← Back to IP report
Log Explorer
Fact drill-down for
31.42.185.129
Risk
2
LOW
Scope
All time
All-time facts
55
In-scope
55
Filtered
55
Seen
2023-08-03
→
2023-08-31
Freestyle query (contains)
Time (days, optional)
Page size
25
50
100
200
Apply
Reset (all-time)
Active
(none)
Clear
Faceted filters (facts-based)
exact core + snapshot + optional start/end
Annotation facets
Annotator (exact)
(any)
base — 39
cred — 10
sfp — 5
ua — 1
Severity (exact)
(any)
(none) — 43
10 — 6
24 — 5
6 — 1
Label (exact)
(any)
observed — 39
cred — 10
sensitive_file — 5
ua — 1
HTTP facets
Method (exact, case-insensitive)
(any)
GET — 49
POST — 6
HTTP status (exact)
(any)
301 — 26
404 — 24
200 — 2
(none) — 2
403 — 1
Snapshot facets
Subnet (exact)
(any)
31.42.185.0/24 — 55
ASN (exact)
(any)
30860 — 55
Country / Region / City (exact)
(any country)
Ukraine — 55
(any region)
Kyiv City — 55
(any city)
Kyiv — 55
Org contains (ip_org or as_org_name)
Custom time window (optional override)
Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.
Start
End
Tip: keep windows tight when you need speed, but the default is fact-complete.
Top annotators (facts, in-scope)
base
39
cred
10
sfp
5
ua
1
Top labels (facts, in-scope)
observed
39
cred
10
sensitive_file
5
ua
1
Click a pill to apply it as a filter.
Annotated access events
Showing page
1
/
2
— total
55
rows
← Prev
Next →
#
1
2023-08-31 05:45:16
event
193815
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
2
2023-08-31 05:45:16
event
193815
GET
404
bytes
179
ann
cred
10
label
cred
Request
Auth request appears to use an automation-oriented user agent
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
Annotation
facts
label
cred
rule
cred:scripted_user_agent
conf
70.00
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
summary
Auth request appears to use an automation-oriented user agent
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
3
2023-08-31 05:45:16
event
193815
GET
404
bytes
179
ann
cred
label
cred
Request
Auth endpoint request observed
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
Annotation
facts
label
cred
rule
cred:auth_hit:login
conf
55.00
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
summary
Auth endpoint request observed
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
4
2023-08-31 05:39:46
event
193806
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
5
2023-08-31 05:39:46
event
193806
GET
301
bytes
169
ann
cred
10
label
cred
Request
Auth redirect (301) on auth endpoint
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
Annotation
facts
label
cred
rule
cred:auth_redirect
conf
72.00
details
Redirect outcomes can participate in 'success-after-fails' patterns during aggregation.
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
summary
Auth redirect (301) on auth endpoint
details
Redirect outcomes can participate in 'success-after-fails' patterns during aggregation.
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
6
2023-08-31 05:39:46
event
193806
GET
301
bytes
169
ann
cred
10
label
cred
Request
Auth request appears to use an automation-oriented user agent
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
Annotation
facts
label
cred
rule
cred:scripted_user_agent
conf
70.00
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
summary
Auth request appears to use an automation-oriented user agent
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
7
2023-08-31 05:39:46
event
193806
GET
301
bytes
169
ann
cred
label
cred
Request
Auth endpoint request observed
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
Annotation
facts
label
cred
rule
cred:auth_hit:login
conf
55.00
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
More (full fields + snapshot)
expand
url
/console/login/LoginForm.jsp
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
summary
Auth endpoint request observed
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
8
2023-08-25 16:11:06
event
115183
POST
http —
ann
base
label
observed
Request
event observed
/mics/services/MICSLogService
referer
—
UA
—
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mics/services/MICSLogService
referer
—
UA
—
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
9
2023-08-25 16:11:06
event
115182
POST
404
bytes
179
ann
base
label
observed
Request
event observed
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
10
2023-08-25 16:11:06
event
115183
POST
http —
ann
ua
6
label
ua
Request
Missing User-Agent header
/mics/services/MICSLogService
referer
—
UA
—
Annotation
facts
label
ua
rule
ua:missing
conf
60.00
details
Request had no User-Agent value (missing/empty field).
More (full fields + snapshot)
expand
url
/mics/services/MICSLogService
referer
—
UA
—
summary
Missing User-Agent header
details
Request had no User-Agent value (missing/empty field).
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
11
2023-08-25 16:10:31
event
115180
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/mifs/aad/api/v2/admins/users
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mifs/aad/api/v2/admins/users
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
12
2023-08-25 16:06:20
event
115176
POST
301
bytes
169
ann
base
label
observed
Request
event observed
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
13
2023-08-25 16:05:49
event
115174
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/mifs/aad/api/v2/admins/users
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mifs/aad/api/v2/admins/users
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
14
2023-08-25 15:58:04
event
115161
POST
404
bytes
179
ann
base
label
observed
Request
event observed
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
15
2023-08-25 15:54:03
event
115158
POST
301
bytes
169
ann
base
label
observed
Request
event observed
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mics/services/MICSLogService
referer
-
UA
Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
16
2023-08-25 07:15:52
event
114109
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/
referer
-
UA
SonyEricssonS500i/R6BC Browser/NetFront/3.3 Profile/MIDP-2.0 Configuration/CLDC-1.1
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/
referer
-
UA
SonyEricssonS500i/R6BC Browser/NetFront/3.3 Profile/MIDP-2.0 Configuration/CLDC-1.1
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
17
2023-08-25 07:15:52
event
114108
GET
200
bytes
7903
ann
base
label
observed
Request
event observed
/
referer
-
UA
Mozilla/5.0 (iPad; U; CPU iPad OS 5_0_1 like Mac OS X; en-us) AppleWebKit/535.1+ (KHTML like Gecko) Version/7.2.0.0 Safari/6533.18.5
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/
referer
-
UA
Mozilla/5.0 (iPad; U; CPU iPad OS 5_0_1 like Mac OS X; en-us) AppleWebKit/535.1+ (KHTML like Gecko) Version/7.2.0.0 Safari/6533.18.5
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
18
2023-08-05 01:13:38
event
136019
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/.git/
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.git/
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
19
2023-08-05 01:13:38
event
136019
GET
404
bytes
179
ann
sfp
24
label
sensitive_file
Request
Probe for Git metadata
/.git/
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
sensitive_file
rule
sfp:file:git_metadata
conf
82.00
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/'
More (full fields + snapshot)
expand
url
/.git/
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
Probe for Git metadata
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/'
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
20
2023-08-05 01:13:06
event
136016
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
21
2023-08-05 01:13:06
event
136016
GET
404
bytes
179
ann
sfp
24
label
sensitive_file
Request
Probe for Git metadata
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
Annotation
facts
label
sensitive_file
rule
sfp:file:git_metadata
conf
82.00
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/config'
More (full fields + snapshot)
expand
url
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
summary
Probe for Git metadata
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/config'
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
22
2023-08-05 01:06:36
event
136002
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/.git/
referer
http://68.183.80.204/.git/
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.git/
referer
http://68.183.80.204/.git/
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
23
2023-08-05 01:06:36
event
136002
GET
404
bytes
179
ann
sfp
24
label
sensitive_file
Request
Probe for Git metadata
/.git/
referer
http://68.183.80.204/.git/
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
sensitive_file
rule
sfp:file:git_metadata
conf
82.00
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/'
More (full fields + snapshot)
expand
url
/.git/
referer
http://68.183.80.204/.git/
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
Probe for Git metadata
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/'
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
24
2023-08-05 01:06:35
event
136001
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/.git/
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.git/
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
25
2023-08-05 01:06:35
event
136001
GET
301
bytes
169
ann
sfp
24
label
sensitive_file
Request
Probe for Git metadata
/.git/
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
sensitive_file
rule
sfp:file:git_metadata
conf
82.00
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/'
More (full fields + snapshot)
expand
url
/.git/
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
Probe for Git metadata
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/'
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
26
2023-08-05 01:05:04
event
136000
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
27
2023-08-05 01:05:04
event
136000
GET
301
bytes
169
ann
sfp
24
label
sensitive_file
Request
Probe for Git metadata
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
Annotation
facts
label
sensitive_file
rule
sfp:file:git_metadata
conf
82.00
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/config'
More (full fields + snapshot)
expand
url
/.git/config
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
summary
Probe for Git metadata
details
Request targeted Git metadata (can reveal source/config). Snippet='/.git/config'
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
28
2023-08-04 22:02:11
event
135538
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
29
2023-08-04 22:02:11
event
135538
GET
404
bytes
179
ann
cred
10
label
cred
Request
Auth request appears to use an automation-oriented user agent
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
Annotation
facts
label
cred
rule
cred:scripted_user_agent
conf
70.00
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
summary
Auth request appears to use an automation-oriented user agent
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
30
2023-08-04 22:02:11
event
135538
GET
404
bytes
179
ann
cred
label
cred
Request
Auth endpoint request observed
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
Annotation
facts
label
cred
rule
cred:auth_hit:oauth_oidc
conf
55.00
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
summary
Auth endpoint request observed
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
31
2023-08-04 22:02:10
event
135537
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/oam/server/opensso/sessionservice
referer
-
UA
Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/oam/server/opensso/sessionservice
referer
-
UA
Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
32
2023-08-04 22:02:05
event
135536
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/oamfed/idp/soap
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/oamfed/idp/soap
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
33
2023-08-04 21:51:43
event
135516
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
34
2023-08-04 21:51:43
event
135516
GET
301
bytes
169
ann
cred
10
label
cred
Request
Auth redirect (301) on auth endpoint
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
cred
rule
cred:auth_redirect
conf
72.00
details
Redirect outcomes can participate in 'success-after-fails' patterns during aggregation.
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
Auth redirect (301) on auth endpoint
details
Redirect outcomes can participate in 'success-after-fails' patterns during aggregation.
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
35
2023-08-04 21:51:43
event
135516
GET
301
bytes
169
ann
cred
10
label
cred
Request
Auth request appears to use an automation-oriented user agent
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
cred
rule
cred:scripted_user_agent
conf
70.00
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
Auth request appears to use an automation-oriented user agent
details
Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
36
2023-08-04 21:51:43
event
135516
GET
301
bytes
169
ann
cred
label
cred
Request
Auth endpoint request observed
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
cred
rule
cred:auth_hit:oauth_oidc
conf
55.00
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
More (full fields + snapshot)
expand
url
/openam/oauth2/..;/ccversion/Version
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
Auth endpoint request observed
details
Row-level auth primitive for downstream aggregation (no velocity logic here).
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
37
2023-08-04 21:51:39
event
135515
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/oamfed/idp/soap
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/oamfed/idp/soap
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
38
2023-08-03 22:40:59
event
132194
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/admin.php
referer
-
UA
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/admin.php
referer
-
UA
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
39
2023-08-03 22:40:59
event
132193
GET
403
bytes
555
ann
base
label
observed
Request
event observed
/wp-content/plugins/adminer/adminer.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/wp-content/plugins/adminer/adminer.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
40
2023-08-03 22:40:58
event
132192
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/sql.php
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/sql.php
referer
-
UA
Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
41
2023-08-03 22:40:57
event
132191
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/mysql.php
referer
-
UA
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mysql.php
referer
-
UA
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
42
2023-08-03 22:40:57
event
132190
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/editor.php
referer
-
UA
Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/editor.php
referer
-
UA
Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
43
2023-08-03 22:40:55
event
132189
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/adminer/
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/adminer/
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
44
2023-08-03 22:40:55
event
132188
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/_adminer.php
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2866.71 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/_adminer.php
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2866.71 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
45
2023-08-03 22:40:54
event
132187
GET
404
bytes
179
ann
base
label
observed
Request
event observed
/adminer.php
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/adminer.php
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
46
2023-08-03 22:15:30
event
132169
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/admin.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/admin.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
47
2023-08-03 22:15:29
event
132168
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/wp-content/plugins/adminer/adminer.php
referer
-
UA
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/wp-content/plugins/adminer/adminer.php
referer
-
UA
Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
48
2023-08-03 22:15:29
event
132167
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/sql.php
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/sql.php
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
49
2023-08-03 22:15:28
event
132166
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/mysql.php
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/mysql.php
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
#
50
2023-08-03 22:15:28
event
132165
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/editor.php
referer
-
UA
Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/editor.php
referer
-
UA
Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
summary
event observed
details
—
subnet
31.42.185.0/24
asn
30860 — Virtual Systems LLC
geo
Ukraine, Kyiv City, Kyiv
org
—
×
This is a custom alert message.
×
Confirm Action
Are you sure you want to proceed?
