← Back to IP report

Log Explorer

Fact drill-down for 185.3.235.244

Risk 6 LOW Scope All time All-time facts 36 In-scope 36 Filtered 36 Seen 2025-01-07 → 2025-01-07

Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

HTTP facets

Snapshot facets

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

sfp 12 trav 12 base 6 ua 6

Top labels (facts, in-scope)

trav 12 sensitive_file 12 observed 6 ua 6

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 1 — total 36 rows

← Prev Next →

#1 2025-01-07 21:43:03 event 2753250 GET 200 bytes 7182

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

referer

python-requests/2.25.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

referer

python-requests/2.25.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#2 2025-01-07 21:43:03 event 2753250 GET 200 bytes 7182

ann base label observed

Request event observed

referer

python-requests/2.25.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

python-requests/2.25.1

summary

event observed

details

—

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#3 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#4 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#5 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#6 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann trav 28 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:dotdot_slash

conf

92.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#7 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann trav 34 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:sensitive_target

conf

95.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#8 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#9 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann trav 28 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:dotdot_slash

conf

92.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#10 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann trav 34 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:sensitive_target

conf

95.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#11 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann sfp 8 label sensitive_file

Request File/path-style parameter observed (weak hint)

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:param:file_path_hint

conf

60.00

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

File/path-style parameter observed (weak hint)

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#12 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann sfp 34 label sensitive_file

Request Directory traversal indicator

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:traversal

conf

86.00

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Directory traversal indicator

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#13 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann sfp 36 label sensitive_file

Request Probe for CMS/app configuration file

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:file:app_config

conf

88.00

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Probe for CMS/app configuration file

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#14 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann sfp 8 label sensitive_file

Request File/path-style parameter observed (weak hint)

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:param:file_path_hint

conf

60.00

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

File/path-style parameter observed (weak hint)

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#15 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann sfp 34 label sensitive_file

Request Directory traversal indicator

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:traversal

conf

86.00

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Directory traversal indicator

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#16 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann sfp 36 label sensitive_file

Request Probe for CMS/app configuration file

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:file:app_config

conf

88.00

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Probe for CMS/app configuration file

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#17 2025-01-07 21:43:01 event 2753249 GET 301 bytes 169

ann base label observed

Request event observed

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

event observed

details

—

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#18 2025-01-07 21:43:01 event 2753248 GET 301 bytes 169

ann base label observed

Request event observed

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

event observed

details

—

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#19 2025-01-07 21:43:00 event 2753247 GET 200 bytes 7181

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

referer

python-requests/2.25.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

referer

python-requests/2.25.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#20 2025-01-07 21:43:00 event 2753247 GET 200 bytes 7181

ann base label observed

Request event observed

referer

python-requests/2.25.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

python-requests/2.25.1

summary

event observed

details

—

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#21 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#22 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#23 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann trav 28 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:dotdot_slash

conf

92.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#24 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann trav 34 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:sensitive_target

conf

95.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#25 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann sfp 8 label sensitive_file

Request File/path-style parameter observed (weak hint)

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:param:file_path_hint

conf

60.00

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

File/path-style parameter observed (weak hint)

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#26 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann sfp 34 label sensitive_file

Request Directory traversal indicator

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:traversal

conf

86.00

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Directory traversal indicator

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#27 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann sfp 36 label sensitive_file

Request Probe for CMS/app configuration file

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:file:app_config

conf

88.00

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Probe for CMS/app configuration file

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#28 2025-01-07 21:42:58 event 2753246 GET 301 bytes 169

ann base label observed

Request event observed

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

event observed

details

—

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#29 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#30 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#31 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann trav 28 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:dotdot_slash

conf

92.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#32 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann trav 34 label trav

Request Path traversal / LFI indicator detected

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

trav

rule

trav:sensitive_target

conf

95.00

details

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Path traversal / LFI indicator detected

details

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#33 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann sfp 8 label sensitive_file

Request File/path-style parameter observed (weak hint)

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:param:file_path_hint

conf

60.00

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

File/path-style parameter observed (weak hint)

details

A file/path/download-style parameter was present; treated as a weak correlating hint. Snippet='file/path/download param present'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#34 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann sfp 34 label sensitive_file

Request Directory traversal indicator

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:traversal

conf

86.00

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Directory traversal indicator

details

Traversal sequences were present (raw or encoded). Snippet='log/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#35 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann sfp 36 label sensitive_file

Request Probe for CMS/app configuration file

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

sensitive_file

rule

sfp:file:app_config

conf

88.00

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

Probe for CMS/app configuration file

details

Request targeted a common CMS/app configuration file. Snippet='g/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php'

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

#36 2025-01-07 21:42:57 event 2753245 GET 301 bytes 169

ann base label observed

Request event observed

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/blog/wp-admin/admin-ajax.php?action=duplicator_download&file=../wp-config.php

referer

python-requests/2.25.1

summary

event observed

details

—

subnet

185.3.235.0/24

asn

8648 — dogado GmbH

geo

Germany, North Rhine-Westphalia, Dortmund

org

dogado GmbH

Log Explorer

Annotated access events

Confirm Action