← Back to IP report

Log Explorer

Fact drill-down for 45.156.128.116

Risk 1 LOW Scope All time All-time facts 90 In-scope 90 Filtered 90 Seen 2024-09-10 → 2026-01-26

Freestyle query (contains)

Time (days, optional)

Page size 25 50 100 200

Apply Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

Annotator (exact) (any) base — 76 cred — 10 ua — 2 fwprobe — 1 ref — 1 Severity (exact) (any) (none) — 81 10 — 5 6 — 3 28 — 1 Label (exact) (any) observed — 76 cred — 10 ua — 2 fwprobe — 1 ref — 1

HTTP facets

Method (exact, case-insensitive) (any) GET — 90 HTTP status (exact) (any) 404 — 61 200 — 12 301 — 12 (none) — 4 302 — 1

Snapshot facets

Subnet (exact) (any) 45.156.128.0/24 — 90 ASN (exact) (any) 211680 — 90 Country / Region / City (exact)

(any country) The Netherlands — 90 (any region) North Holland — 90

(any city) Amsterdam — 90

Org contains (ip_org or as_org_name)

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Start

End

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

base 76 cred 10 ua 2 fwprobe 1 ref 1

Top labels (facts, in-scope)

observed 76 cred 10 ua 2 fwprobe 1 ref 1

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 2 — total 90 rows

← Prev Next →

# 2026-01-26 02:13:52 event 29327458 GET 404 bytes 7122

ann base label observed

Request event observed

/showLogin.cc

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/showLogin.cc

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:13:37 event 29327282 GET 404 bytes 7123

ann base label observed

Request event observed

/login/login

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/login/login

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:13:37 event 29327282 GET 404 bytes 7123

ann cred 10 label cred

Request Auth request appears to use an automation-oriented user agent

/login/login

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

cred

rule

cred:scripted_user_agent

conf

70.00

details

Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.

More (full fields + snapshot) expand

url

/login/login

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

Auth request appears to use an automation-oriented user agent

details

Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:13:37 event 29327282 GET 404 bytes 7123

ann cred label cred

Request Auth endpoint request observed

/login/login

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

cred

rule

cred:auth_hit:login

conf

55.00

details

Row-level auth primitive for downstream aggregation (no velocity logic here).

More (full fields + snapshot) expand

url

/login/login

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

Auth endpoint request observed

details

Row-level auth primitive for downstream aggregation (no velocity logic here).

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:12:02 event 29326151 GET 404 bytes 7122

ann base label observed

Request event observed

/owncloud/status.php

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/owncloud/status.php

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:10:52 event 29325440 GET 301

ann base label observed

Request event observed

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:10:04 event 29324944 GET 404 bytes 7123

ann base label observed

Request event observed

/wp-json

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/wp-json

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:09:37 event 29324668 GET 404 bytes 7120

ann base label observed

Request event observed

/license.txt

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/license.txt

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:08:18 event 29323881 GET 404 bytes 7125

ann base label observed

Request event observed

/webfig/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/webfig/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:08:16 event 29323861 GET 404 bytes 7124

ann base label observed

Request event observed

/progs/homepage

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/progs/homepage

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:06:32 event 29322752 GET 404 bytes 7123

ann base label observed

Request event observed

/login.do

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/login.do

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:05:03 event 29321916 GET 404 bytes 7122

ann base label observed

Request event observed

/jasperserverTest/login.html

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/jasperserverTest/login.html

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:03:35 event 29321146 GET 404 bytes 7123

ann base label observed

Request event observed

/OA_HTML/AppsLocalLogin.jsp

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/OA_HTML/AppsLocalLogin.jsp

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:03:31 event 29321105 GET 200 bytes 14548

ann base label observed

Request event observed

/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2026-01-26 02:03:29 event 29321091 GET 200 bytes 14544

ann base label observed

Request event observed

/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:30:01 event 4543993 GET 200 bytes 1300

ann base label observed

Request event observed

/static/img/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/static/img/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:30:01 event 4543991 GET 301

ann base label observed

Request event observed

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:30:01 event 4543990 GET 301 bytes 169

ann base label observed

Request event observed

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:29:14 event 4543918 GET 404 bytes 7895

ann base label observed

Request event observed

/license.txt

referer

http://139.59.53.236/license.txt

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/license.txt

referer

http://139.59.53.236/license.txt

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:28:38 event 4543870 GET 301 bytes 169

ann base label observed

Request event observed

/solr/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/solr/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:27:15 event 4543773 GET 404 bytes 7897

ann base label observed

Request event observed

/owncloud/status.php

referer

http://139.59.53.236/owncloud/status.php

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/owncloud/status.php

referer

http://139.59.53.236/owncloud/status.php

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:26:20 event 4543703 GET 404 bytes 7896

ann ref 6 label ref

Request External referer observed on an auth-like endpoint

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

ref

rule

ref:external_referer_to_auth

conf

70.00

details

External origins hitting login/auth endpoints can be a signal of phishing landing pages or malicious redirect chains. This is only emitted for auth-like paths.

More (full fields + snapshot) expand

url

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

External referer observed on an auth-like endpoint

details

External origins hitting login/auth endpoints can be a signal of phishing landing pages or malicious redirect chains. This is only emitted for auth-like paths.

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:26:20 event 4543703 GET 404 bytes 7896

ann cred 10 label cred

Request Auth request appears to use an automation-oriented user agent

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

cred

rule

cred:scripted_user_agent

conf

70.00

details

Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.

More (full fields + snapshot) expand

url

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

Auth request appears to use an automation-oriented user agent

details

Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:26:20 event 4543703 GET 404 bytes 7896

ann cred label cred

Request Auth endpoint request observed

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

cred

rule

cred:auth_hit:auth_other

conf

55.00

details

Row-level auth primitive for downstream aggregation (no velocity logic here).

More (full fields + snapshot) expand

url

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

Auth endpoint request observed

details

Row-level auth primitive for downstream aggregation (no velocity logic here).

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:26:20 event 4543703 GET 404 bytes 7896

ann base label observed

Request event observed

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/api/session/properties

referer

http://139.59.53.236/api/session/properties

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:25:27 event 4543609 GET 301 bytes 169

ann base label observed

Request event observed

/showLogin.cc

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/showLogin.cc

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:24:01 event 4543467 GET 404 bytes 7896

ann base label observed

Request event observed

/identity

referer

http://139.59.53.236/identity

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/identity

referer

http://139.59.53.236/identity

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:23:26 event 4543403 GET 301 bytes 169

ann base label observed

Request event observed

/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:23:25 event 4543398 GET 200 bytes 7227

ann base label observed

Request event observed

/

referer

http://139.59.53.236/

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

http://139.59.53.236/

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:22:48 event 4543338 GET 301 bytes 169

ann base label observed

Request event observed

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:22:07 event 4543285 GET 404 bytes 7895

ann base label observed

Request event observed

/zabbix/favicon.ico

referer

http://139.59.53.236/zabbix/favicon.ico

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/zabbix/favicon.ico

referer

http://139.59.53.236/zabbix/favicon.ico

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:21:21 event 4543211 GET 301 bytes 169

ann base label observed

Request event observed

/console

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/console

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:21:21 event 4543206 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/main.pl

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/main.pl

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2025-04-21 06:20:32 event 4543140 GET 200 bytes 7227

ann base label observed

Request event observed

/

referer

http://139.59.53.236/

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/

referer

http://139.59.53.236/

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:54:16 event 2912844 GET 404 bytes 6305

ann base label observed

Request event observed

/cgi-bin/config.exp

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/config.exp

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:54:09 event 2912839 GET 404 bytes 6305

ann base label observed

Request event observed

/Telerik.Web.UI.WebResource.axd?type=rau

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/Telerik.Web.UI.WebResource.axd?type=rau

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:52:43 event 2912827 GET 404 bytes 6304

ann base label observed

Request event observed

/api/session/properties

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/api/session/properties

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:52:43 event 2912827 GET 404 bytes 6304

ann cred 10 label cred

Request Auth request appears to use an automation-oriented user agent

/api/session/properties

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

cred

rule

cred:scripted_user_agent

conf

70.00

details

Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.

More (full fields + snapshot) expand

url

/api/session/properties

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

Auth request appears to use an automation-oriented user agent

details

Automation-ish UA strings are useful correlates when paired with failures or spraying patterns.

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:52:43 event 2912827 GET 404 bytes 6304

ann cred label cred

Request Auth endpoint request observed

/api/session/properties

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

cred

rule

cred:auth_hit:auth_other

conf

55.00

details

Row-level auth primitive for downstream aggregation (no velocity logic here).

More (full fields + snapshot) expand

url

/api/session/properties

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

Auth endpoint request observed

details

Row-level auth primitive for downstream aggregation (no velocity logic here).

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:52:01 event 2912824 GET 200 bytes 1300

ann base label observed

Request event observed

/static/img/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/static/img/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:52:01 event 2912823 GET 301

ann base label observed

Request event observed

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:51:33 event 2912822 GET 404 bytes 6304

ann base label observed

Request event observed

/identity

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/identity

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:51:28 event 2912820 GET 404 bytes 6306

ann base label observed

Request event observed

/aspera/faspex/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/aspera/faspex/

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:51:25 event 2912818 GET 404 bytes 6305

ann base label observed

Request event observed

/js/NewWindow_2_all.js

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/js/NewWindow_2_all.js

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:50:31 event 2912812 GET 404 bytes 184

ann base label observed

Request event observed

/static/historypage.js

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/static/historypage.js

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:50:31 event 2912811 GET http —

ann base label observed

Request event observed

/static/historypage.js

referer

—

UA

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/static/historypage.js

referer

—

UA

—

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:50:31 event 2912811 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/static/historypage.js

referer

—

UA

—

Annotation facts

label

ua

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/static/historypage.js

referer

—

UA

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:48:01 event 2912795 GET 404 bytes 6305

ann base label observed

Request event observed

/ext-js/app/common/zld_product_spec.js

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/ext-js/app/common/zld_product_spec.js

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:47:09 event 2912789 GET 404 bytes 6306

ann base label observed

Request event observed

/console

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/console

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

# 2024-11-23 22:46:46 event 2912786 GET 404 bytes 6304

ann base label observed

Request event observed

/wp-json

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/wp-json

referer

-

UA

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36

summary

event observed

details

—

subnet

45.156.128.0/24

asn

211680 — NSEC - Sistemas Informaticos, S.A.

geo

The Netherlands, North Holland, Amsterdam

org

Inap AMS

Page 1 of 2

← Prev Next →