Check an IP Address, Domain Name, Subnet, or ASN

20.168.122.30 was found in our database!

$ whois 20.168.122.30

country·🇺🇸 United States

city·Phoenix

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 20.168.122.30scoring →

confidence

68%High

first_seen·Jan 31, 2026

last_seen·1h ago

first_reported·Mar 12, 2026

last_reported·5d ago

sessions·32

events·50

reports·1

$ sikker protocols 20.168.122.30

DOCKER

6 / 12

SIP

8 / 11

HTTP

7 / 8

RTSP

2 / 6

MONGODB

2 / 4 / 1r

REDIS

4 / 4

SMTP

1 / 3

MSSQL

2 / 2

$ sikker summary 20.168.122.30

20.168.122.30 has a threat confidence score of 68%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 32 honeypot sessions and reported 1 times targeting DOCKER, SIP, HTTP, RTSP, MONGODB and 3 other protocols. First observed on January 31, 2026, most recently active March 18, 2026.

$ sikker behaviors 20.168.122.30catalog →

infoDocker Invalid Protocol Probe6x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

infoHttp Bad Request Route Probe3x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 20.168.122.30

docker_get_method10 docker_bad_request_uri10 http_method_get4 http_path_bad_request4 redis_mglndd_client_identifier_tag4

$ sikker reports 20.168.122.30submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 12, 2026, 22:53	Brute Force	MONGODB	SikkerGuard: 2 blocked packets

$ sikker related 20.168.122.30

🇺🇸·More threats fromUnited States→AS·More threats fromMicrosoft Corporation→DOCK·More threats targetingDOCKER→SIP·More threats targetingSIP→HTTP·More threats targetingHTTP→RTSP·More threats targetingRTSP→MONG·More threats targetingMONGODB→REDI·More threats targetingREDIS→SMTP·More threats targetingSMTP→MSSQ·More threats targetingMSSQL→{ }·Browse allAttack Patterns→

Report IP WHOIS Lookup →

IP Address	Confidence	Events
172.174.73.162	47%	174
40.124.173.157	74%	119
20.169.104.121	82%	164
20.65.177.212	61%	126
20.118.209.32	57%	149

IP Address	Confidence	Events
92.118.39.62	100%	369,073
66.132.153.119	100%	3,136
5.253.86.23	97%	3,728
20.65.177.212	61%	126
20.118.209.32	57%	149