Loading threats
Identifies structured extraction of high-value application configuration and credential material from a Redis datastore. The behavior includes keyspace enumeration, targeted TYPE inspection across configuration namespaces (cloud, database, encryption, JWT, mail, payment, VCS), and direct GET/HGETALL retrieval of secrets, API keys, feature flags, internal URLs, and user cache objects. This tightly grouped pattern reflects deliberate application-layer reconnaissance and credential harvesting following access to a Redis instance, indicating high-confidence data exposure and likely compromise of associated services.
| IP Address | Risk | Events | Sessions | Country | ASN | Last Seen |
|---|---|---|---|---|---|---|
| 34.31.92.252 | 93% | 390 | 26 | 🇺🇸 US | AS396982 | 2026-02-20 |
| 34.9.214.80 | 97% | 44 | 44 | 🇺🇸 US | AS396982 | 2026-03-11 |
| 34.67.26.229 | 97% | 30 | 30 | 🇺🇸 US | AS396982 | 2026-03-05 |
| 34.123.78.31 | 90% | 20 | 20 | 🇺🇸 US | AS396982 | 2026-04-11 |
| 34.29.65.200 | 91% | 19 | 19 | 🇺🇸 US | AS396982 | 2026-03-27 |
| 136.111.99.120 |
| 96% |
| 18 |
| 18 |
| 🇺🇸 US |
| AS396982 |
| 2026-04-23 |
| 34.170.198.233 | 86% | 16 | 16 | 🇺🇸 US | AS396982 | 2026-03-20 |
| 136.113.193.207 | 91% | 15 | 15 | 🇺🇸 US | AS396982 | 2026-02-25 |
| 34.55.210.71 | 93% | 13 | 13 | 🇺🇸 US | AS396982 | 2026-04-23 |
| 34.29.91.3 | 89% | 8 | 8 | 🇺🇸 US | AS396982 | 2026-03-18 |
| 34.31.96.184 | 83% | 5 | 5 | 🇺🇸 US | AS396982 | 2026-04-23 |
| 34.69.91.241 | 84% | 3 | 3 | 🇺🇸 US | AS396982 | 2026-04-23 |