20.84.145.84 — Microsoft Corporation, US — Medium (59%)

Check an IP Address, Domain Name, Subnet, or ASN

20.84.145.84 was found in our database!

Confidence Level

59%

Medium?

Geolocation

🇺🇸

United StatesDes Moines

ISPMicrosoft Corporation

ASNAS8075

Activity Timeline

First seenJan 22, 2026, 10:17 AM

Last seen1h ago

62Sessions

93Events

Protocol Breakdown

HTTPS

13 / 27

HTTP

6 / 12

MONGODB

10 / 12

SIP

8 / 8

SSH

4 / 7

SMB

4 / 6

SMTP

4 / 6

FTP

4 / 4

IMAP

4 / 4

DOCKER

2 / 4

POSTGRES

3 / 3

20.84.145.84 has a moderate threat confidence level of 59%, originating from Des Moines, United States, on the Microsoft Corporation network (8075). It has been observed across 62 sessions targeting HTTPS, HTTP, MONGODB, SIP, SSH and 6 other protocols, First observed on January 22, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Http Root Path Request

info2x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

Ftp Tls Upgrade

info1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

Https Root Path Request

info1x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

Primitives

Individual actions observed

Http Method Get2 Ftp Auth Tls1 Https Path Root1 Docker Get Method1 Smtp Ehlo Greeting1

Related Threats

Explore related threat intelligence

🇺🇸More threats fromUnited States ASMore threats fromMicrosoft Corporation HTTPSMore threats targetingHTTPS HTTPMore threats targetingHTTP MONGODBMore threats targetingMONGODB SIPMore threats targetingSIP SSHMore threats targetingSSH SMBMore threats targetingSMB SMTPMore threats targetingSMTP FTPMore threats targetingFTP IMAPMore threats targetingIMAP DOCKERMore threats targetingDOCKER POSTGRESMore threats targetingPOSTGRES { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
172.174.5.146	100%	827
40.124.185.240	75%	139
40.124.186.100	68%	141
52.165.81.92	73%	137
40.119.29.137	78%	97

IP Address	Confidence	Events
134.122.28.88	94%	362
15.204.144.239	99%	5,429
40.124.186.100	68%	141
209.222.101.54	100%	40,346
173.239.218.88	88%	592