← Back to IP report

Log Explorer

Fact drill-down for 51.15.57.145

Risk 35 MED Scope All time All-time facts 4030 In-scope 4030 Filtered 4030 Seen 2025-02-09 → 2025-09-29

Freestyle query (contains)

Time (days, optional)

Page size 25 50 100 200

Apply Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

Annotator (exact) (any) base — 1298 ref — 1298 ua — 1298 scan_velocity — 136 Severity (exact) (any) (none) — 1343 14 — 1300 9 — 1298 24 — 33 22 — 22 12 — 16 26 — 9 28 — 9 Label (exact) (any) ref — 1298 observed — 1298 ua — 1298 scan_velocity — 136

HTTP facets

Method (exact, case-insensitive) (any) GET — 4030 HTTP status (exact) (any) 301 — 2412 404 — 1271 302 — 347

Snapshot facets

Subnet (exact) (any) 51.15.57.0/24 — 4030 ASN (exact) (any) 12876 — 4030 Country / Region / City (exact)

(any country) The Netherlands — 4030 (any region) North Holland — 4030

(any city) Haarlem — 4030

Org contains (ip_org or as_org_name)

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Start

End

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

base 1298 ref 1298 ua 1298 scan_velocity 136

Top labels (facts, in-scope)

ref 1298 observed 1298 ua 1298 scan_velocity 136

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 81 — total 4030 rows

← Prev Next →

#1 2025-09-29 15:59:23 event 17009271 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/redirection.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/redirection.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#2 2025-09-29 15:59:23 event 17009271 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/redirection.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/redirection.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#3 2025-09-29 15:59:23 event 17009271 GET 301 bytes 178

ann base label observed

Request event observed

/redirection.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/redirection.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#4 2025-09-29 15:59:22 event 17009269 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/redir.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/redir.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#5 2025-09-29 15:59:22 event 17009269 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/redir.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/redir.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#6 2025-09-29 15:59:22 event 17009269 GET 301 bytes 178

ann base label observed

Request event observed

/redir.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/redir.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#7 2025-09-29 15:59:21 event 17009268 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/go.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/go.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#8 2025-09-29 15:59:21 event 17009268 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/go.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/go.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#9 2025-09-29 15:59:21 event 17009268 GET 301 bytes 178

ann base label observed

Request event observed

/go.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/go.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#10 2025-09-29 15:59:20 event 17009267 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/redirect.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/redirect.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#11 2025-09-29 15:59:20 event 17009267 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/redirect.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/redirect.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#12 2025-09-29 15:59:20 event 17009267 GET 301 bytes 178

ann base label observed

Request event observed

/redirect.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/redirect.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#13 2025-09-29 15:59:19 event 17009266 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/goto.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/goto.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#14 2025-09-29 15:59:19 event 17009266 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/goto.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/goto.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#15 2025-09-29 15:59:19 event 17009266 GET 301 bytes 178

ann base label observed

Request event observed

/goto.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/goto.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#16 2025-09-29 15:59:18 event 17009265 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/link.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/link.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#17 2025-09-29 15:59:18 event 17009264 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/ViewURL.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/ViewURL.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#18 2025-09-29 15:59:18 event 17009265 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/link.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/link.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#19 2025-09-29 15:59:18 event 17009264 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/ViewURL.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/ViewURL.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#20 2025-09-29 15:59:18 event 17009265 GET 301 bytes 178

ann base label observed

Request event observed

/link.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/link.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#21 2025-09-29 15:59:18 event 17009264 GET 301 bytes 178

ann base label observed

Request event observed

/ViewURL.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/ViewURL.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#22 2025-09-29 15:59:17 event 17009262 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/url.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/url.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#23 2025-09-29 15:59:17 event 17009262 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/url.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/url.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#24 2025-09-29 15:59:17 event 17009262 GET 301 bytes 178

ann base label observed

Request event observed

/url.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/url.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#25 2025-09-29 15:59:16 event 17009261 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/index.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/index.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#26 2025-09-29 15:59:16 event 17009261 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/index.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/index.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#27 2025-09-29 15:59:16 event 17009261 GET 301 bytes 178

ann base label observed

Request event observed

/index.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/index.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#28 2025-09-29 15:59:15 event 17009260 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/visit.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/visit.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#29 2025-09-29 15:59:15 event 17009260 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/visit.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/visit.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#30 2025-09-29 15:59:15 event 17009260 GET 301 bytes 178

ann base label observed

Request event observed

/visit.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/visit.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#31 2025-09-29 15:59:14 event 17009259 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/away.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/away.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#32 2025-09-29 15:59:14 event 17009259 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/away.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/away.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#33 2025-09-29 15:59:14 event 17009259 GET 301 bytes 178

ann base label observed

Request event observed

/away.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/away.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#34 2025-09-29 15:59:13 event 17009258 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#35 2025-09-29 15:59:13 event 17009258 GET 301 bytes 178

ann scan_velocity 12 label scan_velocity

Request Scan-velocity indicator: scanv:ua_signature

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

scan_velocity

rule

scanv:ua_signature

conf

85.00

details

ua=scanner_signature; score=6; window=90s; total=18; rpm_equiv=12.0; upm_nonstatic_equiv=12.0; 404=0/18(0.00); ext_hits=0; ua_sig=1; methods=['GET']

More (full fields + snapshot) expand

url

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Scan-velocity indicator: scanv:ua_signature

details

ua=scanner_signature; score=6; window=90s; total=18; rpm_equiv=12.0; upm_nonstatic_equiv=12.0; 404=0/18(0.00); ext_hits=0; ua_sig=1; methods=['GET']

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#36 2025-09-29 15:59:13 event 17009258 GET 301 bytes 178

ann scan_velocity label scan_velocity

Request Scan-velocity window summary

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

scan_velocity

rule

scanv:window

conf

—

details

window=90s; total=18; rpm_equiv=12.0; upm_nonstatic_equiv=12.0; 404=0/18(0.00); ext_hits=0; ua_sig=1; methods=['GET']

More (full fields + snapshot) expand

url

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Scan-velocity window summary

details

window=90s; total=18; rpm_equiv=12.0; upm_nonstatic_equiv=12.0; 404=0/18(0.00); ext_hits=0; ua_sig=1; methods=['GET']

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#37 2025-09-29 15:59:13 event 17009258 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#38 2025-09-29 15:59:13 event 17009258 GET 301 bytes 178

ann base label observed

Request event observed

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/t.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#39 2025-09-29 15:59:12 event 17009257 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/jump.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/jump.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#40 2025-09-29 15:59:12 event 17009257 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/jump.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/jump.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#41 2025-09-29 15:59:12 event 17009257 GET 301 bytes 178

ann base label observed

Request event observed

/jump.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/jump.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#42 2025-09-29 15:59:06 event 17009254 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/count.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/count.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#43 2025-09-29 15:59:06 event 17009254 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/count.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/count.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#44 2025-09-29 15:59:06 event 17009254 GET 301 bytes 178

ann base label observed

Request event observed

/count.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/count.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#45 2025-09-29 15:59:05 event 17009253 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/check_link.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/check_link.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#46 2025-09-29 15:59:05 event 17009252 GET 301 bytes 178

ann ua 14 label ua

Request CLI HTTP client user-agent: curl

/open.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ua

rule

ua:cli:curl

conf

80.00

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

More (full fields + snapshot) expand

url

/open.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

CLI HTTP client user-agent: curl

details

Command-line HTTP clients are common in probing and scripted requests (also used legitimately).

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#47 2025-09-29 15:59:05 event 17009253 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/check_link.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/check_link.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#48 2025-09-29 15:59:05 event 17009252 GET 301 bytes 178

ann ref 9 label ref

Request Open-redirect style parameter points to an external URL

/open.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

ref

rule

ref:open_redirect_param

conf

85.00

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

More (full fields + snapshot) expand

url

/open.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

Open-redirect style parameter points to an external URL

details

A redirect-capable query parameter contains an absolute (external) URL. This is commonly used in phishing chains and open-redirect probing.

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#49 2025-09-29 15:59:05 event 17009253 GET 301 bytes 178

ann base label observed

Request event observed

/check_link.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/check_link.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

#50 2025-09-29 15:59:05 event 17009252 GET 301 bytes 178

ann base label observed

Request event observed

/open.php?url=http://example.com

referer

-

UA

curl/7.29.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/open.php?url=http://example.com

referer

-

UA

curl/7.29.0

summary

event observed

details

—

subnet

51.15.57.0/24

asn

12876 — SCALEWAY S.A.S.

geo

The Netherlands, North Holland, Haarlem

org

SCALEWAY

Page 1 of 81

← Prev Next →