Back to sessionsOpen in graphDeclared device characteristics contradict passive telemetry β strong indicator of spoofed device metadata.IP belongs to a residential proxy network often used by fraud-for-hire operations.Traffic is routed via a Tor exit node β strong indicator of deliberate origin obfuscation.Autonomous system has a history of abuse traffic across the unilinx network.
unx_00yx30u
45User: aβ’β’β’β’β’β’β’β’@example.devπΉπ·TR41.43.β’β’β’.β’β’β’AS7922 Comcast
Final decision
ReviewΒ· 45 / 100
Driven primarily by:
- Device spoofing78
- Residential proxy61
- Tor exit node54
Fired signals
Each card explains what the signal means and why it fired.
Device
Device spoofing
78Network
Residential proxy
61Tor exit node
54High-risk ASN
46Risk breakdown
Contribution to the final score by category.
- Device78
- Behavior0
- Network161
- Identity0
- Malware0
Event timeline
Everything that happened during this session.
- Session start1:25:44 AMCellular Β· AS7922 Comcast
- Android Β· OnePlus 121:25:48 AMfp_00007du
- Device spoofing1:26:07 AMseverity 78
- Residential proxy1:26:18 AMseverity 61
- Tor exit node1:26:24 AMseverity 54
- High-risk ASN1:26:38 AMseverity 46
- Edited profile1:26:48 AM
- Opened /transfer1:26:54 AM
- Viewed /account1:27:05 AM
- Transfer attempt1:27:12 AM$2,730
- Sent to manual review1:26:24 AM