Check an IP Address, Domain Name, Subnet, or ASN

209.38.224.169 was found in our database!

$ whois 209.38.224.169

country·🇩🇪 Germany

city·Frankfurt am Main

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 209.38.224.169scoring →

confidence

84%Very High

first_seen·Apr 18, 2026

last_seen·1h ago

sessions·39

events·40

$ sikker protocols 209.38.224.169

HTTPS

12 / 12

FTP

11 / 11

HTTP

6 / 6

SMTP

5 / 6

SMB

2 / 2

IMAP

2 / 2

TELNET

1 / 1

$ sikker summary 209.38.224.169

209.38.224.169 has a threat confidence score of 84%. This IP address from Germany (AS14061, DigitalOcean, LLC) has been observed in 39 honeypot sessions targeting HTTPS, FTP, HTTP, SMTP, SMB and 2 other protocols. First observed on April 18, 2026, most recently active April 19, 2026.

$ sikker behaviors 209.38.224.169catalog →

infoHttp Http Method Get2x

HTTP request using GET method.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoFtp Tls Upgrade1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 209.38.224.169

empty_ftp_command8 http_method_get4 http_path_bad_request2 ftp_auth_tls1 https_path_root1

$ sikker related 209.38.224.169

🇩🇪·More threats fromGermany→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTPS→FTP·More threats targetingFTP→HTTP·More threats targetingHTTP→SMTP·More threats targetingSMTP→SMB·More threats targetingSMB→IMAP·More threats targetingIMAP→TELN·More threats targetingTELNET→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
192.81.216.66	75%	24
165.227.98.222	91%	4,414
142.93.145.126	94%	1,809
137.184.98.37	92%	1,280
152.42.237.127	100%	135

IP Address	Confidence	Events
193.124.20.247	60%	17
45.65.112.108	86%	1,465
216.24.213.226	88%	13,886
87.98.242.75	97%	27,334
178.104.67.249	85%	1,076