ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 3,260 in 0.030 second(s)

  • 153.192.91.36:12443 (tcp/http/tls) - last seen on 2024-11-07 at 05:25:31 UTC

    • IP
      153.192.91.36
      Network
      153.192.0.0/11
      Domain(s)
      ocn.ne.jp
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://153.192.91.36:12443/ 200

      Reverse DNS
      p1866036-ipxg00a01kobeminato.hyogo.ocn.ne.jp
      ASN
      AS4713
      Organization
      NTT Communications Corporation
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT90E4Q16003288
      SHA256 Fingerprint
      bad694ee7d43a20db496bfd494c9beb0275107df34263bdc12bfe3ee8e73dde9
      Validity Not Before
      2016-10-13T03:25:21Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      f91667a794910f1aae9c2f22d28435a7
      HTTP Header MD5
      853708e1aca3cb740ffc9f647fb46545
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4
      Favicon MD5
      e462005902f81094ab3de44e4381de19
      Favicon MMH3
      945408572 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 03:50:55 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Thu, 13 Sep 2018 19:05:25 GMT
ETag: "83-5b9ab4f5"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:25:31.000Z",
   "app" : {
      "favicon" : {
         "image" : "AAABAAEAEBAQAAAAAAAoAQAAFgAAACgAAAAQAAAAIAAAAAEABAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAACAAACAAAAAgIAAgAAAAIAAgACAgAAAgICAAMDAwAAAAP8AAP8AAAD//wD/AAAA/wD/AP//AAD///8AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAJmAmZmAmYAJmYCZmYCZmJmZgJmZgJmZAAAAAAAAAACZmYAAAACZmZmZgAAAAJmZmZmAAAAAmZkAAAAAAAAAAJmZgJmZgJmZCZmAmZmAmZgAmYCZmYCZgAAAAAAAAAAAAAAAAAAAAAD//wAA//8AAP//AADEEQAAhBAAAAQQAAD//wAAB/AAAAfwAAAH8AAA//8AAAQQAACEEAAAxBEAAP//AAD//wAA",
         "imagemd5" : "e462005902f81094ab3de44e4381de19",
         "imagemmh3" : 945408572,
         "length" : 318,
         "url" : "/favicon.ico"
      },
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "value" : "Thu, 13 Sep 2018 19:05:25 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "83-5b9ab4f5"
            }
         ],
         "headermd5" : "853708e1aca3cb740ffc9f647fb46545",
         "headermmh3" : 459834462
      },
      "length" : 554
   },
   "asn" : "AS4713",
   "ca" : "false",
   "country" : "JP",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 03:50:55 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Thu, 13 Sep 2018 19:05:25 GMT\r\nETag: \"83-5b9ab4f5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "f91667a794910f1aae9c2f22d28435a7",
   "datammh3" : -2092735292,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "domain" : [
      "ocn.ne.jp"
   ],
   "fingerprint" : {
      "md5" : "ba7ab6335e7afc5ad183db7d73d4b8fc",
      "sha1" : "f0aaed8f4a7b4d4e9c714d43d60ed8535911d4a1",
      "sha256" : "bad694ee7d43a20db496bfd494c9beb0275107df34263bdc12bfe3ee8e73dde9"
   },
   "geolocus" : {
      "asn" : "AS4713",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "JP",
      "countryname" : "Japan",
      "domain" : [
         "nic.ad.jp",
         "ocn.ad.jp",
         "ocn.ne.jp"
      ],
      "isineu" : "false",
      "latitude" : "36.204824",
      "location" : "36.204824,138.252924",
      "longitude" : "138.252924",
      "netname" : "OCN",
      "organization" : "NTT Communications Corporation",
      "subnet" : "153.192.0.0/11"
   },
   "host" : [
      "p1866036-ipxg00a01kobeminato"
   ],
   "hostname" : [
      "p1866036-ipxg00a01kobeminato.hyogo.ocn.ne.jp"
   ],
   "ip" : "153.192.91.36",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "35.6897",
   "location" : "35.6897,139.6895",
   "longitude" : "139.6895",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "NTT Communications Corporation",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "p1866036-ipxg00a01kobeminato.hyogo.ocn.ne.jp"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "37:d0:66",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "hyogo.ocn.ne.jp"
   ],
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT90E4Q16003288",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "153.192.0.0/11",
   "tld" : [
      "ne.jp"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2016-10-13T03:25:21Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 181.205.191.251:12443 (tcp/http/tls) - last seen on 2024-11-07 at 05:06:03 UTC

    • IP
      181.205.191.251
      Network
      181.204.0.0/14
      Domain(s)
      tigo.com.co
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://181.205.191.251:12443/ 200

      Reverse DNS
      dinamic-tigo-181-205-191-251.tigo.com.co
      ASN
      AS27831
      Organization
      Colombia Movil
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT30E5619080726
      SHA256 Fingerprint
      a8d139a3bb217337e3ff294e57194c2dd3172cf3d606f4e9010fb442469e69fd
      Validity Not Before
      2019-12-12T06:00:18Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      ab5b4ae4312b710ef3e4975473f89d7e
      HTTP Header MD5
      b0d96c370950756d4be0970cc498963a
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 05:05:53 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Wed, 02 Nov 2022 22:14:15 GMT
ETag: "83-6362ebb7"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:06:03.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "value" : "Wed, 02 Nov 2022 22:14:15 GMT",
               "name" : "Last-Modified"
            },
            {
               "name" : "ETag",
               "value" : "83-6362ebb7"
            }
         ],
         "headermd5" : "b0d96c370950756d4be0970cc498963a",
         "headermmh3" : 355455576
      },
      "length" : 637
   },
   "asn" : "AS27831",
   "ca" : "false",
   "city" : "Medell\u00edn",
   "country" : "CO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 05:05:53 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Wed, 02 Nov 2022 22:14:15 GMT\r\nETag: \"83-6362ebb7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "ab5b4ae4312b710ef3e4975473f89d7e",
   "datammh3" : 1826643348,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "domain" : [
      "tigo.com.co"
   ],
   "fingerprint" : {
      "md5" : "b6735c5d3743c485bef467282f241f09",
      "sha1" : "1c181368e2200d1684289640ec9dbe73ea741014",
      "sha256" : "a8d139a3bb217337e3ff294e57194c2dd3172cf3d606f4e9010fb442469e69fd"
   },
   "geolocus" : {
      "asn" : "AS27831",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "CO",
      "countryname" : "Colombia",
      "domain" : [
         "tigo.com.co"
      ],
      "isineu" : "false",
      "latitude" : "4.570868",
      "location" : "4.570868,-74.297333",
      "longitude" : "-74.297333",
      "netname" : "CO-COMO-LACNIC",
      "organization" : "Colombia Movil",
      "subnet" : "181.204.0.0/14"
   },
   "host" : [
      "dinamic-tigo-181-205-191-251"
   ],
   "hostname" : [
      "dinamic-tigo-181-205-191-251.tigo.com.co"
   ],
   "ip" : "181.205.191.251",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "6.2529",
   "location" : "6.2529,-75.5646",
   "longitude" : "-75.5646",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Colombia Movil",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "dinamic-tigo-181-205-191-251.tigo.com.co"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "44:c8:f6",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT30E5619080726",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "181.204.0.0/14",
   "tld" : [
      "com.co"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2019-12-12T06:00:18Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 181.205.191.251:12443 (tcp/http/tls) - last seen on 2024-11-07 at 05:03:46 UTC

    • IP
      181.205.191.251
      Network
      181.204.0.0/14
      Domain(s)
      tigo.com.co
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://181.205.191.251:12443/ 200

      Reverse DNS
      dinamic-tigo-181-205-191-251.tigo.com.co
      ASN
      AS27831
      Organization
      Colombia Movil
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT30E5619080726
      SHA256 Fingerprint
      a8d139a3bb217337e3ff294e57194c2dd3172cf3d606f4e9010fb442469e69fd
      Validity Not Before
      2019-12-12T06:00:18Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      ab5b4ae4312b710ef3e4975473f89d7e
      HTTP Header MD5
      b0d96c370950756d4be0970cc498963a
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 05:03:36 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Wed, 02 Nov 2022 22:14:15 GMT
ETag: "83-6362ebb7"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:03:46.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "value" : "Wed, 02 Nov 2022 22:14:15 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "83-6362ebb7",
               "name" : "ETag"
            }
         ],
         "headermd5" : "b0d96c370950756d4be0970cc498963a",
         "headermmh3" : -1538058215
      },
      "length" : 637
   },
   "asn" : "AS27831",
   "ca" : "false",
   "city" : "Medell\u00edn",
   "country" : "CO",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 05:03:36 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Wed, 02 Nov 2022 22:14:15 GMT\r\nETag: \"83-6362ebb7\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "ab5b4ae4312b710ef3e4975473f89d7e",
   "datammh3" : 1826643348,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "domain" : [
      "tigo.com.co"
   ],
   "fingerprint" : {
      "md5" : "b6735c5d3743c485bef467282f241f09",
      "sha1" : "1c181368e2200d1684289640ec9dbe73ea741014",
      "sha256" : "a8d139a3bb217337e3ff294e57194c2dd3172cf3d606f4e9010fb442469e69fd"
   },
   "geolocus" : {
      "asn" : "AS27831",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "CO",
      "countryname" : "Colombia",
      "domain" : [
         "tigo.com.co"
      ],
      "isineu" : "false",
      "latitude" : "4.570868",
      "location" : "4.570868,-74.297333",
      "longitude" : "-74.297333",
      "netname" : "CO-COMO-LACNIC",
      "organization" : "Colombia Movil",
      "subnet" : "181.204.0.0/14"
   },
   "host" : [
      "dinamic-tigo-181-205-191-251"
   ],
   "hostname" : [
      "dinamic-tigo-181-205-191-251.tigo.com.co"
   ],
   "ip" : "181.205.191.251",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "6.2529",
   "location" : "6.2529,-75.5646",
   "longitude" : "-75.5646",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Colombia Movil",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "dinamic-tigo-181-205-191-251.tigo.com.co"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "44:c8:f6",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT30E5619080726",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "181.204.0.0/14",
   "tld" : [
      "com.co"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2019-12-12T06:00:18Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 184.153.54.63:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:48:51 UTC

    • IP
      184.153.54.63
      Network
      184.153.0.0/17
      Domain(s)
      spectrum.com
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://184.153.54.63:12443/ 200

      Reverse DNS
      syn-184-153-054-063.res.spectrum.com
      ASN
      AS12271
      Organization
      TWC-12271-NYC
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT30E5620024575
      SHA256 Fingerprint
      64ecbe7c70c42619b91e2ac95e7f2e7ef5824ca5a273d57dcfc8b5dd03eed9e5
      Validity Not Before
      2020-04-10T17:59:13Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fcc886b42fd986283acf33a45ad303b9
      HTTP Header MD5
      883e00378a2a861f6018e25cafe1c76c
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:48:40 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Wed, 22 Jan 2020 00:12:37 GMT
ETag: "83-5e279375"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'none'; script-src 'self' https 'unsafe-eval' 'unsafe-inline';
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:48:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Wed, 22 Jan 2020 00:12:37 GMT"
            },
            {
               "value" : "83-5e279375",
               "name" : "ETag"
            }
         ],
         "headermd5" : "883e00378a2a861f6018e25cafe1c76c",
         "headermmh3" : -1518770214
      },
      "length" : 629
   },
   "asn" : "AS12271",
   "ca" : "false",
   "city" : "New York",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:48:40 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Wed, 22 Jan 2020 00:12:37 GMT\r\nETag: \"83-5e279375\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'none'; script-src 'self' https 'unsafe-eval' 'unsafe-inline';\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "fcc886b42fd986283acf33a45ad303b9",
   "datammh3" : -2135699770,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "domain" : [
      "spectrum.com"
   ],
   "fingerprint" : {
      "md5" : "79adf091caa4d5c75ab3e8bfd077d01b",
      "sha1" : "b8398a4b97c0e653fe228756fc4349b1455f8b7d",
      "sha256" : "64ecbe7c70c42619b91e2ac95e7f2e7ef5824ca5a273d57dcfc8b5dd03eed9e5"
   },
   "geolocus" : {
      "asn" : "AS12271",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "RRNY",
      "organization" : "Charter Communications Inc",
      "subnet" : "184.153.0.0/17"
   },
   "host" : [
      "syn-184-153-054-063"
   ],
   "hostname" : [
      "syn-184-153-054-063.res.spectrum.com"
   ],
   "ip" : "184.153.54.63",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "40.7653",
   "location" : "40.7653,-73.9589",
   "longitude" : "-73.9589",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TWC-12271-NYC",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "syn-184-153-054-063.res.spectrum.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "4d:85:63",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "res.spectrum.com"
   ],
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT30E5620024575",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "184.153.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2020-04-10T17:59:13Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 184.153.54.63:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:45:39 UTC

    • IP
      184.153.54.63
      Network
      184.153.0.0/17
      Domain(s)
      spectrum.com
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://184.153.54.63:12443/ 200

      Reverse DNS
      syn-184-153-054-063.res.spectrum.com
      ASN
      AS12271
      Organization
      TWC-12271-NYC
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT30E5620024575
      SHA256 Fingerprint
      64ecbe7c70c42619b91e2ac95e7f2e7ef5824ca5a273d57dcfc8b5dd03eed9e5
      Validity Not Before
      2020-04-10T17:59:13Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      fcc886b42fd986283acf33a45ad303b9
      HTTP Header MD5
      883e00378a2a861f6018e25cafe1c76c
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:45:28 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Wed, 22 Jan 2020 00:12:37 GMT
ETag: "83-5e279375"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'none'; script-src 'self' https 'unsafe-eval' 'unsafe-inline';
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:45:39.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "value" : "Wed, 22 Jan 2020 00:12:37 GMT",
               "name" : "Last-Modified"
            },
            {
               "value" : "83-5e279375",
               "name" : "ETag"
            }
         ],
         "headermd5" : "883e00378a2a861f6018e25cafe1c76c",
         "headermmh3" : 101365835
      },
      "length" : 629
   },
   "asn" : "AS12271",
   "ca" : "false",
   "city" : "New York",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:45:28 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Wed, 22 Jan 2020 00:12:37 GMT\r\nETag: \"83-5e279375\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'none'; script-src 'self' https 'unsafe-eval' 'unsafe-inline';\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "fcc886b42fd986283acf33a45ad303b9",
   "datammh3" : -2135699770,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "domain" : [
      "spectrum.com"
   ],
   "fingerprint" : {
      "md5" : "79adf091caa4d5c75ab3e8bfd077d01b",
      "sha1" : "b8398a4b97c0e653fe228756fc4349b1455f8b7d",
      "sha256" : "64ecbe7c70c42619b91e2ac95e7f2e7ef5824ca5a273d57dcfc8b5dd03eed9e5"
   },
   "geolocus" : {
      "asn" : "AS12271",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "charter.com",
         "charter.net",
         "spectrum.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "RRNY",
      "organization" : "Charter Communications Inc",
      "subnet" : "184.153.0.0/17"
   },
   "host" : [
      "syn-184-153-054-063"
   ],
   "hostname" : [
      "syn-184-153-054-063.res.spectrum.com"
   ],
   "ip" : "184.153.54.63",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "40.7653",
   "location" : "40.7653,-73.9589",
   "longitude" : "-73.9589",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TWC-12271-NYC",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "syn-184-153-054-063.res.spectrum.com"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "4d:85:63",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "res.spectrum.com"
   ],
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT30E5620024575",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "184.153.0.0/17",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2020-04-10T17:59:13Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 195.80.151.50:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:22:22 UTC

    • IP
      195.80.151.50
      Network
      195.80.148.0/22
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://195.80.151.50:12443/ 200

      HTTP Title
      Web Filter Block Override
      ASN
      AS206804
      Organization
      EstNOC OY
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      HTTP Component(s)
      Fortinet FortiGuard
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT30E5611406639
      SHA256 Fingerprint
      df6cc05cc6a58eb0fdb75d522b167b470be0e50b7f94e6ef5767dafd4716dc7c
      Validity Not Before
      2024-04-27T01:03:35Z
      Validity Not After
      2026-07-31T01:03:35Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      cfe533911cd93fdbcdac6b894c3a3b1f
      HTTP Header MD5
      257fdf67bf182740586db7f7fc5f5223
      HTTP Body MD5
      78ef50daf46f0d2e957e772aead46747 
    • HTTP/1.1 200 OK
Content-Length: 4611
Connection: close
Cache-Control: no-cache
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: frame-ancestors 'self'

<!DOCTYPE html>
<html lang="en">
    <head>
        <meta charset="UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=8; IE=EDGE">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link href="https://fonts.googleapis.com/css?family=Roboto&display=swap" rel="stylesheet">
        <style type="text/css">
            body {
                height: 100%;
                font-family: Roboto, Helvetica, Arial, sans-serif;
                color: #6a6a6a;
                margin: 0;
                display: flex;
                align-items: center;
                justify-content: center;
            }
            input[type=date], input[type=email], input[type=number], input[type=password], input[type=search], input[type=tel], input[type=text], input[type=time], input[type=url], select, textarea {
                color: #262626;
                vertical-align: baseline;
                margin: .2em;
                border-style: solid;
                border-width: 1px;
                border-color: #a9a9a9;
                background-color: #fff;
                box-sizing: border-box;
                padding: 2px .5em;
                appearance: none;
                border-radius: 0;
            }
            input:focus {
                border-color: #646464;
                box-shadow: 0 0 1px 0 #a2a2a2;
                outline: 0;
            }
            button {
                padding: .5em 1em;
                border: 1px solid;
                border-radius: 3px;
                min-width: 6em;
                font-weight: 400;
                font-size: .8em;
                cursor: pointer;
            }
            button.primary {
                color: #fff;
                background-color: rgb(47, 113, 178);
                border-color: rgb(34, 103, 173);
            }
            .message-container {
                height: 500px;
                width: 600px;
                padding: 0;
                margin: 10px;
            }
            .logo {
                background: url(https://<ip>:12443/XX/YY/ZZ/CI/MGPGHGPGPFGHDDPFGGHGFHBGCHEGPFBGAHAH) no-repeat left center;
                height: 267px;
                object-fit: contain;
            }
            table {
                background-color: #fff;
                border-spacing: 0;
                margin: 1em;
            }
            table > tbody > tr > td:first-of-type:not([colspan]) {
                white-space: nowrap;
                color: rgba(0,0,0,.5);
            }
            table > tbody > tr > td:first-of-type {
                vertical-align: top;
            }
            table > tbody > tr > td {
                padding: .3em .3em;
            }
            .field {
                display: table-row;
            }
            .field > :first-child {
                display: table-cell;
                width: 20%;
            }
            .field.single > :first-child {
                display: inline;
            }
            .field > :not(:first-child) {
                width: auto;
                max-width: 100%;
                display: inline-flex;
                align-items: baseline;
                virtical-align: top;
                box-sizing: border-box;
                margin: .3em;
            }
            .field > :not(:first-child) > input {
                width: 230px;
            }
            .form-footer {
                display: inline-flex;
                justify-content: flex-start;
            }
            .form-footer > * {
                margin: 1em;
            }
            .text-scrollable {
                overflow: auto;
                height: 150px;
                border: 1px solid rgb(200, 200, 200);
                padding: 5px;
                font-size: 1em;
            }
            .text-centered {
                text-align: center;
            }
            .text-container {
                margin: 1em 1.5em;
            }
            .flex-container {
                display: flex;
            }
            .flex-container.column {
                flex-direction: column;
            }
        </style>
        <title>Web Filter Block Override</title>
    </head>
    <body><div class="message-container">
    <div class="logo"></div>
    <h1>FortiGuard Intrusion Prevention - Access Blocked</h1>
    <h3>Web Filter Block Override</h3>
    <p>Please contact your administrator to gain access to the web page.</p>
    <div><font color="#FF0000">Invalid FortiGuard Web Filtering override request.</font></div>
</div></body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:22:22.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "googleapis.com"
         ],
         "hostname" : [
            "fonts.googleapis.com"
         ],
         "url" : [
            "https://fonts.googleapis.com/css?family=Roboto&display=swap"
         ]
      },
      "http" : {
         "bodymd5" : "78ef50daf46f0d2e957e772aead46747",
         "bodymmh3" : 1880995988,
         "component" : [
            {
               "productvendor" : "Fortinet",
               "product" : "FortiGuard"
            }
         ],
         "headermd5" : "257fdf67bf182740586db7f7fc5f5223",
         "headermmh3" : 507987528,
         "title" : "Web Filter Block Override"
      },
      "length" : 4871
   },
   "asn" : "AS206804",
   "basicconstraints" : "critical",
   "ca" : "false",
   "city" : "Sofia",
   "country" : "BG",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nContent-Length: 4611\r\nConnection: close\r\nCache-Control: no-cache\r\nContent-Type: text/html; charset=utf-8\r\nX-Frame-Options: SAMEORIGIN\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nContent-Security-Policy: frame-ancestors 'self'\r\n\r\n<!DOCTYPE html>\n<html lang=\"en\">\n    <head>\n        <meta charset=\"UTF-8\">\n        <meta http-equiv=\"X-UA-Compatible\" content=\"IE=8; IE=EDGE\">\n        <meta name=\"viewport\" content=\"width=device-width, initial-scale=1\">\n        <link href=\"https://fonts.googleapis.com/css?family=Roboto&display=swap\" rel=\"stylesheet\">\n        <style type=\"text/css\">\n            body {\n                height: 100%;\n                font-family: Roboto, Helvetica, Arial, sans-serif;\n                color: #6a6a6a;\n                margin: 0;\n                display: flex;\n                align-items: center;\n                justify-content: center;\n            }\n            input[type=date], input[type=email], input[type=number], input[type=password], input[type=search], input[type=tel], input[type=text], input[type=time], input[type=url], select, textarea {\n                color: #262626;\n                vertical-align: baseline;\n                margin: .2em;\n                border-style: solid;\n                border-width: 1px;\n                border-color: #a9a9a9;\n                background-color: #fff;\n                box-sizing: border-box;\n                padding: 2px .5em;\n                appearance: none;\n                border-radius: 0;\n            }\n            input:focus {\n                border-color: #646464;\n                box-shadow: 0 0 1px 0 #a2a2a2;\n                outline: 0;\n            }\n            button {\n                padding: .5em 1em;\n                border: 1px solid;\n                border-radius: 3px;\n                min-width: 6em;\n                font-weight: 400;\n                font-size: .8em;\n                cursor: pointer;\n            }\n            button.primary {\n                color: #fff;\n                background-color: rgb(47, 113, 178);\n                border-color: rgb(34, 103, 173);\n            }\n            .message-container {\n                height: 500px;\n                width: 600px;\n                padding: 0;\n                margin: 10px;\n            }\n            .logo {\n                background: url(https://<ip>:12443/XX/YY/ZZ/CI/MGPGHGPGPFGHDDPFGGHGFHBGCHEGPFBGAHAH) no-repeat left center;\n                height: 267px;\n                object-fit: contain;\n            }\n            table {\n                background-color: #fff;\n                border-spacing: 0;\n                margin: 1em;\n            }\n            table > tbody > tr > td:first-of-type:not([colspan]) {\n                white-space: nowrap;\n                color: rgba(0,0,0,.5);\n            }\n            table > tbody > tr > td:first-of-type {\n                vertical-align: top;\n            }\n            table > tbody > tr > td {\n                padding: .3em .3em;\n            }\n            .field {\n                display: table-row;\n            }\n            .field > :first-child {\n                display: table-cell;\n                width: 20%;\n            }\n            .field.single > :first-child {\n                display: inline;\n            }\n            .field > :not(:first-child) {\n                width: auto;\n                max-width: 100%;\n                display: inline-flex;\n                align-items: baseline;\n                virtical-align: top;\n                box-sizing: border-box;\n                margin: .3em;\n            }\n            .field > :not(:first-child) > input {\n                width: 230px;\n            }\n            .form-footer {\n                display: inline-flex;\n                justify-content: flex-start;\n            }\n            .form-footer > * {\n                margin: 1em;\n            }\n            .text-scrollable {\n                overflow: auto;\n                height: 150px;\n                border: 1px solid rgb(200, 200, 200);\n                padding: 5px;\n                font-size: 1em;\n            }\n            .text-centered {\n                text-align: center;\n            }\n            .text-container {\n                margin: 1em 1.5em;\n            }\n            .flex-container {\n                display: flex;\n            }\n            .flex-container.column {\n                flex-direction: column;\n            }\n        </style>\n        <title>Web Filter Block Override</title>\n    </head>\n    <body><div class=\"message-container\">\n    <div class=\"logo\"></div>\n    <h1>FortiGuard Intrusion Prevention - Access Blocked</h1>\n    <h3>Web Filter Block Override</h3>\n    <p>Please contact your administrator to gain access to the web page.</p>\n    <div><font color=\"#FF0000\">Invalid FortiGuard Web Filtering override request.</font></div>\n</div></body>\n</html>\n",
   "datamd5" : "cfe533911cd93fdbcdac6b894c3a3b1f",
   "datammh3" : 927399519,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "fingerprint" : {
      "md5" : "cfed6110f4203e2bc865b4cf9977804e",
      "sha1" : "a4bc15cdf07c4f06a46e7dd7d75c2d83752ad9a8",
      "sha256" : "df6cc05cc6a58eb0fdb75d522b167b470be0e50b7f94e6ef5767dafd4716dc7c"
   },
   "ip" : "195.80.151.50",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "42.6951",
   "location" : "42.6951,23.3250",
   "longitude" : "23.3250",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "EstNOC OY",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "serial" : "06:5b:a7:dd:74:c4:0f:53:c4:ed:4d:1d:a3:12:ba:da:22:29:0a:32",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT30E5611406639",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "195.80.148.0/22",
   "tag" : "<enterprise field>: tag",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2026-07-31T01:03:35Z",
      "notbefore" : "2024-04-27T01:03:35Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 187.109.103.138:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:21:49 UTC

    • IP
      187.109.103.138
      Network
      187.109.96.0/20
      Domain(s)
      ampernet.com.br
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://187.109.103.138:12443/ 200

      Reverse DNS
      138.103.109.187.dynamic.ampernet.com.br
      ASN
      AS28158
      Organization
      Ampernet Telecomunicacoes Ltda
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FGT40C3912010639
      SHA256 Fingerprint
      c5a8afc10890d7be25e339b182e1065664087e412afd606bcd04d3032b4068ae
      Validity Not Before
      2012-04-10T02:04:39Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      c16871d08a278f5609bcb4cef256f233
      HTTP Header MD5
      772aa0f07521e8743f995cdae0755aaf
      HTTP Body MD5
      c647dc149f55829659640751e9184f8c 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:21:48 GMT
Vary: Accept-Encoding
Last-Modified: Fri, 09 Aug 2024 21:10:45 GMT
ETag: "b71_4f_66b685d5"
Accept-Ranges: bytes
Content-Length: 79
Connection: close
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=Edge

<html>
<script language=javascript>

top.location="/login";

</script>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:21:49.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "c647dc149f55829659640751e9184f8c",
         "bodymmh3" : 404390435,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Fri, 09 Aug 2024 21:10:45 GMT"
            },
            {
               "name" : "ETag",
               "value" : "b71_4f_66b685d5"
            }
         ],
         "headermd5" : "772aa0f07521e8743f995cdae0755aaf",
         "headermmh3" : 1078749735
      },
      "length" : 385
   },
   "asn" : "AS28158",
   "ca" : "false",
   "city" : "Pato Branco",
   "country" : "BR",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:21:48 GMT\r\nVary: Accept-Encoding\r\nLast-Modified: Fri, 09 Aug 2024 21:10:45 GMT\r\nETag: \"b71_4f_66b685d5\"\r\nAccept-Ranges: bytes\r\nContent-Length: 79\r\nConnection: close\r\nContent-Type: text/html; charset=utf-8\r\nX-Frame-Options: SAMEORIGIN\r\nX-UA-Compatible: IE=Edge\r\n\r\n<html>\n<script language=javascript>\n\ntop.location=\"/login\";\n\n</script>\n</html>\n",
   "datamd5" : "c16871d08a278f5609bcb4cef256f233",
   "datammh3" : -559703240,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "domain" : [
      "ampernet.com.br"
   ],
   "fingerprint" : {
      "md5" : "1d39bf14609d8982a83fccb629098908",
      "sha1" : "ba92d05b9a60f32c101570cfed53f7b8429d208d",
      "sha256" : "c5a8afc10890d7be25e339b182e1065664087e412afd606bcd04d3032b4068ae"
   },
   "geolocus" : {
      "asn" : "AS28158",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "BR",
      "countryname" : "Brazil",
      "domain" : [
         "ampernet.com.br",
         "cert.br"
      ],
      "isineu" : "false",
      "latitude" : "-14.235004",
      "location" : "-14.235004,-51.92528",
      "longitude" : "-51.92528",
      "netname" : "04.596.419/0001-09",
      "organization" : "Ampernet Telecomunicacoes Ltda",
      "subnet" : "187.109.96.0/20"
   },
   "host" : [
      138
   ],
   "hostname" : [
      "138.103.109.187.dynamic.ampernet.com.br"
   ],
   "ip" : "187.109.103.138",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "-26.1704",
   "location" : "-26.1704,-52.6589",
   "longitude" : "-52.6589",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Ampernet Telecomunicacoes Ltda",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 1024
   },
   "reason" : "OK",
   "reverse" : [
      "138.103.109.187.dynamic.ampernet.com.br"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "06:33:40",
   "signature" : {
      "algorithm" : "sha1WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "187.dynamic.ampernet.com.br",
      "dynamic.ampernet.com.br",
      "109.187.dynamic.ampernet.com.br",
      "103.109.187.dynamic.ampernet.com.br"
   ],
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FGT40C3912010639",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "187.109.96.0/20",
   "tld" : [
      "com.br"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2012-04-10T02:04:39Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 80.156.77.218:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:20:54 UTC

    • IP
      80.156.77.218
      Network
      80.156.0.0/15
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product <enterprise field>: device.productversion

      Operating System
      Fortinet FortiOS
      URL

      https://80.156.77.218:12443/ 200

      ASN
      AS3320
      Organization
      Deutsche Telekom AG
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FG200ETK18917158
      SHA256 Fingerprint
      eb8febe1fb5796deb9944051be47f16ea53e4b6c6d361e1709daa6bc6170f0a3
      Validity Not Before
      2018-11-06T08:13:14Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      4ba48cdbc3858e61ac62f6c8f0bfd487
      HTTP Header MD5
      182ab85f46146b55dc771cc3936243cf
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:20:42 GMT
Server: xxxxxxxx-xxxxx
ETag: "83-65c27213"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https:   'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:20:54.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "name" : "ETag",
               "value" : "83-65c27213"
            }
         ],
         "headermd5" : "182ab85f46146b55dc771cc3936243cf",
         "headermmh3" : 1652474990
      },
      "length" : 592
   },
   "asn" : "AS3320",
   "ca" : "false",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:20:42 GMT\r\nServer: xxxxxxxx-xxxxx\r\nETag: \"83-65c27213\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https:   'unsafe-eval' 'unsafe-inline' blob:;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "4ba48cdbc3858e61ac62f6c8f0bfd487",
   "datammh3" : -1410810157,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor",
      "productversion" : "<enterprise field>: device.productversion"
   },
   "fingerprint" : {
      "md5" : "41eccddd5cf7b91c71ad715d07a486e5",
      "sha1" : "b2bfcfd925d066a2d1d8561f88057f74d10d35c3",
      "sha256" : "eb8febe1fb5796deb9944051be47f16ea53e4b6c6d361e1709daa6bc6170f0a3"
   },
   "ip" : "80.156.77.218",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "51.2993",
   "location" : "51.2993,9.4910",
   "longitude" : "9.4910",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Deutsche Telekom AG",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "seen_date" : "2024-11-07",
   "serial" : "1a:09:f9",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FG200ETK18917158",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "80.156.0.0/15",
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2018-11-06T08:13:14Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 175.45.17.138:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:12:59 UTC

    • IP
      175.45.17.138
      Alternative IP(s)
      218.253.214.236 3.1.36.62
      Network
      175.45.0.0/18
      Domain(s)
      artus.com.hk
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Fortinet FortiOS
      URL

      https://175.45.17.138:12443/ 200

      Reverse DNS
      mx.artus.com.hk
      ASN
      AS9381
      Organization
      HKBN Enterprise Solutions HK Limited
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FWF30E3U16002730
      SHA256 Fingerprint
      7175e5ede7550fc770a65a6980adf5ffc510a1e1b37a961c963a952b355efc2f
      Validity Not Before
      2016-08-09T14:57:53Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      ab5b4ae4312b710ef3e4975473f89d7e
      HTTP Header MD5
      b0d96c370950756d4be0970cc498963a
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:12:49 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Tue, 11 Apr 2023 21:01:13 GMT
ETag: "83-6435ca99"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:12:59.000Z",
   "alternativeip" : [
      "218.253.214.236",
      "3.1.36.62"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 11 Apr 2023 21:01:13 GMT"
            },
            {
               "name" : "ETag",
               "value" : "83-6435ca99"
            }
         ],
         "headermd5" : "b0d96c370950756d4be0970cc498963a",
         "headermmh3" : 1900247993
      },
      "length" : 637
   },
   "asn" : "AS9381",
   "ca" : "false",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:12:49 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Tue, 11 Apr 2023 21:01:13 GMT\r\nETag: \"83-6435ca99\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "ab5b4ae4312b710ef3e4975473f89d7e",
   "datammh3" : 1826643348,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "artus.com.hk"
   ],
   "fingerprint" : {
      "md5" : "fe99e0a0502a7b317488820dfeb843dc",
      "sha1" : "10e9db3dc5576fb1f96318b7b951b888e6e64e8a",
      "sha256" : "7175e5ede7550fc770a65a6980adf5ffc510a1e1b37a961c963a952b355efc2f"
   },
   "geolocus" : {
      "asn" : "AS9381",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "hkbn.com.hk"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "HKBNES-HK",
      "organization" : "HKBN Enterprise Solutions HK Limited",
      "subnet" : "175.45.0.0/19"
   },
   "host" : [
      "mx"
   ],
   "hostname" : [
      "mx.artus.com.hk"
   ],
   "ip" : "175.45.17.138",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "22.2908",
   "location" : "22.2908,114.1501",
   "longitude" : "114.1501",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "HKBN Enterprise Solutions HK Limited",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "mx.artus.com.hk"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "33:0f:33",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FWF30E3U16002730",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "175.45.0.0/18",
   "tld" : [
      "com.hk"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2016-08-09T14:57:53Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}

  • 175.45.17.138:12443 (tcp/http/tls) - last seen on 2024-11-07 at 04:11:35 UTC

    • IP
      175.45.17.138
      Alternative IP(s)
      218.253.214.236 3.1.36.62
      Network
      175.45.0.0/18
      Domain(s)
      artus.com.hk
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Fortinet FortiOS
      URL

      https://175.45.17.138:12443/ 200

      Reverse DNS
      mx.artus.com.hk
      ASN
      AS9381
      Organization
      HKBN Enterprise Solutions HK Limited
      Protocol
      http Cert not expired http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      CPE(s)

      <enterprise field>: cpe

    • Issuer Common Name
      support
      Issuer Organization
      Fortinet
      Subject Organization
      Fortinet
      Subject Email
      support@fortinet.com
      Subject Common Name
      FWF30E3U16002730
      SHA256 Fingerprint
      7175e5ede7550fc770a65a6980adf5ffc510a1e1b37a961c963a952b355efc2f
      Validity Not Before
      2016-08-09T14:57:53Z
      Validity Not After
      2038-01-19T03:14:07Z

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      ab5b4ae4312b710ef3e4975473f89d7e
      HTTP Header MD5
      b0d96c370950756d4be0970cc498963a
      HTTP Body MD5
      84a18166fde3ee7e7c974b8d1e7e21b4 
    • HTTP/1.1 200 OK
Date: Thu, 07 Nov 2024 04:11:25 GMT
Server: xxxxxxxx-xxxxx
Last-Modified: Tue, 11 Apr 2023 21:01:13 GMT
ETag: "83-6435ca99"
Accept-Ranges: bytes
Content-Length: 131
Connection: close
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000

<html><script type="text/javascript">
if (window!=top) top.location=window.location;top.location="/remote/login";
</script></html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T04:11:35.000Z",
   "alternativeip" : [
      "218.253.214.236",
      "3.1.36.62"
   ],
   "app" : {
      "http" : {
         "bodymd5" : "84a18166fde3ee7e7c974b8d1e7e21b4",
         "bodymmh3" : -1454941180,
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 11 Apr 2023 21:01:13 GMT"
            },
            {
               "value" : "83-6435ca99",
               "name" : "ETag"
            }
         ],
         "headermd5" : "b0d96c370950756d4be0970cc498963a",
         "headermmh3" : -472227719
      },
      "length" : 637
   },
   "asn" : "AS9381",
   "ca" : "false",
   "country" : "HK",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nDate: Thu, 07 Nov 2024 04:11:25 GMT\r\nServer: xxxxxxxx-xxxxx\r\nLast-Modified: Tue, 11 Apr 2023 21:01:13 GMT\r\nETag: \"83-6435ca99\"\r\nAccept-Ranges: bytes\r\nContent-Length: 131\r\nConnection: close\r\nContent-Type: text/html\r\nX-Frame-Options: SAMEORIGIN\r\nContent-Security-Policy: frame-ancestors 'self'; object-src 'self'; script-src 'self' https   'unsafe-eval' 'unsafe-inline' blob:;\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\n\r\n<html><script type=\"text/javascript\">\nif (window!=top) top.location=window.location;top.location=\"/remote/login\";\n</script></html>\n",
   "datamd5" : "ab5b4ae4312b710ef3e4975473f89d7e",
   "datammh3" : 1826643348,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "artus.com.hk"
   ],
   "fingerprint" : {
      "md5" : "fe99e0a0502a7b317488820dfeb843dc",
      "sha1" : "10e9db3dc5576fb1f96318b7b951b888e6e64e8a",
      "sha256" : "7175e5ede7550fc770a65a6980adf5ffc510a1e1b37a961c963a952b355efc2f"
   },
   "geolocus" : {
      "asn" : "AS9381",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "HK",
      "countryname" : "Hong Kong",
      "domain" : [
         "hkbn.com.hk"
      ],
      "isineu" : "false",
      "latitude" : "22.396428",
      "location" : "22.396428,114.109497",
      "longitude" : "114.109497",
      "netname" : "HKBNES-HK",
      "organization" : "HKBN Enterprise Solutions HK Limited",
      "subnet" : "175.45.0.0/19"
   },
   "host" : [
      "mx"
   ],
   "hostname" : [
      "mx.artus.com.hk"
   ],
   "ip" : "175.45.17.138",
   "ipv6" : "false",
   "issuer" : {
      "city" : "Sunnyvale",
      "commonname" : "support",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "Certificate Authority"
   },
   "latitude" : "22.2908",
   "location" : "22.2908,114.1501",
   "longitude" : "114.1501",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "HKBN Enterprise Solutions HK Limited",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 12443,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "publickey" : {
      "algorithm" : "rsaEncryption",
      "length" : 2048
   },
   "reason" : "OK",
   "reverse" : [
      "mx.artus.com.hk"
   ],
   "seen_date" : "2024-11-07",
   "serial" : "33:0f:33",
   "signature" : {
      "algorithm" : "sha256WithRSAEncryption"
   },
   "source" : "datascan",
   "status" : 200,
   "subject" : {
      "city" : "Sunnyvale",
      "commonname" : "FWF30E3U16002730",
      "country" : "US",
      "email" : "support@fortinet.com",
      "organization" : "Fortinet",
      "organizationalunit" : "FortiGate"
   },
   "subnet" : "175.45.0.0/18",
   "tld" : [
      "com.hk"
   ],
   "tls" : "true",
   "transport" : "tcp",
   "url" : "/",
   "validity" : {
      "notafter" : "2038-01-19T03:14:07Z",
      "notbefore" : "2016-08-09T14:57:53Z"
   },
   "version" : "v3",
   "wildcard" : "false"
}