LeakIX - Host 223.166.174.11

Host 223.166.174.11

China

China Unicom Shanghai network

Ubuntu

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 223.166.174.11
Port: 5984
URL: http://223.166.174.11:5984

First seen 2022-06-02 18:50
- Fingerprint: b18befd9dd6536829a82655a9a82655a9a82655a9a82655a9a82655a9a82655a
```
{"ok": true}
```
  Found on 2022-06-02 18:50
Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 223.166.174.11
Port: 443
URL: https://223.166.174.11

First seen 2021-12-28 05:55
Last seen 2021-12-31 08:11
Open for 3 days

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a29ae1178a83be5710e2afa578e2afa578

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 506.109026ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203530362e3130393032366d730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f031ae2858243eb5bb5d3b60fb5d3b60f

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.879455549s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e383739343535353439730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb76ca4e76a87bc8eb04bfad27f4bfad27f

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.731191494s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e373331313931343934730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123d7e1dd73529869597e496c3c7e496c3c

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.240683505s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e323430363833353035730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f60b62227dadde5d835b29761c5b29761c

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.377629159s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e333737363239313539730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa49ca0b45bf1272fd1465cfd17465cfd17

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.614127515s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e363134313237353135730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65063ae90cbb27198276ef3af876ef3af8

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.167010125s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e313637303130313235730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4fd489e3dfe4fe3432276ac682276ac68

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.445910319s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e343435393130333139730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5f435e87157025c4704a0195404a01954

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.991720908s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e393931373230393038730a

Found on 2021-12-31 08:11

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f40882103c8c125c527060ea887060ea88

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.521091607s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e353231303931363037730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f65878c4fd843f3c030df3d33c0df3d33c

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.461685968s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e343631363835393638730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4f8de6a18bae5b2dee6380035e6380035

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.748335665s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e373438333335363635730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f676af946777d7d2cb3d046e5b3d046e5

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.997697664s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e393937363937363634730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65e8a2be04059971caf6ac3594f6ac3594

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.253833883s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e323533383333383833730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a244d1e5a1a75b5d970e7f8f460e7f8f46

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 530.883267ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203533302e3838333236376d730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7c4fc4ed34a49847983c0f0e183c0f0e1

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.782016048s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e373832303136303438730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a53bc6d9df7ddd3e3543cc01a243cc01a2

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.038973884s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e303338393733383834730a

Found on 2021-12-28 05:55

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123dfc151850846c25b480a3e54480a3e54

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.302454577s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e333032343534353737730a

Found on 2021-12-28 05:55

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 223.166.174.11
Port: 8000
URL: http://223.166.174.11:8000

First seen 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a255925e94b6b62ebaf051e1fcf051e1fc

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 683.351142ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203638332e3335313134326d730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5f0618598654c625e86f76d5486f76d54

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 2.283364102s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20322e323833333634313032730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4f85f79fa3f1e3460efd920e0efd920e0

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.879391286s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e383739333931323836730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4cae2bb2b14a46601e3db75e1e3db75e1

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 6.526306946s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20362e353236333036393436730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6f1801b1b839cd69153cb807a53cb807a

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 7.295627685s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20372e323935363237363835730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123f8bdd16a7a1768b02bf8f9722bf8f972

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.438243893s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e343338323433383933730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb76fa738934b929c397831321f7831321f

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 3.041273842s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20332e303431323733383432730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65a7a9a3680626908e350cffbc350cffbc

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.621721842s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e363231373231383432730a

Found on 2021-12-26 03:00

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f0f3069e724f1542d9bd8a8239bd8a823

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 5.741808429s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20352e373431383038343239730a

Found on 2021-12-26 03:00

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 223.166.174.11
Port: 8443
URL: https://223.166.174.11:8443

First seen 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a515c7cf8fd1c75c0503a3959403a39594

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.548694782s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e353438363934373832730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f9d6ccbcc7ddb344282a5275182a52751

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.514095045s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e353134303935303435730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6c5e186d9f94f35bfa9a7a9b0a9a7a9b0

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.059620942s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e303539363230393432730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a29c2772ab2e3b51815de8d3835de8d383

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 12.226454ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2031322e3232363435346d730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012339521fa1ab2d0797a6c69662a6c69662

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 749.848788ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203734392e3834383738386d730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb76b0b337dbc9f0683caf49cb3caf49cb3

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.290658846s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e323930363538383436730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f49ffb3ca0e23f94562c80483c2c80483c

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.011660887s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e303131363630383837730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a6578ef43a7b86f6bed0c94675a0c94675a

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 3.754214356s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20332e373534323134333536730a

Found on 2021-12-23 20:57

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4b9b6289928c4d67fb92e6c43b92e6c43

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.303554077s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e333033353534303737730a

Found on 2021-12-23 20:57

Create report

Leak detected by NucleiPlugin

No description available

IP: 223.166.174.11
Port: 8443
URL: https://223.166.174.11:8443

First seen 2021-09-18 21:13

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-09-18 21:13

Create report

Leak detected by NucleiPlugin

No description available

IP: 223.166.174.11
Port: 8083
URL: http://223.166.174.11:8083

First seen 2021-09-04 05:41

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-09-04 05:41

Create report

Leak detected by NucleiPlugin

No description available

IP: 223.166.174.11
Port: 80
URL: http://223.166.174.11

First seen 2021-08-19 09:36
- Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b403b226b4
```
Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.
```
  Found on 2021-08-19 09:36
Create report

Domain summary

No record

Host 223.166.174.11

China

A JSON configuration file has been found

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin

Domain summary