← Back to IP report

Log Explorer

Fact drill-down for 3.27.128.165

Risk 31 LOW Scope All time All-time facts 1220 In-scope 1220 Filtered 1220 Seen 2023-12-29 → 2023-12-30

Freestyle query (contains)

Time (days, optional)

Page size 25 50 100 200

Apply Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

Annotator (exact) (any) base — 994 sfp — 104 scan_velocity — 103 cred — 12 trav — 6 ua — 1 Severity (exact) (any) (none) — 1033 16 — 59 40 — 31 10 — 27 36 — 10 32 — 10 30 — 8 34 — 6 22 — 6 24 — 6 20 — 4 14 — 4 12 — 4 26 — 4 18 — 4 28 — 4 Label (exact) (any) observed — 994 sensitive_file — 104 scan_velocity — 103 cred — 12 trav — 6 ua — 1

HTTP facets

Method (exact, case-insensitive) (any) GET — 1218 POST — 2 HTTP status (exact) (any) 301 — 1220

Snapshot facets

Subnet (exact) (any) 3.27.128.0/24 — 1220 ASN (exact) (any) 16509 — 1220 Country / Region / City (exact)

(any country) Australia — 1220 (any region) New South Wales — 1220

(any city) Sydney — 1220

Org contains (ip_org or as_org_name)

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Start

End

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

base 994 sfp 104 scan_velocity 103 cred 12 trav 6 ua 1

Top labels (facts, in-scope)

observed 994 sensitive_file 104 scan_velocity 103 cred 12 trav 6 ua 1

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 25 — total 1220 rows

← Prev Next →

#1 2023-12-30 19:02:25 event 821972 POST 301 bytes 169

ann base label observed

Request event observed

/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#2 2023-12-30 19:02:25 event 821971 GET 301 bytes 169

ann base label observed

Request event observed

/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#3 2023-12-30 19:02:24 event 821970 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/configurations

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/configurations

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#4 2023-12-30 19:02:24 event 821969 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/lambda/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/lambda/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#5 2023-12-30 19:02:24 event 821968 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/kms/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/kms/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#6 2023-12-30 19:02:23 event 821967 GET 301 bytes 169

ann base label observed

Request event observed

/.aws

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#7 2023-12-30 19:02:23 event 821966 GET 301 bytes 169

ann base label observed

Request event observed

/root/.aws/credentials

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/root/.aws/credentials

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#8 2023-12-30 19:02:23 event 821965 GET 301 bytes 169

ann base label observed

Request event observed

/.svn

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.svn

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#9 2023-12-30 19:02:23 event 821964 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/config.yaml

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/config.yaml

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#10 2023-12-30 19:02:22 event 821963 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/cloudformation/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/cloudformation/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#11 2023-12-30 19:02:22 event 821962 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/cloudwatch/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/cloudwatch/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#12 2023-12-30 19:02:22 event 821961 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/keypairs/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/keypairs/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#13 2023-12-30 19:02:22 event 821960 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/rds/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/rds/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#14 2023-12-30 19:02:21 event 821959 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/ses/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/ses/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#15 2023-12-30 19:02:21 event 821958 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/s3/secrets.yaml

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/s3/secrets.yaml

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#16 2023-12-30 19:02:21 event 821957 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/keys.conf

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/keys.conf

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#17 2023-12-30 19:02:21 event 821956 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/secretsmanager/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/secretsmanager/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#18 2023-12-30 19:02:20 event 821955 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/s3/credentials.ini

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/s3/credentials.ini

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#19 2023-12-30 19:02:20 event 821954 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/s3/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/s3/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#20 2023-12-30 19:02:20 event 821953 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/ec2/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/ec2/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#21 2023-12-30 19:02:19 event 821952 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/secrets/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/secrets/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#22 2023-12-30 19:02:19 event 821951 GET 301 bytes 169

ann base label observed

Request event observed

/home/.aws/credentials

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/home/.aws/credentials

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#23 2023-12-30 19:02:19 event 821950 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/iam/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/iam/

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#24 2023-12-30 19:02:19 event 821949 GET 301 bytes 169

ann base label observed

Request event observed

/.aws/secret_access_key.txt

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.aws/secret_access_key.txt

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#25 2023-12-30 19:02:18 event 821947 GET 301 bytes 169

ann base label observed

Request event observed

/config/default.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/config/default.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#26 2023-12-30 19:02:18 event 821944 GET 301 bytes 169

ann base label observed

Request event observed

/console/base/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/console/base/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#27 2023-12-30 19:02:18 event 821943 GET 301 bytes 169

ann base label observed

Request event observed

/develop/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/develop/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#28 2023-12-30 19:02:18 event 821942 GET 301 bytes 169

ann base label observed

Request event observed

/help/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/help/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#29 2023-12-30 19:02:17 event 821940 GET 301 bytes 169

ann base label observed

Request event observed

/current/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/current/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#30 2023-12-30 19:02:17 event 821938 GET 301 bytes 169

ann base label observed

Request event observed

/.cordova/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.cordova/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#31 2023-12-30 19:02:17 event 821936 GET 301 bytes 169

ann base label observed

Request event observed

/services/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/services/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#32 2023-12-30 19:02:17 event 821934 GET 301 bytes 169

ann base label observed

Request event observed

/dev/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/dev/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#33 2023-12-30 19:02:16 event 821933 GET 301 bytes 169

ann base label observed

Request event observed

/app/config.yml

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/app/config.yml

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#34 2023-12-30 19:02:16 event 821932 GET 301 bytes 169

ann base label observed

Request event observed

/server/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/server/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#35 2023-12-30 19:02:16 event 821930 GET 301 bytes 169

ann base label observed

Request event observed

/laravel/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/laravel/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#36 2023-12-30 19:02:16 event 821929 GET 301 bytes 169

ann base label observed

Request event observed

/current/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/current/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#37 2023-12-30 19:02:15 event 821928 GET 301 bytes 169

ann base label observed

Request event observed

/.lanproxy/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.lanproxy/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#38 2023-12-30 19:02:15 event 821927 GET 301 bytes 169

ann base label observed

Request event observed

/lara/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/lara/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#39 2023-12-30 19:02:15 event 821926 GET 301 bytes 169

ann base label observed

Request event observed

/development/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/development/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#40 2023-12-30 19:02:14 event 821925 GET 301 bytes 169

ann base label observed

Request event observed

/.docker/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.docker/config.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#41 2023-12-30 19:02:14 event 821924 GET 301 bytes 169

ann base label observed

Request event observed

/helper/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/helper/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#42 2023-12-30 19:02:14 event 821923 GET 301 bytes 169

ann base label observed

Request event observed

/backup.wp-config.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/backup.wp-config.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#43 2023-12-30 19:02:14 event 821922 GET 301 bytes 169

ann base label observed

Request event observed

/helper/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/helper/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#44 2023-12-30 19:02:14 event 821923 GET 301 bytes 169

ann trav 34 label trav

Request Path traversal / LFI indicator detected

/backup.wp-config.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

trav

rule

trav:sensitive_target

conf

95.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/backup.wp-config.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#45 2023-12-30 19:02:13 event 821921 GET 301 bytes 169

ann base label observed

Request event observed

/xampp/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xampp/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#46 2023-12-30 19:02:13 event 821920 GET 301 bytes 169

ann base label observed

Request event observed

/asdf.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/asdf.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#47 2023-12-30 19:02:13 event 821919 GET 301 bytes 169

ann base label observed

Request event observed

/.docker/daemon.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/.docker/daemon.json

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#48 2023-12-30 19:02:13 event 821918 GET 301 bytes 169

ann base label observed

Request event observed

/crm/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/crm/info.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#49 2023-12-30 19:02:12 event 821917 GET 301 bytes 169

ann base label observed

Request event observed

/backup/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/backup/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

#50 2023-12-30 19:02:12 event 821916 GET 301 bytes 169

ann base label observed

Request event observed

/backend/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/backend/phpinfo.php

referer

-

UA

Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36

summary

event observed

details

—

subnet

3.27.128.0/24

asn

16509 — Amazon.com, Inc.

geo

Australia, New South Wales, Sydney

org

AWS EC2 (ap-southeast-2)

Page 1 of 25

← Prev Next →