# List of hosts used in Log4shell (CVE-2021-44228) exploitation attempts # Joint work with @yt0ng - see https://gist.github.com/yt0ng/b933d0c8ce1076fa74bd31cbecedb884 # @craiu - github.com/craiu pwn.af leakix.net interactsh.com interact.sh burpcollaborator.net bingsearchlib.com canarytokens.com kryptoslogic-cve-2021-44228.com http80path.kryptoslogic-cve-2021-44228.com dnslog.cn world443.log4j.binaryedge.io world80.log4j.binaryedge.io requestbin.net rce.ee ceye.io log4shell.huntress.com #C2 for cryptominers: bernais.axfor.com #Khonsari ransomware: test.verble.rocks #Hosts from yt0ng -> dnspod.cn requestbin.net requestcatcher.com y.psc4fuel.com htbiw.com x00.fi d9.wf knary.xyz test2.ggdd.co.uk synprobe001.leakix.net md-l4j.s2.inty.io do-01.redteam.tf w.nessus.org w0.cx oob.li scanworld.net binaryedge.io 1ma.xyz ghhui.tk dns.cyberwar.nl 1433.eu.org log4j.leakix.net # domains which could have impact when blocking / could have legitimate uses / compromised or hacked #members.linode.com #ngrok.io #econ-jobs.com