LeakIX - Host 20.36.130.143

Host 20.36.130.143

United States

MICROSOFT-CORP-MSN-AS-BLOCK

Exposed GoAnywhere MFT administration interface

Exposed GoAnywhere MFT are subject to an unfixed 0day RCE and should be considered unsafe when made public.

IP: 20.36.130.143
Port: 8001
URL: https://20.36.130.143:8001

First seen 2024-09-11 14:10
Last seen 2024-10-01 23:30
Open for 20 days
- Severity: critical
  Fingerprint: b1a07937af044f4619de6baafb4635b9fb4635b9fb4635b9fb4635b9fb4635b9
```
Found vulnerable GoAnywhere MFT:
Affected by CVE-2024-0204
```
  Found on 2024-10-01 23:30
Create report

2024-11-29 21:09

HTTP/1.1 302 
Set-Cookie: RSESSIONID=5445560D38650C7EE0EB2A9CA836F323; Path=/; Secure; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Fri, 29 Nov 2024 21:09:20 GMT
Connection: close

Found 2024-11-29 by HttpPlugin

Create report

Open service 20.36.130.143:8001

2024-11-27 21:09

HTTP/1.1 302 
Set-Cookie: RSESSIONID=07B3B2B80A273A014186593BC553B534; Path=/; Secure; HttpOnly
Location: /goanywhere
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Wed, 27 Nov 2024 21:09:49 GMT
Connection: close

Found 2024-11-27 by HttpPlugin

Create report

*.umojacloud.ioumojacloud.io

Fingerprint:

43458e186300e407f1311a8dc86e3b8c713fef71f687f87825dd56f16447ae42

CN:

*.umojacloud.io

Key:

RSA-2048

Issuer:

Sectigo RSA Domain Validation Secure Server CA

Not before:

2023-12-13 00:00

Not after:

2025-01-12 23:59

Domain summary

No record

Host 20.36.130.143

United States

Exposed GoAnywhere MFT administration interface

Create report

Create report

*.umojacloud.ioumojacloud.io

Domain summary