Check an IP Address, Domain Name, Subnet, or ASN

198.199.68.181 was found in our database!

$ whois 198.199.68.181

country·🇺🇸 United States

city·North Bergen

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 198.199.68.181scoring →

confidence

100%Very High

first_seen·Feb 20, 2026

last_seen·1h ago

sessions·99

events·99

$ sikker protocols 198.199.68.181

SSH

45 / 45

MONGODB

39 / 39

HTTPS

8 / 8

HTTP

5 / 5

RDP

2 / 2

$ sikker summary 198.199.68.181

198.199.68.181 has a threat confidence score of 100%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 99 honeypot sessions targeting SSH, MONGODB, HTTPS, HTTP, RDP protocols. Detected attack patterns include ssh host fingerprint and shell rc immutable removal, http git repository config exposure probe. First observed on February 20, 2026, most recently active March 25, 2026.

$ sikker behaviors 198.199.68.181catalog →

very_highSsh Host Fingerprint And Shell Rc Immutable Removal44x

Execution of a multi-command host fingerprinting script that collects kernel details, architecture, uptime, CPU count and model, GPU information, login history, and binary help characteristics, combined with chattr -i $HOME/.bashrc $HOME/.zshrc 2>/dev/null || true to remove the immutable attribute from user shell initialization files in the current user’s home directory.

highHttp Git Repository Config Exposure Probe1x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

$ sikker primitives 198.199.68.181

ssh_compute_and_environment_fingerprint_script44 unix_chattr_remove_immutable_flag_home_shell_rc44 http_method_get5 http_path_dotgit_config1

$ sikker related 198.199.68.181

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→SSH·More threats targetingSSH→MONG·More threats targetingMONGODB→HTTP·More threats targetingHTTPS→HTTP·More threats targetingHTTP→RDP·More threats targetingRDP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
143.198.132.13	86%	7
209.38.18.27	76%	192
157.230.159.118	34%	18
157.230.44.79	80%	178
157.230.142.81	100%	524

IP Address	Confidence	Events
68.68.101.178	94%	18,983
64.64.116.9	79%	315
92.118.39.72	100%	117,692
216.180.246.214	63%	56
147.185.132.42	97%	352