Check an IP Address, Domain Name, Subnet, or ASN

67.205.153.228 was found in our database!

$ whois 67.205.153.228

country·🇺🇸 United States

city·North Bergen

isp·DigitalOcean, LLC

asn·AS14061

network·Standard

$ sikker risk 67.205.153.228scoring →

confidence

81%Very High

first_seen·Feb 27, 2026

last_seen·1h ago

sessions·53

events·53

$ sikker protocols 67.205.153.228

REDIS

41 / 41

HTTPS

7 / 7

RDP

3 / 3

HTTP

2 / 2

$ sikker summary 67.205.153.228

67.205.153.228 has a threat confidence score of 81%. This IP address from United States (AS14061, DigitalOcean, LLC) has been observed in 53 honeypot sessions targeting REDIS, HTTPS, RDP, HTTP protocols. Detected attack patterns include http git repository config exposure probe. First observed on February 27, 2026, most recently active March 26, 2026.

$ sikker behaviors 67.205.153.228catalog →

highHttp Git Repository Config Exposure Probe1x

Identifies HTTP GET requests targeting /.git/config, indicating attempts to access exposed Git repository configuration files. Successful access may enable repository reconstruction, credential harvesting, or source code disclosure.

mediumRdp Nla Ntlm Authentication Attempt1x

Identifies RDP clients attempting authentication using Network Level Authentication (NLA) with the NTLM challenge-response protocol. This occurs during the CredSSP negotiation phase before a remote desktop session is established and indicates an active credential authentication attempt against the RDP service

infoHttp Root Path Request1x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 67.205.153.228

http_method_get3 https_path_root2 redis_info_uppercase2 rdp_nla_ntlm_auth1 http_path_dotgit_config1

$ sikker related 67.205.153.228

🇺🇸·More threats fromUnited States→AS·More threats fromDigitalOcean, LLC→REDI·More threats targetingREDIS→HTTP·More threats targetingHTTPS→RDP·More threats targetingRDP→HTTP·More threats targetingHTTP→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
206.189.80.102	100%	719
178.128.115.151	75%	46
159.89.53.20	99%	126
104.236.88.138	80%	281
46.101.82.104	81%	321

IP Address	Confidence	Events
184.105.247.252	100%	2,676
45.61.184.223	99%	12,942
67.20.231.38	23%	1
66.132.224.234	84%	56
3.129.187.38	100%	32,855