Check an IP Address, Domain Name, Subnet, or ASN

193.142.146.230 was found in our database!

$ whois 193.142.146.230

country·🇩🇪 Germany

isp·ColocaTel Inc.

asn·AS213438

network·Standard

$ sikker risk 193.142.146.230scoring →

confidence

100%Very High

first_seen·Jan 20, 2026

last_seen·11m ago

first_reported·Feb 25, 2026

last_reported·29d ago

sessions·12,022

events·39,199

reports·96

$ sikker protocols 193.142.146.230

DOCKER

6,939 / 30,698

HTTP

5,073 / 8,486 / 95r

HTTPS

10 / 15

$ sikker summary 193.142.146.230

193.142.146.230 has a threat confidence score of 100%. This IP address from Germany (AS213438, ColocaTel Inc.) has been observed in 12,022 honeypot sessions and reported 96 times targeting DOCKER, HTTP, HTTPS protocols. Detected attack patterns include docker remote exec via api. First observed on January 20, 2026, most recently active April 13, 2026.

$ sikker behaviors 193.142.146.230catalog →

highDocker Remote Exec Via Api4x

Attacker interaction with an exposed Docker Engine API resulting in container enumeration followed by remote command execution inside running containers. The sequence of GET /containers/json and subsequent POST /containers/{id}/exec and /exec/{id}/start calls represents deliberate hands-on-keyboard activity where the adversary uses the Docker daemon as a control plane to execute commands, deploy payloads, or pivot further within the host environment. This behavior reflects active container abuse observed directly through high-interaction honeypot instrumentation.

infoHttp Root Path Request500x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Http Method Get499x

HTTP request using GET method.

$ sikker primitives 193.142.146.230

docker_post_method51503 docker_container_exec_path20605 docker_exec_start_endpoint20600 docker_get_method15654 docker_list_containers_endpoint10401 http_method_get515

$ sikker reports 193.142.146.230submit →

Showing 5 of 25 reports (96 total) from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 14, 2026, 17:55	Brute Force	HTTP	SikkerGuard: 2 blocked packets
User	Mar 14, 2026, 14:43	Brute Force	HTTP	SikkerGuard: 2 blocked packets
User	Mar 14, 2026, 07:43	Brute Force	HTTP	SikkerGuard: 2 blocked packets
User	Mar 14, 2026, 03:46	Brute Force	HTTP	SikkerGuard: 2 blocked packets
User	Mar 14, 2026, 24:39	Brute Force	—	SikkerGuard: 2 blocked packets

1 / 5

$ sikker related 193.142.146.230

🇩🇪·More threats fromGermany→AS·More threats fromColocaTel Inc.→DOCK·More threats targetingDOCKER→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
85.11.167.2	93%	45,505
85.11.167.114	97%	32
85.11.167.11	85%	5,417
5.253.86.23	97%	13,658
85.11.167.89	36%	1

IP Address	Confidence	Events
144.24.167.42	97%	4,457
194.164.192.90	98%	24,554
146.0.42.48	86%	69,476
85.215.148.205	97%	2,242
107.150.117.60	96%	1,231