Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
91.196.152.116 has a threat confidence score of 65%. This IP address from France (AS213412, ONYPHE SAS) has been observed in 60 honeypot sessions targeting SSH, IMAP, DOCKER, HTTP, HTTPS and 8 other protocols. First observed on January 22, 2026, most recently active March 20, 2026.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.
Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration
FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.
FTP session where the client issues AUTH TLS to upgrade the connection to TLS and then terminates the session with QUIT without performing further commands. This reflects minimal interaction limited to encryption negotiation and immediate disconnect, commonly observed in capability testing or automated probing.