Check an IP Address, Domain Name, Subnet, or ASN

206.189.66.236 was found in our database!

$ whois 206.189.66.236

country·🇺🇸 United States

city·Santa Clara

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 206.189.66.236scoring →

confidence

64%High

first_seen·Mar 7, 2026

last_seen·1h ago

sessions·29

events·29

$ sikker protocols 206.189.66.236

FTP

11 / 11

RDP

7 / 7

HTTP

7 / 7

HTTPS

4 / 4

$ sikker summary 206.189.66.236

206.189.66.236 has a threat confidence score of 64%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 29 honeypot sessions targeting FTP, RDP, HTTP, HTTPS protocols. First observed on March 7, 2026, most recently active March 25, 2026.

$ sikker behaviors 206.189.66.236catalog →

mediumRdp Nla Ntlm Authentication Attempt2x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 206.189.66.236

http_method_get6 rdp_nla_ntlm_auth2 ftp_help_request1

$ sikker related 206.189.66.236

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→FTP·More threats targetingFTP→RDP·More threats targetingRDP→HTTP·More threats targetingHTTP→HTTP·More threats targetingHTTPS→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
143.198.132.13	79%	4
134.199.175.160	47%	4
146.190.79.63	100%	1,189
134.199.197.153	58%	230
178.128.191.134	74%	36

IP Address	Confidence	Events
192.210.186.10	96%	164
71.6.232.29	95%	981
198.235.24.236	98%	297
13.83.90.155	99%	40
92.118.39.56	100%	117,573