Check an IP Address, Domain Name, Subnet, or ASN

185.233.247.245 was found in our database!

$ whois 185.233.247.245

country·🇹🇷 Türkiye

isp·Veganet Teknolojileri ve Hizmetleri LTD STI

asn·AS206119

network·Standard

$ sikker risk 185.233.247.245scoring →

confidence

97%Very High

first_seen·Feb 3, 2026

last_seen·1h ago

sessions·14,302

events·14,313

$ sikker protocols 185.233.247.245

SSH

14,100 / 14,111

HTTPS

89 / 89

HTTP

83 / 83

SIP

17 / 17

RDP

7 / 7

ELASTICSEARCH

6 / 6

$ sikker summary 185.233.247.245

185.233.247.245 has a threat confidence score of 97%. This IP address from Türkiye (AS206119, Veganet Teknolojileri ve Hizmetleri LTD STI) has been observed in 14,302 honeypot sessions targeting SSH, HTTPS, HTTP, SIP, RDP and 1 other protocols. First observed on February 3, 2026, most recently active April 30, 2026.

$ sikker behaviors 185.233.247.245catalog →

lowSip Options Capability Probe Structured17x

Automated SIP OPTIONS requests used to validate reachable VoIP endpoints and enumerate service capabilities without initiating a call session. The client sends standalone OPTIONS probes with high-entropy or unusually long Call-ID values, a pattern commonly associated with scripted scanning frameworks or VoIP reconnaissance tooling. Such activity is typically observed during infrastructure discovery phases where attackers identify responsive SIP servers, supported methods, and potential targets for toll fraud, brute-force registration attempts, or later exploitation campaigns.

infoHttp Http Method Get30x

HTTP request using GET method.

infoHttp Root Path Request30x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request19x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe4x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 185.233.247.245

http_method_get54 https_path_root19 sip_call_id_long_numeric17 sip_call_id_alphanumeric_entropy17 elastic_http_get_request10 http_path_bad_request7 elastic_http_bad_request_path_probe6 elastic_root_path_probe4

$ sikker related 185.233.247.245

🇹🇷·More threats fromTürkiye→AS·More threats fromVeganet Teknolojileri ve Hizmetleri LTD STI→SSH·More threats targetingSSH→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→SIP·More threats targetingSIP→RDP·More threats targetingRDP→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
93.157.189.254	35%	3
185.174.21.32	62%	1
185.233.245.197	23%	1

IP Address	Confidence	Events
194.5.237.223	96%	9,331
213.161.138.181	92%	24
89.252.142.237	96%	2,573
213.43.12.19	23%	1
176.90.100.236	23%	1