← Dashboard / Signature Detail
NL

Chrome 149.0.0 Windows 10

· Chrome 149.0.0 / Windows Human
MaliciousBot
Policy: Allow
Probability
9 %
Confidence
95 %
Risk Profile
VeryLow
Threat
None
Hit Count
50
Last Seen
11s ago
Network Locale Headers Tool Transport Session Quality
Closest to
Chrome Desktop
Drift vs
32.9%

Fingerprint Profile

TLS Version
-
HTTP Protocol
-
Protocol Client
Detected
TCP OS Hint
Low
Fingerprint Integrity
-0.45
UA Consistency
-0.33
Headless Indicator
Low
Datacenter IP
Clean

Browser modes same browser, different modes. One row per persisted mode

Mode Observations Maturity Shift from baseline Last seen
signalr-negotiate 241 241 0.15 (upgrade insecure requests, custom header signature, x requested with) 17:06:29
navigation 59 59 0.23 (upgrade insecure requests, sec ch ua brands ordered, dnt) 17:05:21
bot-raw 91 91 0.12 (upgrade insecure requests, header order hash, accept) 17:03:48
sub-resource 160 160 0.15 (custom header signature, x requested with, header order hash) 17:03:06
websocket-upgrade 3 3 0.59 (has returning cookie, referer host family, upgrade insecure requests) 09:42:07
5 modes across 554 observations. See composite browser-mode fingerprints.
Endpoints Visited (27) Click to expand · stats unavailable
# Path
1 /stylobot/hub
2 /stylobot/hub/negotiate
3 /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-header-search.js
4 /_content/Mostlylucid.BotDetection.UI/js/sb-chartlet.js
5 /_content/Mostlylucid.BotDetection.UI/js/vendor/chart.umd.min.js
6 /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-tabs.js
7 /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-realtime.js
8 /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-reorder.js
9 /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-edit.js
10 /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-live-updates.js
11 /_content/Mostlylucid.BotDetection.UI/vendor/js/idiomorph-ext.min.js
12 /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-tooltip-portal.js
13 /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js
14 /_content/Mostlylucid.BotDetection.UI/vendor/js/htmx.min.js
15 /_content/Mostlylucid.BotDetection.UI/css/sb-policy-stack-card.css
16 /dist/assets/index.js
17 /_content/Mostlylucid.BotDetection.UI/vendor/css/sb-live-updates.css
18 /_content/Mostlylucid.BotDetection.UI/vendor/js/jsvectormap.min.js
19 /_content/Mostlylucid.BotDetection.UI/vendor/js/world-merc.js
20 /_content/Mostlylucid.BotDetection.UI/vendor/js/apexcharts.min.js
21 /_content/Mostlylucid.BotDetection.UI/css/sb-components.css
22 /_content/Mostlylucid.BotDetection.UI/bot-detection-details.css
23 /_content/Mostlylucid.BotDetection.UI/css/sb-chartlet.css
24 /_content/Mostlylucid.BotDetection.UI/vendor/css/jsvectormap.min.css
25 /dist/assets/index.css
26 /_content/Mostlylucid.BotDetection.UI/vendor/css/boxicons.min.css
27 /dashboard/signature/_F1Ggqu3Ay1-epcIVzZUPQ
Raw Requests (50) Click to expand
Time Method Path Status Prob Conf Risk Profile Action Time
14:47:40 CONNECT /stylobot/hub 200 25 % 68 % VeryHigh Allow 4.0ms
14:47:40 CONNECT /stylobot/hub 200 25 % 68 % VeryHigh Allow 4.7ms
14:47:39 CONNECT /stylobot/hub 200 25 % 68 % VeryHigh Allow 5.4ms
14:47:39 POST /stylobot/hub/negotiate 200 4 % 68 % VeryLow Allow 4.6ms
14:47:39 POST /stylobot/hub/negotiate 200 4 % 68 % VeryLow Allow 4.7ms
14:47:39 POST /stylobot/hub/negotiate 200 4 % 68 % VeryLow Allow 5.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-header-search.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/js/sb-chartlet.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/js/vendor/chart.umd.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-tabs.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-realtime.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-reorder.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-edit.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-live-updates.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/idiomorph-ext.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-tooltip-portal.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/htmx.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/css/sb-policy-stack-card.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /dist/assets/index.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/css/sb-live-updates.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/jsvectormap.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/world-merc.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/apexcharts.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/htmx.min.js 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/css/sb-components.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/bot-detection-details.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/css/sb-chartlet.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/css/jsvectormap.min.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /dist/assets/index.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /_content/Mostlylucid.BotDetection.UI/vendor/css/boxicons.min.css 200 12 % 100 % VeryLow Allow 0.0ms
14:47:39 GET /dashboard/signature/_F1Ggqu3Ay1-epcIVzZUPQ 200 4 % 68 % VeryLow Allow 5.3ms
14:47:13 CONNECT /stylobot/hub 200 25 % 68 % VeryHigh Allow 6.2ms
14:47:13 CONNECT /stylobot/hub 200 25 % 68 % VeryHigh Allow 5.2ms
14:47:13 CONNECT /stylobot/hub 200 25 % 68 % VeryHigh Allow 5.4ms
14:47:13 POST /stylobot/hub/negotiate 200 4 % 68 % VeryLow Allow 4.9ms
14:47:13 POST /stylobot/hub/negotiate 200 4 % 68 % VeryLow Allow 3.7ms
14:47:13 POST /stylobot/hub/negotiate 200 4 % 68 % VeryLow Allow 4.2ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-header-search.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/js/sb-chartlet.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-reorder.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-tabs.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/js/vendor/chart.umd.min.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-realtime.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/policy-stack-edit.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-live-updates.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/sb-tooltip-portal.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/idiomorph-ext.min.js 200 13 % 100 % VeryLow Allow 0.0ms
14:47:13 GET /_content/Mostlylucid.BotDetection.UI/vendor/js/signalr.min.js 200 13 % 100 % VeryLow Allow 0.0ms

Bot Probability & Confidence History

StyloBot Detection Overhead (ms)

User Agent

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36

Analysis

CRITICAL THREAT: Chrome 149.0.0 Windows 10 on /stylobot/hub - caught by Endpoint history: /stylobot/hub served 2xx until 2026-07-..., Heuristic model (early): 75 % human likelihood (19 features), TLS connection appears normal

Detection Signals

  • Endpoint history: /stylobot/hub served 2xx until 2026-07-01 (1290 hits); scanners still probing it
  • Heuristic model (early): 75 % human likelihood (19 features)
  • TLS connection appears normal
  • User-Agent appears normal
  • Request patterns appear normal

Detector Contributions (16 detectors)

Detector Confidence Delta Timing (ms)
EndpointHistory
Endpoint history: /stylobot/hub served 2xx until 2026-07-01 (1290 hits); scanners still probing it
+0.700 0.1
Heuristic
Heuristic model (early): 75 % human likelihood (19 features)
-0.492 0.1
TlsFingerprint
TLS connection appears normal
-0.300 0.0
UserAgent
User-Agent appears normal
-0.250 0.5
Behavioral
Request patterns appear normal
-0.300 0.1
Ip
IP appears normal: 45.128.199.xxx
-0.250 0.0
TcpIpFingerprint
Missing connection reuse header (unusual for real browsers)
+0.200 0.0
Header
Missing Accept header; deployment norm is low Accept rate (41 % over 143 samples)
+0.000 0.0
AiScraper
No AI scraper signals detected
+0.000 0.0
SecurityTool
No security tools detected in User-Agent
+0.000 0.0
ContentSequence
Sequence on track at position 5
+0.000 0.1
Http2Fingerprint
HTTP/2 analysis complete (no anomalies detected)
+0.000 0.0
Http3Fingerprint
Connection uses HTTP/2 (not HTTP/3)
+0.000 0.0
HeaderCorrelation
Single signature per header profile
+0.000 0.0
TransportProtocol
Transport protocol analysis complete
+0.000 0.0
FastPathReputation
No known patterns in reputation cache
+0.000 0.0

Signal Intelligence

behavioral

anomaly False

h2

is_http2 True
protocol HTTP/2
behind_proxy False
pseudoheader_order method,path,scheme,authority

h3

is_http3 False
protocol HTTP/2

header

count 9
has_accept False
sec_fetch_dest
sec_fetch_mode
sec_fetch_site
has_proxy_headers False
has_accept_encoding True
has_accept_language True
is_websocket_upgrade False
sec_fetch_same_origin False
population_accept_rate 0.413
is_service_worker_fetch False

heuristic

confidence 0.492
prediction human
early_completed True

intent

threat_score 0.65

ip

is_ipv6 False
is_local False
is_datacenter False

request

protocol HTTP/2
accept_encoding gzip, deflate, br, zstd

risk

justification Raw threat score 0.65 at or above hostile gate 0.60
friendly_pin_trace not-applicable:botType=Scraper,yamlType=null,botName=null

tcp

connection_header

tls

is_https True
available True

ua

family Chrome
is_bot False
family_version 149.0.0

Policy applied

Hit history

Chrome 149.0.0 Windows 10 Human Unknown
14:47 - 14:47
30s
21 req 📡 SignalR H=2.4 17%
/ /fonts/raleway/raleway-latin-500-italic.woff2 /fonts/raleway/raleway-latin-900-normal.woff2 /fonts/raleway/raleway-latin-400-normal.woff2 +6
Sign→Sign 10 Stat→Stat 4 Page→Sign 2
1–1 of 1
1
ASP.NET Pack — Auth events
JWKS health
OK

reachable

Auth pipeline
JWKS reachable
License
Licensed

ASP.NET pack enabled

OTel Mesh — Traces

Fingerprint timeline

7c97702e86a94cdbb200f3bb88c9ecc0 0 observations

Span + log activity for this fingerprint, ordered by timestamp.

No timeline observations

OTel Mesh receiver online, but no observations seen for this fingerprint id (check W3C baggage propagation)

Signature: _F1Ggqu3Ay1-epcIVzZUPQ | Processing: 4.04ms | Country: NL | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36 | First seen: 2026-07-01 14:47:13 UTC