US Bot
Bot
Policy:
Silent Throttle
Probability
100 %
Confidence
100 %
Risk Profile
VeryHigh
Threat
None
Hit Count
2
Last Seen
1h 24m ago
Drifted
Googlebot
→
Mastodon Family
0.35
→
0.36
Fingerprint Profile
TLS Version
--
HTTP Protocol
--
Protocol Client
Detected
TCP OS Hint
+0.72
Fingerprint Integrity
-0.45
UA Consistency
-0.33
Headless Indicator
Low
Datacenter IP
Clean
Endpoints Visited (2) Click to expand
| # | Path |
|---|---|
| 1 | /staging/.env |
| 2 | /admin/.env |
Raw Requests (2) Click to expand
| Time | Method | Path | Status | Prob | Conf | Risk Profile | Action | Time |
|---|---|---|---|---|---|---|---|---|
| 23:28:13 | GET | /staging/.env | 200 | 100 % | 100 % | VeryHigh | Silent Throttle | 1.4ms |
| 23:28:13 | GET | /admin/.env | 200 | 0 % | 100 % | VeryLow | Allow | 0.0ms |
Bot Probability & Confidence History
StyloBot Detection Overhead (ms)
Analysis
Suspicious automated client on /staging/.env - caught by Previously identified as bot (IP seen 51 times), Heuristic model (early): 81 % bot likelihood (21 features), Datacenter IP detected: Google Cloud
Detection Signals
- • Previously identified as bot (IP seen 51 times)
- • Heuristic model (early): 81 % bot likelihood (21 features)
- • Datacenter IP detected: Google Cloud
- • Browser User-Agent without Accept-Language
- • Visiting many random URLs in no logical order (random scanning pattern)
Detector Contributions (14 detectors)
| Detector | Confidence Delta | Timing (ms) |
|---|---|---|
|
FastPathReputation
Previously identified as bot (IP seen 51 times)
|
+1.000 | 0.1 |
|
Heuristic
Heuristic model (early): 81 % bot likelihood (21 features)
|
+0.614 | 0.0 |
|
Header
Missing Accept header; Browser User-Agent without Accept-Language
|
+0.603 | 0.0 |
|
Ip
Datacenter IP detected: Google Cloud
|
+0.600 | 0.0 |
|
TlsFingerprint
TLS connection appears normal
|
-0.300 | 0.0 |
|
UserAgent
User-Agent appears normal
|
-0.250 | 0.3 |
|
Behavioral
Request patterns appear normal; Visiting many random URLs in no logical order (random scanning pattern)
|
+0.050 | 0.2 |
|
AiScraper
No AI scraper signals detected
|
+0.000 | 0.0 |
|
SecurityTool
No security tools detected in User-Agent
|
+0.000 | 0.0 |
|
Http2Fingerprint
Using HTTP/1.1; environment norm is HTTP/1.1 (0 % HTTP/2 over 435 samples)
|
+0.000 | 0.0 |
|
Http3Fingerprint
Connection uses HTTP/1.1 (not HTTP/3)
|
+0.000 | 0.0 |
|
TcpIpFingerprint
Network fingerprint analysis complete (no anomalies detected)
|
+0.000 | 0.0 |
|
HeaderCorrelation
Single signature per header profile
|
+0.000 | 0.0 |
|
TransportProtocol
Transport protocol analysis complete
|
+0.000 | 0.0 |
Signal Intelligence
behavioral
anomaly
False
h2
is_http2
False
protocol
HTTP/1.1
behind_proxy
False
population_samples
435
population_http2_rate
0
h3
is_http3
False
protocol
HTTP/1.1
header
count
14
has_accept
False
sec_fetch_dest
sec_fetch_mode
sec_fetch_site
has_proxy_headers
False
has_accept_encoding
True
has_accept_language
False
is_websocket_upgrade
False
sec_fetch_same_origin
False
population_accept_rate
0.862
is_service_worker_fetch
False
population_accept_language_rate
0.862
heuristic
confidence
0.614
prediction
bot
early_completed
True
ip
subnet
34.127.126
is_ipv6
False
is_local
False
provider
Google Cloud
is_datacenter
True
datacenter_name
Google Cloud
reputation
can_abort
True
fastpath_hit
True
fast_abort_active
True
fastpath.ip.score
1
fastpath.ip.state
ConfirmedBad
fastpath.ip.support
51.154
fastpath.ip.pattern_id
ip:34.127.126.0/24
request
protocol
HTTP/1.1
accept_encoding
gzip, br
risk
justification
Verified bad bot
tcp
connection_header
keep-alive
tls
is_https
True
available
True
ua
family
Safari
is_bot
False
family_version
9
Signature:
LxxKaxZbpaUDwAwmEVLfgQ
|
Processing: 1.4ms
|
Country: US
|
First seen: 2026-06-09 23:28:13 UTC