← Back to IP report

Log Explorer

Fact drill-down for 87.120.114.229

Risk 91 HIGH Scope All time All-time facts 2015 In-scope 2015 Filtered 2015 Seen 2024-11-03 → 2024-11-16

Freestyle query (contains)

Time (days, optional)

Page size 25 50 100 200

Apply Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

Annotator (exact) (any) base — 1049 ua — 331 trav — 157 sqli — 134 cred — 124 sfp — 110 scan_velocity — 53 ref — 32 cmdi — 21 proto — 4 Severity (exact) (any) (none) — 1114 6 — 361 30 — 73 34 — 63 26 — 61 32 — 57 10 — 57 28 — 56 8 — 49 44 — 32 18 — 20 36 — 19 40 — 15 9 — 15 22 — 9 12 — 6 24 — 4 14 — 3 3 — 1 Label (exact) (any) observed — 1049 ua — 331 trav — 157 sqli — 134 cred — 124 sensitive_file — 110 scan_velocity — 53 ref — 32 cmdi — 21 proto — 4

HTTP facets

Method (exact, case-insensitive) (any) GET — 1883 POST — 120 PUT — 12 HTTP status (exact) (any) (none) — 820 301 — 626 499 — 512 400 — 23 404 — 20 410 — 9 200 — 5

Snapshot facets

Subnet (exact) (any) 87.120.114.0/24 — 2015 ASN (exact) (any) (none) — 2015 Country / Region / City (exact)

(any country) France — 2015 (any region) Île-de-France — 2015

(any city) Paris — 2015

Org contains (ip_org or as_org_name)

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Start

End

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

base 1049 ua 331 trav 157 sqli 134 cred 124 sfp 110 scan_velocity 53 ref 32 cmdi 21 proto 4

Top labels (facts, in-scope)

observed 1049 ua 331 trav 157 sqli 134 cred 124 sensitive_file 110 scan_velocity 53 ref 32 cmdi 21 proto 4

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 41 — total 2015 rows

← Prev Next →

#1 2024-11-16 23:35:58 event 2178593 GET 499

ann base label observed

Request event observed

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#2 2024-11-16 23:35:58 event 2178592 GET 499

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

http://139.59.53.236/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo…

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

http://139.59.53.236/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#3 2024-11-16 23:35:58 event 2178591 GET http —

ann base label observed

Request event observed

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#4 2024-11-16 23:35:58 event 2178590 GET http —

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#5 2024-11-16 23:35:58 event 2178591 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#6 2024-11-16 23:35:58 event 2178590 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#7 2024-11-16 23:35:58 event 2178593 GET 499

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#8 2024-11-16 23:35:58 event 2178591 GET http —

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#9 2024-11-16 23:35:55 event 2178589 POST 301 bytes 169

ann base label observed

Request event observed

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#10 2024-11-16 23:35:55 event 2178588 POST 301 bytes 169

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

-

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

-

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#11 2024-11-16 23:35:55 event 2178589 POST 301 bytes 169

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#12 2024-11-16 23:35:54 event 2178587 GET 499

ann base label observed

Request event observed

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#13 2024-11-16 23:35:54 event 2178586 GET http —

ann base label observed

Request event observed

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#14 2024-11-16 23:35:54 event 2178586 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#15 2024-11-16 23:35:54 event 2178587 GET 499

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#16 2024-11-16 23:35:54 event 2178586 GET http —

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#17 2024-11-16 23:35:53 event 2178585 GET 499

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

http://139.59.53.236/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo…

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

http://139.59.53.236/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#18 2024-11-16 23:35:53 event 2178584 GET http —

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#19 2024-11-16 23:35:53 event 2178584 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#20 2024-11-16 23:35:44 event 2178580 GET 499

ann base label observed

Request event observed

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#21 2024-11-16 23:35:44 event 2178579 GET http —

ann base label observed

Request event observed

/admin/diagnostic.jsp

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#22 2024-11-16 23:35:44 event 2178579 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/admin/diagnostic.jsp

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#23 2024-11-16 23:35:44 event 2178580 GET 499

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#24 2024-11-16 23:35:44 event 2178580 GET 499

ann trav 28 label trav

Request Path traversal / LFI indicator detected

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

trav

rule

trav:dotdot_slash

conf

92.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#25 2024-11-16 23:35:44 event 2178580 GET 499

ann sfp 34 label sensitive_file

Request Directory traversal indicator

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

sensitive_file

rule

sfp:traversal

conf

86.00

details

Traversal sequences were present (raw or encoded). Snippet='http://139.59.53.236/update/../admin/diagnostic.jsp'

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Directory traversal indicator

details

Traversal sequences were present (raw or encoded). Snippet='http://139.59.53.236/update/../admin/diagnostic.jsp'

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#26 2024-11-16 23:35:43 event 2178578 POST 301 bytes 169

ann base label observed

Request event observed

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#27 2024-11-16 23:35:43 event 2178577 POST 301 bytes 169

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526whi…

referer

-

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender

referer

-

UA

Mozilla/5.0 (Knoppix; Linux i686; rv:121.0) Gecko/20100101 Firefox/121.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#28 2024-11-16 23:35:43 event 2178576 GET 499

ann base label observed

Request event observed

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#29 2024-11-16 23:35:43 event 2178575 GET 499

ann base label observed

Request event observed

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

http://139.59.53.236/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

UA

Mozilla/5.0 (X11; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

http://139.59.53.236/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

UA

Mozilla/5.0 (X11; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#30 2024-11-16 23:35:43 event 2178574 GET 499

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%2525…

referer

http://139.59.53.236/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253…

UA

Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender

referer

http://139.59.53.236/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender

UA

Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#31 2024-11-16 23:35:43 event 2178573 GET http —

ann base label observed

Request event observed

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#32 2024-11-16 23:35:43 event 2178572 GET http —

ann base label observed

Request event observed

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#33 2024-11-16 23:35:43 event 2178571 GET http —

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%2525…

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#34 2024-11-16 23:35:43 event 2178573 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#35 2024-11-16 23:35:43 event 2178572 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#36 2024-11-16 23:35:43 event 2178571 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%2525…

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#37 2024-11-16 23:35:43 event 2178578 POST 301 bytes 169

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (Debian; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#38 2024-11-16 23:35:43 event 2178576 GET 499

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

http://139.59.53.236/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

UA

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#39 2024-11-16 23:35:43 event 2178573 GET http —

ann trav 30 label trav

Request Path traversal / LFI indicator detected

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

Annotation facts

label

trav

rule

trav:wrapper

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

—

UA

—

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#40 2024-11-16 23:35:41 event 2178570 GET 301 bytes 169

ann base label observed

Request event observed

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#41 2024-11-16 23:35:41 event 2178570 GET 301 bytes 169

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#42 2024-11-16 23:35:41 event 2178570 GET 301 bytes 169

ann trav 28 label trav

Request Path traversal / LFI indicator detected

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

trav

rule

trav:dotdot_slash

conf

92.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#43 2024-11-16 23:35:41 event 2178570 GET 301 bytes 169

ann sfp 34 label sensitive_file

Request Directory traversal indicator

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

sensitive_file

rule

sfp:traversal

conf

86.00

details

Traversal sequences were present (raw or encoded). Snippet='/update/../admin/diagnostic.jsp'

More (full fields + snapshot) expand

url

/update/../admin/diagnostic.jsp

referer

-

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Directory traversal indicator

details

Traversal sequences were present (raw or encoded). Snippet='/update/../admin/diagnostic.jsp'

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#44 2024-11-16 23:35:40 event 2178566 GET 499

ann base label observed

Request event observed

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#45 2024-11-16 23:35:40 event 2178565 POST 301 bytes 169

ann base label observed

Request event observed

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input

referer

-

UA

Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/115.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#46 2024-11-16 23:35:40 event 2178564 GET 301 bytes 169

ann base label observed

Request event observed

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

-

UA

Mozilla/5.0 (X11; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/NmConsole/Platform/Filter/AlertCenterItemsReportThresholds

referer

-

UA

Mozilla/5.0 (X11; Linux i686; rv:125.0) Gecko/20100101 Firefox/125.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#47 2024-11-16 23:35:40 event 2178563 GET 301 bytes 169

ann base label observed

Request event observed

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%2525…

referer

-

UA

Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fbin%252Fregister%252FXWiki%252FXWikiRegister%253Fxredirect%253D%25252Fxwiki%25252Fbin%25252Fview%25252FScheduler%25252F%25253Fdo%25253Dtrigger%252526which%25253DScheduler.NotificationEmailDailySender

referer

-

UA

Mozilla/5.0 (CentOS; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#48 2024-11-16 23:35:40 event 2178562 GET http —

ann base label observed

Request event observed

/admin/diagnostic.jsp

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

—

UA

—

summary

event observed

details

—

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#49 2024-11-16 23:35:40 event 2178562 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/admin/diagnostic.jsp

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

#50 2024-11-16 23:35:40 event 2178566 GET 499

ann trav 26 label trav

Request Path traversal / LFI indicator detected

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

Annotation facts

label

trav

rule

trav:mixed_separators

conf

90.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/admin/diagnostic.jsp

referer

http://139.59.53.236/update/../admin/diagnostic.jsp

UA

Mozilla/5.0 (Kubuntu; Linux i686; rv:123.0) Gecko/20100101 Firefox/123.0

summary

Path traversal / LFI indicator detected

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

subnet

87.120.114.0/24

asn

—

geo

France, Île-de-France, Paris

org

Lycatel Distribution UK Limited

Page 1 of 41

← Prev Next →