← Back to IP report
Log Explorer
Fact drill-down for
44.199.198.253
Risk
36
MED
Scope
All time
All-time facts
610
In-scope
610
Filtered
610
Seen
2025-12-17
→
2025-12-17
Freestyle query (contains)
Time (days, optional)
Page size
25
50
100
200
Apply
Reset (all-time)
Active
(none)
Clear
Faceted filters (facts-based)
exact core + snapshot + optional start/end
Annotation facets
Annotator (exact)
(any)
base — 427
sfp — 116
scan_velocity — 37
trav — 30
Severity (exact)
(any)
(none) — 444
40 — 45
34 — 30
16 — 24
24 — 17
22 — 12
10 — 12
44 — 6
36 — 6
30 — 6
42 — 6
12 — 2
Label (exact)
(any)
observed — 427
sensitive_file — 116
scan_velocity — 37
trav — 30
HTTP facets
Method (exact, case-insensitive)
(any)
GET — 610
HTTP status (exact)
(any)
404 — 338
301 — 268
400 — 4
Snapshot facets
Subnet (exact)
(any)
44.199.198.0/24 — 610
ASN (exact)
(any)
14618 — 610
Country / Region / City (exact)
(any country)
United States — 610
(any region)
Virginia — 610
(any city)
Ashburn — 610
Org contains (ip_org or as_org_name)
Custom time window (optional override)
Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.
Start
End
Tip: keep windows tight when you need speed, but the default is fact-complete.
Top annotators (facts, in-scope)
base
427
sfp
116
scan_velocity
37
trav
30
Top labels (facts, in-scope)
observed
427
sensitive_file
116
scan_velocity
37
trav
30
Click a pill to apply it as a filter.
Annotated access events
Showing page
1
/
13
— total
610
rows
← Prev
Next →
#
1
2025-12-17 00:35:24
event
19415992
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/actuator/mappings
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/actuator/mappings
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
2
2025-12-17 00:35:17
event
19415961
GET
404
bytes
5718
ann
base
label
observed
Request
event observed
/actuator/env
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/actuator/env
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
3
2025-12-17 00:35:16
event
19415955
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/actuator/mappings
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/actuator/mappings
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
4
2025-12-17 00:35:10
event
19415938
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/actuator/env
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/120.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/actuator/env
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/120.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
5
2025-12-17 00:35:08
event
19415920
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/phpinfo.php
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/phpinfo.php
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
6
2025-12-17 00:35:04
event
19415890
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/phpinfo.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/phpinfo.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
7
2025-12-17 00:35:01
event
19415886
GET
404
bytes
5721
ann
base
label
observed
Request
event observed
/.DS_Store
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.DS_Store
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
8
2025-12-17 00:34:57
event
19415863
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.DS_Store
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.DS_Store
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
9
2025-12-17 00:34:53
event
19415827
GET
404
bytes
5721
ann
base
label
observed
Request
event observed
/.idea/workspace.xml
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.idea/workspace.xml
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
10
2025-12-17 00:34:50
event
19415803
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.idea/workspace.xml
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.idea/workspace.xml
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
11
2025-12-17 00:34:46
event
19415791
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/.vscode/sftp.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.vscode/sftp.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
12
2025-12-17 00:34:43
event
19415777
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.vscode/sftp.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.vscode/sftp.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
13
2025-12-17 00:34:40
event
19415751
GET
404
bytes
5719
ann
base
label
observed
Request
event observed
/swagger.yaml
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/swagger.yaml
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
14
2025-12-17 00:34:37
event
19415730
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/swagger.yaml
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/120.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/swagger.yaml
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/120.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
15
2025-12-17 00:34:33
event
19415689
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/swagger.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/swagger.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
16
2025-12-17 00:34:30
event
19415667
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/swagger.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/swagger.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
17
2025-12-17 00:34:27
event
19415645
GET
404
bytes
5719
ann
base
label
observed
Request
event observed
/.history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
18
2025-12-17 00:34:24
event
19415623
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
19
2025-12-17 00:34:23
event
19415613
GET
404
bytes
5723
ann
base
label
observed
Request
event observed
/.psql_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.psql_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
20
2025-12-17 00:34:17
event
19415586
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.psql_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.psql_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
21
2025-12-17 00:34:15
event
19415568
GET
404
bytes
5722
ann
sfp
44
label
sensitive_file
Request
Probe for OS credential/secret file
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
sensitive_file
rule
sfp:file:os_secrets
conf
94.00
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.mysql_history'
More (full fields + snapshot)
expand
url
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
Probe for OS credential/secret file
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.mysql_history'
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
22
2025-12-17 00:34:15
event
19415568
GET
404
bytes
5722
ann
base
label
observed
Request
event observed
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
23
2025-12-17 00:34:10
event
19415543
GET
301
bytes
178
ann
sfp
44
label
sensitive_file
Request
Probe for OS credential/secret file
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
sensitive_file
rule
sfp:file:os_secrets
conf
94.00
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.mysql_history'
More (full fields + snapshot)
expand
url
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
Probe for OS credential/secret file
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.mysql_history'
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
24
2025-12-17 00:34:10
event
19415543
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.mysql_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
25
2025-12-17 00:34:08
event
19415540
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/.zsh_history
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.zsh_history
referer
-
UA
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
26
2025-12-17 00:34:04
event
19415514
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.zsh_history
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.zsh_history
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
27
2025-12-17 00:34:01
event
19415500
GET
404
bytes
5722
ann
sfp
44
label
sensitive_file
Request
Probe for OS credential/secret file
/.bash_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
sensitive_file
rule
sfp:file:os_secrets
conf
94.00
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.bash_history'
More (full fields + snapshot)
expand
url
/.bash_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
Probe for OS credential/secret file
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.bash_history'
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
28
2025-12-17 00:34:01
event
19415500
GET
404
bytes
5722
ann
base
label
observed
Request
event observed
/.bash_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.bash_history
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
29
2025-12-17 00:33:56
event
19415476
GET
301
bytes
178
ann
sfp
44
label
sensitive_file
Request
Probe for OS credential/secret file
/.bash_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
sensitive_file
rule
sfp:file:os_secrets
conf
94.00
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.bash_history'
More (full fields + snapshot)
expand
url
/.bash_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
Probe for OS credential/secret file
details
Request targeted OS credential/secret artifacts (e.g., /etc/passwd, shadow). Snippet='/.bash_history'
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
30
2025-12-17 00:33:56
event
19415476
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/.bash_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/.bash_history
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
31
2025-12-17 00:33:54
event
19415467
GET
404
bytes
5722
ann
base
label
observed
Request
event observed
/tokens.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/tokens.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
32
2025-12-17 00:33:49
event
19415445
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/tokens.json
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/tokens.json
referer
-
UA
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
33
2025-12-17 00:33:46
event
19415421
GET
404
bytes
5720
ann
scan_velocity
10
label
scan_velocity
Request
Scan-velocity indicator: scanv:ext_enum
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
scan_velocity
rule
scanv:ext_enum
conf
85.00
details
ext_hits=5; score=5; window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=14/27(0.52); ext_hits=5; ua_sig=0; methods=['GET']
More (full fields + snapshot)
expand
url
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
Scan-velocity indicator: scanv:ext_enum
details
ext_hits=5; score=5; window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=14/27(0.52); ext_hits=5; ua_sig=0; methods=['GET']
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
34
2025-12-17 00:33:46
event
19415421
GET
404
bytes
5720
ann
scan_velocity
label
scan_velocity
Request
Scan-velocity window summary
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
scan_velocity
rule
scanv:window
conf
—
details
window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=14/27(0.52); ext_hits=5; ua_sig=0; methods=['GET']
More (full fields + snapshot)
expand
url
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
Scan-velocity window summary
details
window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=14/27(0.52); ext_hits=5; ua_sig=0; methods=['GET']
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
35
2025-12-17 00:33:46
event
19415421
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
36
2025-12-17 00:33:43
event
19415397
GET
404
bytes
5721
ann
base
label
observed
Request
event observed
/api_keys.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/api_keys.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
37
2025-12-17 00:33:42
event
19415390
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/api_keys.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
38
2025-12-17 00:33:35
event
19415375
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/api_keys.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/api_keys.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
39
2025-12-17 00:33:34
event
19415352
GET
404
bytes
5722
ann
base
label
observed
Request
event observed
/secrets.yaml
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/secrets.yaml
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
40
2025-12-17 00:33:28
event
19415321
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/secrets.yaml
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/secrets.yaml
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
41
2025-12-17 00:33:26
event
19415317
GET
404
bytes
5721
ann
base
label
observed
Request
event observed
/secrets.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/secrets.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
42
2025-12-17 00:33:21
event
19415301
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/secrets.json
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/secrets.json
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
43
2025-12-17 00:33:18
event
19415292
GET
404
bytes
5717
ann
base
label
observed
Request
event observed
/credentials.json
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/credentials.json
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
44
2025-12-17 00:33:14
event
19415275
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/credentials.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/credentials.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
45
2025-12-17 00:33:11
event
19415252
GET
404
bytes
5720
ann
base
label
observed
Request
event observed
/auth.json
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/auth.json
referer
-
UA
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
46
2025-12-17 00:33:07
event
19415237
GET
301
bytes
178
ann
scan_velocity
10
label
scan_velocity
Request
Scan-velocity indicator: scanv:ext_enum
/auth.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
scan_velocity
rule
scanv:ext_enum
conf
85.00
details
ext_hits=6; score=5; window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=13/27(0.48); ext_hits=6; ua_sig=0; methods=['GET']
More (full fields + snapshot)
expand
url
/auth.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
Scan-velocity indicator: scanv:ext_enum
details
ext_hits=6; score=5; window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=13/27(0.48); ext_hits=6; ua_sig=0; methods=['GET']
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
47
2025-12-17 00:33:07
event
19415237
GET
301
bytes
178
ann
scan_velocity
label
scan_velocity
Request
Scan-velocity window summary
/auth.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
scan_velocity
rule
scanv:window
conf
—
details
window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=13/27(0.48); ext_hits=6; ua_sig=0; methods=['GET']
More (full fields + snapshot)
expand
url
/auth.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
Scan-velocity window summary
details
window=90s; total=27; rpm_equiv=18.0; upm_nonstatic_equiv=9.3; 404=13/27(0.48); ext_hits=6; ua_sig=0; methods=['GET']
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
48
2025-12-17 00:33:07
event
19415237
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/auth.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/auth.json
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
49
2025-12-17 00:33:04
event
19415211
GET
404
bytes
5721
ann
base
label
observed
Request
event observed
/smtp.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/smtp.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
#
50
2025-12-17 00:33:00
event
19415182
GET
301
bytes
178
ann
base
label
observed
Request
event observed
/smtp.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/smtp.php
referer
-
UA
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
summary
event observed
details
—
subnet
44.199.198.0/24
asn
14618 — Amazon.com, Inc.
geo
United States, Virginia, Ashburn
org
AWS EC2 (us-east-1)
×
This is a custom alert message.
×
Confirm Action
Are you sure you want to proceed?
