LeakIX - Host 139.162.71.138

Host 139.162.71.138

Japan

Akamai Connected Cloud

Debian

MacOS file listing through .DS_Store file

.DS_Store” is an abbreviation for “Desktop Services Store”. These files are created automatically by Apples “Finder” software (which is part of their OS).

They store information about the files within a folder, including display options of folders, such as icon positions and view settings.

It may happen that .DS_Store files inadvertently leak filenames such as database backups or private administration panels.

IP: 139.162.71.138
Port: 80
URL: http://139.162.71.138

First seen 2023-07-27 18:38
Last seen 2023-08-31 11:03
Open for 34 days

Severity: medium
Fingerprint: 5f32cf5d6962f09c88c2190688c21906fa4df9e7575a3d3701af4ea8c427e786

Found 107 files trough .DS_Store spidering:

/.htaccess
/admin_css
/admin_images
/article_view_tw.php
/BingSiteAuth.xml
/contact_mail_tw.php
/css
/css.php
/elements
/font
/images
/index.php
/javascript
/js
/js/blueberry_banner_100percent
/js/carouFredSel-5.0.0
/js/carouFredSel-6.2.1
/js/ckeditor
/js/ckeditor/adapters
/js/ckeditor/build-config.js
/js/ckeditor/CHANGES.md
/js/ckeditor/ckeditor.js
/js/ckeditor/config.js
/js/ckeditor/contents.css
/js/ckeditor/lang
/js/ckeditor/LICENSE.md
/js/ckeditor/plugins
/js/ckeditor/plugins/a11yhelp
/js/ckeditor/plugins/about
/js/ckeditor/plugins/clipboard
/js/ckeditor/plugins/colordialog
/js/ckeditor/plugins/dialog
/js/ckeditor/plugins/div
/js/ckeditor/plugins/fakeobjects
/js/ckeditor/plugins/find
/js/ckeditor/plugins/flash
/js/ckeditor/plugins/forms
/js/ckeditor/plugins/iframe
/js/ckeditor/plugins/image
/js/ckeditor/plugins/link
/js/ckeditor/plugins/liststyle
/js/ckeditor/plugins/magicline
/js/ckeditor/plugins/pagebreak
/js/ckeditor/plugins/pastefromword
/js/ckeditor/plugins/preview
/js/ckeditor/plugins/scayt
/js/ckeditor/plugins/showblocks
/js/ckeditor/plugins/smiley
/js/ckeditor/plugins/specialchar
/js/ckeditor/plugins/table
/js/ckeditor/plugins/tabletools
/js/ckeditor/plugins/templates
/js/ckeditor/plugins/wsc
/js/ckeditor/README.md
/js/ckeditor/skins
/js/ckeditor/styles.js
/js/ckfinder
/js/code_photoswipe
/js/colorbox
/js/common.js
/js/DD_belatedPNG.js
/js/fig
/js/flexnav-master
/js/flyfreely.js
/js/iCheck-master
/js/jCapSlide
/js/jcrop
/js/jquery-1.10.2.min.js
/js/jquery-1.9.1.js
/js/jquery-backstretch-master
/js/jquery-validation-1.9.0
/js/jquery.bxslider
/js/jquery.cookie.js
/js/jquery.js
/js/jqueryrotat
/js/owl-carousel
/js/superfish-master-1.7.3
/js/vague.js
/js/wow.min.js
/layouts
/member_edit_tw.php
/member_get_password_tw.php
/member_login_incart_tw.php
/member_login_tw.php
/member_order_lists_tw.php
/member_signup_tw.php
/mynews_lists_tw.php
/mynews_view_tw.php
/node_view_tw.php
/order_cart01_tw.php
/order_cart02_tw.php
/order_cart03_tw.php
/order_history_lists_tw.php
/order_history_view_tw.php
/page_index1_tw.php
/page_index2_tw.php
/page_index3_tw.php
/page_index_tw.php
/php.ini_old
/product_lists_tw.php
/product_view_tw.php
/robots.txt
/sitemap.xml
/testFile.txt
/upload
/userfiles
/views

Found on 2023-08-18 21:34

Severity: medium
Fingerprint: 5f32cf5d6962f09cdecb5675decb567504e4f2309e217f540c89c1f920ed382c

Found 81 files trough .DS_Store spidering:

/.htaccess
/admin_css
/admin_images
/article_view_tw.php
/BingSiteAuth.xml
/contact_mail_tw.php
/css
/css.php
/elements
/font
/images
/index.php
/javascript
/js
/js/blueberry_banner_100percent
/js/carouFredSel-5.0.0
/js/carouFredSel-6.2.1
/js/ckeditor
/js/ckeditor/adapters
/js/ckeditor/build-config.js
/js/ckeditor/CHANGES.md
/js/ckeditor/ckeditor.js
/js/ckeditor/config.js
/js/ckeditor/contents.css
/js/ckeditor/lang
/js/ckeditor/LICENSE.md
/js/ckeditor/plugins
/js/ckeditor/README.md
/js/ckeditor/skins
/js/ckeditor/styles.js
/js/ckfinder
/js/code_photoswipe
/js/colorbox
/js/common.js
/js/DD_belatedPNG.js
/js/fig
/js/flexnav-master
/js/flyfreely.js
/js/iCheck-master
/js/jCapSlide
/js/jcrop
/js/jquery-1.10.2.min.js
/js/jquery-1.9.1.js
/js/jquery-backstretch-master
/js/jquery-validation-1.9.0
/js/jquery.bxslider
/js/jquery.cookie.js
/js/jquery.js
/js/jqueryrotat
/js/owl-carousel
/js/superfish-master-1.7.3
/js/vague.js
/js/wow.min.js
/layouts
/member_edit_tw.php
/member_get_password_tw.php
/member_login_incart_tw.php
/member_login_tw.php
/member_order_lists_tw.php
/member_signup_tw.php
/mynews_lists_tw.php
/mynews_view_tw.php
/node_view_tw.php
/order_cart01_tw.php
/order_cart02_tw.php
/order_cart03_tw.php
/order_history_lists_tw.php
/order_history_view_tw.php
/page_index1_tw.php
/page_index2_tw.php
/page_index3_tw.php
/page_index_tw.php
/php.ini_old
/product_lists_tw.php
/product_view_tw.php
/robots.txt
/sitemap.xml
/testFile.txt
/upload
/userfiles
/views

Found on 2023-07-27 18:38

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 139.162.71.138
Port: 5984
URL: http://139.162.71.138:5984

First seen 2022-12-02 12:36
Last seen 2022-12-18 10:45
Open for 15 days
- Fingerprint: b18befd9dd6536829a82655a9a82655a9a82655a9a82655a9a82655a9a82655a
```
{"ok": true}
```
  Found on 2022-12-02 12:36
Create report
A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 139.162.71.138
Port: 9000
URL: http://139.162.71.138:9000/config.json

First seen 2021-06-25 07:53
Last seen 2022-12-05 22:17
Open for 528 days
- Fingerprint: b18befd9dd6536829ef4cb4a9ef4cb4a9ef4cb4a9ef4cb4a9ef4cb4a9ef4cb4a
```
{"rtn":108545,"msg":""}
```
  Found on 2022-09-06 17:04
- Fingerprint: b18befd9dd6536aa30550de5ea7821ccebee06e950b4e0b650b4e0b650b4e0b6
```
{
  "msg": "",
  "rtn": 108545
}
```
  Found on 2021-06-25 07:53
  
  23 Bytes
Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 7000
URL: http://139.162.71.138:7000

First seen 2021-12-19 11:29
Last seen 2021-12-31 07:44
Open for 11 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2ec01e31b79b95e91b4588511b4588511

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 706.72165ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203730362e37323136356d730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6b551dbb38ffc30990186ddae0186ddae

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.895168105s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e383935313638313035730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fb9e25b3b0c5df47176915eff76915eff

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.337616438s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e333337363136343338730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4649bed7392a3f959f6636f01f6636f01

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.81539583s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e3831353339353833730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5893c44faa8380760c68bbc50c68bbc50

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.236676944s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e323336363736393434730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123f683edece53482229f21cbbc9f21cbbc

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.455468251s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e343535343638323531730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa49929e2c85694beae8a2bf9258a2bf925

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.104670282s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e313034363730323832730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a6598f307123d66efa8270d4118270d4118

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.572701694s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e353732373031363934730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7b329597deb84bc8320fe49c120fe49c1

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 3.057711491s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20332e303537373131343931730a

Found on 2021-12-31 07:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb736370f292bb1c1f8d237db4f3b75108b

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.881522095s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e383831353232303935730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 12:10

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012376121dd6929627b12e5eaf94e02df3fc

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.300325254s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e333030333235323534730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 12:10

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2521eef373533b79234367895eeb86f00

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 492.056808ms
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203439322e3035363830386d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 12:10

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a59536d43b7b5c11b69a291f21fc224fda

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.085085675s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303835303835363735730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 12:10

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4c52d778ba20f676678b80ef19f4ada70

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.675490762s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e363735343930373632730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 12:10

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4c4a7f0a8b7071d67164cbe7ea0ab035f

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.703460187s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e373033343630313837730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6793de09f010ee78a2f84f13d96b6f85f

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 7.47887769s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20372e3437383837373639730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a25c163dd860a017f7ed0881ee16efeaec

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 539.208709ms
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203533392e3230383730396d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65aef5743812ebb0175b315c0ed652c6d6

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 5.187594055s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20352e313837353934303535730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7173ebbe6d1cfd161b0100aa4db42a3d1

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 3.609273937s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20332e363039323733393337730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123abe327e81284b8a7c416e33e619457a9

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.32144987s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e3332313434393837730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f97889c7c12520a5bd921680a763f21ad

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.928265888s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e393238323635383838730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f490f42dcd3c13f17cd737232b38a9805c

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 4.385409228s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20342e333835343039323238730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5537a7f01c2934260812d4a4769d1a546

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.833081388s
Orignal request was to 172.105.199.228:7000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e383333303831333838730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a373030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-19 11:29

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 9000
URL: http://139.162.71.138:9000

First seen 2021-12-18 02:16
Last seen 2021-12-30 22:37
Open for 12 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2b37930c0c36e3701b4bd6844223125bc

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 506.611323ms
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203530362e3631313332336d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4eab24081678279fad20da74d91952173

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.726496076s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e373236343936303736730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65757168c32375fecce4e8acdb850a7fe0

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 5.167214167s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20352e313637323134313637730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb79692fb8f05833fc07b53bfa711afae7b

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.841477153s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e383431343737313533730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123792d2e1a863c9a9b4e3914cadf88fa9a

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.306904453s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e333036393034343533730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fbc6db254d930b10db195e7f89cc3b65f

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.943358891s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e393433333538383931730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f45d46c13b0b72af242d839903946c970e

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.661522419s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e363631353232343139730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a584b0383ae1179f7bc236432a1a80dc5c

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.081925888s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303831393235383838730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-30 22:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4b3686171103ca6caf39b8dfd588b0dd3

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.869859629s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e383639383539363239730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f67931d63772615328648b2ddf87272714

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.632950329s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e363332393530333239730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fb7de1302ecc5d7a3e144b082a6d0f0a9

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.121811626s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e313231383131363236730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4ae6e2063ecb2102cd93745bb24c23666

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.575032039s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e353735303332303339730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012328ad59f69d00537fe8684e26f25299d1

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.31612395s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e3331363132333935730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a24dbcce3be60dde240b76360300c27e44

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 524.756788ms
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203532342e3735363738386d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a655ec61110eb2dd8b12d56b294c318d8e0

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.346033321s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e333436303333333231730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7e9b358d623bf761f87100c46e5bac5ff

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.811011258s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e383131303131323538730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5f3628bff5f3707905e586057a4ecdfa8

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.078341069s
Orignal request was to 172.105.199.228:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303738333431303639730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-18 02:16

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 8000
URL: http://139.162.71.138:8000

First seen 2021-12-28 15:14
Last seen 2021-12-29 20:15
Open for 1 days

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012377c2967f60dfb17baca5592a30d93bd4

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.305730571s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e333035373330353731730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5f3927b4063c5d4b6eb0e38215a6105b2

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.993734998s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e393933373334393938730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4cef70c453836b2416ae5fe048de3ceaa

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 4.552775817s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20342e353532373735383137730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4f89d5236da54eff48faceab38fb5cb27

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.798691323s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e373938363931333233730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6a62733d9150f9f1d2e8875286d2c5064

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 7.611828231s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20372e363131383238323331730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a24bcb265d71c5edf98c93b6ac1cb332f4

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 511.399664ms
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203531312e3339393636346d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7582bf833c26a6b676729c87ef251997b

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 3.767616769s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20332e373637363136373639730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a658b1b8c314d61ffb56da678303231e212

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 5.318621657s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20352e333138363231363537730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fb559155e74b66fbcda217feb15db57f9

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 6.041079088s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20362e303431303739303838730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 20:15

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012328089ab23e895f888f80cabfa695a5b6

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.373181656s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e333733313831363536730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-28 15:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5a03a8d2365302d37a8e73bae09fb92b8

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.148436592s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e313438343336353932730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-28 15:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb74e661d60e0dccb960c56d4017fdcce02

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.94289034s
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e3934323839303334730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-28 15:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a27835a3fb230701af8e05f0366922e162

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 603.120217ms
Orignal request was to 172.105.199.228:8000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203630332e3132303231376d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-28 15:14

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 443
URL: https://139.162.71.138

First seen 2021-12-23 09:53
Last seen 2021-12-27 18:47
Open for 4 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2e6a9ae4a931513d01e39921b1e39921b

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 645.36175ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203634352e33363137356d730a

Found on 2021-12-27 18:47

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb77d1a672bfee88d36f020d9a13cbf1a8c

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.585971979s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e353835393731393739730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4a169063936b150ccf17d82db41121408

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.659581497s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e363539353831343937730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a232762eb728c2d6828ae262a553fac7bd

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 278.172436ms
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203237382e3137323433366d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123caace41d8ff31c0008f34167e9477df7

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.028528545s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e303238353238353435730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a50277caa485262a4d1b08a4b8644eb543

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.793068577s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e373933303638353737730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f41b53f30f85090d7ad87229cd90e128e7

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.351478455s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e333531343738343535730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a653e4584c0fc96793910e8fa6c94f49004

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.14232414s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e3134323332343134730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8feb8991f7a0d3d34211d43ae53f2ac1ea

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.916149765s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e393136313439373635730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f69c5d0aa748c380121e7f4a1534fc068d

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.402833696s
Orignal request was to 172.105.199.228:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e343032383333363936730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-23 09:53

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 8443
URL: https://139.162.71.138:8443

First seen 2021-12-17 19:03
Last seen 2021-12-24 13:41
Open for 6 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5cb4cec2700c115d883db092fcb9b8e3e

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.572057997s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e353732303537393937730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6e4bc4835595bf92aa582d1dd4e95d286

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.928367707s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e393238333637373037730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f6956002464b12181ff457fc459af5bf5

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.414017667s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e343134303137363637730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a6573f05765cf04e8ba43a0df8deb8ed1c6

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.651911878s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e363531393131383738730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb716137567eed4be185a246aefbf7e9fd3

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.316640367s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e333136363430333637730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123700565a850ceef2d226552989b48377c

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 822.932165ms
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203832322e3933323136356d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a241581cdfc8c2b110adc2c4d7bc755d3f

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 34.537336ms
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2033342e3533373333366d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa43008b6e6ff33146f669a26764ae1a4f5

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.176761196s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e313736373631313936730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f415ab3a33e6c69dcc7ce499db973ee588

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.886321042s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e383836333231303432730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-24 13:41

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f68cfb7ec509477099154229ced001309

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.484067696s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e343834303637363936730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65a90912c091de09451dc21a2031e690c8

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.741819955s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e373431383139393535730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123163304e9b49d4dd6fba075c18079c8fa

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.617067424s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e363137303637343234730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6729f759a6a279a6b4823ba7af7ba12de

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.983369631s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e393833333639363331730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4c1ee47d0241f9fb585855830cd4894e3

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.237958037s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e323337393538303337730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a26a00816bf54b522432475203613d2b82

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 844.418504ms
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203834342e3431383530346d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f401de8dc486d7fe6171a1c1a4e2b96d52

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.993614191s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e393933363134313931730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb74e75c24c27ce14a9da950f3c0b9d5601

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 3.180609684s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20332e313830363039363834730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a56916c0dcc7a85d19687c114c8ef3d7fe

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.410084851s
Orignal request was to 172.105.199.228:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e343130303834383531730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-17 19:03

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 8080
URL: http://139.162.71.138:8080

First seen 2021-12-15 15:38
Last seen 2021-12-20 23:27
Open for 5 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7beb5e0503f09871ecf5be6d9f3fa9fa7

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.282507034s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e323832353037303334730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 23:27

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f49d99645c5e6a89b2a0e33a359e554f30

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.031904486s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e303331393034343836730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 23:27

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5a77e12da1edc20e8d625d01f00935192

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.560476037s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e353630343736303337730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 23:27

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012356ad46ac54c69ee2d2a78105c3483bf6

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 800.815187ms
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203830302e3831353138376d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 23:27

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a24f2e1818153745f60891e3e1ea593be1

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 24.210075ms
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2032342e3231303037356d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 23:27

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a6525986915c00678d9576fb28c4c053420

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.372760241s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e333732373630323431730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f467bb0f9b16e5e7e7756a75fe1780e4d4

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.596617176s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e353936363137313736730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fac89fe37de4014cb5da0035ac5538463

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.152246809s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e313532323436383039730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6cb0d4bf06211dcfe17deb839887a1c6c

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.761246419s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e373631323436343139730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7aeaba00d8bebf821f3f19ae4ff9ca737

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.804044141s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e383034303434313431730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4378f7f2c3fff9c62abb4a1850948f9b9

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.942476351s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e393432343736333531730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a21ef1c0710fe3dc6d17bdcb58d6f17ff6

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 502.404249ms
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203530322e3430343234396d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5afcf4c33f3557a8f701eb3163ee67cd2

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.013534549s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303133353334353439730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123eceef4c11ae0ac5d75e958e8ace65288

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.255861824s
Orignal request was to 172.105.199.228:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e323535383631383234730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 15:38

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 8082
URL: http://139.162.71.138:8082

First seen 2021-12-15 03:38

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123e8fdaea6449f78ee49a78a89cd468257

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 764.39667ms
Orignal request was to 172.105.199.228:8082
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203736342e33393636376d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038320a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5191573fbfa0efe056b4ea26053186776

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.515695426s
Orignal request was to 172.105.199.228:8082
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e353135363935343236730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038320a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb73ee7b1e402222948740ba8fffe03f025

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.250970385s
Orignal request was to 172.105.199.228:8082
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e323530393730333835730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a383038320a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-15 03:38

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 139.162.71.138
Port: 5986
URL: https://139.162.71.138:5986

First seen 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2816e9542446955f80355574f3caf863e

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 496.544531ms
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203439362e3534343533316d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123cd8b6a8313b25837366f0cae469a140c

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.268122907s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e323638313232393037730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7ab84419c5334699e20bc6659d9f1ffa5

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.832474142s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e383332343734313432730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65e37c45159b271455c46ab85096ff8342

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.387254568s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e333837323534353638730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f6b7f56399d31b9b14610459409026757

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.148394477s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e313438333934343737730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f63d43c34a1cb9813006b265f7f479c9e2

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.690021978s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e363930303231393738730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5b70a04d162998799882ae8cc86f27792

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.041382387s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303431333832333837730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4151ad10e6eafcdac0b46a63bcaf06f3e

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.595445766s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e353935343435373636730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4df31abe0bcf948fa1a59244d1f6d5bd7

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.928653507s
Orignal request was to 172.105.199.228:5986
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e393238363533353037730a4f7269676e616c20726571756573742077617320746f203137322e3130352e3139392e3232383a353938360a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 22:58

Create report

Leak detected by NucleiPlugin

No description available

IP: 139.162.71.138
Port: 80
URL: http://139.162.71.138

First seen 2021-06-16 09:18
Last seen 2021-09-20 02:01
Open for 95 days

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b403b226b4

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

Found on 2021-08-06 15:33

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b443c95afd

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

joomla-panel : Joomla Panel by its0x08
-------------

Found on 2021-07-04 12:01

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-06-16 09:18

Create report

Leak detected by NucleiPlugin

No description available

IP: 139.162.71.138
Port: 8082
URL: http://139.162.71.138:8082

First seen 2021-08-19 20:25

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b443c95afd

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

joomla-panel : Joomla Panel by its0x08
-------------

Found on 2021-08-19 20:25

Create report

Leak detected by NucleiPlugin

No description available

IP: 139.162.71.138
Port: 8443
URL: https://139.162.71.138:8443

First seen 2021-06-08 21:57
Last seen 2021-07-04 10:37
Open for 25 days

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b443c95afd

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

joomla-panel : Joomla Panel by its0x08
-------------

Found on 2021-07-04 10:37

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-06-08 21:57

Create report

Domain summary

No record

Host 139.162.71.138

Japan

MacOS file listing through .DS_Store file

A JSON configuration file has been found

A JSON configuration file has been found

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin

Domain summary