Check an IP Address, Domain Name, Subnet, or ASN

40.80.204.175 was found in our database!

$ whois 40.80.204.175

country·🇺🇸 United States

city·San Antonio

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 40.80.204.175scoring →

confidence

77%High

first_seen·Jan 20, 2026

last_seen·1h ago

first_reported·Mar 9, 2026

last_reported·8d ago

sessions·136

events·171

reports·1

$ sikker protocols 40.80.204.175

HTTPS

56 / 67

FTP

16 / 22

HTTP

10 / 14

SMB

10 / 12 / 1r

TELNET

10 / 12

SSH

8 / 10

SMTP

6 / 8

POSTGRES

7 / 7

IMAP

4 / 6

DOCKER

4 / 6

REDIS

1 / 3

MONGODB

2 / 2

RTSP

1 / 1

ELASTICSEARCH

1 / 1

$ sikker summary 40.80.204.175

40.80.204.175 has a threat confidence score of 77%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 136 honeypot sessions and reported 1 times targeting HTTPS, FTP, HTTP, SMB, TELNET and 9 other protocols. First observed on January 20, 2026, most recently active March 17, 2026.

$ sikker behaviors 40.80.204.175catalog →

infoHttp Root Path Request4x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

infoHttps Root Path Request4x

Identifies HTTPS requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration

infoRedis Info Command Invocation1x

Identifies execution of the Redis INFO command (case-insensitive), which retrieves server configuration, version, memory usage, and runtime statistics. This behavior reflects service interrogation and environment fingerprinting activity. While INFO can be used legitimately by administrators, it is also commonly observed during automated scanning and pre-exploitation reconnaissance of exposed Redis instances.

$ sikker primitives 40.80.204.175

http_method_get5 https_path_root4 docker_get_method4 redis_info_lowercase1 elastic_http_get_request1 elastic_http_bad_request_path_probe1

$ sikker reports 40.80.204.175submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 9, 2026, 12:42	Brute Force	SMB	SikkerGuard: 2 blocked packets

$ sikker related 40.80.204.175

Report IP WHOIS Lookup →

IP Address	Confidence	Events
23.97.62.132	100%	58
20.46.244.172	77%	98
172.172.131.149	100%	251
13.89.125.17	61%	120
20.102.43.161	58%	31

IP Address	Confidence	Events
198.235.24.78	97%	271
130.94.115.110	78%	35
142.93.14.31	94%	242
43.162.109.139	95%	459
92.118.39.63	100%	41,755