Looking up IP
Check an IP Address, Domain Name, Subnet, or ASN
20.64.105.237 has a high threat confidence level of 68%, originating from San Antonio, United States, on the Microsoft Corporation network (8075). It has been observed across 102 sessions targeting HTTPS, HTTP, SMB, SMTP, SSH and 8 other protocols, First observed on January 24, 2026, most recently active March 5, 2026.
The client authenticated to a Redis service and executed the INFO command (info / redis_info_lowercase) without attempting configuration changes, data access, or command execution. The INFO command retrieves server metadata including version, role (master/replica), connected clients, memory usage, persistence settings, and replication status. This behavior is consistent with automated reconnaissance activity where a bot validates exposure, fingerprints the Redis instance, and determines whether it is a viable target for follow-up exploitation (e.g., replication abuse, module loading, or persistence manipulation). No destructive or modification activity was observed in this session.
Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.
Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.