← Back to IP report

Log Explorer

Fact drill-down for 95.214.53.198

Risk 5 LOW Scope All time All-time facts 65 In-scope 65 Filtered 65 Seen 2024-12-31 → 2025-03-01

Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

HTTP facets

Snapshot facets

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

base 48 ua 10 cmdi 4 sfp 2 trav 1

Top labels (facts, in-scope)

observed 48 ua 10 cmdi 4 sensitive_file 2 trav 1

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 2 — total 65 rows

← Prev Next →

# 2025-03-01 00:10:46 event 3790236 GET 301 bytes 169

ann base label observed

Request event observed

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 23:55:19 event 3704417 GET 301 bytes 169

ann base label observed

Request event observed

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 14:07:35 event 3584322 GET 301 bytes 169

ann base label observed

Request event observed

referer

Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 14:00:20 event 3584075 GET 301 bytes 169

ann base label observed

Request event observed

referer

Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 13:09:09 event 3583669 GET 301 bytes 169

ann base label observed

Request event observed

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 07:55:54 event 3580983 GET 301 bytes 169

ann base label observed

Request event observed

/favicon.ico

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 07:41:36 event 3580906 GET 301 bytes 169

ann base label observed

Request event observed

/favicon.ico

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/favicon.ico

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-28 06:14:08 event 3579862 GET 301 bytes 169

ann base label observed

Request event observed

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-11 15:09:04 event 2940926 GET 301 bytes 169

ann base label observed

Request event observed

/goform/mcr_setWol?wol_mac=ping+146.19.24.76&redirect_url=/new/UserFolder/3_6_2_wakeonlan.asp

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/goform/mcr_setWol?wol_mac=ping+146.19.24.76&redirect_url=/new/UserFolder/3_6_2_wakeonlan.asp

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-11 14:32:43 event 2940081 GET 301 bytes 169

ann base label observed

Request event observed

/goform/mcr_setWol?wol_mac=ping+146.19.24.76&redirect_url=/new/UserFolder/3_6_2_wakeonlan.asp

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/goform/mcr_setWol?wol_mac=ping+146.19.24.76&redirect_url=/new/UserFolder/3_6_2_wakeonlan.asp

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 11:13:34 event 3468587 GET 301 bytes 169

ann base label observed

Request event observed

/system.ini?loginuse&loginpas&apos

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/system.ini?loginuse&loginpas&apos

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 11:13:34 event 3468587 GET 301 bytes 169

ann trav 32 label trav

Request Path traversal / LFI indicator detected

/system.ini?loginuse&loginpas&apos

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

trav

rule

trav:windows_sensitive_target

conf

94.00

details

Detected explicit traversal/LFI mechanics (dotdot segments, encoded traversal, local file / stream wrappers, or sensitive file targets). This annotator intentionally does not fire on mere URL depth or on traversal-ish parameter names without mechanics.

More (full fields + snapshot) expand

url

/system.ini?loginuse&loginpas&apos

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Path traversal / LFI indicator detected

details

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 07:47:54 event 3435351 GET 301 bytes 169

ann base label observed

Request event observed

referer

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 07:47:54 event 3435351 GET 301 bytes 169

ann ua 8 label ua

Request Very short User-Agent string

referer

Annotation facts

label

rule

ua:very_short

conf

65.00

details

Short/generic UAs are common in basic scripts and commodity automation.

More (full fields + snapshot) expand

url

referer

summary

Very short User-Agent string

details

Short/generic UAs are common in basic scripts and commodity automation.

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 07:32:06 event 3435030 GET 301 bytes 169

ann base label observed

Request event observed

referer

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 07:32:06 event 3435030 GET 301 bytes 169

ann ua 8 label ua

Request Very short User-Agent string

referer

Annotation facts

label

rule

ua:very_short

conf

65.00

details

Short/generic UAs are common in basic scripts and commodity automation.

More (full fields + snapshot) expand

url

referer

summary

Very short User-Agent string

details

Short/generic UAs are common in basic scripts and commodity automation.

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-02-09 06:32:19 event 3432961 GET 301 bytes 169

ann base label observed

Request event observed

/Media/Product/getProductInfo

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/Media/Product/getProductInfo

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-28 12:08:54 event 2657193 GET 301 bytes 169

ann sfp 36 label sensitive_file

Request Command-style parameter observed

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

sensitive_file

rule

sfp:param:cmd

conf

86.00

details

A command-execution style query parameter was present (cmd/exec/command/shell). Snippet='/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch'

More (full fields + snapshot) expand

url

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Command-style parameter observed

details

A command-execution style query parameter was present (cmd/exec/command/shell). Snippet='/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch'

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-28 12:08:54 event 2657193 GET 301 bytes 169

ann base label observed

Request event observed

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-28 12:08:54 event 2657193 GET 301 bytes 169

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:param_plus_cmd

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

cmdi

rule

cmdi:param_plus_cmd

conf

90.00

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /usr=CMCCAdmin&psw=aDm8H%MdA&cmd=1&telnet.gch -'

More (full fields + snapshot) expand

url

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Command/file-injection indicator: cmdi:param_plus_cmd

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /usr=CMCCAdmin&psw=aDm8H%MdA&cmd=1&telnet.gch -'

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-28 11:18:23 event 2656849 GET 301 bytes 169

ann sfp 36 label sensitive_file

Request Command-style parameter observed

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

sensitive_file

rule

sfp:param:cmd

conf

86.00

details

A command-execution style query parameter was present (cmd/exec/command/shell). Snippet='/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch'

More (full fields + snapshot) expand

url

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Command-style parameter observed

details

A command-execution style query parameter was present (cmd/exec/command/shell). Snippet='/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch'

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-28 11:18:23 event 2656849 GET 301 bytes 169

ann base label observed

Request event observed

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-28 11:18:23 event 2656849 GET 301 bytes 169

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:param_plus_cmd

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

cmdi

rule

cmdi:param_plus_cmd

conf

90.00

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /usr=CMCCAdmin&psw=aDm8H%MdA&cmd=1&telnet.gch -'

More (full fields + snapshot) expand

url

/usr=CMCCAdmin&psw=aDm8H%25MdA&cmd=1&telnet.gch

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Command/file-injection indicator: cmdi:param_plus_cmd

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /usr=CMCCAdmin&psw=aDm8H%MdA&cmd=1&telnet.gch -'

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-26 09:55:43 event 3033532 PUT 301 bytes 169

ann base label observed

Request event observed

/SDK/webLanguage

referer

Go-http-client/1.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/SDK/webLanguage

referer

Go-http-client/1.1

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-26 09:55:43 event 3033531 PUT http —

ann base label observed

Request event observed

/SDK/webLanguage

referer

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/SDK/webLanguage

referer

—

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-26 09:55:43 event 3033530 PUT 301 bytes 169

ann base label observed

Request event observed

/SDK/webLanguage

referer

Go-http-client/1.1

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/SDK/webLanguage

referer

Go-http-client/1.1

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-26 09:55:43 event 3033532 PUT 301 bytes 169

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

/SDK/webLanguage

referer

Go-http-client/1.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

/SDK/webLanguage

referer

Go-http-client/1.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-26 09:55:43 event 3033531 PUT http —

ann ua 6 label ua

Request Missing User-Agent header

/SDK/webLanguage

referer

—

Annotation facts

label

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/SDK/webLanguage

referer

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-26 09:55:43 event 3033530 PUT 301 bytes 169

ann ua 10 label ua

Request HTTP library/automation runtime user-agent

/SDK/webLanguage

referer

Go-http-client/1.1

Annotation facts

label

rule

ua:library_client

conf

72.00

details

UA indicates a low-level HTTP client library or automation runtime.

More (full fields + snapshot) expand

url

/SDK/webLanguage

referer

Go-http-client/1.1

summary

HTTP library/automation runtime user-agent

details

UA indicates a low-level HTTP client library or automation runtime.

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-16 00:32:55 event 2601955 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-16 00:32:55 event 2601954 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-16 00:32:55 event 2601953 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-16 00:21:14 event 2601803 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-16 00:21:14 event 2601802 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-16 00:21:14 event 2601801 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/getwifiattr.cgi

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-12 03:26:01 event 4144087 GET 301 bytes 169

ann base label observed

Request event observed

/js/native.js

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/js/native.js

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-10 13:35:23 event 3706571 GET 301 bytes 169

ann base label observed

Request event observed

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-10 13:35:23 event 3706571 GET 301 bytes 169

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

Detected subshell execution syntax (`...` or $(...)). Snippet='pn/list_base_config.php?type=mod&parts=base_config&template=`ping -c 1 95.214.54.154` -'

More (full fields + snapshot) expand

url

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Command/file-injection indicator: cmdi:subshell

details

Detected subshell execution syntax (`...` or $(...)). Snippet='pn/list_base_config.php?type=mod&parts=base_config&template=`ping -c 1 95.214.54.154` -'

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-10 13:24:32 event 3706498 GET 301 bytes 169

ann base label observed

Request event observed

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-10 13:24:32 event 3706498 GET 301 bytes 169

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

Detected subshell execution syntax (`...` or $(...)). Snippet='pn/list_base_config.php?type=mod&parts=base_config&template=`ping -c 1 95.214.54.154` -'

More (full fields + snapshot) expand

url

/vpn/list_base_config.php?type=mod&parts=base_config&template=%60ping+-c+1+95.214.54.154%60

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

Command/file-injection indicator: cmdi:subshell

details

Detected subshell execution syntax (`...` or $(...)). Snippet='pn/list_base_config.php?type=mod&parts=base_config&template=`ping -c 1 95.214.54.154` -'

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-09 07:14:13 event 3277763 GET 301 bytes 169

ann ua 8 label ua

Request Very short User-Agent string

referer

Annotation facts

label

rule

ua:very_short

conf

65.00

details

Short/generic UAs are common in basic scripts and commodity automation.

More (full fields + snapshot) expand

url

referer

summary

Very short User-Agent string

details

Short/generic UAs are common in basic scripts and commodity automation.

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-09 07:14:13 event 3277763 GET 301 bytes 169

ann base label observed

Request event observed

referer

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-09 06:55:48 event 3277692 GET 301 bytes 169

ann ua 8 label ua

Request Very short User-Agent string

referer

Annotation facts

label

rule

ua:very_short

conf

65.00

details

Short/generic UAs are common in basic scripts and commodity automation.

More (full fields + snapshot) expand

url

referer

summary

Very short User-Agent string

details

Short/generic UAs are common in basic scripts and commodity automation.

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-09 06:55:48 event 3277692 GET 301 bytes 169

ann base label observed

Request event observed

referer

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-07 03:45:48 event 2523315 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-07 03:39:31 event 2523245 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-07 03:20:00 event 2523112 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-07 03:03:35 event 2523049 GET 301 bytes 169

ann base label observed

Request event observed

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/php/login.php

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.6778.140 Safari/537.36

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-05 21:35:28 event 2824010 GET 301 bytes 169

ann base label observed

Request event observed

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

# 2025-01-05 04:10:09 event 2759156 GET 301 bytes 169

ann base label observed

Request event observed

referer

Linux Gnu (cow)

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

referer

Linux Gnu (cow)

summary

event observed

details

—

subnet

95.214.53.0/24

asn

201814 — MEVSPACE sp. z o.o.

geo

Poland, Mazovia, Warsaw

org

MEVSPACE sp. z o.o

Log Explorer

Annotated access events

Confirm Action