Cyber Defense Search Engine

datascan ctl threatlist sniffer vulnscan riskscan

1
2
3
4
...
next >

IP
161.69.71.103

Alternative IP(s)
161.69.90.114

Network
161.69.71.0/24

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.71.103:8013/ 401

ASN
AS205272

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 09:57:35 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:57:35.000Z",
   "alternativeip" : [
      "161.69.90.114"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : 361276976,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS205272",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "London",
   "country" : "GB",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 09:57:35 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS205272",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SSL-NET-071-63-255",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.71.96/27"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.71.103",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "51.5074",
   "location" : "51.5074,-0.1196",
   "longitude" : "-0.1196",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.71.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.65.131

Alternative IP(s)
161.69.65.104

Network
161.69.65.0/24

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.65.131:8013/ 401

ASN
AS203724

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 09:21:10 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:21:10.000Z",
   "alternativeip" : [
      "161.69.65.104"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : -1781811925,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS203724",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 09:21:10 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS203724",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SSL-NET-065-63-255",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.65.128/25"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.65.131",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.65.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.80.132

Alternative IP(s)
161.69.65.144

Network
161.69.80.0/23

Domain(s)
mcafee-cloud.com saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Ubuntu

URL

https://161.69.80.132:8013/ 403

Reverse DNS
161-69-80-132.fwd.ops.saasprotection.com

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Ubuntu
Issuer Common Name
McAfee RSA Organization Validation Secure Server CA 3

Issuer Organization
McAfee, Inc.

Subject Organization
McAfee, LLC

Subject Common Name
*.wgcs.mcafee-cloud.com

Subject Alt Name
*.wgcs.mcafee-cloud.com wgcs.mcafee-cloud.com

SHA256 Fingerprint
c94dc31d1a2a1c580dfa4947df38e29ef726f1ba49323cf6c1b2185d656e39a0

Validity Not Before
2024-06-14T00:00:00Z

Validity Not After
2025-06-14T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
d1cdb8f60ea2dab5b3ab1769111ea6f4

HTTP Header MD5
ac18e3c0867b8de4bb5199e1506bf065

HTTP Body MD5
1ab865296066e59fe35b5ea594ce6560

HTTP/1.1 403 authenticationrequired
x-reason: last
content-type: text/html
cache-control: no-cache
content-length: 11210
x-frame-options: deny
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html>
<html>

<head>
    <meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />

    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-300.woff2'
        type='font/woff2' crossorigin />
    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-300.woff'
        type='font/woff' crossorigin />

    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-regular.woff2'
        type='font/woff2' crossorigin />
    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-regular.woff'
        type='font/woff' crossorigin />

    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-italic.woff2'
        type='font/woff2' crossorigin />
    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-italic.woff'
        type='font/woff' crossorigin />

    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-600.woff2'
        type='font/woff2' crossorigin />
    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-600.woff'
        type='font/woff' crossorigin />

    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-700.woff2'
        type='font/woff2' crossorigin />
    <link rel='preload' as='font'
        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-700.woff'
        type='font/woff' crossorigin />
    <link rel="stylesheet" type="text/css"
        href="/mwg-internal/de5fs23hm64ds/files/default/stylesheets/en.css">
    <script src="/mwg-internal/de5fs23hm64ds/files/javascript/sw.js" type="text/javascript"></script>
</head>

<body>
    <div class='container'>
        <div class='header'>
            <span class='logo'><span class='upload-image'><img id='logo' #logo src=''> </span></span><span class='title' #title>IT
                Security</span>
        </div>
        <div class='body-container'>
            <div class='template-logo' #main_block_logo><svg width="300" height="387" xmlns="http://www.w3.org/2000/svg">
                    <g fill="none" fill-rule="evenodd">
                        <path d="M150.086 387L300 309.817V23.916C248.939 7.972 198.605 0 149 0l1.086 387z" fill="#F5F5F5" />
                        <path
                            d="M148.913 5C196.925 5 245.62 12.54 295 27.605h0v279.162l-145 74.61-145-74.61V27.574C52.971 12.53 100.941 5 148.913 5z"
                            stroke="#8D959A" stroke-width="10" />
                    </g>
                </svg></div>
            <div class='content'>
                <!-- block-page-container --><!-- Copyright (C) 2020 McAfee LLC. All rights reserved. -->
<div id="block-page-container">

	<div id="block-page-details-container" class="block-page-details-container">
		<div id="block-page-message"><span>&#84;&#104;&#101;&#32;&#99;&#111;&#110;&#116;&#101;&#110;&#116;&#32;&#121;&#111;&#117;&#32;&#114;&#101;&#113;&#117;&#101;&#115;&#116;&#101;&#100;&#32;&#105;&#115;&#32;&#98;&#108;&#111;&#99;&#107;&#101;&#100;&#32;&#98;&#121;&#32;&#121;&#111;&#117;&#114;&#32;&#111;&#114;&#103;&#97;&#110;&#105;&#122;&#97;&#116;&#105;&#111;&#110;&#39;&#115;&#32;&#115;&#101;&#99;&#117;&#114;&#105;&#116;&#121;&#32;&#112;&#111;&#108;&#105;&#99;&#121;&#46;</span></div>

		<div id="block-page-details-wrap" class="block-page-details-wrap">
			<table id="block-page-details-grid">
				<tbody>
					<tr>
						<td>
							<span>&#82;&#101;&#97;&#115;&#111;&#110;&#58;<span>
						</td>
						<td>
							<span>&#65;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#105;&#111;&#110;&#32;&#82;&#101;&#113;&#117;&#105;&#114;&#101;&#100;&#32;&#45;&#32;&#89;&#111;&#117;&#32;&#109;&#117;&#115;&#116;&#32;&#98;&#101;&#32;&#97;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#101;&#100;&#32;&#116;&#111;&#32;&#97;&#99;&#99;&#101;&#115;&#115;&#32;&#116;&#104;&#105;&#115;&#32;&#85;&#82;&#76;&#46;</span>
						</td>
					</tr>
					<tr>
						<td>
							<span>&#85;&#82;&#76;&#58;</span>
						</td>
						<td>
							http://<ip>:8013/
						</td>
					</tr>
					<tr>
						<td>
							<span>&#85;&#115;&#101;&#114;&#32;&#73;&#80;&#58;</span>
						</td>
						<td>
							<srcip>
						</td>
					</tr>
					<tr>
						<td colspan="2">
							<script language="javascript" type="text/javascript">
								urlprotocol = "http";
								statuscode = ;

								if (statuscode == 401 && urlprotocol == "ftp") {
									document.write("<form name=\"ftpform\" method=\"get\" action=\"\">");
									document.write("<table class=\"contentData\">");
									document.write("<tr><td class=\"contentData\" colspan=2>&#80;&#108;&#101;&#97;&#115;&#101;&#32;&#101;&#110;&#116;&#101;&#114;&#32;&#121;&#111;&#117;&#114;&#32;&#99;&#114;&#101;&#100;&#101;&#110;&#116;&#105;&#97;&#108;&#115;&#32;&#105;&#110;&#32;&#116;&#104;&#101;&#32;&#102;&#111;&#114;&#109;&#32;&#98;&#101;&#108;&#111;&#119;&#32;&#97;&#110;&#100;&#32;&#99;&#108;&#105;&#99;&#107;&#32;&#39;&#65;&#99;&#99;&#101;&#115;&#115;&#32;&#70;&#84;&#80;&#39;&#32;&#98;&#117;&#116;&#116;&#111;&#110;&#32;&#105;&#102;&#32;&#121;&#111;&#117;&#114;&#32;&#98;&#114;&#111;&#119;&#115;&#101;&#114;&#32;&#100;&#111;&#101;&#115;&#110;&#39;&#116;&#32;&#112;&#114;&#101;&#115;&#101;&#110;&#116;&#32;&#97;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#105;&#111;&#110;&#32;&#112;&#114;&#111;&#109;&#112;&#116;&#32;&#102;&#111;&#114;&#32;&#70;&#84;&#80;&#32;&#115;&#105;&#116;&#101;&#115;&#46;</td></tr>");
									document.write("<tr><td class=\"contentData\">&#85;&#115;&#101;&#114;&#110;&#97;&#109;&#101;&#58;</td><td><input type=\"text\" id=\"ftpUsername\" name=\"ftpUsername\" size=40 /></td></tr>");
									document.write("<tr><td class=\"contentData\">&#80;&#97;&#115;&#115;&#119;&#111;&#114;&#100;&#58;</td><td><input type=\"password\" id=\"ftpPassword\" name=\"ftpPassword\" size=40 /></td></tr>");
									document.write("<tr><td class=\"contentData\" colspan=2 align=center><input type=\"button\" onclick=\"redirectToFTP();\" value=\"Access FTP\" /></td></tr>");
									document.write("</table>");
									document.write("</form>");
								}

								function redirectToFTP() {
									var username = escape(document.getElementById("ftpUsername").value);
									var password = escape(document.getElementById("ftpPassword").value);
									location.href = "ftp://" + username + ":" + password + "@<ip>:8013/"
								}
							</script>
						</td>
					</tr>
				</tbody>
			</table>
		</div>
		<div class="more-details-section" id="more-details-section">
			<input type="checkbox" class="more-details-state" id="more-details-state">
			<label  for="more-details-state" class="more-details-trigger more-detail" id="more-details-trigger">
				<div>
					<div class="more-detail-text">&#77;&#111;&#114;&#101;&#32;&#68;&#101;&#116;&#97;&#105;&#108;&#115;</div> 
					<div class="fewer-detail-text">&#70;&#101;&#119;&#101;&#114;&#32;&#68;&#101;&#116;&#97;&#105;&#108;&#115;</div>
				</div>											
			</label>
			<table class="more-details-wrap" id="more-details-wrap">
				<tbody class="more-details-target" id="more-details-target">
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#84;&#105;&#109;&#101;&#115;&#116;&#97;&#109;&#112;&#58;</span>
						</td>
						<td>
							2024-11-21 09:07:12
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#84;&#101;&#110;&#97;&#110;&#116;&#32;&#73;&#68;&#58;</span>
						</td>
						<td>
							
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#85;&#115;&#101;&#114;&#110;&#97;&#109;&#101;&#58;</span>
						</td>
						<td>
							
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#76;&#105;&#115;&#116;&#32;&#111;&#102;&#32;&#117;&#115;&#101;&#114;&#32;&#103;&#114;&#111;&#117;&#112;&#115;&#58;</span>
						</td>
						<td>
							
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#69;&#103;&#114;&#101;&#115;&#115;&#32;&#73;&#80;&#32;&#111;&#102;&#32;&#116;&#104;&#101;&#32;&#114;&#101;&#113;&#117;&#101;&#115;&#116;&#105;&#110;&#103;&#32;&#99;&#108;&#105;&#101;&#110;&#116;&#32;&#40;&#98;&#114;&#111;&#119;&#115;&#101;&#114;&#41;&#58;</span>
						</td>
						<td>
							<srcip>
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#78;&#97;&#109;&#101;&#32;&#111;&#102;&#32;&#116;&#104;&#101;&#32;&#108;&#97;&#115;&#116;&#32;&#101;&#120;&#101;&#99;&#117;&#116;&#101;&#100;&#32;&#114;&#117;&#108;&#101;&#58;</span>
						</td>
						<td>
							authenticationrequired
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#68;&#101;&#115;&#116;&#105;&#110;&#97;&#116;&#105;&#111;&#110;&#32;&#73;&#80;&#58;</span>
						</td>
						<td>
							<ip>
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#65;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#105;&#111;&#110;&#32;&#77;&#101;&#116;&#104;&#111;&#100;&#58;</span>
						</td>
						<td>
							0
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#85;&#115;&#101;&#114;&#45;&#97;&#103;&#101;&#110;&#116;&#58;</span>
						</td>
						<td>
							Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#77;&#101;&#100;&#105;&#97;&#32;&#84;&#121;&#112;&#101;&#58;</span>
						</td>
						<td>
							
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#77;&#67;&#80;&#32;&#83;&#121;&#115;&#116;&#101;&#109;&#32;&#73;&#110;&#102;&#111;&#58;</span>
						</td>
						<td>
							{}
						</td>
					</tr>
					<tr class="debug-entry-row">
						<td>
							<span class="details-key">&#66;&#108;&#111;&#99;&#107;&#32;&#82;&#101;&#97;&#115;&#111;&#110;&#58;</span>
						</td>
						<td>
							Authentication Required
						</td>
					</tr>
				</tbody>
			</table>
		</div>
	</div>

</div>
                <!-- block-page-container -->
                <div class='admin-message-box'><span class='adminMessage' #adminMessage> </span #end></div>
            </div><br>
        </div>
        <div class='footer'><span class='footer-image'>
                <img src='/mwg-internal/de5fs23hm64ds/files/default/img/Logo.svg' align='absmiddle'
                    border='0'>
            </span></div>
    </div>
</body>
<script type='text/javascript'>removeEmptyDebugTableEntries()</script>

</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T09:07:13.000Z",
   "alternativeip" : [
      "161.69.65.144"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/2000/svg"
         ]
      },
      "http" : {
         "bodymd5" : "1ab865296066e59fe35b5ea594ce6560",
         "bodymmh3" : 1938553729,
         "headermd5" : "ac18e3c0867b8de4bb5199e1506bf065",
         "headermmh3" : 1010132543
      },
      "length" : 11386
   },
   "asn" : "AS31898",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Mumbai",
   "country" : "IN",
   "data" : "HTTP/1.1 403 authenticationrequired\r\nx-reason: last\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 11210\r\nx-frame-options: deny\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html>\n<html>\n\n<head>\n    <meta http-equiv='Content-Type' content='text/html; charset=UTF-8' />\n\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-300.woff2'\n        type='font/woff2' crossorigin />\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-300.woff'\n        type='font/woff' crossorigin />\n\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-regular.woff2'\n        type='font/woff2' crossorigin />\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-regular.woff'\n        type='font/woff' crossorigin />\n\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-italic.woff2'\n        type='font/woff2' crossorigin />\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-italic.woff'\n        type='font/woff' crossorigin />\n\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-600.woff2'\n        type='font/woff2' crossorigin />\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-600.woff'\n        type='font/woff' crossorigin />\n\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-700.woff2'\n        type='font/woff2' crossorigin />\n    <link rel='preload' as='font'\n        href='/mwg-internal/de5fs23hm64ds/files/default/font/Open_Sans/open-sans-v15-latin-700.woff'\n        type='font/woff' crossorigin />\n    <link rel=\"stylesheet\" type=\"text/css\"\n        href=\"/mwg-internal/de5fs23hm64ds/files/default/stylesheets/en.css\">\n    <script src=\"/mwg-internal/de5fs23hm64ds/files/javascript/sw.js\" type=\"text/javascript\"></script>\n</head>\n\n<body>\n    <div class='container'>\n        <div class='header'>\n            <span class='logo'><span class='upload-image'><img id='logo' #logo src=''> </span></span><span class='title' #title>IT\n                Security</span>\n        </div>\n        <div class='body-container'>\n            <div class='template-logo' #main_block_logo><svg width=\"300\" height=\"387\" xmlns=\"http://www.w3.org/2000/svg\">\n                    <g fill=\"none\" fill-rule=\"evenodd\">\n                        <path d=\"M150.086 387L300 309.817V23.916C248.939 7.972 198.605 0 149 0l1.086 387z\" fill=\"#F5F5F5\" />\n                        <path\n                            d=\"M148.913 5C196.925 5 245.62 12.54 295 27.605h0v279.162l-145 74.61-145-74.61V27.574C52.971 12.53 100.941 5 148.913 5z\"\n                            stroke=\"#8D959A\" stroke-width=\"10\" />\n                    </g>\n                </svg></div>\n            <div class='content'>\n                <!-- block-page-container --><!-- Copyright (C) 2020 McAfee LLC. All rights reserved. -->\n<div id=\"block-page-container\">\n\n\t<div id=\"block-page-details-container\" class=\"block-page-details-container\">\n\t\t<div id=\"block-page-message\"><span>&#84;&#104;&#101;&#32;&#99;&#111;&#110;&#116;&#101;&#110;&#116;&#32;&#121;&#111;&#117;&#32;&#114;&#101;&#113;&#117;&#101;&#115;&#116;&#101;&#100;&#32;&#105;&#115;&#32;&#98;&#108;&#111;&#99;&#107;&#101;&#100;&#32;&#98;&#121;&#32;&#121;&#111;&#117;&#114;&#32;&#111;&#114;&#103;&#97;&#110;&#105;&#122;&#97;&#116;&#105;&#111;&#110;&#39;&#115;&#32;&#115;&#101;&#99;&#117;&#114;&#105;&#116;&#121;&#32;&#112;&#111;&#108;&#105;&#99;&#121;&#46;</span></div>\n\n\t\t<div id=\"block-page-details-wrap\" class=\"block-page-details-wrap\">\n\t\t\t<table id=\"block-page-details-grid\">\n\t\t\t\t<tbody>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span>&#82;&#101;&#97;&#115;&#111;&#110;&#58;<span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span>&#65;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#105;&#111;&#110;&#32;&#82;&#101;&#113;&#117;&#105;&#114;&#101;&#100;&#32;&#45;&#32;&#89;&#111;&#117;&#32;&#109;&#117;&#115;&#116;&#32;&#98;&#101;&#32;&#97;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#101;&#100;&#32;&#116;&#111;&#32;&#97;&#99;&#99;&#101;&#115;&#115;&#32;&#116;&#104;&#105;&#115;&#32;&#85;&#82;&#76;&#46;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span>&#85;&#82;&#76;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\thttp://<ip>:8013/\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span>&#85;&#115;&#101;&#114;&#32;&#73;&#80;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<srcip>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td colspan=\"2\">\n\t\t\t\t\t\t\t<script language=\"javascript\" type=\"text/javascript\">\n\t\t\t\t\t\t\t\turlprotocol = \"http\";\n\t\t\t\t\t\t\t\tstatuscode = ;\n\n\t\t\t\t\t\t\t\tif (statuscode == 401 && urlprotocol == \"ftp\") {\n\t\t\t\t\t\t\t\t\tdocument.write(\"<form name=\\\"ftpform\\\" method=\\\"get\\\" action=\\\"\\\">\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"<table class=\\\"contentData\\\">\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"<tr><td class=\\\"contentData\\\" colspan=2>&#80;&#108;&#101;&#97;&#115;&#101;&#32;&#101;&#110;&#116;&#101;&#114;&#32;&#121;&#111;&#117;&#114;&#32;&#99;&#114;&#101;&#100;&#101;&#110;&#116;&#105;&#97;&#108;&#115;&#32;&#105;&#110;&#32;&#116;&#104;&#101;&#32;&#102;&#111;&#114;&#109;&#32;&#98;&#101;&#108;&#111;&#119;&#32;&#97;&#110;&#100;&#32;&#99;&#108;&#105;&#99;&#107;&#32;&#39;&#65;&#99;&#99;&#101;&#115;&#115;&#32;&#70;&#84;&#80;&#39;&#32;&#98;&#117;&#116;&#116;&#111;&#110;&#32;&#105;&#102;&#32;&#121;&#111;&#117;&#114;&#32;&#98;&#114;&#111;&#119;&#115;&#101;&#114;&#32;&#100;&#111;&#101;&#115;&#110;&#39;&#116;&#32;&#112;&#114;&#101;&#115;&#101;&#110;&#116;&#32;&#97;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#105;&#111;&#110;&#32;&#112;&#114;&#111;&#109;&#112;&#116;&#32;&#102;&#111;&#114;&#32;&#70;&#84;&#80;&#32;&#115;&#105;&#116;&#101;&#115;&#46;</td></tr>\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"<tr><td class=\\\"contentData\\\">&#85;&#115;&#101;&#114;&#110;&#97;&#109;&#101;&#58;</td><td><input type=\\\"text\\\" id=\\\"ftpUsername\\\" name=\\\"ftpUsername\\\" size=40 /></td></tr>\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"<tr><td class=\\\"contentData\\\">&#80;&#97;&#115;&#115;&#119;&#111;&#114;&#100;&#58;</td><td><input type=\\\"password\\\" id=\\\"ftpPassword\\\" name=\\\"ftpPassword\\\" size=40 /></td></tr>\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"<tr><td class=\\\"contentData\\\" colspan=2 align=center><input type=\\\"button\\\" onclick=\\\"redirectToFTP();\\\" value=\\\"Access FTP\\\" /></td></tr>\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"</table>\");\n\t\t\t\t\t\t\t\t\tdocument.write(\"</form>\");\n\t\t\t\t\t\t\t\t}\n\n\t\t\t\t\t\t\t\tfunction redirectToFTP() {\n\t\t\t\t\t\t\t\t\tvar username = escape(document.getElementById(\"ftpUsername\").value);\n\t\t\t\t\t\t\t\t\tvar password = escape(document.getElementById(\"ftpPassword\").value);\n\t\t\t\t\t\t\t\t\tlocation.href = \"ftp://\" + username + \":\" + password + \"@<ip>:8013/\"\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t</script>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t</div>\n\t\t<div class=\"more-details-section\" id=\"more-details-section\">\n\t\t\t<input type=\"checkbox\" class=\"more-details-state\" id=\"more-details-state\">\n\t\t\t<label  for=\"more-details-state\" class=\"more-details-trigger more-detail\" id=\"more-details-trigger\">\n\t\t\t\t<div>\n\t\t\t\t\t<div class=\"more-detail-text\">&#77;&#111;&#114;&#101;&#32;&#68;&#101;&#116;&#97;&#105;&#108;&#115;</div> \n\t\t\t\t\t<div class=\"fewer-detail-text\">&#70;&#101;&#119;&#101;&#114;&#32;&#68;&#101;&#116;&#97;&#105;&#108;&#115;</div>\n\t\t\t\t</div>\t\t\t\t\t\t\t\t\t\t\t\n\t\t\t</label>\n\t\t\t<table class=\"more-details-wrap\" id=\"more-details-wrap\">\n\t\t\t\t<tbody class=\"more-details-target\" id=\"more-details-target\">\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#84;&#105;&#109;&#101;&#115;&#116;&#97;&#109;&#112;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t2024-11-21 09:07:12\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#84;&#101;&#110;&#97;&#110;&#116;&#32;&#73;&#68;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#85;&#115;&#101;&#114;&#110;&#97;&#109;&#101;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#76;&#105;&#115;&#116;&#32;&#111;&#102;&#32;&#117;&#115;&#101;&#114;&#32;&#103;&#114;&#111;&#117;&#112;&#115;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#69;&#103;&#114;&#101;&#115;&#115;&#32;&#73;&#80;&#32;&#111;&#102;&#32;&#116;&#104;&#101;&#32;&#114;&#101;&#113;&#117;&#101;&#115;&#116;&#105;&#110;&#103;&#32;&#99;&#108;&#105;&#101;&#110;&#116;&#32;&#40;&#98;&#114;&#111;&#119;&#115;&#101;&#114;&#41;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<srcip>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#78;&#97;&#109;&#101;&#32;&#111;&#102;&#32;&#116;&#104;&#101;&#32;&#108;&#97;&#115;&#116;&#32;&#101;&#120;&#101;&#99;&#117;&#116;&#101;&#100;&#32;&#114;&#117;&#108;&#101;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\tauthenticationrequired\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#68;&#101;&#115;&#116;&#105;&#110;&#97;&#116;&#105;&#111;&#110;&#32;&#73;&#80;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<ip>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#65;&#117;&#116;&#104;&#101;&#110;&#116;&#105;&#99;&#97;&#116;&#105;&#111;&#110;&#32;&#77;&#101;&#116;&#104;&#111;&#100;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t0\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#85;&#115;&#101;&#114;&#45;&#97;&#103;&#101;&#110;&#116;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\tMozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#77;&#101;&#100;&#105;&#97;&#32;&#84;&#121;&#112;&#101;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#77;&#67;&#80;&#32;&#83;&#121;&#115;&#116;&#101;&#109;&#32;&#73;&#110;&#102;&#111;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t{}\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr class=\"debug-entry-row\">\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<span class=\"details-key\">&#66;&#108;&#111;&#99;&#107;&#32;&#82;&#101;&#97;&#115;&#111;&#110;&#58;</span>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\tAuthentication Required\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t</div>\n\t</div>\n\n</div>\n                <!-- block-page-container -->\n                <div class='admin-message-box'><span class='adminMessage' #adminMessage> </span #end></div>\n            </div><br>\n        </div>\n        <div class='footer'><span class='footer-image'>\n                <img src='/mwg-internal/de5fs23hm64ds/files/default/img/Logo.svg' align='absmiddle'\n                    border='0'>\n            </span></div>\n    </div>\n</body>\n<script type='text/javascript'>removeEmptyDebugTableEntries()</script>\n\n</html>",
   "datamd5" : "d1cdb8f60ea2dab5b3ab1769111ea6f4",
   "datammh3" : 1482533554,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "mcafee-cloud.com",
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "cf00636c5395eab2a758ab55746e42c2",
      "sha1" : "12734ceb3c6666eb7f63a25adcf0c0523f538d17",
      "sha256" : "c94dc31d1a2a1c580dfa4947df38e29ef726f1ba49323cf6c1b2185d656e39a0"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "saasprotection.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "WGCS-OCI-MU",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.80.128/29"
   },
   "host" : [
      "161-69-80-132",
      "wgcs"
   ],
   "hostname" : [
      "161-69-80-132.fwd.ops.saasprotection.com",
      "wgcs.mcafee-cloud.com"
   ],
   "ip" : "161.69.80.132",
   "ipv6" : "false",
   "issuer" : {
      "commonname" : "McAfee RSA Organization Validation Secure Server CA 3",
      "country" : "US",
      "organization" : "McAfee, Inc."
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "19.0748",
   "location" : "19.0748,72.8856",
   "longitude" : "72.8856",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux",
   "osdistribution" : "Ubuntu",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "reverse" : [
      "161-69-80-132.fwd.ops.saasprotection.com"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "20:11:b1:e2:26:12:96:e9:b5:66:9d:1e:c5:35:2b:1e",
   "signature" : {
      "algorithm" : "sha384WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 403,
   "subdomains" : [
      "fwd.ops.saasprotection.com",
      "ops.saasprotection.com",
      "wgcs.mcafee-cloud.com"
   ],
   "subject" : {
      "altname" : [
         "*.wgcs.mcafee-cloud.com",
         "wgcs.mcafee-cloud.com"
      ],
      "commonname" : "*.wgcs.mcafee-cloud.com",
      "country" : "US",
      "organization" : "McAfee, LLC"
   },
   "subnet" : "161.69.80.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-14T23:59:59Z",
      "notbefore" : "2024-06-14T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.89.123

Alternative IP(s)
161.69.48.66

Network
161.69.88.0/22

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.89.123:8013/ 401

ASN
AS203724

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 08:54:24 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:54:24.000Z",
   "alternativeip" : [
      "161.69.48.66"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : 1762804945,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS203724",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Osaka",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 08:54:24 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS203724",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SSL-NET-089-63-255",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.89.64/26"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.89.123",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "34.6946",
   "location" : "34.6946,135.5021",
   "longitude" : "135.5021",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.88.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
185.212.107.105

Alternative IP(s)
161.69.90.114

Network
185.212.107.0/24

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://185.212.107.105:8013/ 401

ASN
AS203724

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
01200a30540bb18b15c1f0fbccf228ae

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 08:30:25 GMT
content-type: text/html
cache-control: no-cache
content-length: 1611
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:30:25.000Z",
   "alternativeip" : [
      "161.69.90.114"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : 399283783,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS203724",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "DE",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 08:30:25 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1611\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "01200a30540bb18b15c1f0fbccf228ae",
   "datammh3" : 464103645,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "185.212.107.105",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "51.2993",
   "location" : "51.2993,9.4910",
   "longitude" : "9.4910",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "185.212.107.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.88.114

Alternative IP(s)
161.69.91.113

Network
161.69.88.0/22

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.88.114:8013/ 401

ASN
AS203724

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 08:06:20 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T08:06:20.000Z",
   "alternativeip" : [
      "161.69.91.113"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : 1685530911,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS203724",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 08:06:20 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS203724",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SSL-NET-088-63-255",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.88.64/26"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.88.114",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.88.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.88.132

Alternative IP(s)
161.69.108.104

Network
161.69.88.0/22

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.88.132:8013/ 401

ASN
AS203724

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 06:38:57 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T06:38:57.000Z",
   "alternativeip" : [
      "161.69.108.104"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : -1212552146,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS203724",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Hong Kong",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 06:38:57 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS203724",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SSL-NET-088-63-255",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.88.128/25"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.88.132",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "22.2842",
   "location" : "22.2842,114.1759",
   "longitude" : "114.1759",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.88.0/22",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
120.138.17.53

Alternative IP(s)
161.69.108.104

Network
120.138.16.0/20

Domain(s)
saasprotection.com sth.nz

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://120.138.17.53:8013/ 401

Reverse DNS
rdns.120.138.17.53.sth.nz

ASN
AS45179

Organization
SiteHost New Zealand

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 06:29:12 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T06:29:12.000Z",
   "alternativeip" : [
      "161.69.108.104"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : -1714260138,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS45179",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Wellington",
   "country" : "NZ",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 06:29:12 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com",
      "sth.nz"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS45179",
      "continent" : "OC",
      "continentname" : "Oceania",
      "country" : "NZ",
      "countryname" : "New Zealand",
      "domain" : [
         "sitehost.co.nz",
         "sth.nz"
      ],
      "isineu" : "false",
      "latitude" : "-40.900557",
      "location" : "-40.900557,174.885971",
      "longitude" : "174.885971",
      "netname" : "SITEHOST-NZ",
      "organization" : "SiteTech Solutions Limited",
      "subnet" : "120.138.16.0/20"
   },
   "host" : [
      "rdns"
   ],
   "hostname" : [
      "rdns.120.138.17.53.sth.nz",
      "saasprotection.com"
   ],
   "ip" : "120.138.17.53",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "-41.3675",
   "location" : "-41.3675,174.7153",
   "longitude" : "174.7153",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SiteHost New Zealand",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "reverse" : [
      "rdns.120.138.17.53.sth.nz"
   ],
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subdomains" : [
      "120.138.17.53.sth.nz",
      "138.17.53.sth.nz",
      "17.53.sth.nz",
      "53.sth.nz"
   ],
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "120.138.16.0/20",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com",
      "nz"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.49.130

Network
161.69.48.0/23

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.49.130:8013/ 401

ASN
AS31898

Organization
ORACLE-BMC-31898

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 06:22:39 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T06:22:39.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : -1416360987,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS31898",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Paris",
   "country" : "FR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 06:22:39 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS31898",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "WGCS-OCI-FR",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.49.128/29"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.49.130",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "48.8323",
   "location" : "48.8323,2.4075",
   "longitude" : "2.4075",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ORACLE-BMC-31898",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.48.0/23",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

IP
161.69.92.123

Alternative IP(s)
161.69.91.113

Network
161.69.92.0/24

Domain(s)
saasprotection.com

Device

<enterprise field>: device.class

Operating System
Linux Linux Kernel

URL

https://161.69.92.123:8013/ 401

ASN
AS203724

Organization
Musarubra Germany GmbH

Protocol
http Cert not expired http

Source
datascan
NOTE
This tab is a merge from current page results.

CPE(s)

Domain(s)
mcafee-cloud.com saasprotection.com sth.nz

Hostname(s)
161-69-80-132.fwd.ops.saasprotection.com rdns.120.138.17.53.sth.nz saasprotection.com wgcs.mcafee-cloud.com

IP(s)
120.138.17.53 161.69.49.130 161.69.65.131 161.69.71.103 161.69.80.132 161.69.88.114 161.69.88.132 161.69.89.123 161.69.92.123 185.212.107.105

Port(s)
8013

Protocol(s)
http

Tag(s)

URL(s)
/
Operating System
Linux Linux Kernel

CPE(s)

<enterprise field>: cpe
Issuer Common Name
Sectigo RSA Organization Validation Secure Server CA

Issuer Organization
Sectigo Limited

Subject Organization
Musarubra US LLC

Subject Common Name
*.saasprotection.com

Subject Alt Name
*.saasprotection.com saasprotection.com

SHA256 Fingerprint
3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580

Validity Not Before
2024-06-12T00:00:00Z

Validity Not After
2025-06-12T23:59:59Z

This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

Data MD5
a7df63c27003d04476bc4fd795b5cea7

HTTP Header MD5
fb50ae9fb29cb220a9d263843a6fe0ec

HTTP Body MD5
7df3693b9d48e0910e4d93e6ac27eb17

HTTP/1.1 401 authenticationrequired
date: Thu, 21 Nov 2024 05:40:30 GMT
content-type: text/html
cache-control: no-cache
content-length: 1607
x-frame-options: deny
www-authenticate: Basic realm="Skyhigh Security Cloud"
strict-transport-security: max-age=31536000
connection: close

<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
<html>
<head>
	<meta http-equiv="Content-Type" content="text/html;charset=utf-8">
	  <script src="/mwg-internal/de5fs23hu73ds/files/javascript/sw.js" type="text/javascript" ></script>
	<title>Blocked Request: http://<ip>:8013/</title>
	<style type="text/css">
		body { padding: 5px }
		p { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
		li { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }
	</style>
</head>
<body>
	<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;">Skyhigh Security</h1>
<!--Contents-->
<!-- FileName: authenticationrequired.html
     Language: [en]
-->
<!--Title-->
<h1 style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;">Authentication Required</h1>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;">
You must be authenticated to access this URL.<br /><br />
</span>
    
<!--/Content-->

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;">
<b>URL: </b><script type="text/javascript">break_line("http://<ip>:8013/");</script><br /><br />
</span>

<span  style="margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;">
      <b>ID: </b>4<br />
      <b>Message: </b>No credentials<br />
</span>
<!--/Info-->

<!--/Contents-->
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-21T05:40:30.000Z",
   "alternativeip" : [
      "161.69.91.113"
   ],
   "app" : {
      "extract" : {
         "domain" : [
            "w3.org"
         ],
         "hostname" : [
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/strict.dtd"
         ]
      },
      "http" : {
         "bodymd5" : "7df3693b9d48e0910e4d93e6ac27eb17",
         "bodymmh3" : -894593925,
         "headermd5" : "fb50ae9fb29cb220a9d263843a6fe0ec",
         "headermmh3" : -479651616,
         "realm" : "Skyhigh Security Cloud"
      },
      "length" : 1880
   },
   "asn" : "AS203724",
   "basicconstraints" : "critical",
   "ca" : "false",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 401 authenticationrequired\r\ndate: Thu, 21 Nov 2024 05:40:30 GMT\r\ncontent-type: text/html\r\ncache-control: no-cache\r\ncontent-length: 1607\r\nx-frame-options: deny\r\nwww-authenticate: Basic realm=\"Skyhigh Security Cloud\"\r\nstrict-transport-security: max-age=31536000\r\nconnection: close\r\n\r\n<!DOCTYPE html PUBLIC \"-//W3C//DTD HTML 4.01//EN\" \"http://www.w3.org/TR/html4/strict.dtd\">\n<html>\n<head>\n\t<meta http-equiv=\"Content-Type\" content=\"text/html;charset=utf-8\">\n\t  <script src=\"/mwg-internal/de5fs23hu73ds/files/javascript/sw.js\" type=\"text/javascript\" ></script>\n\t<title>Blocked Request: http://<ip>:8013/</title>\n\t<style type=\"text/css\">\n\t\tbody { padding: 5px }\n\t\tp { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t\tli { margin: 1em 0; font-family: Tahoma,Sans; font-size: 12px; color: #333 }\n\t</style>\n</head>\n<body>\n\t<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 24px; font-weight: bold; color: #6569FE;\">Skyhigh Security</h1>\n<!--Contents-->\n<!-- FileName: authenticationrequired.html\n     Language: [en]\n-->\n<!--Title-->\n<h1 style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 20px; font-weight: bold; color: #6569FE;\">Authentication Required</h1>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 16px; font-weight: bold; color: #000000;\">\nYou must be authenticated to access this URL.<br /><br />\n</span>\n    \n<!--/Content-->\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 12px; font-weight: normal; color: #000000;\">\n<b>URL: </b><script type=\"text/javascript\">break_line(\"http://<ip>:8013/\");</script><br /><br />\n</span>\n\n<span  style=\"margin: 0 0 45px 0; font-family: Tahoma,Sans; font-size: 10px; font-weight: normal; color: #111111;\">\n      <b>ID: </b>4<br />\n      <b>Message: </b>No credentials<br />\n</span>\n<!--/Info-->\n\n<!--/Contents-->\n</body>\n</html>\n",
   "datamd5" : "a7df63c27003d04476bc4fd795b5cea7",
   "datammh3" : 1158899178,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "saasprotection.com"
   ],
   "extkeyusage" : [
      "serverAuth",
      "clientAuth"
   ],
   "fingerprint" : {
      "md5" : "6ca692745f34f49c6a6904c6c2d04be4",
      "sha1" : "177fb755db46e2ce1b29147ad5adaed4bd710437",
      "sha256" : "3f352a76e814729f1ba407753b24adacd0ab2108e0d62f7ec6ecf454e87e3580"
   },
   "geolocus" : {
      "asn" : "AS203724",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mcafee.com",
         "skyhighsecurity.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SSL-NET-092-63-255",
      "organization" : "SKYHIGH SECURITY LLC",
      "subnet" : "161.69.92.64/26"
   },
   "hostname" : [
      "saasprotection.com"
   ],
   "ip" : "161.69.92.123",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Salford",
      "commonname" : "Sectigo RSA Organization Validation Secure Server CA",
      "country" : "GB",
      "organization" : "Sectigo Limited"
   },
   "keyusage" : [
      "digitalSignature",
      "keyEncipherment"
   ],
   "latitude" : "37.7510",
   "location" : "37.7510,-97.8220",
   "longitude" : "-97.8220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Musarubra Germany GmbH",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 8013,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "authenticationrequired",
   "seen_date" : "2024-11-21",
   "serial" : "2f:c5:fb:f0:01:91:79:b0:1d:7f:15:e5:98:4c:c9:87",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 401,
   "subject" : {
      "altname" : [
         "*.saasprotection.com",
         "saasprotection.com"
      ],
      "commonname" : "*.saasprotection.com",
      "country" : "US",
      "organization" : "Musarubra US LLC"
   },
   "subnet" : "161.69.92.0/24",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2025-06-12T23:59:59Z",
      "notbefore" : "2024-06-12T00:00:00Z"
   },
   "version" : "v3",
   "wildcard" : "true"
}

Returning 10 result(s) out of 727 in 0.027 second(s)

161.69.71.103:8013 (tcp/http/tls) - last seen on 2024-11-21 at 09:57:35 UTC

161.69.65.131:8013 (tcp/http/tls) - last seen on 2024-11-21 at 09:21:10 UTC

161.69.80.132:8013 (tcp/http/tls) - last seen on 2024-11-21 at 09:07:13 UTC

161.69.89.123:8013 (tcp/http/tls) - last seen on 2024-11-21 at 08:54:24 UTC

185.212.107.105:8013 (tcp/http/tls) - last seen on 2024-11-21 at 08:30:25 UTC

161.69.88.114:8013 (tcp/http/tls) - last seen on 2024-11-21 at 08:06:20 UTC

161.69.88.132:8013 (tcp/http/tls) - last seen on 2024-11-21 at 06:38:57 UTC

120.138.17.53:8013 (tcp/http/tls) - last seen on 2024-11-21 at 06:29:12 UTC

161.69.49.130:8013 (tcp/http/tls) - last seen on 2024-11-21 at 06:22:39 UTC

161.69.92.123:8013 (tcp/http/tls) - last seen on 2024-11-21 at 05:40:30 UTC