AZ
Back to sessions

unx_0fzyi8v

95
User: n••••••@gmail.com🇺🇸US84.231.•••.•••AS14061 DigitalOcean
Open in graph
Final decision
Blocked· 95 / 100
Driven primarily by:
  • RAT tooling detected87
  • Impossible travel80
  • Emulator or virtual device75

Fired signals

Each card explains what the signal means and why it fired.

Device
Emulator or virtual device
75
Device attributes match a known mobile emulator or virtualized environment signature.
Rooted / jailbroken device
55
Integrity checks flagged a rooted Android or jailbroken iOS device — elevating malware and tampering risk.
Network
Residential proxy
48
IP belongs to a residential proxy network often used by fraud-for-hire operations.
Identity
Impossible travel
80
Previous authenticated session occurred in a geographically implausible window for a single user.
New device for account
36
User signed in from a device never previously bound to the account.
Malware
RAT tooling detected
87
Remote access tooling (AnyDesk, TeamViewer, Quick Assist) is active alongside the session.

Risk breakdown

Contribution to the final score by category.

  • Device130
  • Behavior0
  • Network48
  • Identity116
  • Malware87

Event timeline

Everything that happened during this session.

  1. Session start11:52:33 PM
    Corporate · AS14061 DigitalOcean
  2. Linux · Ubuntu 22.0411:52:36 PM
    fp_00004uv
  3. RAT tooling detected11:53:04 PM
    severity 87
  4. Impossible travel11:53:07 PM
    severity 80
  5. Emulator or virtual device11:53:20 PM
    severity 75
  6. Rooted / jailbroken device11:53:40 PM
    severity 55
  7. Residential proxy11:53:50 PM
    severity 48
  8. New device for account11:54:07 PM
    severity 36
  9. Requested /kyc11:54:12 PM
  10. Transfer attempt11:54:19 PM
    $3,964
  11. Blocked by unilinx11:53:16 PM