Check an IP Address, Domain Name, Subnet, or ASN

20.65.195.105 was found in our database!

$ whois 20.65.195.105

country·🇺🇸 United States

city·San Antonio

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 20.65.195.105scoring →

confidence

64%High

first_seen·Jan 22, 2026

last_seen·1h ago

sessions·97

events·122

$ sikker protocols 20.65.195.105

HTTPS

34 / 41

SMTP

18 / 20

HTTP

6 / 16

DOCKER

5 / 7

MONGODB

4 / 6

SIP

5 / 5

ELASTICSEARCH

5 / 5

FTP

4 / 4

SMB

4 / 4

IMAP

2 / 4

TELNET

4 / 4

RDP

2 / 2

SSH

2 / 2

POSTGRES

2 / 2

$ sikker summary 20.65.195.105

20.65.195.105 has a threat confidence score of 64%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 97 honeypot sessions targeting HTTPS, SMTP, HTTP, DOCKER, MONGODB and 9 other protocols. First observed on January 22, 2026, most recently active March 23, 2026.

$ sikker behaviors 20.65.195.105catalog →

infoHttp Root Path Request3x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoDocker Invalid Protocol Probe3x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

infoHttps Root Path Request2x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

$ sikker primitives 20.65.195.105

smtp_ehlo_greeting6 elastic_http_get_request6 docker_get_method5 elastic_http_bad_request_path_probe4 http_method_get3 docker_bad_request_uri3 https_path_root2 elastic_root_path_probe1

$ sikker related 20.65.195.105

Report IP WHOIS Lookup →

IP Address	Confidence	Events
20.102.112.104	82%	2,329
172.190.142.176	65%	1,734
172.202.117.222	67%	118
172.190.220.228	95%	30
20.80.48.86	46%	7

IP Address	Confidence	Events
172.245.195.18	100%	6,217
64.62.156.172	100%	1,528
216.218.206.67	100%	2,171
18.116.101.220	100%	33,382
184.105.247.194	100%	2,775