20.55.97.129 — Microsoft Corporation, US — Medium (53%)

Check an IP Address, Domain Name, Subnet, or ASN

20.55.97.129 was found in our database!

Confidence Level

53%

Medium?

Geolocation

🇺🇸

United StatesWashington

ISPMicrosoft Corporation

ASNAS8075

Activity Timeline

First seenJan 22, 2026, 06:10 AM

Last seen1h ago

28Sessions

55Events

Protocol Breakdown

SIP

11 / 19

DOCKER

5 / 13

SMTP

5 / 11

RTSP

3 / 5

HTTP

1 / 3

MONGODB

2 / 3

REDIS

1 / 1

20.55.97.129 has a moderate threat confidence level of 53%, originating from Washington, United States, on the Microsoft Corporation network (8075). It has been observed across 28 sessions targeting SIP, DOCKER, SMTP, RTSP, HTTP and 2 other protocols, First observed on January 22, 2026, most recently active March 5, 2026.

Behaviors

Classified behavioral patterns observed

Docker Invalid Protocol Probe

info5x

Client repeatedly sends GET requests to the /bad-request Docker API endpoint, indicating malformed or incompatible traffic against the Docker daemon. This pattern is typically associated with generic internet scanning or tools attempting HTTP interaction without speaking the proper Docker API protocol.

Http Bad Request Route Probe

info1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

Primitives

Individual actions observed

Docker Get Method13 Docker Bad Request Uri13 Http Method Get1 Http Path Bad Request1 Redis Mglndd Client Identifier Tag1

Related Threats

Explore related threat intelligence

🇺🇸More threats fromUnited States ASMore threats fromMicrosoft Corporation SIPMore threats targetingSIP DOCKERMore threats targetingDOCKER SMTPMore threats targetingSMTP RTSPMore threats targetingRTSP HTTPMore threats targetingHTTP MONGODBMore threats targetingMONGODB REDISMore threats targetingREDIS { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
20.163.15.178	75%	160
48.217.64.148	67%	114
20.81.47.184	71%	160
40.81.244.142	100%	564
20.80.88.32	54%	80

IP Address	Confidence	Events
20.64.105.121	73%	104
167.94.138.187	30%	2,371
92.118.39.87	100%	234,641
216.180.246.169	74%	96
192.252.214.22	43%	273