Check an IP Address, Domain Name, Subnet, or ASN

135.233.112.94 was found in our database!

$ whois 135.233.112.94

country·🇺🇸 United States

city·Des Moines

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 135.233.112.94scoring →

confidence

76%High

first_seen·Jan 22, 2026

last_seen·1h ago

first_reported·Mar 22, 2026

last_reported·12h ago

sessions·70

events·116

reports·1

$ sikker protocols 135.233.112.94

HTTPS

19 / 32

SMTP

10 / 18

MONGODB

8 / 14

HTTP

5 / 13

SMB

8 / 11

DOCKER

2 / 8

SSH

6 / 6 / 1r

POSTGRES

4 / 4

SIP

1 / 3

IMAP

2 / 2

MSSQL

2 / 2

ELASTICSEARCH

2 / 2

RTSP

1 / 1

$ sikker summary 135.233.112.94

135.233.112.94 has a threat confidence score of 76%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 70 honeypot sessions and reported 1 times targeting HTTPS, SMTP, MONGODB, HTTP, SMB and 8 other protocols. First observed on January 22, 2026, most recently active March 23, 2026.

$ sikker behaviors 135.233.112.94catalog →

lowRtsp Options Probe1x

Client sends RTSP OPTIONS requests to check supported methods and confirm that an RTSP service is exposed, then disconnects without attempting authentication or stream setup. This pattern is typically associated with automated reconnaissance or internet-wide scanning rather than active stream access.

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 135.233.112.94

docker_bad_request_uri10 smtp_ehlo_greeting5 http_method_get3 docker_get_method3 elastic_http_get_request3 elastic_http_bad_request_path_probe2 rtsp_options1 https_path_root1

$ sikker reports 135.233.112.94submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 22, 2026, 14:51	Brute Force	SSH	SikkerGuard: 2 blocked packets

$ sikker related 135.233.112.94

Report IP WHOIS Lookup →

IP Address	Confidence	Events
20.102.112.104	82%	2,055
20.65.194.123	85%	149
20.169.108.13	47%	32
20.106.195.24	76%	119
20.102.117.55	51%	104

IP Address	Confidence	Events
185.238.231.121	80%	4,657
15.220.31.170	58%	21
18.116.101.220	100%	32,926
92.118.39.63	100%	52,090
3.129.187.38	100%	31,008