LeakIX - Host 223.166.174.12

Host 223.166.174.12

China

China Unicom Shanghai network

A JSON configuration file has been found

A JSON configuration file has been found at config.json.

It may contains application configuration such as credentials.

False positive might happen when hitting a JSON API endpoint.

IP: 223.166.174.12
Port: 5984
URL: http://223.166.174.12:5984

First seen 2022-06-02 13:13
- Fingerprint: b18befd9dd6536829a82655a9a82655a9a82655a9a82655a9a82655a9a82655a
```
{"ok": true}
```
  Found on 2022-06-02 13:13
Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 223.166.174.12
Port: 443
URL: https://223.166.174.12

First seen 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a234d162e21c7061d8c01646dec01646de

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 476.005933ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203437362e3030353933336d730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb7319f774c9c46f3c20bf885930bf88593

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.679396285s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e363739333936323835730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4e1e499965717da9c6d00d9116d00d911

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.546740058s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e353436373430303538730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123d5658a00d9eac7f652488fbe52488fbe

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.208405441s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e323038343035343431730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a536c4b7c5c016609b41b8045c41b8045c

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.936665066s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e393336363635303636730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f460c1147d96ffff8385c4071285c40712

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.400440851s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e343030343430383531730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a652cb7805693fff75cfefd3db4fefd3db4

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.123548495s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e313233353438343935730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f088cd56124898c57a5e8ffeda5e8ffed

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.828938686s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e383238393338363836730a

Found on 2021-12-31 08:17

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f62290414dc2b7e47395c4452c95c4452c

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.295988217s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e323935393838323137730a

Found on 2021-12-31 08:17

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 223.166.174.12
Port: 8443
URL: https://223.166.174.12:8443

First seen 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f88804599319012312a305f242acb7481a34af521a34af52

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 802.073257ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203830322e3037333235376d730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a5fdf228ef0302fa259ed53aa09ed53aa0

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.511347893s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e353131333437383933730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a6507d27eded791cd144978345d4978345d

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 3.68548786s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20332e3638353438373836730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4c60bfa7e110ceb748e97cb7e8e97cb7e

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.12392392s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e3132333932333932730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2678bf44d54065f734f1553154f155315

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 34.121728ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b2033342e3132313732386d730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb71ab2678762ec1a0d8cf9ecbf8cf9ecbf

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.238837652s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e323338383337363532730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f42183377f85243f1502a753c402a753c4

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 2.967747962s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20322e393637373437393632730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f4f516762ba17d25899df33bb99df33bb

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.411794733s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e343131373934373333730a

Found on 2021-12-23 20:24

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f62edc58b9cbed8f5f5a18fb065a18fb06

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 5.881187629s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20352e383831313837363239730a

Found on 2021-12-23 20:24

Create report

Server vulnerable to Log4J CVE-2021-44228

The reply originated from a backend server, the originating frontend server has been included in the report for reference.

It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.

IP: 223.166.174.12
Port: 7000
URL: http://223.166.174.12:7000

First seen 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f888045993190123fb78188dc4089cb3debe6d20debe6d20

Received reply after a Log4j payload from this host
Ping was received because of query argument
Reply took 1.239881396s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b20312e323339383831333936730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459a5c7f9f4c1d6dff256c9014885769e9085769e90

Received reply after a Log4j payload from this host
Ping was received because of Cache-Control
Reply took 3.415286229s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662043616368652d436f6e74726f6c0a5265706c7920746f6f6b20332e343135323836323239730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459d5e18a65c40d66dabea3f3807753e28a7753e28a

Received reply after a Log4j payload from this host
Ping was received because of cookie name
Reply took 4.166586742s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b6965206e616d650a5265706c7920746f6f6b20342e313636353836373432730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459ed3e1aa4d9a5b963d020f2a9d1a9eea1d1a9eea1

Received reply after a Log4j payload from this host
Ping was received because of X-Forwared-Host
Reply took 5.634682485s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620582d466f7277617265642d486f73740a5265706c7920746f6f6b20352e363334363832343835730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459215798a2c36d7ab38210b7992a40f6222a40f622

Received reply after a Log4j payload from this host
Ping was received because of URL path
Reply took 466.503781ms
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662055524c20706174680a5265706c7920746f6f6b203436362e3530333738316d730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459e94669a55874168bfeaeeba17efaccc47efaccc4

Received reply after a Log4j payload from this host
Ping was received because of query value
Reply took 1.941148376s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662071756572792076616c75650a5265706c7920746f6f6b20312e393431313438333736730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459b0628eb78a82534de1f7a673906bd5a6906bd5a6

Received reply after a Log4j payload from this host
Ping was received because of User-Agent
Reply took 2.68565453s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620557365722d4167656e740a5265706c7920746f6f6b20322e3638353635343533730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459d2eb3d8f899cb8d52a1fa30bb5be4411b5be4411

Received reply after a Log4j payload from this host
Ping was received because of cookie value
Reply took 4.917904875s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620636f6f6b69652076616c75650a5265706c7920746f6f6b20342e393137393034383735730a

Found on 2021-12-16 03:54

Severity: critical
Fingerprint: aff4d642200b0639f8880459cfe551f6e755bcea59e668301f56b0a21f56b0a2

Received reply after a Log4j payload from this host
Ping was received because of random header
Reply took 6.381757937s
Orignal reply:
5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f662072616e646f6d206865616465720a5265706c7920746f6f6b20362e333831373537393337730a

Found on 2021-12-16 03:54

Create report

Leak detected by NucleiPlugin

No description available

IP: 223.166.174.12
Port: 8443
URL: https://223.166.174.12:8443

First seen 2021-07-03 12:14
Last seen 2021-08-10 05:49
Open for 37 days

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b403b226b4

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

Found on 2021-07-10 17:55

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-07-03 12:14

Create report

Leak detected by NucleiPlugin

No description available

IP: 223.166.174.12
Port: 80
URL: http://223.166.174.12

First seen 2021-06-21 13:23
Last seen 2021-07-28 17:58
Open for 37 days

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b403b226b4

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

Found on 2021-07-28 17:58

Fingerprint: 33fc8a384ee3c2e7ac18478eac18478ef839c1307a372be903b226b4d5335368

Nuclei scan report for tags joomla, php:

CVE-2015-7297 : Joomla Core SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands.

CVE-2017-8917 : Joomla SQL Injection by princechaddha
-------------
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Found on 2021-06-21 13:23

Create report

Domain summary

No record

Host 223.166.174.12

China

A JSON configuration file has been found

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Server vulnerable to Log4J CVE-2021-44228

Leak detected by NucleiPlugin

Leak detected by NucleiPlugin

Domain summary