Check an IP Address, Domain Name, Subnet, or ASN

167.172.221.232 was found in our database!

$ whois 167.172.221.232

country·🇺🇸 United States

city·Santa Clara

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 167.172.221.232scoring →

confidence

68%High

first_seen·Feb 28, 2026

last_seen·1h ago

sessions·13

events·13

$ sikker protocols 167.172.221.232

HTTPS

9 / 9

HTTP

2 / 2

ELASTICSEARCH

2 / 2

$ sikker summary 167.172.221.232

167.172.221.232 has a threat confidence score of 68%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 13 honeypot sessions targeting HTTPS, HTTP, ELASTICSEARCH protocols. Detected attack patterns include http git repository config exposure probe. First observed on February 28, 2026, most recently active March 25, 2026.

$ sikker behaviors 167.172.221.232catalog →

highHttp Git Repository Config Exposure Probe1x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 167.172.221.232

elastic_http_get_request18 elastic_http_bad_request_path_probe12 http_method_get3 elastic_root_path_probe3 https_path_root2 http_path_dotgit_config1 elastic_nodes_enumeration1

$ sikker related 167.172.221.232

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→ELAS·More threats targetingELASTICSEARCH→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
167.99.232.193	75%	70
157.230.44.79	80%	175
157.230.156.190	70%	38
188.226.148.205	79%	10,058
68.183.234.194	100%	1,436

IP Address	Confidence	Events
45.61.184.223	99%	9,267
162.254.3.130	86%	19,689
208.115.124.202	78%	98
157.230.156.190	70%	38
87.121.84.95	84%	54