LeakIX - Host myprofile-tb.restaurant.org

Domain myprofile-tb.restaurant.org

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 23.100.235.234
Domain: myprofile-tb.restaurant.org
Port: 443
URL: https://myprofile-tb.restaurant.org

First seen 2022-01-02 11:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2656132470d0e305f9e668c06d185efd6

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 20.336134ms
Orignal request was to 23.100.236.32:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2032302e3333363133346d730a4f7269676e616c20726571756573742077617320746f2032332e3130302e3233362e33323a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2022-01-02 11:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2d1234dcd2257b2c9493dbbdc5e547236

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 61.2094ms
Orignal request was to 23.100.236.32:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2036312e323039346d730a4f7269676e616c20726571756573742077617320746f2032332e3130302e3233362e33323a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2022-01-02 11:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2c80d3ee846313368faa1df9f40b7b665

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 336.298769ms
Orignal request was to 23.100.236.32:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203333362e3239383736396d730a4f7269676e616c20726571756573742077617320746f2032332e3130302e3233362e33323a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2022-01-02 11:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a215e6dae88ae04f685d8d739f33380bb5

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 380.104751ms
Orignal request was to 23.100.236.32:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203338302e3130343735316d730a4f7269676e616c20726571756573742077617320746f2032332e3130302e3233362e33323a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2022-01-02 11:28

Create report

Domain summary

myprofile-tb.restaurant.org 4

1 recorded

IP summary

23.100.235.249 1 23.100.235.234 1

2 recorded