API tools faq
paste
internetweather

CVE-2019-19781 scans detected by Bad Packets – last 24 hours

internetweather
Jan 16th, 2020
1,302
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
JSON 8.67 KB | None | 0 0
raw download clone embed print report
  1. {
  2.   "count": 14,
  3.   "next": null,
  4.   "previous": null,
  5.   "results": [
  6.     {
  7.       "source_ip_address": "69.162.68.54",
  8.       "country": "US",
  9.       "user_agent": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
  10.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  11.       "post_data": "",
  12.       "target_port": 80,
  13.       "protocol": "tcp",
  14.       "tags": [
  15.         {
  16.           "cve": "CVE-2019-19781",
  17.           "category": "Platform",
  18.           "description": "Citrix NetScaler Gateway Exploit"
  19.         }
  20.       ],
  21.       "event_count": 1,
  22.       "first_seen": "2020-01-16T06:49:38Z",
  23.       "last_seen": "2020-01-16T06:49:38Z"
  24.     },
  25.     {
  26.       "source_ip_address": "5.101.0.209",
  27.       "country": "RU",
  28.       "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36",
  29.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  30.       "post_data": "",
  31.       "target_port": 80,
  32.       "protocol": "tcp",
  33.       "tags": [
  34.         {
  35.           "cve": "CVE-2019-19781",
  36.           "category": "Platform",
  37.           "description": "Citrix NetScaler Gateway Exploit"
  38.         }
  39.       ],
  40.       "event_count": 1244,
  41.       "first_seen": "2020-01-12T13:20:04Z",
  42.       "last_seen": "2020-01-16T04:56:29Z"
  43.     },
  44.     {
  45.       "source_ip_address": "45.148.10.184",
  46.       "country": "NL",
  47.       "user_agent": "Mozilla/5.0 zgrab/0.x",
  48.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  49.       "post_data": "",
  50.       "target_port": 443,
  51.       "protocol": "tcp",
  52.       "tags": [
  53.         {
  54.           "cve": "CVE-2019-19781",
  55.           "category": "Platform",
  56.           "description": "Citrix NetScaler Gateway Exploit"
  57.         }
  58.       ],
  59.       "event_count": 1,
  60.       "first_seen": "2020-01-16T04:12:45Z",
  61.       "last_seen": "2020-01-16T04:12:45Z"
  62.     },
  63.     {
  64.       "source_ip_address": "107.173.214.153",
  65.       "country": "US",
  66.       "user_agent": "curl/7.67.0",
  67.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  68.       "post_data": "",
  69.       "target_port": 443,
  70.       "protocol": "tcp",
  71.       "tags": [
  72.         {
  73.           "cve": "CVE-2019-19781",
  74.           "category": "Platform",
  75.           "description": "Citrix NetScaler Gateway Exploit"
  76.         }
  77.       ],
  78.       "event_count": 1,
  79.       "first_seen": "2020-01-16T01:10:53Z",
  80.       "last_seen": "2020-01-16T01:10:53Z"
  81.     },
  82.     {
  83.       "source_ip_address": "74.63.192.130",
  84.       "country": "US",
  85.       "user_agent": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
  86.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  87.       "post_data": "",
  88.       "target_port": 80,
  89.       "protocol": "tcp",
  90.       "tags": [
  91.         {
  92.           "cve": "CVE-2019-19781",
  93.           "category": "Platform",
  94.           "description": "Citrix NetScaler Gateway Exploit"
  95.         }
  96.       ],
  97.       "event_count": 1,
  98.       "first_seen": "2020-01-15T20:44:38Z",
  99.       "last_seen": "2020-01-15T20:44:38Z"
  100.     },
  101.     {
  102.       "source_ip_address": "74.63.222.154",
  103.       "country": "US",
  104.       "user_agent": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
  105.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  106.       "post_data": "",
  107.       "target_port": 80,
  108.       "protocol": "tcp",
  109.       "tags": [
  110.         {
  111.           "cve": "CVE-2019-19781",
  112.           "category": "Platform",
  113.           "description": "Citrix NetScaler Gateway Exploit"
  114.         }
  115.       ],
  116.       "event_count": 1,
  117.       "first_seen": "2020-01-15T19:59:58Z",
  118.       "last_seen": "2020-01-15T19:59:58Z"
  119.     },
  120.     {
  121.       "source_ip_address": "45.148.10.184",
  122.       "country": "NL",
  123.       "user_agent": "Patch your Citrix !",
  124.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  125.       "post_data": "",
  126.       "target_port": 443,
  127.       "protocol": "tcp",
  128.       "tags": [
  129.         {
  130.           "cve": "CVE-2019-19781",
  131.           "category": "Platform",
  132.           "description": "Citrix NetScaler Gateway Exploit"
  133.         }
  134.       ],
  135.       "event_count": 2,
  136.       "first_seen": "2020-01-15T14:10:59Z",
  137.       "last_seen": "2020-01-15T17:21:47Z"
  138.     },
  139.     {
  140.       "source_ip_address": "69.162.123.62",
  141.       "country": "US",
  142.       "user_agent": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
  143.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  144.       "post_data": "",
  145.       "target_port": 80,
  146.       "protocol": "tcp",
  147.       "tags": [
  148.         {
  149.           "cve": "CVE-2019-19781",
  150.           "category": "Platform",
  151.           "description": "Citrix NetScaler Gateway Exploit"
  152.         }
  153.       ],
  154.       "event_count": 2,
  155.       "first_seen": "2020-01-15T14:02:38Z",
  156.       "last_seen": "2020-01-15T16:35:25Z"
  157.     },
  158.     {
  159.       "source_ip_address": "83.97.20.145",
  160.       "country": "RO",
  161.       "user_agent": "Patch your Citrix !",
  162.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  163.       "post_data": "",
  164.       "target_port": 443,
  165.       "protocol": "tcp",
  166.       "tags": [
  167.         {
  168.           "cve": "CVE-2019-19781",
  169.           "category": "Platform",
  170.           "description": "Citrix NetScaler Gateway Exploit"
  171.         }
  172.       ],
  173.       "event_count": 123,
  174.       "first_seen": "2020-01-15T03:47:01Z",
  175.       "last_seen": "2020-01-15T10:45:56Z"
  176.     },
  177.     {
  178.       "source_ip_address": "69.162.126.62",
  179.       "country": "US",
  180.       "user_agent": "User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)",
  181.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  182.       "post_data": "",
  183.       "target_port": 80,
  184.       "protocol": "tcp",
  185.       "tags": [
  186.         {
  187.           "cve": "CVE-2019-19781",
  188.           "category": "Platform",
  189.           "description": "Citrix NetScaler Gateway Exploit"
  190.         }
  191.       ],
  192.       "event_count": 1,
  193.       "first_seen": "2020-01-15T10:11:40Z",
  194.       "last_seen": "2020-01-15T10:11:40Z"
  195.     },
  196.     {
  197.       "source_ip_address": "193.57.40.46",
  198.       "country": "UA",
  199.       "user_agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36",
  200.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  201.       "post_data": "",
  202.       "target_port": 443,
  203.       "protocol": "tcp",
  204.       "tags": [
  205.         {
  206.           "cve": "CVE-2019-19781",
  207.           "category": "Platform",
  208.           "description": "Citrix NetScaler Gateway Exploit"
  209.         }
  210.       ],
  211.       "event_count": 503,
  212.       "first_seen": "2020-01-12T22:25:24Z",
  213.       "last_seen": "2020-01-15T09:22:21Z"
  214.     },
  215.     {
  216.       "source_ip_address": "82.217.91.74",
  217.       "country": "NL",
  218.       "user_agent": "curl/7.67.0",
  219.       "payload": "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1",
  220.       "post_data": "",
  221.       "target_port": 443,
  222.       "protocol": "tcp",
  223.       "tags": [
  224.         {
  225.           "cve": "CVE-2019-19781",
  226.           "category": "Platform",
  227.           "description": "Citrix NetScaler Gateway Exploit"
  228.         }
  229.       ],
  230.       "event_count": 7,
  231.       "first_seen": "2020-01-15T08:01:57Z",
  232.       "last_seen": "2020-01-15T08:50:17Z"
  233.     },
  234.     {
  235.       "source_ip_address": "185.150.9.193",
  236.       "country": "CH",
  237.       "user_agent": "",
  238.       "payload": "GET /vpn/js/../../vpns/cfg/smb.conf HTTP/1.1",
  239.       "post_data": "",
  240.       "target_port": 443,
  241.       "protocol": "tcp",
  242.       "tags": [
  243.         {
  244.           "cve": "CVE-2019-19781",
  245.           "category": "Platform",
  246.           "description": "Citrix NetScaler Gateway Exploit"
  247.         }
  248.       ],
  249.       "event_count": 10,
  250.       "first_seen": "2020-01-15T08:48:34Z",
  251.       "last_seen": "2020-01-15T08:48:34Z"
  252.     },
  253.     {
  254.       "source_ip_address": "185.150.9.193",
  255.       "country": "CH",
  256.       "user_agent": "",
  257.       "payload": "GET /vpn/js/../../vpns/cfg/smb.conf HTTP/1.1",
  258.       "post_data": "",
  259.       "target_port": 80,
  260.       "protocol": "tcp",
  261.       "tags": [
  262.         {
  263.           "cve": "CVE-2019-19781",
  264.           "category": "Platform",
  265.           "description": "Citrix NetScaler Gateway Exploit"
  266.         }
  267.       ],
  268.       "event_count": 10,
  269.       "first_seen": "2020-01-15T08:14:12Z",
  270.       "last_seen": "2020-01-15T08:14:12Z"
  271.     }
  272.   ]
  273. }
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!