Check an IP Address, Domain Name, Subnet, or ASN

135.237.127.94 was found in our database!

$ whois 135.237.127.94

country·🇺🇸 United States

city·Washington

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 135.237.127.94scoring →

confidence

73%High

first_seen·Jan 21, 2026

last_seen·1h ago

sessions·141

events·176

$ sikker protocols 135.237.127.94

HTTPS

38 / 41

HTTP

17 / 33

SMTP

12 / 14

MONGODB

9 / 13

IMAP

12 / 12

TELNET

10 / 12

SSH

8 / 11

ELASTICSEARCH

8 / 8

POSTGRES

7 / 7

WINRM

2 / 6

SMB

4 / 5

DOCKER

5 / 5

FTP

4 / 4

MSSQL

2 / 2

REDIS

2 / 2

SIP

1 / 1

$ sikker summary 135.237.127.94

135.237.127.94 has a threat confidence score of 73%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 141 honeypot sessions targeting HTTPS, HTTP, SMTP, MONGODB, IMAP and 11 other protocols. First observed on January 21, 2026, most recently active March 29, 2026.

$ sikker behaviors 135.237.127.94catalog →

infoHttp Root Path Request4x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request4x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoHttp Bad Request Route Probe3x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

infoFtp Tls Upgrade2x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

$ sikker primitives 135.237.127.94

elastic_http_get_request10 http_method_get7 docker_get_method5 elastic_http_bad_request_path_probe5 https_path_root4 mongodb_buildinfo3 http_path_bad_request3 ftp_auth_tls2 smtp_ehlo_greeting2 elastic_root_path_probe2 redis_mglndd_client_identifier_tag1

$ sikker related 135.237.127.94

Report IP WHOIS Lookup →

IP Address	Confidence	Events
20.127.210.151	62%	54
20.163.60.228	88%	179
40.76.137.53	75%	254
48.217.87.78	44%	449
20.46.225.117	68%	193

IP Address	Confidence	Events
68.68.101.178	95%	66,793
45.61.184.223	99%	25,693
167.94.146.50	50%	3,007
45.61.184.184	96%	115
154.23.188.210	95%	1,196