Check an IP Address, Domain Name, Subnet, or ASN

206.189.58.230 was found in our database!

$ whois 206.189.58.230

country·🇩🇪 Germany

city·Frankfurt am Main

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 206.189.58.230scoring →

confidence

86%Very High

first_seen·Apr 4, 2026

last_seen·1m ago

sessions·117

events·117

$ sikker protocols 206.189.58.230

HTTPS

51 / 51

FTP

23 / 23

HTTP

19 / 19

IMAP

18 / 18

SMTP

6 / 6

$ sikker summary 206.189.58.230

206.189.58.230 has a threat confidence score of 86%. This IP address from Germany (AS14061, DigitalOcean, LLC) has been observed in 117 honeypot sessions targeting HTTPS, FTP, HTTP, IMAP, SMTP protocols. First observed on April 4, 2026, most recently active April 6, 2026.

$ sikker behaviors 206.189.58.230catalog →

infoHttps Root Path Request4x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoFtp Tls Upgrade2x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttp Http Method Get2x

HTTP request using GET method.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 206.189.58.230

empty_ftp_command17 http_method_get11 https_path_root5 http_path_bad_request4 ftp_auth_tls2

$ sikker related 206.189.58.230

🇩🇪·More threats fromGermany→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→HTTP·More threats targetingHTTP→IMAP·More threats targetingIMAP→SMTP·More threats targetingSMTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
142.93.224.178	74%	110
165.227.139.253	89%	93
167.172.170.248	86%	77
178.62.224.209	64%	48
159.223.73.209	99%	33

IP Address	Confidence	Events
172.86.95.45	94%	2,641
79.253.109.3	85%	40
158.173.154.36	83%	6,319
164.92.197.17	82%	61
165.227.139.253	89%	92