Sign in
← Dashboard / Signature Detail
US

Mobile Safari 13 iOS

· Mobile Safari 13.0.3 / iOS Human
Policy: Allow
Probability
0 %
Confidence
97 %
Risk Profile
VeryLow
Threat
None
Hit Count
3
Last Seen
18s ago
Network Locale Headers Tool Transport Session Quality
Closest to
Mobile Safari
Drift vs
33.1%

Fingerprint Profile

TLS Version
Unavailable
HTTP Protocol
HTTP/1.1
Protocol Client
Unavailable
TCP OS Hint
Unavailable
Fingerprint Integrity
Consistent
UA Consistency
Suspect
Headless Indicator
Low
Datacenter IP
Clean

Browser modes same browser, different modes. One row per persisted mode

Mode Observations Maturity Shift from baseline Last seen
bot-raw 879 879 0.02 (sec ch ua brands ordered, priority, cache control pragma) 01:59:36
signalr-negotiate 11 11 0.69 (sec ch ua brands ordered, priority, cache control pragma) 10:46:53
sub-resource 7 7 0.71 (sec ch ua brands ordered, priority, header order hash) 10:46:49
navigation 2 2 0.43 (cache control pragma, sec ch ua brands ordered, header order hash) 10:46:46
4 modes across 899 observations. See composite browser-mode fingerprints.
Endpoints Visited (2) Click to expand · stats unavailable
# Path
1 /
2 /account/login
Raw Requests (3) Click to expand
Time Method Path Status Prob Conf Risk Profile Action Time
00:12:32 GET / 200 32 % 85 % Low Allow 15.0ms
15:40:00 GET /account/login 200 32 % 85 % Low Allow 16.1ms
04:32:36 GET /account/login 200 16 % 68 % Low Allow 14.5ms

Bot Probability & Confidence History

StyloBot Detection Overhead (ms)

User Agent

Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1

Analysis

Real browser user (verified) - Safari v13 is 13 versions behind (latest: 26), Both browser AND OS are outdated - suspicious combination

Detection Signals

  • Safari v13 is 13 versions behind (latest: 26)
  • Both browser AND OS are outdated - suspicious combination
  • No header/UA inconsistencies detected
  • Request patterns appear normal
  • Safari behavioral profile consistent (score=0.99)

Detector Contributions (32 detectors)

Detector Confidence Delta Timing (ms)
Heuristic
Heuristic model (early): 74 % human likelihood (19 features)
-0.479 0.1
HeuristicLate
Heuristic model (late): 61 % bot likelihood (306 features)
+0.217 0.4
VersionAge
Safari v13 is 13 versions behind (latest: 26); Very old OS detected: iOS 13; Both browser AND OS are outdated - suspicious combination
+0.450 0.2
Ip
IP appears normal: 49.51.33.xxx
-0.150 1.9
Header
Headers appear normal
-0.150 0.1
UserAgent
User-Agent appears normal
-0.150 0.8
Behavioral
Request patterns appear normal
-0.150 0.2
Inconsistency
No header/UA inconsistencies detected
-0.150 0.1
ClaimedIdentity
Safari behavioral profile consistent (score=0.99)
-0.150 0.1
TlsFingerprint
Using HTTP instead of HTTPS (uncommon for modern browsers)
+0.050 0.0
AI
AI analysis: borderline case, monitoring
+0.000 9.9
Llm
LLM detection disabled or unavailable
+0.000 0.1
Intent
Session intent: browsing (threat=0.05, band=None)
+0.000 0.6
AiScraper
No AI scraper signals detected
+0.000 0.1
Similarity
No prior visitor signatures to compare against yet
+0.000 0.0
StreamAbuse
Stream abuse check - non-streaming request
+0.000 0.0
VerifiedBot
No known bot UA pattern
+0.000 0.0
SecurityTool
No security tools detected in User-Agent
+0.000 0.1
CookieBehavior
Too few requests for cookie analysis
+0.000 0.0
ReputationBias
No learned reputation patterns matched
+0.000 0.1
ContentSequence
Document hit; sequence reset at /
+0.000 0.1
ProjectHoneypot
Skipped: ProjectHoneypot is disabled in configuration
+0.000 0.0
ReactivePattern
No prior error events to analyze
+0.000 0.0
RequestHydrator
Request signals hydrated to sink
+0.000 0.0
Http2Fingerprint
Using HTTP/1.1; environment norm is HTTP/1.1 (34 % HTTP/2 over 304 samples)
+0.000 0.0
Http3Fingerprint
Connection uses HTTP/1.1 (not HTTP/3)
+0.000 0.0
ResponseBehavior
Response coordinator not configured
+0.000 0.0
TcpIpFingerprint
Network fingerprint analysis complete (no anomalies detected)
+0.000 0.0
HeaderCorrelation
Single signature per header profile
+0.000 0.1
TransportProtocol
Transport protocol analysis complete
+0.000 0.0
FastPathReputation
No known patterns in reputation cache
+0.000 0.0
MultiLayerCorrelation
Cross-signal consistency check complete (not enough data to compare)
+0.000 0.1

Signal Intelligence

request

protocol HTTP/1.1
accept_encoding gzip

risk

justification Classified Unknown (probability 0.32, confidence 0.85)
friendly_pin_trace not-applicable:botType=Unknown,yamlType=null,botName=null

Policy applied

Hit history

No sessions recorded yet.

Sessions are created when a visitor's activity gap exceeds 30 minutes.

Effective policy
Loading effective policy…
ASP.NET Pack — Auth events
JWKS health
OK

reachable

Auth pipeline
JWKS reachable
License
Licensed

ASP.NET pack enabled

OTel Mesh — Traces

Fingerprint timeline

3399545bb1a442a7a60385f23a310110 0 observations

Span + log activity for this fingerprint, ordered by timestamp.

No timeline observations

OTel Mesh receiver online, but no observations seen for this fingerprint id (check W3C baggage propagation)

Signature: Q6zCMO35_5bWG_EuNJH_yA | Processing: 15ms | Country: US | UA: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 | First seen: 2026-07-14 04:32:36 UTC