ONYPHE
datascan ctl threatlist sniffer vulnscan riskscan

Returning 10 result(s) out of 54,310 in 0.033 second(s)

  • 72.255.72.210:4117 (tcp/http) - last seen on 2024-11-07 at 05:38:00 UTC

    • IP
      72.255.72.210
      Network
      72.255.64.0/18
      Domain(s)
      mchsi.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://72.255.72.210:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      72-255-72-210.client.mchsi.com
      ASN
      AS30036
      Organization
      MEDIACOM-ENTERPRISE-BUSINESS
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      3d80e9f3e3a9b62fb00891b6667e65a3
      HTTP Header MD5
      9fc3241261775979292948ded259e174
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:38:00 GMT
Content-Type: text/html
Content-Length: 236
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
X-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:38:00.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "9fc3241261775979292948ded259e174",
         "headermmh3" : -1353758333,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 1194
   },
   "asn" : "AS30036",
   "city" : "Waterloo",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:38:00 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'\r\nX-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'\r\nX-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "3d80e9f3e3a9b62fb00891b6667e65a3",
   "datammh3" : -793051156,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "mchsi.com"
   ],
   "geolocus" : {
      "asn" : "AS30036",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "mchsi.com",
         "mediacombb.net",
         "mediacomcc.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "MEDIACOM-ENTERPRISE-CUST",
      "organization" : "Mediacom Communications Corporation",
      "subnet" : "72.255.64.0/18"
   },
   "host" : [
      "72-255-72-210"
   ],
   "hostname" : [
      "72-255-72-210.client.mchsi.com"
   ],
   "ip" : "72.255.72.210",
   "ipv6" : "false",
   "latitude" : "42.5194",
   "location" : "42.5194,-92.3303",
   "longitude" : "-92.3303",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "MEDIACOM-ENTERPRISE-BUSINESS",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "72-255-72-210.client.mchsi.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "client.mchsi.com"
   ],
   "subnet" : "72.255.64.0/18",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 202.164.34.250:4117 (tcp/http) - last seen on 2024-11-07 at 05:37:58 UTC

    • IP
      202.164.34.250
      Network
      202.164.32.0/19
      Domain(s)
      vikson.in
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://202.164.34.250:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      vikson.vikson.in
      ASN
      AS17917
      Organization
      Quadrant Televentures Limited
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e3015527e99ab4730fabffdb9797a89
      HTTP Header MD5
      470a9635da086f31b68019aaddc44c99
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:37:58 GMT
Content-Type: text/html
Content-Length: 236
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:58.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "470a9635da086f31b68019aaddc44c99",
         "headermmh3" : 582229933,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 366
   },
   "asn" : "AS17917",
   "city" : "Mohali",
   "country" : "IN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:37:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2e3015527e99ab4730fabffdb9797a89",
   "datammh3" : -248319603,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "vikson.in"
   ],
   "geolocus" : {
      "asn" : "AS17917",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "IN",
      "countryname" : "India",
      "domain" : [
         "infotelconnect.com"
      ],
      "isineu" : "false",
      "latitude" : "20.593684",
      "location" : "20.593684,78.96288",
      "longitude" : "78.96288",
      "netname" : "QTLTELECOM-IN",
      "organization" : "Route Object",
      "subnet" : "202.164.32.0/19"
   },
   "host" : [
      "vikson"
   ],
   "hostname" : [
      "vikson.vikson.in"
   ],
   "ip" : "202.164.34.250",
   "ipv6" : "false",
   "latitude" : "30.6740",
   "location" : "30.6740,76.7249",
   "longitude" : "76.7249",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Quadrant Televentures Limited",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "vikson.vikson.in"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "202.164.32.0/19",
   "tld" : [
      "in"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 190.13.133.82:4117 (tcp/http) - last seen on 2024-11-07 at 05:37:36 UTC

    • IP
      190.13.133.82
      Network
      190.13.128.0/18
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://190.13.133.82:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS14117
      Organization
      Telefonica del Sur S.A.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e3015527e99ab4730fabffdb9797a89
      HTTP Header MD5
      470a9635da086f31b68019aaddc44c99
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:37:36 GMT
Content-Type: text/html
Content-Length: 236
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:36.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "470a9635da086f31b68019aaddc44c99",
         "headermmh3" : -990153723,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 366
   },
   "asn" : "AS14117",
   "city" : "Port Montt",
   "country" : "CL",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:37:36 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2e3015527e99ab4730fabffdb9797a89",
   "datammh3" : -248319603,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS14117",
      "continent" : "SA",
      "continentname" : "South America",
      "country" : "CL",
      "countryname" : "Chile",
      "domain" : [
         "grupogtd.com",
         "gtdinternet.com"
      ],
      "isineu" : "false",
      "latitude" : "-35.675147",
      "location" : "-35.675147,-71.542969",
      "longitude" : "-71.542969",
      "netname" : "CL-TSSA-LACNIC",
      "organization" : "Telefonica del Sur S.A.",
      "subnet" : "190.13.128.0/20"
   },
   "ip" : "190.13.133.82",
   "ipv6" : "false",
   "latitude" : "-41.4709",
   "location" : "-41.4709,-72.9436",
   "longitude" : "-72.9436",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "Telefonica del Sur S.A.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "190.13.128.0/18",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 3.67.177.55:4117 (tcp/http) - last seen on 2024-11-07 at 05:37:09 UTC

    • IP
      3.67.177.55
      Network
      3.64.0.0/12
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class <enterprise field>: device.productvendor <enterprise field>: device.product

      Operating System
      Fortinet FortiOS
      URL

      http://3.67.177.55:4117/ 200

      HTTP Title
      fortinacvm::::FortiNAC
      Reverse DNS
      ec2-3-67-177-55.eu-central-1.compute.amazonaws.com
      ASN
      AS16509
      Organization
      AMAZON-02
      Protocol
      http
      Source
      datascan
    • Operating System
      Fortinet FortiOS
      Product
      Apache Coyote HTTP Connector 1.1
      HTTP Component(s)
      Fortinet FortiNAC
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      6221638e1d9be91d99be2a2ae40e0c4a
      HTTP Header MD5
      e2e04ed4ba14d1586eeaadb888ad02e0
      HTTP Body MD5
      275eb10628727a4c8f879067e9143e3c 
    • HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/html;charset=UTF-8

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title id="welcomeViewTitle">fortinacvm::::FortiNAC</title>
<meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<link rel="stylesheet" href="login.css" type="text/css">
<script type='text/javascript' src='js/prototype.js'></script>
<!-- <link rel='stylesheet' type='text/css' id='themeLink'>
<script type='text/javascript' src='common/themeSettings.js'></script>
<script type='text/javascript' src='common/themeManager.js'></script> -->
<script src="js/JSData.js" type="text/javascript"></script>

<script>
var WelcomeView;
if(!WelcomeView){ WelcomeView = {
  getQuery : function( variable ) {
	var array = window.location.search.substring(1).split("&");
	for (var i = 0 ; i < array.length ; i++) {
		var query = array[i].split( "=" );
		if( query[0] == variable )
			return array[i].substr(query[0].length);
	}
	return false;
  },

  redirectToConfigWizard : function(){
	    var str = window.location.protocol + "//" + window.location.host + "/configWizard";
	    window.location = str;
  },

  preventTarget : function( target ) {
   var invalid = ["Logout.jsp", "Welcome.jsp", "UserAuth.jsp", "Relogin.jsp", "PolicyAcceptSubmit.jsp", "Admin_Submit.jsp", "DistributeLogViewer.jsp", "UpdateLogViewer.jsp"];
   
   for( var i = 0; i < invalid.length; i++ ) {
       if( target.indexOf(invalid[i]) > -1 )
           return true;
   }
   
   return false;
  },

  getStatus : function(){
    var handleError = function(response, exc){
        if(response != null) {
            if( (response.transport.status == 0) || (response.transport.readyState == 0)){ return; }
            if(response.responseText != null){
                result = response.responseText.strip();
            }
        }
    }
    var ajaxRequest = new Ajax.Request("WelcomeActions.jsp?action=ajaxGetWelcomeViewInfo", { method: 'post', 
        onSuccess: function( response ) {
            var data = JSData.parseData(response.responseText.strip());
            if(data.error == "Down"){
		        $("welcomeProcessDownBody").style.display="";
		        $("welcomeLoginBody").style.display="none";
		        setTimeout(WelcomeView.getStatus, "3000");
                $('productName').innerHTML = "<b>FortiNAC  </b> is currently <b> Down </b> on <b>fortinacvm</b>";
            }
            else if(data.error == "ExpiredLicense"){
		        $("welcomeProcessDownBody").style.display="none";
				$("welcomeLoginBody").style.display="none";
				$("welcomeNoLicenseBody").style.display="none";
		        $("welcomeExpiredLicenseBody").style.display="";
			}
			else if(data.error =="NoLicense"){
				$("welcomeProcessDownBody").style.display="none";
		        $("welcomeLoginBody").style.display="none";
				$("welcomeExpiredLicenseBody").style.display="none";
				$("welcomeNoLicenseBody").style.display="";
			}
            else{
		        $("welcomeProcessDownBody").style.display="none";
		        $("welcomeLoginBody").style.display="";
                $('welcomeViewTitle').innerHTML = "fortinacvm::"+ data.version + "::" + data.product;
                $('productName').innerHTML = "<b>" + data.product + " " + data.version + "</b> is currently <b> Running </b> on <b>fortinacvm</b>";
                if(document.login.username != null){
                    document.login.username.focus();
                }
            }
        },
        onFailure : function(response){  handleError(response, null); },
        onException : function(response, exc){  handleError(response, exc); }
	});
  },
  loadWelcomeView : function(){
    //themeManager().loadTheme( themeSettings.defaultTheme );
    setTimeout( function() { 
        document.body.style.visibility = ""; 
        if(document.login.username != null){
            document.login.username.focus();
        }
    }, 100 );

    self.focus();
//    if(document.login.username != null){
//        document.login.username.focus();
//    }
    var secKeyInput = document.createElement("input")
    secKeyInput.type = "hidden";
    secKeyInput.name = "bfSecKey";
    secKeyInput.value = "A1eVW6J7LZ8YDgo7xIOaYbQnIrKXtAtM";
    $("mainForm").appendChild(secKeyInput);
     
    WelcomeView.getStatus();
    var path = window.location.pathname.substring(1),
        target = WelcomeView.getQuery("target"), t;
     
    if( target && !WelcomeView.preventTarget(target) ) {
        document.login.action += "?target=" + escape(target);
    } else if( path && !WelcomeView.preventTarget(path) ) {
        document.login.action += "?target=" + escape(window.location.pathname + window.location.search);
    }
    
  }
 }
}
  
</script>

</head>
<body onLoad="WelcomeView.loadWelcomeView()" style='visibility: hidden'>
<div id="header">
<img src="img/BNTheSmartEdge_white.png" style="width:150px;position:absolute; left:15px; top:6px">
  <div id="productLogo" >
    <a href="https://www.fortinet.com">
	    <img src="/WelcomeActions.jsp?logo" />
    </a>
  </div>
</div>
<div id='globalMenu' class='vGradient'>&nbsp;</div>

<div id='wrapper' class="wrapper">
	<form method="post" action="Welcome.jsp" id="mainForm" name="login" autocomplete="off" class='fLeft content-area'>
		<div class="content-narrow">
			<div class='loginHeader'></div>
			<!--[if (IE 6)|(IE 7)|(IE 8)]>
				<div style='color: #C60; padding-left: 35px;'>
					<b>Warning:</b> 
					The Admin User Interface does not fully support using this browser.
					Some views will be displayed with unexpected results.  
					For an optimum experience, please use a different browser.  
					Refer to the System Compatibility section of the Release Notes for details.
				</div>   
			<![endif]-->
			<div id='alert'></div>
			<table border="0" cellpadding="0" cellspacing="0">
				<tbody id="welcomeLoginBody" style="display:none">
					<tr>
						<td>
							<input type="text" id="username" name="username" tabindex="1" value="">
							<label for="username">Username</label>
						</td>
					</tr>
					<tr>
						<td>
							<input type="password" id="password" name="pw" tabindex="2">
							<label for="password">Password</label>
						</td>
					</tr>
					<tr>
						<td>
							<input type="submit" name="submitUserId" value="Login" class="button" tabindex="3">
						</td>
					</tr>
				</tbody>
				<tbody id="welcomeExpiredLicenseBody" style="display:none;font-size:12pt;white-space:normal">
					<tr> <td colspan="2">Your Evaluation License has expired.</td> </tr>
					<tr> <td colspan="2">Request a new key from your sales representative.</td> </tr>
					<tr> <td colspan="2">Click <b>Enter New Key</b> to start the Config Wizard and apply the new key.</td> </tr>
					<tr> <td>&nbsp</td> </tr>
					<tr>
						<td colspan="2"> <input class="button" style="width:100%" type="submit" value="Enter New Key" onclick="WelcomeView.redirectToConfigWizard();return false;"/> </td>
					</tr>
					<tr><td>&nbsp;</td></tr>
				</tbody>
				<tbody id="welcomeNoLicenseBody" style="display:none;font-size:12pt;white-space:normal">
					<tr> <td colspan="2">Your System has not yet been licensed.</td> </tr>
					<tr> <td colspan="2">Click <b>Enter New Key</b> to start the Config Wizard and apply the new key.</td> </tr>
					<tr> <td>&nbsp</td> </tr>
					<tr>
						<td colspan="2"> <input class="button" style="width:100%" type="submit" value="Enter New Key" onclick="WelcomeView.redirectToConfigWizard();return false;"/> </td>
					</tr>
					<tr><td>&nbsp;</td></tr>
				</tbody>
				<tbody id="welcomeProcessDownBody" style="display:none">
					<tr>
						<td> Processes are Down </td>
						<td></td>
					</tr>
					<tr><td>&nbsp;</td></tr>
				</tbody>
			</table>
		</div>
	</form>
	<div id="systemStatus" class='fLeft padTop'>
		<h2 class='bgBlue'>Current Status</h2>
		<div class='bgGray'>
			<p>
				<div id="productName"> <b>FortiNAC </b> is currently <b> Unknown </b> on <b>fortinacvm</b> </div>
			</p>
		</div>
	</div>
</div>
<script>
(function() {
	document.login.username.onblur = 
	document.login.password.onblur = function() {
		this.className = this.value? "hasContent": "";
	}
	document.login.username.onblur();
	document.login.password.onblur();
})();
</script>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:09.000Z",
   "app" : {
      "extract" : {
         "domain" : [
            "fortinet.com",
            "w3.org"
         ],
         "hostname" : [
            "www.fortinet.com",
            "www.w3.org"
         ],
         "url" : [
            "http://www.w3.org/TR/html4/loose.dtd",
            "https://www.fortinet.com"
         ]
      },
      "http" : {
         "bodymd5" : "275eb10628727a4c8f879067e9143e3c",
         "bodymmh3" : -443909872,
         "component" : [
            {
               "product" : "FortiNAC",
               "productvendor" : "Fortinet"
            }
         ],
         "headermd5" : "e2e04ed4ba14d1586eeaadb888ad02e0",
         "headermmh3" : 1593236539,
         "title" : "fortinacvm::::FortiNAC"
      },
      "length" : 8375
   },
   "asn" : "AS16509",
   "city" : "Frankfurt am Main",
   "country" : "DE",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\nServer: Apache-Coyote/1.1\nContent-Type: text/html;charset=UTF-8\n\n<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"\n\"http://www.w3.org/TR/html4/loose.dtd\">\n<html>\n<head>\n<title id=\"welcomeViewTitle\">fortinacvm::::FortiNAC</title>\n<meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\">\n<meta http-equiv=\"Content-Type\" content=\"text/html; charset=iso-8859-1\">\n<link rel=\"stylesheet\" href=\"login.css\" type=\"text/css\">\n<script type='text/javascript' src='js/prototype.js'></script>\n<!-- <link rel='stylesheet' type='text/css' id='themeLink'>\n<script type='text/javascript' src='common/themeSettings.js'></script>\n<script type='text/javascript' src='common/themeManager.js'></script> -->\n<script src=\"js/JSData.js\" type=\"text/javascript\"></script>\n\n<script>\nvar WelcomeView;\nif(!WelcomeView){ WelcomeView = {\n  getQuery : function( variable ) {\n\tvar array = window.location.search.substring(1).split(\"&\");\n\tfor (var i = 0 ; i < array.length ; i++) {\n\t\tvar query = array[i].split( \"=\" );\n\t\tif( query[0] == variable )\n\t\t\treturn array[i].substr(query[0].length);\n\t}\n\treturn false;\n  },\n\n  redirectToConfigWizard : function(){\n\t    var str = window.location.protocol + \"//\" + window.location.host + \"/configWizard\";\n\t    window.location = str;\n  },\n\n  preventTarget : function( target ) {\n   var invalid = [\"Logout.jsp\", \"Welcome.jsp\", \"UserAuth.jsp\", \"Relogin.jsp\", \"PolicyAcceptSubmit.jsp\", \"Admin_Submit.jsp\", \"DistributeLogViewer.jsp\", \"UpdateLogViewer.jsp\"];\n   \n   for( var i = 0; i < invalid.length; i++ ) {\n       if( target.indexOf(invalid[i]) > -1 )\n           return true;\n   }\n   \n   return false;\n  },\n\n  getStatus : function(){\n    var handleError = function(response, exc){\n        if(response != null) {\n            if( (response.transport.status == 0) || (response.transport.readyState == 0)){ return; }\n            if(response.responseText != null){\n                result = response.responseText.strip();\n            }\n        }\n    }\n    var ajaxRequest = new Ajax.Request(\"WelcomeActions.jsp?action=ajaxGetWelcomeViewInfo\", { method: 'post', \n        onSuccess: function( response ) {\n            var data = JSData.parseData(response.responseText.strip());\n            if(data.error == \"Down\"){\n\t\t        $(\"welcomeProcessDownBody\").style.display=\"\";\n\t\t        $(\"welcomeLoginBody\").style.display=\"none\";\n\t\t        setTimeout(WelcomeView.getStatus, \"3000\");\n                $('productName').innerHTML = \"<b>FortiNAC  </b> is currently <b> Down </b> on <b>fortinacvm</b>\";\n            }\n            else if(data.error == \"ExpiredLicense\"){\n\t\t        $(\"welcomeProcessDownBody\").style.display=\"none\";\n\t\t\t\t$(\"welcomeLoginBody\").style.display=\"none\";\n\t\t\t\t$(\"welcomeNoLicenseBody\").style.display=\"none\";\n\t\t        $(\"welcomeExpiredLicenseBody\").style.display=\"\";\n\t\t\t}\n\t\t\telse if(data.error ==\"NoLicense\"){\n\t\t\t\t$(\"welcomeProcessDownBody\").style.display=\"none\";\n\t\t        $(\"welcomeLoginBody\").style.display=\"none\";\n\t\t\t\t$(\"welcomeExpiredLicenseBody\").style.display=\"none\";\n\t\t\t\t$(\"welcomeNoLicenseBody\").style.display=\"\";\n\t\t\t}\n            else{\n\t\t        $(\"welcomeProcessDownBody\").style.display=\"none\";\n\t\t        $(\"welcomeLoginBody\").style.display=\"\";\n                $('welcomeViewTitle').innerHTML = \"fortinacvm::\"+ data.version + \"::\" + data.product;\n                $('productName').innerHTML = \"<b>\" + data.product + \" \" + data.version + \"</b> is currently <b> Running </b> on <b>fortinacvm</b>\";\n                if(document.login.username != null){\n                    document.login.username.focus();\n                }\n            }\n        },\n        onFailure : function(response){  handleError(response, null); },\n        onException : function(response, exc){  handleError(response, exc); }\n\t});\n  },\n  loadWelcomeView : function(){\n    //themeManager().loadTheme( themeSettings.defaultTheme );\n    setTimeout( function() { \n        document.body.style.visibility = \"\"; \n        if(document.login.username != null){\n            document.login.username.focus();\n        }\n    }, 100 );\n\n    self.focus();\n//    if(document.login.username != null){\n//        document.login.username.focus();\n//    }\n    var secKeyInput = document.createElement(\"input\")\n    secKeyInput.type = \"hidden\";\n    secKeyInput.name = \"bfSecKey\";\n    secKeyInput.value = \"A1eVW6J7LZ8YDgo7xIOaYbQnIrKXtAtM\";\n    $(\"mainForm\").appendChild(secKeyInput);\n     \n    WelcomeView.getStatus();\n    var path = window.location.pathname.substring(1),\n        target = WelcomeView.getQuery(\"target\"), t;\n     \n    if( target && !WelcomeView.preventTarget(target) ) {\n        document.login.action += \"?target=\" + escape(target);\n    } else if( path && !WelcomeView.preventTarget(path) ) {\n        document.login.action += \"?target=\" + escape(window.location.pathname + window.location.search);\n    }\n    \n  }\n }\n}\n  \n</script>\n\n</head>\n<body onLoad=\"WelcomeView.loadWelcomeView()\" style='visibility: hidden'>\n<div id=\"header\">\n<img src=\"img/BNTheSmartEdge_white.png\" style=\"width:150px;position:absolute; left:15px; top:6px\">\n  <div id=\"productLogo\" >\n    <a href=\"https://www.fortinet.com\">\n\t    <img src=\"/WelcomeActions.jsp?logo\" />\n    </a>\n  </div>\n</div>\n<div id='globalMenu' class='vGradient'>&nbsp;</div>\n\n<div id='wrapper' class=\"wrapper\">\n\t<form method=\"post\" action=\"Welcome.jsp\" id=\"mainForm\" name=\"login\" autocomplete=\"off\" class='fLeft content-area'>\n\t\t<div class=\"content-narrow\">\n\t\t\t<div class='loginHeader'></div>\n\t\t\t<!--[if (IE 6)|(IE 7)|(IE 8)]>\n\t\t\t\t<div style='color: #C60; padding-left: 35px;'>\n\t\t\t\t\t<b>Warning:</b> \n\t\t\t\t\tThe Admin User Interface does not fully support using this browser.\n\t\t\t\t\tSome views will be displayed with unexpected results.  \n\t\t\t\t\tFor an optimum experience, please use a different browser.  \n\t\t\t\t\tRefer to the System Compatibility section of the Release Notes for details.\n\t\t\t\t</div>   \n\t\t\t<![endif]-->\n\t\t\t<div id='alert'></div>\n\t\t\t<table border=\"0\" cellpadding=\"0\" cellspacing=\"0\">\n\t\t\t\t<tbody id=\"welcomeLoginBody\" style=\"display:none\">\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<input type=\"text\" id=\"username\" name=\"username\" tabindex=\"1\" value=\"\">\n\t\t\t\t\t\t\t<label for=\"username\">Username</label>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<input type=\"password\" id=\"password\" name=\"pw\" tabindex=\"2\">\n\t\t\t\t\t\t\t<label for=\"password\">Password</label>\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td>\n\t\t\t\t\t\t\t<input type=\"submit\" name=\"submitUserId\" value=\"Login\" class=\"button\" tabindex=\"3\">\n\t\t\t\t\t\t</td>\n\t\t\t\t\t</tr>\n\t\t\t\t</tbody>\n\t\t\t\t<tbody id=\"welcomeExpiredLicenseBody\" style=\"display:none;font-size:12pt;white-space:normal\">\n\t\t\t\t\t<tr> <td colspan=\"2\">Your Evaluation License has expired.</td> </tr>\n\t\t\t\t\t<tr> <td colspan=\"2\">Request a new key from your sales representative.</td> </tr>\n\t\t\t\t\t<tr> <td colspan=\"2\">Click <b>Enter New Key</b> to start the Config Wizard and apply the new key.</td> </tr>\n\t\t\t\t\t<tr> <td>&nbsp</td> </tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td colspan=\"2\"> <input class=\"button\" style=\"width:100%\" type=\"submit\" value=\"Enter New Key\" onclick=\"WelcomeView.redirectToConfigWizard();return false;\"/> </td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr><td>&nbsp;</td></tr>\n\t\t\t\t</tbody>\n\t\t\t\t<tbody id=\"welcomeNoLicenseBody\" style=\"display:none;font-size:12pt;white-space:normal\">\n\t\t\t\t\t<tr> <td colspan=\"2\">Your System has not yet been licensed.</td> </tr>\n\t\t\t\t\t<tr> <td colspan=\"2\">Click <b>Enter New Key</b> to start the Config Wizard and apply the new key.</td> </tr>\n\t\t\t\t\t<tr> <td>&nbsp</td> </tr>\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td colspan=\"2\"> <input class=\"button\" style=\"width:100%\" type=\"submit\" value=\"Enter New Key\" onclick=\"WelcomeView.redirectToConfigWizard();return false;\"/> </td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr><td>&nbsp;</td></tr>\n\t\t\t\t</tbody>\n\t\t\t\t<tbody id=\"welcomeProcessDownBody\" style=\"display:none\">\n\t\t\t\t\t<tr>\n\t\t\t\t\t\t<td> Processes are Down </td>\n\t\t\t\t\t\t<td></td>\n\t\t\t\t\t</tr>\n\t\t\t\t\t<tr><td>&nbsp;</td></tr>\n\t\t\t\t</tbody>\n\t\t\t</table>\n\t\t</div>\n\t</form>\n\t<div id=\"systemStatus\" class='fLeft padTop'>\n\t\t<h2 class='bgBlue'>Current Status</h2>\n\t\t<div class='bgGray'>\n\t\t\t<p>\n\t\t\t\t<div id=\"productName\"> <b>FortiNAC </b> is currently <b> Unknown </b> on <b>fortinacvm</b> </div>\n\t\t\t</p>\n\t\t</div>\n\t</div>\n</div>\n<script>\n(function() {\n\tdocument.login.username.onblur = \n\tdocument.login.password.onblur = function() {\n\t\tthis.className = this.value? \"hasContent\": \"\";\n\t}\n\tdocument.login.username.onblur();\n\tdocument.login.password.onblur();\n})();\n</script>\n</body>\n</html>\n",
   "datamd5" : "6221638e1d9be91d99be2a2ae40e0c4a",
   "datammh3" : -2004734778,
   "device" : {
      "class" : "<enterprise field>: device.class",
      "product" : "<enterprise field>: device.product",
      "productvendor" : "<enterprise field>: device.productvendor"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS16509",
      "continent" : "EU",
      "continentname" : "Europe",
      "country" : "DE",
      "countryname" : "Germany",
      "domain" : [
         "amazon.com",
         "amazonaws.com"
      ],
      "isineu" : "true",
      "latitude" : "51.165691",
      "location" : "51.165691,10.451526",
      "longitude" : "10.451526",
      "netname" : "AMAZON-FRA",
      "organization" : "A100 ROW GmbH",
      "subnet" : "3.64.0.0/12"
   },
   "host" : [
      "ec2-3-67-177-55"
   ],
   "hostname" : [
      "ec2-3-67-177-55.eu-central-1.compute.amazonaws.com"
   ],
   "ip" : "3.67.177.55",
   "ipv6" : "false",
   "latitude" : "50.1187",
   "location" : "50.1187,8.6842",
   "longitude" : "8.6842",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-02",
   "os" : "FortiOS",
   "osvendor" : "Fortinet",
   "port" : 4117,
   "product" : "Coyote HTTP Connector",
   "productvendor" : "Apache",
   "productversion" : "1.1",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-3-67-177-55.eu-central-1.compute.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute.amazonaws.com",
      "eu-central-1.compute.amazonaws.com"
   ],
   "subnet" : "3.64.0.0/12",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 96.46.243.205:4117 (tcp/http) - last seen on 2024-11-07 at 05:37:07 UTC

    • IP
      96.46.243.205
      Network
      96.46.240.0/20
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://96.46.243.205:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS13649
      Organization
      ASN-FLEXENTIAL
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      3d80e9f3e3a9b62fb00891b6667e65a3
      HTTP Header MD5
      9fc3241261775979292948ded259e174
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:37:07 GMT
Content-Type: text/html
Content-Length: 236
Connection: close
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000
Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
X-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'
X-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:37:07.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "9fc3241261775979292948ded259e174",
         "headermmh3" : 1719071998,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 1194
   },
   "asn" : "AS13649",
   "city" : "Fort Lauderdale",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:37:07 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\nX-XSS-Protection: 1; mode=block\r\nX-Content-Type-Options: nosniff\r\nStrict-Transport-Security: max-age=31536000\r\nContent-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'\r\nX-Content-Security-Policy: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'\r\nX-Webkit-CSP: default-src 'self'; script-src 'self' 'unsafe-eval' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; connect-src 'self'; font-src 'self'; object-src 'self'; media-src 'self'; child-src 'self'\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "3d80e9f3e3a9b62fb00891b6667e65a3",
   "datammh3" : -793051156,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS13649",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "flexential.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "P10-602E-F000-24",
      "organization" : "Flexential Corp.",
      "subnet" : "96.46.240.0/20"
   },
   "ip" : "96.46.243.205",
   "ipv6" : "false",
   "latitude" : "26.1250",
   "location" : "26.1250,-80.2670",
   "longitude" : "-80.2670",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ASN-FLEXENTIAL",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "96.46.240.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 103.116.173.14:4117 (tcp/http) - last seen on 2024-11-07 at 05:36:46 UTC

    • IP
      103.116.173.14
      Network
      103.116.172.0/22
      Domain(s)
      higen.net.id
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://103.116.173.14:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      ip-173-14.higen.net.id
      ASN
      AS137363
      Organization
      PT. Quanta Tunas Abadi
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e3015527e99ab4730fabffdb9797a89
      HTTP Header MD5
      470a9635da086f31b68019aaddc44c99
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:36:46 GMT
Content-Type: text/html
Content-Length: 236
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:36:46.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "470a9635da086f31b68019aaddc44c99",
         "headermmh3" : -1980221229,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 366
   },
   "asn" : "AS137363",
   "country" : "ID",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:36:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2e3015527e99ab4730fabffdb9797a89",
   "datammh3" : -248319603,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "higen.net.id"
   ],
   "geolocus" : {
      "asn" : "AS137363",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "ID",
      "countryname" : "Indonesia",
      "domain" : [
         "higen.id",
         "higen.net.id"
      ],
      "isineu" : "false",
      "latitude" : "-0.789275",
      "location" : "-0.789275,113.921327",
      "longitude" : "113.921327",
      "netname" : "HIGEN-ID",
      "organization" : "Route Object of HIGEN-ID",
      "subnet" : "103.116.172.0/22"
   },
   "host" : [
      "ip-173-14"
   ],
   "hostname" : [
      "ip-173-14.higen.net.id"
   ],
   "ip" : "103.116.173.14",
   "ipv6" : "false",
   "latitude" : "-6.1728",
   "location" : "-6.1728,106.8272",
   "longitude" : "106.8272",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "PT. Quanta Tunas Abadi",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "ip-173-14.higen.net.id"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "103.116.172.0/22",
   "tld" : [
      "net.id"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 75.56.171.225:4117 (tcp/http) - last seen on 2024-11-07 at 05:29:32 UTC

    • IP
      75.56.171.225
      Network
      75.56.0.0/16
      Domain(s)
      sbcglobal.net
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://75.56.171.225:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      Reverse DNS
      adsl-75-56-171-225.dsl.chmpil.sbcglobal.net
      ASN
      AS7018
      Organization
      ATT-INTERNET4
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e3015527e99ab4730fabffdb9797a89
      HTTP Header MD5
      470a9635da086f31b68019aaddc44c99
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:43:46 GMT
Content-Type: text/html
Content-Length: 236
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:32.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "470a9635da086f31b68019aaddc44c99",
         "headermmh3" : -1182899261,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 366
   },
   "asn" : "AS7018",
   "city" : "Orange",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:43:46 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2e3015527e99ab4730fabffdb9797a89",
   "datammh3" : -248319603,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "sbcglobal.net"
   ],
   "geolocus" : {
      "asn" : "AS7018",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "att.com",
         "att.net",
         "sbcglobal.net"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "SBC07505600000029061122092358",
      "organization" : "AT&T Corp.",
      "subnet" : "75.56.0.0/14"
   },
   "host" : [
      "adsl-75-56-171-225"
   ],
   "hostname" : [
      "adsl-75-56-171-225.dsl.chmpil.sbcglobal.net"
   ],
   "ip" : "75.56.171.225",
   "ipv6" : "false",
   "latitude" : "33.7871",
   "location" : "33.7871,-117.8821",
   "longitude" : "-117.8821",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "ATT-INTERNET4",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "reverse" : [
      "adsl-75-56-171-225.dsl.chmpil.sbcglobal.net"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subdomains" : [
      "dsl.chmpil.sbcglobal.net",
      "chmpil.sbcglobal.net"
   ],
   "subnet" : "75.56.0.0/16",
   "tld" : [
      "net"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 49.231.203.84:4117 (tcp/http) - last seen on 2024-11-07 at 05:29:14 UTC

    • IP
      49.231.203.84
      Network
      49.231.200.0/22
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://49.231.203.84:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS45458
      Organization
      SBN-ISPAWN-ISP and SBN-NIXAWN-NIX
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e3015527e99ab4730fabffdb9797a89
      HTTP Header MD5
      470a9635da086f31b68019aaddc44c99
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:29:14 GMT
Content-Type: text/html
Content-Length: 236
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:14.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "470a9635da086f31b68019aaddc44c99",
         "headermmh3" : -257490346,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 366
   },
   "asn" : "AS45458",
   "country" : "TH",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:29:14 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2e3015527e99ab4730fabffdb9797a89",
   "datammh3" : -248319603,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS45458",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "TH",
      "countryname" : "Thailand",
      "domain" : [
         "ais.co.th",
         "sbn.co.th"
      ],
      "isineu" : "false",
      "latitude" : "15.870032",
      "location" : "15.870032,100.992541",
      "longitude" : "100.992541",
      "netname" : "HuaiChomPhu-by-AWN",
      "organization" : "abuseIPv4@sbn.co.th",
      "subnet" : "49.231.200.0/22"
   },
   "ip" : "49.231.203.84",
   "ipv6" : "false",
   "latitude" : "13.7442",
   "location" : "13.7442,100.4608",
   "longitude" : "100.4608",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "SBN-ISPAWN-ISP and SBN-NIXAWN-NIX",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "49.231.200.0/22",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 1.32.62.38:4117 (tcp/http) - last seen on 2024-11-07 at 05:29:12 UTC

    • IP
      1.32.62.38
      Network
      1.32.0.0/17
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://1.32.62.38:4117/ 400

      HTTP Title
      400 The plain HTTP request was sent to HTTPS port
      ASN
      AS4788
      Organization
      TM TECHNOLOGY SERVICES SDN. BHD.
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      2e3015527e99ab4730fabffdb9797a89
      HTTP Header MD5
      470a9635da086f31b68019aaddc44c99
      HTTP Body MD5
      2daa306c05fdeb1709f1c39db5a000c8 
    • HTTP/1.1 400 Bad Request
Date: Thu, 07 Nov 2024 05:39:41 GMT
Content-Type: text/html
Content-Length: 236
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
</body>
</html>

    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:29:12.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "2daa306c05fdeb1709f1c39db5a000c8",
         "bodymmh3" : -1586337783,
         "headermd5" : "470a9635da086f31b68019aaddc44c99",
         "headermmh3" : 1724416628,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 366
   },
   "asn" : "AS4788",
   "city" : "Klang",
   "country" : "MY",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nDate: Thu, 07 Nov 2024 05:39:41 GMT\r\nContent-Type: text/html\r\nContent-Length: 236\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "2e3015527e99ab4730fabffdb9797a89",
   "datammh3" : -248319603,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4788",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "MY",
      "countryname" : "Malaysia",
      "domain" : [
         "tm.com.my"
      ],
      "isineu" : "false",
      "latitude" : "4.210484",
      "location" : "4.210484,101.975766",
      "longitude" : "101.975766",
      "netname" : "UNIFI-HOME",
      "organization" : "Telekom Malaysia Berhad",
      "subnet" : "1.32.0.0/17"
   },
   "ip" : "1.32.62.38",
   "ipv6" : "false",
   "latitude" : "3.0452",
   "location" : "3.0452,101.4515",
   "longitude" : "101.4515",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "TM TECHNOLOGY SERVICES SDN. BHD.",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "1.32.0.0/17",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

  • 184.72.119.128:4117 (tcp/http) - last seen on 2024-11-07 at 05:28:51 UTC

    • IP
      184.72.119.128
      Network
      184.72.64.0/18
      Domain(s)
      amazonaws.com
      Device

      <enterprise field>: device.class

      Operating System
      Linux Linux Kernel
      URL

      http://184.72.119.128:4117/ 200

      HTTP Title
      Infocon Holding - EasyIO-30P Sedona
      Reverse DNS
      ec2-184-72-119-128.compute-1.amazonaws.com
      ASN
      AS14618
      Organization
      AMAZON-AES
      Protocol
      http
      Source
      datascan
    • Operating System
      Linux Linux Kernel
      Product
      F5 Nginx
      CPE(s)

      <enterprise field>: cpe

    • This feature requires at least a "Lion View" to unlock. Go to our Pricing page for more.

    • Data MD5
      a0d13f5a8644408f638911c1a4d30bc0
      HTTP Header MD5
      b93e910767bc7dd35ce0736d46622fe3
      HTTP Body MD5
      1852f44d5a4231d68b3b2ca70e893cc5 
    • HTTP/1.1 200 OK
Connection: close
Date: Thu, 07 Nov 2024 05:28:50 GMT
Server: nginx
Content-Type: text/html
Content-Length: 1289

<html><head><link rel=stylesheet type="text/css" href=menu.css><title>Infocon Holding - EasyIO-30P Sedona</title></head><body style="margin:0;" onload="onDocLoad();"><script language=javascript src=menuitem.js></script><script language=javascript src=menusc.js></script><div id=dropMenu onmouseout="onDropMenuMouseout(event);" onmouseover="onDropMenuMouseover();"></div><TABLE width=100% cellSpacing=0 cellPadding=0 bgcolor=#ffffff border=0 align=center><tr><td height=53px><img src=logo.gif class='clsMenu'><img src=btl.jpg></td></tr><tr><td><table width=100% bgcolor=#ece9d8 cellSpacing=0 cellPadding=2 border=1><tr id=menubar><td height=28><span id=mmenu onmouseover="onMenuBarMouseover();"></span></td><td id=login></td><td id=userid></td></tr></table></td></tr><tr height=768 valign=top align=center bgcolor="white"><td><table><tr><td colspan=2 height=10></td></tr><TR><Th colspan=2 id="cTtl"></Th></TR><tr><td align=center colspan=2><br></td></tr><tr><td colspan=2 height=10></td></tr><tr><td colspan=2 ID="cTbl"></td></tr><tr><td colspan=2 height=10></td></tr></table></td></tr></table><script language=javascript src=main.js></script><script language=javascript src=table.js></script><script language=javascript>function onDocLoad(){cTxtTbl();createMenu();}</script></body></html>
    • {
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T05:28:51.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "1852f44d5a4231d68b3b2ca70e893cc5",
         "bodymmh3" : 777722857,
         "headermd5" : "b93e910767bc7dd35ce0736d46622fe3",
         "headermmh3" : -32487224,
         "title" : "Infocon Holding - EasyIO-30P Sedona"
      },
      "length" : 1426
   },
   "asn" : "AS14618",
   "city" : "Ashburn",
   "country" : "US",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 200 OK\r\nConnection: close\r\nDate: Thu, 07 Nov 2024 05:28:50 GMT\r\nServer: nginx\r\nContent-Type: text/html\r\nContent-Length: 1289\r\n\r\n<html><head><link rel=stylesheet type=\"text/css\" href=menu.css><title>Infocon Holding - EasyIO-30P Sedona</title></head><body style=\"margin:0;\" onload=\"onDocLoad();\"><script language=javascript src=menuitem.js></script><script language=javascript src=menusc.js></script><div id=dropMenu onmouseout=\"onDropMenuMouseout(event);\" onmouseover=\"onDropMenuMouseover();\"></div><TABLE width=100% cellSpacing=0 cellPadding=0 bgcolor=#ffffff border=0 align=center><tr><td height=53px><img src=logo.gif class='clsMenu'><img src=btl.jpg></td></tr><tr><td><table width=100% bgcolor=#ece9d8 cellSpacing=0 cellPadding=2 border=1><tr id=menubar><td height=28><span id=mmenu onmouseover=\"onMenuBarMouseover();\"></span></td><td id=login></td><td id=userid></td></tr></table></td></tr><tr height=768 valign=top align=center bgcolor=\"white\"><td><table><tr><td colspan=2 height=10></td></tr><TR><Th colspan=2 id=\"cTtl\"></Th></TR><tr><td align=center colspan=2><br></td></tr><tr><td colspan=2 height=10></td></tr><tr><td colspan=2 ID=\"cTbl\"></td></tr><tr><td colspan=2 height=10></td></tr></table></td></tr></table><script language=javascript src=main.js></script><script language=javascript src=table.js></script><script language=javascript>function onDocLoad(){cTxtTbl();createMenu();}</script></body></html>\u0000",
   "datamd5" : "a0d13f5a8644408f638911c1a4d30bc0",
   "datammh3" : -2071317735,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "amazonaws.com"
   ],
   "geolocus" : {
      "asn" : "AS14618",
      "continent" : "NA",
      "continentname" : "North America",
      "country" : "US",
      "countryname" : "United States",
      "domain" : [
         "amazon.com",
         "amazonaws.com",
         "aws.com"
      ],
      "isineu" : "false",
      "latitude" : "37.09024",
      "location" : "37.09024,-95.712891",
      "longitude" : "-95.712891",
      "netname" : "AMAZON-IAD",
      "organization" : "Amazon Data Services NoVa",
      "subnet" : "184.72.64.0/18"
   },
   "host" : [
      "ec2-184-72-119-128"
   ],
   "hostname" : [
      "ec2-184-72-119-128.compute-1.amazonaws.com"
   ],
   "ip" : "184.72.119.128",
   "ipv6" : "false",
   "latitude" : "39.0469",
   "location" : "39.0469,-77.4903",
   "longitude" : "-77.4903",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "AMAZON-AES",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 4117,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "reverse" : [
      "ec2-184-72-119-128.compute-1.amazonaws.com"
   ],
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "status" : 200,
   "subdomains" : [
      "compute-1.amazonaws.com"
   ],
   "subnet" : "184.72.64.0/18",
   "tag" : "<enterprise field>: tag",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}