LeakIX - Host 172.105.17.61

Host 172.105.17.61

Canada

Akamai Technologies, Inc.

SSH is potenitally vulnerable

WARNING: This plugin will generate false positive and is purely informative:

regreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (CVE-2024-6387)

IP: 172.105.17.61
Port: 22

First seen 2024-07-03 16:36
Last seen 2024-12-21 21:33
Open for 171 days
- Severity: info
  Fingerprint: 3f43e0ebb5dce37ab8b59eb563aa8aacd8f3bb51d8f3bb51d8f3bb51d8f3bb51
```
Found potentially vulnerable SSH version:
SSH-2.0-OpenSSH_9.2p1 Debian-2+deb12u2
WARNING, RISK IS ESTIMATED FALSE POSITIVE ARE LIKELY
```
  Found on 2024-12-21 21:33
Create report

VSCode SFTP configuration exposed

The following URL is publicly accessible and is leaking deployment credentials

IP: 172.105.17.61
Port: 9090
URL: http://172.105.17.61:9090/.vscode/sftp.json

First seen 2023-01-07 16:17

Fingerprint: 13b3a7b17cfc7502c36c325d46671322e5146672c236d00ed84fb0d31f4ea55c

{
    "remotePath": "/var/data/",
    "host": "{sensor_ip}",
    "username": "sftpuser",
    "password": "sftpuser80923",
    "port": 22,
    "protocol": "sftp",
    "uploadOnSave": true,
    "passive": false,
    "debug": false,
    "privateKeyPath": null,
    "ignore": [
        "\\.vscode",
        "\\.git",
        "\\.idea"
    ]
}

Found on 2023-01-07 16:17

339 Bytes

Create report

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 172.105.17.61
Port: 5984
URL: http://172.105.17.61:5984

First seen 2022-06-02 22:27
Last seen 2022-12-23 00:46
Open for 203 days
- Fingerprint: b18befd9dd6536829a82655a9a82655a9a82655a9a82655a9a82655a9a82655a
```
{"ok": true}
```
  Found on 2022-06-02 22:27
Create report
A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 172.105.17.61
Port: 9000
URL: http://172.105.17.61:9000

First seen 2022-06-02 03:57
Last seen 2022-12-20 01:19
Open for 200 days
- Fingerprint: b18befd9dd6536829ef4cb4a9ef4cb4a9ef4cb4a9ef4cb4a9ef4cb4a9ef4cb4a
```
{"rtn":108545,"msg":""}
```
  Found on 2022-06-02 03:57
Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 172.105.17.61
Port: 7000
URL: http://172.105.17.61:7000

First seen 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2387ba00b686859212b46d4602b46d460

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 175.353932ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203137352e3335333933326d730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5ce515c94bca0fcba3a2634b03a2634b0

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 762.536423ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203736322e3533363432336d730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f477c7003a3af88ba0f5bf30bcf5bf30bc

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.372549126s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e333732353439313236730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fda583fc5fd6ea89bd9628d37d9628d37

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.949488483s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e393439343838343833730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459931901237bf67898e1121d5e3cc098be3cc098be

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 459.387297ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203435392e3338373239376d730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb702eb112b3f08cc0117cebb9117cebb91

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.059875205s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303539383735323035730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a652b5cd2ac17aeade2b20cf9a0b20cf9a0

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.650343999s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e363530333433393939730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa41eeab7c8e39f8bae0b3484010b348401

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.285431696s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e323835343331363936730a

Found on 2021-12-31 07:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6135ecfbfcc3a7455eaa2d8e2eaa2d8e2

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.587141005s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e353837313431303035730a

Found on 2021-12-31 07:11

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 172.105.17.61
Port: 8080
URL: http://172.105.17.61:8080

First seen 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123000a0fdecac45ed5f4dbefd0bd1c801d

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 659.525776ms
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203635392e3532353737366d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7cd57f0a0cace716f1af26d76e6100132

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.230353204s
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e323330333533323034730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f400483ca32a9b5b2ca00276bb816f9601

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.537802076s
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e353337383032303736730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4a64c809b7f35e604bac16563aad79f6e

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.464253294s
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e343634323533323934730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2fe0456bf3c0c8420dcbef48700dd6dd1

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 317.777231ms
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203331372e3737373233316d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a52b734c2ec1e6aa0541eae6604c19f399

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 944.060849ms
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203934342e3036303834396d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a659c60bf39fc70a772b0364675c93e497f

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.839238013s
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e383339323338303133730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fd18443e32097c8ec087391fb0bca7fd0

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 2.178225654s
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20322e313738323235363534730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f66fb6c77641627f8daa2c6b78b4bcb54d

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.771369681s
Orignal request was to 172.105.99.178:8080
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e373731333639363831730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383038300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-29 03:38

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 172.105.17.61
Port: 8000
URL: http://172.105.17.61:8000

First seen 2021-12-16 02:49
Last seen 2021-12-28 22:31
Open for 12 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2c5fd85c8a619a9ae48a12d5a48a12d5a

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 312.103573ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203331322e3130333537336d730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4e7412973f4ced55916f6891f16f6891f

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.900890049s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e393030383930303439730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a658708f8021135e73864962d4264962d42

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 2.244390229s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20322e323434333930323239730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f413be05c98c4d8b4f64364f5c64364f5c

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.940991444s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e393430393931343434730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012370c166dc81a93cb2b4664c28b4664c28

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 601.282306ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203630312e3238323330366d730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f62d3ec0ae81ae66046661944666619446

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 3.193594679s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20332e313933353934363739730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f0f2742855ab94b5b4771ac5d4771ac5d

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 2.593404746s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20322e353933343034373436730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7921c3529612adeef4add0bf34add0bf3

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.640708888s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e363430373038383838730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a52bcf3e5ca9a44832864a025e864a025e

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 938.055835ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203933382e3035353833356d730a

Found on 2021-12-28 22:31

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa40defd2a1bf4d82973fbbba893fbbba89

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.310021837s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e333130303231383337730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123b4647cc8b1d9c8ae284685fd284685fd

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 481.43149ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203438312e34333134396d730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a6570cc671e054eec540156df130156df13

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.65887916s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e3635383837393136730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb75b44c408c17664ee3a6b03173a6b0317

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.057178145s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303537313738313435730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a26fa8eecb2799dde1d681bf00d681bf00

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 190.906515ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203139302e3930363531356d730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a55eb039d8e49a1a9e50af6ae450af6ae4

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 778.941457ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203737382e3934313435376d730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f49508258c36e9020212cf245c12cf245c

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.362623489s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e333632363233343839730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f66d5c9176aaed0bdcd9effe5cd9effe5

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.949490152s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e393439343930313532730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f66509d7be715d2eb4f1576612f1576612

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.651415792s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e363531343135373932730a

Found on 2021-12-23 10:02

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2a896019223cc6628e0f7723ce0f7723c

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 198.782556ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203139382e3738323535366d730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6d40957b15bd04a873a0d201c3a0d201c

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.623764188s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e363233373634313838730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f01b1e4cce2c8a5429bf7b4639bf7b463

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 2.021689669s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20322e303231363839363639730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb785afe47e15fac57404f2d1bd04f2d1bd

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.150495572s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e313530343935353732730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123329c49f5656afaeb53c78bec53c78bec

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 501.638178ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203530312e3633383137386d730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa429973794addd5fba1af8bd6f1af8bd6f

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.317358999s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e333137333538393939730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a659f7584ab417713816159103a6159103a

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.732898895s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e373332383938383935730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f482fd3767f7e665ad269c3760269c3760

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.448948355s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e343438393438333535730a

Found on 2021-12-16 02:49

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a56b3f4eb989eb955fe4a1d39ae4a1d39a

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 846.442216ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203834362e3434323231366d730a

Found on 2021-12-16 02:49

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 172.105.17.61
Port: 9000
URL: http://172.105.17.61:9000

First seen 2021-12-14 19:28
Last seen 2021-12-24 20:38
Open for 10 days

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012324c213fea2b268f4cba59008cba59008

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 501.212076ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203530312e3231323037366d730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa488f75e3e9672513462ee5da562ee5da5

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.259749413s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e323539373439343133730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4ec9389481289012e7f6a1e227f6a1e22

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.358429907s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e333538343239393037730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5058eee87f107490d88bd665588bd6655

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 789.28566ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203738392e32383536366d730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2f02193112031e7278468aae28468aae2

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 196.813385ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203139362e3831333338356d730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f62adf362ef9fedf842e732fd82e732fd8

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.549067951s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e353439303637393531730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8faea2f902ee9e003835f0c88735f0c887

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.965225766s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e393635323235373636730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65ff3f6b7c1ba22b92330d635e330d635e

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.686129592s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e363836313239353932730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb77cfe3cd4fea29ffa115e186f115e186f

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.072699263s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303732363939323633730a

Found on 2021-12-24 20:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2e828380a009f1506ef846511667a5303

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 163.703351ms
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203136332e3730333335316d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a53fe45bb99607e81549221190e896d59b

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 763.914766ms
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203736332e3931343736366d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4714707d2c2b3d81e79e1c9d958d8d532

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.274577839s
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e323734353737383339730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4bddaf007c6f3517bc526392a6b14849d

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.360438729s
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e333630343338373239730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012365981ecf101a86f37a982e3240ad93a9

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 461.279655ms
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203436312e3237393635356d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7f52f528707d447fba1b7b4aa40fa669a

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.055978995s
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303535393738393935730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f674c8b97177209f5d412e01e80d825ac5

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.558516418s
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e353538353136343138730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f3c30153d7134e301b236ac4487f2e0ae

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.968680521s
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e393638363830353231730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65eae209bc6c0036203c76ea87499f4ea5

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.686431226s
Orignal request was to 172.105.99.178:9000
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e363836343331323236730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a393030300a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-14 19:28

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 172.105.17.61
Port: 8443
URL: https://172.105.17.61:8443

First seen 2021-12-13 03:37
Last seen 2021-12-21 00:08
Open for 7 days

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123324a73944b663bbaba6d4d4bba6d4d4b

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 245.64045ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203234352e36343034356d730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f626cec24bf074856152b1223c52b1223c

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.356783001s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e333536373833303031730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f37f844d241a9ff68533fa6cd533fa6cd

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.775577071s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e373735353737303731730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f44ef53a0b6ed46321d830d6d0d830d6d0

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.176820437s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e313736383230343337730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a58055be3551f02b2b9f95a5fc9f95a5fc

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 584.804215ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203538342e3830343231356d730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa455717536302149fc4cf0493d4cf0493d

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.058119912s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e303538313139393132730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65d2658dbf47a702555cc999a85cc999a8

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.472977647s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e343732393737363437730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb795791ef93d27489fed1e6717ed1e6717

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 867.745343ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b203836372e3734353334336d730a

Found on 2021-12-21 00:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65e5633edb442c7dd78731064e42552f71

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.710256415s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e373130323536343135730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6720908d9eacff1b976d3dbec0b068327

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.600623165s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e363030363233313635730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a568ace11a4c2a1f5a96aaee2d68c3f229

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 797.085091ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203739372e3038353039316d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a25ba035626cbd49f290e005f5bd4f1430

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 197.39327ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203139372e33393332376d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4af10e8c853e7bf0475456063b1610db6

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.301941158s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e333031393431313538730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fec0d3ffb2a7f35b73b79cd2e9d5e7782

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 2.006345136s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20322e303036333435313336730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4d1bacfe7aa555b6bd33ced7a9ba5546f

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.422740036s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e343232373430303336730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7b07c94df402788f386c71432f8bea48e

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.083561747s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303833353631373437730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012330702bcd9946923540d907b036dc06a1

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 500.239967ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203530302e3233393936376d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-20 06:08

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a29870dfecf50a7d90f8636257d6f164a0

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 54.548915ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2035342e3534383931356d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-16 23:09

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012313027a032db8300fddad7b96ff96d05d

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 353.809096ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203335332e3830393039366d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-16 23:09

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7cc0294225b9f0032273735b50327e333

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 939.26061ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b203933392e32363036316d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-16 23:09

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5d91e4ba102ffb9f114df5154120e0f9f

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 649.625764ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203634392e3632353736346d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-16 23:09

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f44f3c4c90370055a6165fe4dc165fe4dc

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.273033218s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e323733303333323138730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123a49b7d4ffbb3aac588e5c2fe88e5c2fe

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 352.824757ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203335322e3832343735376d730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8fb5b5c33bfc331c7129abc40929abc409

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.879422287s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e383739343232323837730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5caaf055229b1cbe8f3101556f3101556

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 644.881049ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203634342e3838313034396d730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a28128c721bf246317b9a9facdb9a9facd

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 134.189µs
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203133342e313839c2b5730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6066705f782d2375d57d3b26657d3b266

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.482482245s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e343832343832323435730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4a15ee612d8d1b6a8bdded439bdded439

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.192500962s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e313932353030393632730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65ddcb0a8879f6476e7aaafbea7aaafbea

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.563108302s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e353633313038333032730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7a51d98971463143d8a462ad58a462ad5

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 943.391468ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b203934332e3339313436386d730a

Found on 2021-12-15 15:35

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a53ffbfedabcc0cb808ac9b83e8ac9b83e

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 880.966029ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203838302e3936363032396d730a

Found on 2021-12-14 08:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7dbe6995a82e4e200109e065d109e065d

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.536439196s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e353336343339313936730a

Found on 2021-12-14 08:44

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123b06d5d6e213b00c49caf8e349caf8e34

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 526.819014ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203532362e3831393031346d730a

Found on 2021-12-14 08:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a29ad618c22e5837f8493ff4d6493ff4d6

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 134.122969ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203133342e3132323936396d730a

Found on 2021-12-14 08:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5fe730ed2279345c23e696a652a63e529

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 701.850685ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203730312e3835303638356d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4fb333bcd7a922235b0c2b7b095eb2ad2

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.216692801s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e323136363932383031730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459931901239ba635b902211bd9b8d96b8c9f3c0b71

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 400.182938ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203430302e3138323933386d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2ae78fcab38be3787c708419e50c0805e

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 52.409374ms
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2035322e3430393337346d730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6cf3fe2814e8ab3112e2b597443e94299

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.517910389s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e353137393130333839730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f650513ce849ce12683ed7031ed533100

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 1.921505527s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20312e393231353035353237730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a653f3ade4178a49951a289563458c7d989

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.608537947s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e363038353337393437730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4a8309fc33bcd4f4fa6ae6f56cc58e715

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.316021232s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e333136303231323332730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb779b569ceba49e726c8ac223131abc984

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.013200703s
Orignal request was to 172.105.99.178:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303133323030373033730a4f7269676e616c20726571756573742077617320746f203137322e3130352e39392e3137383a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-13 03:37

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 172.105.17.61
Port: 443
URL: https://172.105.17.61

First seen 2021-12-15 16:14
Last seen 2021-12-20 15:38
Open for 4 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a57ba98c152268b34b84c7094e84c7094e

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 728.061733ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203732382e3036313733336d730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123cbebe66ed1e461c453b5f36e53b5f36e

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 418.388411ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203431382e3338383431316d730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa43a04d0f6ce4c35bc4079906140799061

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.625183126s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e363235313833313236730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f221983f93ce7259f619c8805619c8805

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 2.026660112s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20322e303236363630313132730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a654cc40a921e99472814e3ed0214e3ed02

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.686565239s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e363836353635323339730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f42086594483abb90a7ac461be7ac461be

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.353754729s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e333533373534373239730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2f67294b30b1c41994ab91df84ab91df8

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 110.040583ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203131302e3034303538336d730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6ac4cab6a6516b2b03548d1b43548d1b4

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.921826965s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e393231383236393635730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb79f8f2973986cd55962428a0962428a09

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.052395779s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303532333935373739730a

Found on 2021-12-20 15:38

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa44ea953d1316426e7ede1d60dede1d60d

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 2.360316347s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20322e333630333136333437730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f62ff6f7bb73583cf11733025017330250

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 2.641623049s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20322e363431363233303439730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f75e15ac70fcdd34d4db8a1dd4db8a1dd

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 2.059280129s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20322e303539323830313239730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f425cdd28ff077a7052fd956a02fd956a0

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 1.422259499s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20312e343232323539343939730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a518ba74d5830eff0bef52a5b0ef52a5b0

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 832.689515ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203833322e3638393531356d730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2112a3b712a5877474d3744824d374482

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 197.807413ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203139372e3830373431336d730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65678e39c750919a4ddbd07ba6dbd07ba6

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 1.773447982s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20312e373733343437393832730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7fae2923379a103190caf05df0caf05df

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.128108184s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e313238313038313834730a

Found on 2021-12-15 16:14

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123e9fc814a18a5aed04097799740977997

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 497.41027ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203439372e34313032376d730a

Found on 2021-12-15 16:14

Create report

Leak detected by NucleiPlugin

No description available

IP: 172.105.17.61
Port: 8443
URL: https://172.105.17.61:8443

First seen 2021-06-28 18:52
Last seen 2021-09-01 15:48
Open for 64 days

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b403b226b4

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

Found on 2021-08-05 02:25

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b443c95afd

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

joomla-panel : Joomla Panel by its0x08
-------------

Found on 2021-08-01 00:07

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-06-28 18:52

Create report

Leak detected by NucleiPlugin

No description available

IP: 172.105.17.61
Port: 80
URL: http://172.105.17.61

First seen 2021-08-08 03:22
Last seen 2021-08-18 15:59
Open for 10 days

Fingerprint: 33fc8a384ee3c2e7ef5c060eef5c060e7a3a93b0b36c7369d65e1534a8a35d7d

Nuclei scan report for tags joomla, php, nginx:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

joomla-panel : Joomla Panel by its0x08
-------------

Found on 2021-08-18 15:59

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-08-09 17:50

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b443c95afd

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

joomla-panel : Joomla Panel by its0x08
-------------

Found on 2021-08-08 03:22

Create report

Open service 172.105.17.61:22

2024-12-21 21:33
Found 13 hours ago by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-12-20 00:07
Found 2 days ago by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-12-18 00:13
Found 2024-12-18 by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-12-15 21:48
Found 2024-12-15 by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-12-13 23:04
Found 2024-12-13 by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-12-11 22:14
Found 2024-12-11 by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-12-01 23:05
Found 2024-12-01 by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-11-29 23:30
Found 2024-11-29 by SSHOpenPlugin
Create report
Open service 172.105.17.61:22

2024-11-27 22:26
Found 2024-11-27 by SSHOpenPlugin
Create report

Domain summary

No record

Host 172.105.17.61

Canada

SSH is potenitally vulnerable

VSCode SFTP configuration exposed

A JSON configuration file has been found

A JSON configuration file has been found

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin

Domain summary