Host 52.186.148.211
United States
-
Server vulnerable to Log4J CVE-2021-44228
The reply originated from a backend server, the originating frontend server has been included in the report for reference.
It is critical to patch log4j or the application using since the issues is exploited in the wild and leads to RCE.
First seen 2021-12-31 00:58-
Severity: critical
Fingerprint: aff4d642200b0639f8880459931901238b4b88cb439c908638bf1f9152ecfd51Received reply after a Log4j payload from this host Ping was received because of query argument Reply took 164.891192ms Orignal request was to 170.81.120.29:443 This event's HTTP and SSL details are preserved from the orignal request. Orignal reply: 5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203136342e3839313139326d730a4f7269676e616c20726571756573742077617320746f203137302e38312e3132302e32393a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a
Found on 2021-12-31 00:58 -
Severity: critical
Fingerprint: aff4d642200b0639f88804599319012396c48dcae847cb77893e646e64a94b77Received reply after a Log4j payload from this host Ping was received because of query argument Reply took 414.572926ms Orignal request was to 170.81.120.29:443 This event's HTTP and SSL details are preserved from the orignal request. Orignal reply: 5265636569766564207265706c792061667465722061204c6f67346a207061796c6f61642066726f6d207468697320686f73740a50696e67207761732072656365697665642062656361757365206f6620717565727920617267756d656e740a5265706c7920746f6f6b203431342e3537323932366d730a4f7269676e616c20726571756573742077617320746f203137302e38312e3132302e32393a3434330a54686973206576656e742773204854545020616e642053534c2064657461696c7320617265207072657365727665642066726f6d20746865206f7269676e616c20726571756573742e0a
Found on 2021-12-31 00:58
-