Check an IP Address, Domain Name, Subnet, or ASN

13.89.124.215 was found in our database!

$ whois 13.89.124.215

country·🇺🇸 United States

city·Des Moines

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 13.89.124.215scoring →

confidence

72%High

first_seen·Jan 21, 2026

last_seen·1h ago

first_reported·Mar 19, 2026

last_reported·12d ago

sessions·69

events·116

reports·1

$ sikker protocols 13.89.124.215

HTTPS

19 / 30

SMTP

10 / 26

HTTP

7 / 15 / 1r

TELNET

8 / 10

FTP

4 / 6

IMAP

4 / 6

SSH

4 / 5

DOCKER

2 / 4

ELASTICSEARCH

2 / 4

SMB

2 / 3

MSSQL

3 / 3

RDP

2 / 2

POSTGRES

2 / 2

$ sikker summary 13.89.124.215

13.89.124.215 has a threat confidence score of 72%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 69 honeypot sessions and reported 1 times targeting HTTPS, SMTP, HTTP, TELNET, FTP and 8 other protocols. First observed on January 21, 2026, most recently active April 1, 2026.

$ sikker behaviors 13.89.124.215catalog →

infoHttp Root Path Request2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 13.89.124.215

smtp_ehlo_greeting6 http_method_get3 https_path_root2 docker_get_method2 elastic_http_get_request2 elastic_http_bad_request_path_probe2 http_path_bad_request1

$ sikker reports 13.89.124.215submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 19, 2026, 22:01	Brute Force	HTTP	SikkerGuard: 2 blocked packets

$ sikker related 13.89.124.215

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.203.234.251	44%	492
20.121.123.108	86%	157
20.219.16.35	95%	1,906
20.65.154.228	70%	155
20.203.42.204	100%	3,136

IP Address	Confidence	Events
45.79.211.97	80%	1,617
205.210.31.10	93%	265
92.118.39.62	100%	385,086
45.79.8.221	81%	1,934
16.58.56.214	100%	38,963