LeakIX - Host 185.97.227.1

Host 185.97.227.1

Germany

Sixt GmbH & Co. Autovermietung KG

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 185.97.227.1
Port: 443
URL: https://185.97.227.1

First seen 2021-12-31 11:25
Last seen 2021-12-31 12:25

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb76fd284e1d646ad58c7fc57afd46e3942

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.058961279s
Orignal request was to 185.97.224.12:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e303538393631323739730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31323a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:25

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a55a617053cfebe43a6a001a0db80ee735

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 999.879668ms
Orignal request was to 185.97.224.12:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203939392e3837393636386d730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31323a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:25

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a56400427b66571e934c74e4d20df9208b

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 8.220618294s
Orignal request was to 185.97.224.35:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20382e323230363138323934730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e33353a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:18

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb72eb08bfac9bcd83226d33db51480e5a0

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 8.295082777s
Orignal request was to 185.97.224.35:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20382e323935303832373737730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e33353a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:18

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7443f19f5963941f5cd9534f061e99ef0

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 683.483722ms
Orignal request was to 185.97.224.17:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b203638332e3438333732326d730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31373a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:01

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5914226e07294a07cdc82402b0219ad99

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 297.319447ms
Orignal request was to 185.97.224.17:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b203239372e3331393434376d730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31373a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:01

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7ecd1d4c472c9d27a98c428cdcadbc01c

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 5.938258322s
Orignal request was to 185.97.224.28:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20352e393338323538333232730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e32383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5ad1142ea09c7bd20e6490f875d53257d

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 5.859383701s
Orignal request was to 185.97.224.28:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20352e383539333833373031730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e32383a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 12:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a55b1c4a73179a5b5fb76c5d06ee64fcfd

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.555682611s
Orignal request was to 185.97.224.13:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e353535363832363131730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31333a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:51

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb71c967bb924cbc0d57fd3f5d086851a40

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 1.634145512s
Orignal request was to 185.97.224.13:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20312e363334313435353132730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31333a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:51

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5d9810a77324c20570823c5ce21703184

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.270298343s
Orignal request was to 185.97.224.141:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e323730323938333433730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e3134313a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:48

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7b5f284d355e6120b36d6161a9d836eba

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.36428634s
Orignal request was to 185.97.224.141:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e3336343238363334730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e3134313a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:48

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7ed0fe61bc7b85d7433d25b33550ece8a

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 9.743100073s
Orignal request was to 185.97.224.14:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20392e373433313030303733730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31343a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:48

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a594b50b8babb51904a1cfce6355b427e3

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 9.648329368s
Orignal request was to 185.97.224.14:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20392e363438333239333638730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e31343a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:48

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb704fccb78fa67d4ee954ade894ab771d3

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.079100673s
Orignal request was to 185.97.224.109:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e303739313030363733730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e3130393a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:40

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a59c0b25b7348f11db9b32068a6167d4c6

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.007805897s
Orignal request was to 185.97.224.109:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303037383035383937730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e3130393a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:40

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5522768ea80dc5e628256c785706ee799

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.964280059s
Orignal request was to 185.97.224.66:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e393634323830303539730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e36363a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:30

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb79752d15efaf7081ef6b859d959944b7e

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 3.328167229s
Orignal request was to 185.97.224.66:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20332e333238313637323239730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e36363a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:30

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5647e7d47570838fa94d6f44d998a8a01

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 6.457994756s
Orignal request was to 185.97.224.34:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20362e343537393934373536730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e33343a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:25

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb79e6007dffd009ee2bfb58105bbb9dc82

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 6.523005636s
Orignal request was to 185.97.224.34:443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20362e353233303035363336730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e33343a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-31 11:25

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 185.97.227.1
Port: 8443
URL: https://185.97.227.1:8443

First seen 2021-12-26 09:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7b0d730e511277a468af0c3d1ca0b5217

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.85884816s
Orignal request was to 185.97.224.131:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e3835383834383136730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e3133313a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-26 09:44

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5942d6a89455d5d62735dd4855f9779b3

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.778427911s
Orignal request was to 185.97.224.131:8443
This event's HTTP and SSL details are preserved from the orignal request.

Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e373738343237393131730a4f7269676e616c20726571756573742077617320746f203138352e39372e3232342e3133313a383434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a

Found on 2021-12-26 09:44

Create report

Domain summary

No record