Check an IP Address, Domain Name, Subnet, or ASN

46.101.166.128 was found in our database!

$ whois 46.101.166.128

country·🇩🇪 Germany

city·Frankfurt am Main

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 46.101.166.128scoring →

confidence

85%Very High

first_seen·Apr 18, 2026

last_seen·49m ago

sessions·68

events·68

$ sikker protocols 46.101.166.128

HTTPS

29 / 29

HTTP

15 / 15

SMTP

14 / 14

IMAP

7 / 7

SSH

2 / 2

FTP

1 / 1

$ sikker summary 46.101.166.128

46.101.166.128 has a threat confidence score of 85%. This IP address from Germany (AS14061, DigitalOcean, LLC) has been observed in 68 honeypot sessions targeting HTTPS, HTTP, SMTP, IMAP, SSH and 1 other protocols. First observed on April 18, 2026, most recently active April 19, 2026.

$ sikker behaviors 46.101.166.128catalog →

infoHttp Http Method Get6x

HTTP request using GET method.

infoHttp Root Path Request6x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoSmtp Tls Capability Probe1x

Automated SMTP interaction performing a minimal capability check by issuing EHLO followed by a STARTTLS upgrade request and immediately terminating the session. This pattern is commonly associated with internet-wide scanners, security research crawlers, or opportunistic bots verifying whether an SMTP service supports encrypted communication. The absence of authentication attempts or message submission indicates reconnaissance or service fingerprinting rather than active abuse.

$ sikker primitives 46.101.166.128

http_method_get12 http_path_bad_request4 https_path_root2 smtp_ehlo_greeting1 smtp_starttls_upgrade_request1

$ sikker related 46.101.166.128

🇩🇪·More threats fromGermany→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→SMTP·More threats targetingSMTP→IMAP·More threats targetingIMAP→SSH·More threats targetingSSH→FTP·More threats targetingFTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
165.22.218.119	93%	11,663
157.230.36.62	56%	4
64.225.60.187	53%	1,266
68.183.40.220	23%	1
159.203.182.124	55%	12

IP Address	Confidence	Events
3.70.95.210	96%	2,113
172.86.67.130	100%	2,056
94.130.218.118	76%	6,084
193.24.210.169	78%	5,217
87.98.242.75	97%	27,867