← Back to IP report

Log Explorer

Fact drill-down for 218.104.149.67

Risk 0 LOW Scope All time All-time facts 5 In-scope 5 Filtered 5 Seen 2023-11-03 → 2025-09-15

Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

HTTP facets

Snapshot facets

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

base 3 method 1 ua 1

Top labels (facts, in-scope)

observed 3 method 1 ua 1

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 1 — total 5 rows

← Prev Next →

# 2025-09-15 05:53:47 event 16045977 REQMOD 400 bytes 166

ann ua 8 label ua

Request Very short User-Agent string

icap://icap-server.net/server?arg=87

referer

Annotation facts

label

rule

ua:very_short

conf

65.00

details

Short/generic UAs are common in basic scripts and commodity automation.

More (full fields + snapshot) expand

url

icap://icap-server.net/server?arg=87

referer

summary

Very short User-Agent string

details

Short/generic UAs are common in basic scripts and commodity automation.

subnet

218.104.149.0/24

asn

4837 — CHINA UNICOM China169 Backbone

geo

China, Beijing, Jinrongjie

org

—

# 2025-09-15 05:53:47 event 16045977 REQMOD 400 bytes 166

ann method 3 label method

Request Unknown/unexpected method: REQMOD

icap://icap-server.net/server?arg=87

referer

Annotation facts

label

method

rule

method:unknown_method

conf

70.00

details

Method is syntactically valid but not in the deployment allow-list; often seen in scanners/fuzzers.

More (full fields + snapshot) expand

url

icap://icap-server.net/server?arg=87

referer

summary

Unknown/unexpected method: REQMOD

details

Method is syntactically valid but not in the deployment allow-list; often seen in scanners/fuzzers.

subnet

218.104.149.0/24

asn

4837 — CHINA UNICOM China169 Backbone

geo

China, Beijing, Jinrongjie

org

—

# 2025-09-15 05:53:47 event 16045977 REQMOD 400 bytes 166

ann base label observed

Request event observed

icap://icap-server.net/server?arg=87

referer

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

icap://icap-server.net/server?arg=87

referer

summary

event observed

details

—

subnet

218.104.149.0/24

asn

4837 — CHINA UNICOM China169 Backbone

geo

China, Beijing, Jinrongjie

org

—

# 2023-11-03 07:19:52 event 395442 GET 200 bytes 1300

ann base label observed

Request event observed

/static/img/favicon.ico

referer

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/static/img/favicon.ico

referer

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36

summary

event observed

details

—

subnet

218.104.149.0/24

asn

4837 — CHINA UNICOM China169 Backbone

geo

China, Beijing, Jinrongjie

org

—

# 2023-11-03 07:19:52 event 395441 GET 301

ann base label observed

Request event observed

/favicon.ico

referer

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.102 Safari/537.36

summary

event observed

details

—

subnet

218.104.149.0/24

asn

4837 — CHINA UNICOM China169 Backbone

geo

China, Beijing, Jinrongjie

org

—

Log Explorer

Annotated access events

Confirm Action