IPCamera-Webs 2.5.0
tcp/8081 tcp/8082
PeerSec-OpenSSL 3.1.3-OPEN
tcp/8081 tcp/8082
gSOAP 2.8
tcp/81 tcp/82 tcp/83
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b011f18f1085209d2085209d2085209d2085209d2
Found HiSiliconDVR firmware: Hardware: General 53H20L_S39 Vulnerable to multiple issues : LFI, possibly RCE
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b011f18f1085209d2085209d2085209d2085209d2
Found HiSiliconDVR firmware: Hardware: General 53H20L_S39 Vulnerable to multiple issues : LFI, possibly RCE
This vulnerability (with proof of concept (PoC) code) affects DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC).
Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device
Severity: high
Fingerprint: 321975614123c6c05f83e99b011f18f1085209d2085209d2085209d2085209d2
Found HiSiliconDVR firmware: Hardware: General 53H20L_S39 Vulnerable to multiple issues : LFI, possibly RCE
Open service 178.205.110.132:81
2024-06-19 21:05
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-19 21:02
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-19 21:00
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-17 20:39
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-17 20:32
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-17 20:32
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-16 02:23
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-15 21:19
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-15 21:19
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-15 21:17
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:80
2024-06-14 21:32
HTTP/1.1 200 OK CONNECTION: close CONTENT-LENGTH: 69534 P3P: CP=CAO PSA OUR CONTENT-TYPE: text/html <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd"> <html> <head> <title></title> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=6;IE=7; IE=8; IE=EmulateIE7" /> <script type="text/javascript" src="jsCore/m.js"></script> <script type="text/javascript" src="jsCore/more.js"></script> <script type="text/javascript" src="jsCore/md5.js"></script> <script type="text/javascript" src="jsCore/base64.js"></script> <script type="text/javascript" src="jsCore/aes.js"></script> <script type="text/javascript" src="jsCore/rsa.js"></script> <script type="text/javascript" src="jsCore/rpcCore.js"></script> <script type="text/javascript" src="jsCore/rpcLogin.js"></script> <script type="text/javascript" src="jsCore/common.js"></script> <script type="text/javascript" src="js/rpcCoreEx.js"></script> <script type="text/javascript" src="js/system.js"></script> <script type="text/javascript" src="jsNacl/nacl.js"></script> <script type="text/javascript" src="js/loginEx.js"></script> <script type="text/javascript" src="js/eventScript.js"></script> <script type="text/javascript" src="js/publicFunc.js"></script> <script type="text/javascript" src="js/appAbility.js"></script> <script type="text/javascript" src="js/ptzCtrl.js"></script> <script type="text/javascript" src="js/level.js"></script> <script type="text/javascript" src="cap.js"></script> <script type="text/javascript" src="js/loadcss.js"></script> <script type="text/javascript" src="/js/components.js"></script> <script type="text/javascript" src="/pluginVersion.js"></script> <script type="text/javascript" src="/js/deviceInitial.js"></script> <script type="text/javascript" src="/js/findPwd.js"></script> <link href="favicon.ico" type="image/x-icon" rel = "shortcut icon"> </head> <body id="indexBody" onscroll="onScrollForNacl(true);$('nav_margin').style.visibility = 'hidden'; $('nav_margin').style.visibility = 'visible'"> <!--loading--> <div id="loading" class="J_load_dialog"> <p id="lab_loading" class="J_load_p"></p> </div> <!--login--> <div id="l" class="J_login" style="display:;"> <div class="J_login_con"> <div class="J_logo" id="index_logo"></div> <div class="J_sub_con J_loginbox"> <ul> <li class="J_width160 J_text_rig" id="usrnm">用户名:</li> <li class="J_padl10"><input id="username" class="J_login_input" type="text" onKeyDown="javascript:if (event.keyCode==13) event.keyCode=9;"/></li> </ul> <ul> <li class="J_width160 J_text_rig" id="paswd">密码:</li> <li class="J_padl10"><input id="password" class="J_login_input" type="password" onKeyDown="javascript:if (event.keyCode==13) login();"/></li> <li class="J_padl10"><a id="forgetpw" style="display:none">忘记密码?</a></li> </ul> <ul style="height:20px; margin:0; display:none;" id="ul_ltype"> <li class="J_width160 J_text_rig" id="li_ltype">类型:</li> <li class="J_padl10"><select id="s_lgType" style="width:170px;"> <option value="0">TCP</option> <option value="4">UDP</option> <option id='opt_mutil' value="3"></option> </select> </li> </ul> <ul id="ul_type" class="J_login_type"> <li class="J_chkrad J_padl170"><input id="net_lan" name="wtype" checked type="radio"/></li> <li class="J_marr10"><label for="net_lan">LAN</label></li> <li class="J_chkrad"><input id="net_wan" name="wtype" type="radio"/></
Open service 178.205.110.132:8081
2024-06-14 11:29
HTTP/1.1 401 Unauthorized Server: IPCamera-Webs/2.5.0 PeerSec-OpenSSL/3.1.3-OPEN Date: Fri Jun 14 14:43:59 2024 WWW-Authenticate: Digest realm="DKS816975_rev5.2.6.8.3 SIP Door Station - 18688232A117", domain="IPC172311", qop="auth", nonce="4d27f0a86506d7ccc43c78829ad0bb10", opaque="5ccc069c403ebaf9f0171e9517f40e41" Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Unauthorized
Open service 178.205.110.132:8082
2024-06-14 11:17
HTTP/1.1 401 Unauthorized Server: IPCamera-Webs/2.5.0 PeerSec-OpenSSL/3.1.3-OPEN Date: Fri Jun 14 14:27:10 2024 WWW-Authenticate: Digest realm="DKS816975_rev5.2.6.8.3 SIP Door Station - 1868823299E6", domain="IPC170470", qop="auth", nonce="f8e61433339cd576964f97b77b1a42dd", opaque="5ccc069c403ebaf9f0171e9517f40e41" Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Unauthorized
Open service 178.205.110.132:81
2024-06-14 08:54
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-14 04:04
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-12 21:30
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-11 20:26
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-11 20:24
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-11 20:21
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-09 20:41
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-09 20:40
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-09 20:40
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-07 20:25
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-07 20:24
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-07 20:24
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-05 20:37
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-05 20:37
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-05 20:37
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:81
2024-06-03 20:49
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:82
2024-06-03 20:49
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-03 20:47
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:83
2024-06-02 21:45
HTTP/1.1 200 OK Server: gSOAP/2.8 Content-Type: text/html Content-Length: 358 Connection: close <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <title></title> <script type="text/javascript"> window.location.href = "Pages/login.htm?" + Math.random(); </script> </head> <body> </body> </html>
Open service 178.205.110.132:8082
2024-06-02 21:15
HTTP/1.1 401 Unauthorized Server: IPCamera-Webs/2.5.0 PeerSec-OpenSSL/3.1.3-OPEN Date: Mon Jun 3 00:24:30 2024 WWW-Authenticate: Digest realm="DKS816975_rev5.2.6.8.3 SIP Door Station - 1868823299E6", domain="IPC170470", qop="auth", nonce="f050272842c8f24d535d0d54b1f78232", opaque="5ccc069c403ebaf9f0171e9517f40e41" Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Unauthorized
Open service 178.205.110.132:8081
2024-06-02 14:46
HTTP/1.1 401 Unauthorized Server: IPCamera-Webs/2.5.0 PeerSec-OpenSSL/3.1.3-OPEN Date: Sun Jun 2 18:00:20 2024 WWW-Authenticate: Digest realm="DKS816975_rev5.2.6.8.3 SIP Door Station - 18688232A117", domain="IPC172311", qop="auth", nonce="f7e4df1f252b8d76a2736301622a6e31", opaque="5ccc069c403ebaf9f0171e9517f40e41" Pragma: no-cache Cache-Control: no-cache Content-Type: text/html Unauthorized