1 sshd\[27326\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=59.124.85.195 ...	2019-08-31 00:41:08
104.248.138.103	attack	php WP PHPmyadamin ABUSE blocked for 12h	2019-08-31 00:34:54

Recently Reported IPs

121.40.196.207	112.111.200.61	91.196.152.67	2606:4700:10::6814:6096
2606:4700:10::6814:4628	104.243.35.45	68.183.216.224	68.183.223.205
20.65.194.105	161.35.70.8	27.115.124.159	162.63.216.193
26.134.42.148	72.255.32.50	45.142.154.103	192.175.111.232
123.14.90.33	2606:4700:10::6814:8913	8.36.72.235	123.51.239.160