IP

14.103.35.61

Network

14.103.32.0/20

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

ASN

AS4811

Organization

China Telecom Group

Protocol

mysql

Source

datascan

Operating System

Microsoft Windows

Product

Oracle MySQL

CPE(s)

<enterprise field>: cpe

Data MD5

2a2cef31572ca519d692f9327f60ab8e

F\x00\x00\x00\xffj\x04Host '<srcip>' is not allowed to connect to this MySQL server

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-07T03:15:45.000Z",
   "app" : {
      "length" : 68
   },
   "asn" : "AS4811",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "F\\x00\\x00\\x00\\xffj\\x04Host '<srcip>' is not allowed to connect to this MySQL server",
   "datamd5" : "2a2cef31572ca519d692f9327f60ab8e",
   "datammh3" : -1927105068,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4811",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "bytedance.com",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "VOLCANO-ENGINE",
      "organization" : "China Internet Network Information Center",
      "subnet" : "14.103.32.0/20"
   },
   "ip" : "14.103.35.61",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3310,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "protocol" : "mysql",
   "seen_date" : "2024-11-07",
   "source" : "datascan",
   "subnet" : "14.103.32.0/20",
   "tag" : "<enterprise field>: tag",
   "tls" : "false",
   "transport" : "tcp"
}

IP

116.236.41.248

Alternative IP(s)

116.236.41.249

Network

116.224.0.0/12

Domain(s)

justanly.com

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

Reverse DNS

justanly.com

ASN

AS4812

Organization

China Telecom Group

Protocol

mysql

Source

datascan

Operating System

Linux Linux Kernel

Product

MariaDB MariaDB 5.5.5

CPE(s)

<enterprise field>: cpe

Data MD5

09d627427b9033db98b15c5ff70d616e

q\x00\x00\x00
5.5.5-10.11.2-MariaDB-1:10.11.2+maria~ubu2204\x00|&\x02\x004x#B`>Up\x00\xfe\xf7-\x02\x00\xff\x81\x15\x00\x00\x00\x00\x00\x00\x1d\x00\x00\x00U:^NH`-[b\%C\x00mysql_native_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T19:33:21.000Z",
   "alternativeip" : [
      "116.236.41.249"
   ],
   "app" : {
      "length" : 154
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "q\\x00\\x00\\x00\n5.5.5-10.11.2-MariaDB-1:10.11.2+maria~ubu2204\\x00|&\\x02\\x004x#B`>Up\\x00\\xfe\\xf7-\\x02\\x00\\xff\\x81\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x1d\\x00\\x00\\x00U:^NH`-[b\\%C\\x00mysql_native_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "09d627427b9033db98b15c5ff70d616e",
   "datammh3" : 326782973,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "domain" : [
      "justanly.com"
   ],
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET Shanghai province network",
      "subnet" : "116.236.0.0/16"
   },
   "hostname" : [
      "justanly.com"
   ],
   "ip" : "116.236.41.248",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3310,
   "product" : "MariaDB",
   "productvendor" : "MariaDB",
   "productversion" : "5.5.5",
   "protocol" : "mysql",
   "reverse" : [
      "justanly.com"
   ],
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "subnet" : "116.224.0.0/12",
   "tld" : [
      "com"
   ],
   "tls" : "false",
   "transport" : "tcp"
}

IP

103.39.226.2

Network

103.39.224.0/21

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://103.39.226.2:3310/ 200

HTTP Title

FreeRDP WebConnect: offline

HTTP Description

A HTML5 based RDP client

ASN

AS4816

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Data MD5

33050c4b398e6e4c14b3f478e0e238ec

HTTP Header MD5

af4f27eeabc6ed4d095aa9f52e1ef5b8

HTTP Body MD5

64c88cdf7d9c7ef91379ef1cf30f9595

HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Length: 31119
Content-Type: text/html
Date: Wed, 06 Nov 2024 18:03:51 GMT
Last-Modified: Tue, 28 May 2024 04:45:39 GMT

<!DOCTYPE html>
<html>
    <head>
	<link href='//fonts.googleapis.com/css?family=Quicksand' rel='stylesheet' type='text/css'>
        <meta charset="utf-8" />
        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
        <title>FreeRDP WebConnect: offline</title>
        <meta name="robots" content="nofollow" />
        <meta name="description" content="A HTML5 based RDP client">
        <meta name="viewport" content="width=device-width height=device-height user-scalable=no">
        <meta name="cursor-event-mode" content="native">
        <meta name="touch-event-mode" content="pure-with-mouse-conversion">
        <link rel="stylesheet" href="css/style.css">
        <link rel="stylesheet" href="css/vkb.css">
		<link rel="stylesheet" href="css/reactor.css" />
        <link rel="icon" href="favicon.ico" type="image/x-icon" />
        <script src="js/modernizr.js"></script>
        <script src="js/mootools.js"></script>
        <script src="js/simpletabs.js"></script>
        <script src="js/wsgate.js"></script>
        <script src="js/vkb.js"></script>
        <!--<script language="javascript" type="text/javascript" src="js/rdpevents.js"></script>-->
        <script language="javascript" type="text/javascript">
            var wsBase = "ws://<ip>:3310/wsgate";
            var RIMtablet = navigator.appVersion && (-1 != navigator.appVersion.indexOf('RIM Tablet'));
            var mhx = 100;
            var mhy = 100;
            var dragX = 0;
            var dragY = 0;
            var inDrag = false;
            var rdp = null;
            var vkbd = null;
            var embedded = false;

            var externalConnection = false;

            function initBody(){
                //apply old settings
                settingsApply();
                initPopUpDeck();
            }


            //pop up message procedure
            var popUpDeck = null;
            var popUpElements = [];

            function initPopUpDeck(){
                popUpDeck = document.createElement('div');
                document.body.appendChild(popUpDeck);

                //popUpDeck.set('class', 'popupwrapper');
            }

            function cleanPopUpDeck(){
                for(var i=0; i<popUpElements.length; i++){
                    popUpElements[i].removeEvents();
                    popUpElements[i].destroy();
                }
            }

            function popUpMessage(type, msg, timeout, callback, center){
                var newMessage = document.createElement('div');
                popUpDeck.appendChild(newMessage);

                newMessage.set('class', 'popupmessage');
                newMessage.set('text', msg);
                newMessage.addEvent('mousedown',
                    function(){
                        if(callback)
                            callback();
                        newMessage.destroy();
                        newMessage = null;
                    });

                var color = {
                    r: 255,
                    g: 255,
                    b: 255
                };

                if(type=='error'){
                    color.r = 247;
                    color.g = 203;
                    color.b = 30;
                }else
                if(type=='message'){
                    color.r = 107;
                    color.g = 180;
                    color.b = 229;
                }else
                if(type=='critical'){
                    color.r = 255;
                    color.g = 0;
                    color.b = 0;
                }

                if(center){
                    newMessage.setStyle('position','absolute');
                    newMessage.setStyle('top', document.body.offsetHeight/2);
                    newMessage.setStyle('z-index', '1235');
                }
                newMessage.setStyle('background-color','rgba(' + color.r
                                                         + ',' + color.g
                                                         + ',' + color.b
                                                         + ', 0.8)' );

                if(timeout){
                    window.setTimeout(
                        function(){
                            if(newMessage){
                                if(callback)
                                    callback();
                                newMessage.destroy();
                            }
                        },
                        timeout*1000);
                }

                popUpElements.push(newMessage);

                return newMessage;
            }

            function noInstancePopUp(){
                popUpMessage('critical', "This instance seems to be not working. Try to enter the console again.", 0, noInstancePopUp, true);
            }

            function RDPStart(uri, title){
                if(uri === undefined){
                    uri = wsBase;
                }
                if(title === undefined){
                    title = "FreeRDP WebConnect: connected to " + $('rdphost').value.trim();
                }
                /*if(!embedded){
                    $('dvLoading').setStyles({'visibility':'visible'});
                }*/
                rdp = new wsgate.RDP(uri, $('screen'), !RIMtablet, RIMtablet, vkbd);

                rdp.addEvent('alert', function(msg) {
                    popUpMessage('error', msg, 5);
                    });
                rdp.addEvent('connected', function() {
                        cleanPopUpDeck();
                        document.title = title;
                        button = $("rdpconnect");
                        button.removeEvents();
                        window.removeEvent('resize', OnDesktopSize);
                        button.value = '断开';
                        button.addEvent('click', rdp.Disconnect.bind(rdp));
                        window.addEvent("beforeunload", rdp.Disconnect.bind(rdp));
						$("logoInfo").innerHTML = "已登录"
                        });
                rdp.addEvent('disconnected', function() {
                        showDialog(true);
                        if(embedded){
                            $('maindialog').addClass('invisible');
                            noInstancePopUp()
                        }
                        button = $("rdpconnect");
                        button.removeEvents();
                        button.value = '立即登陆';
                        button.addEvent('click', function(){RDPStart();});
                        OnDesktopSize();
						$("logoInfo").innerHTML = "请登录"
                        window.addEvent('resize', OnDesktopSize);
                        });
                rdp.addEvent('mouserelease', ResetRdpMouseFlags);
                rdp.addEvent('touch2', function() {
                    ShowMouseHelper($('mousehelper').hasClass('invisible'));
                });
                rdp.addEvent('touch3', function() {
                    vkbd.toggle();
                });
                rdp.addEvent('touch4', function() {
                    if (confirm('确定要断开吗?')) {
                        rdp.Disconnect();
                    }
                });
                showDialog(false);
                rdp.Run();
            }

            function SetRdpMouseFlags() {
                var mf = {
                    'r': $('rclick').checked,
                    'm': $('mclick').checked,
                    'a': $('aclick').checked,
                    's': $('sclick').checked,
                    'c': $('cclick').checked,
                };
                rdp.SetArtificialMouseFlags(mf);
            }
            function ResetRdpMouseFlags() {
                $('rclick').checked = false;
                $('mclick').checked = false;
                $('aclick').checked = false;
                $('sclick').checked = false;
                $('cclick').checked = false;
                rdp.SetArtificialMouseFlags(null);
            }
            function ShowMouseHelper(show) {
                var mh = $('mousehelper');
                inDrag = false;
                if (show) {
                    mh.setStyles({'position':'absolute','top':mhy,'left':mhx,'z-index':999});
                    mh.addEvent('mousedown',DragStart);
                    $('rclick').addEvent('change', SetRdpMouseFlags);
                    $('mclick').addEvent('change', SetRdpMouseFlags);
                    $('aclick').addEvent('change', SetRdpMouseFlags);
                    $('sclick').addEvent('change', SetRdpMouseFlags);
                    $('cclick').addEvent('change', SetRdpMouseFlags);
                    mh.removeClass('invisible');
                } else {
                    mh.removeEvents();
                    mh.addClass('invisible');
                    $('rclick').removeEvents();
                    $('mclick').removeEvents();
                    $('aclick').removeEvents();
                    $('sclick').removeEvents();
                    $('cclick').removeEvents();
                }
            }

            function OnDesktopSize() {
               ResizeCanvas($('dtsize').value);
               DrawLogo();
            }

            function DragStart(evt) {
                var mh = $('mousehelper');
                if (!mh.hasClass('invisible')) {
                    inDrag = true;
                    dragX = evt.page.x;
                    dragY = evt.page.y;
                    window.addEvent('mouseup',DragEnd);
                    window.addEvent('touchmove',DragMove);
                }
            }
            function DragEnd(evt) {
                inDrag = false;
                var mh = $('mousehelper');
                window.removeEvent('touchmove',DragMove);
                window.removeEvent('mouseup',DragEnd);
            }
            function DragMove(evt) {
                if (inDrag) {
                    var dx = evt.page.x - dragX;
                    var dy = evt.page.y - dragY;
                    dragX = evt.page.x;
                    dragY = evt.page.y;
                    var mh = $('mousehelper');
                    if (!mh.hasClass('invisible')) {
                        mhx += dx;
                        mhy += dy;
                        mh.setStyles({'top':mhy,'left':mhx});
                    }
                }
            }

            function DrawLogo() {
                    var logo = new Element('img', {'src': 'empty_on_purpose'});
                    logo.addEvent('load', function() {
                var scaleWCoeficient = 0.5;
                var scaleHCoeficient = 0.5;
                            var iw = this.width * scaleWCoeficient;
                            var ih = this.height * scaleHCoeficient;
                            var scale = ($('screen').height - 20) / ih;
                            $('screen').getContext('2d').drawImage(this, 10, 10, Math.round(iw * scale), Math.round(ih * scale));
                    }.bind(logo));
            }

            function ResizeCanvas(sz) {
                var w, h;
                if (sz == 'auto') {
                    w = window.getCoordinates().width;
                    h = window.getCoordinates().height;
                    if (RIMtablet) {
                        // Toplevel bar not removable
                        h -= 31;
                    }
                    if (w % 2) {
                        w -= 1;
                    }
                } else {
                    var sza = sz.split('x');
                    var w = sza[0];
                    var h = sza[1];
                }
                $('screen').width = w-50;
                $('screen').height = h-50;
				$('screen').style["margin"] = "0 auto";
            }

	    var sendDisconnect = function() {
		if (confirm('确定要断开吗?')) {
		    $('extracommands').setStyles({'visibility':'hidden'});
		    rdp.Disconnect();
			$('rdppass').set('value', '')
		}
            }

            var altTabOn = false;
            function altTabEvent(){
                if(altTabOn){
                    altTabOn = false;
                    rdp.SendKey(2);//alt+tab release
                    $('alttab').removeClass('extracommandshold');
                }
                else{
                    altTabOn = true;
                    rdp.SendKey(1);//alt+tab
                    $('alttab').addClass('extracommandshold');
                }
            }

            function showDialog(show) {
                if (show) {
                    ShowMouseHelper(false);
                    var dlg = $('maindialog');
                    var x = Math.round((window.getCoordinates().width - dlg.getCoordinates().width) / 2) + 'px';
                    var y = Math.round((window.getCoordinates().height - dlg.getCoordinates().height) / 2) + 'px';
                    $('extracommands').setStyles(
                    {
                        'visibility':'hidden'
                    });
                    $('dvLoading').setStyles(
                    {
                        'visibility':'hidden'
                    });
                    DrawLogo();
                    dlg.setStyles({
                        'z-index': 999
                     }).removeClass('invisible');
                } else {
                    $('maindialog').addClass('invisible');
                    $('extracommands').setStyles(
                    {
                        'visibility':'visible'
                    });
                    $('ctrlaltdelete').addEvent('click', function(){ rdp.SendKey(0); });
                    $('alttab').addEvent('click', altTabEvent);
                    $('disconnect').addEvent('click', sendDisconnect);
                }
            }

            var RDPCookieKey = "RDPinfoJSON";
            //sets a cookie with the settings inserted in the form
            function settingsSet(){
                var infoJSON = settingsGetJSON();
                //remove password
                infoJSON.pass = "";
                document.cookie = RDPCookieKey + "=" + JSON.stringify(infoJSON) + "; expires=Fri, 31 Dec 2030 23:59:59 GMT;";
            }
            //change the form fields with respect with the cookie
            function settingsApply(){
                var url = location.search; //获取url中"?"符后的字串
				var theRequest = new Object();
				if (url.indexOf("?") != -1) {
					var str = url.substr(1);
					strs = str.split("&");
					for(var i = 0; i < strs.length; i ++) {
						theRequest[strs[i].split("=")[0]] = strs[i].split("=")[1];
					}
				}
				if (Object.keys(theRequest).length) {
					$('rdphost').set('value',theRequest.Hostname);
					$('rdpport').set('value',theRequest.Port);
					$('rdppcb').set('value',theRequest.vmID);
					$('rdpuser').set('value',theRequest.User);
					$('nowallp').set('checked', theRequest.nowallp != 0);
					$('nowdrag').set('checked', theRequest.nowdrag != 0);
					$('nomani').set('checked', theRequest.nomani != 0);
					$('notheme').set('checked', theRequest.notheme != 0);
					$('nonla').set('checked', theRequest.nonla != 0);
					$('notls').set('checked', theRequest.notls != 0);
				}
				
				/*var cookie = document.cookie;
                if(cookie){
                    var cookieValues = cookie.split(';');
                    var i = 0;
                    //get the cookie for infoJSON
                    while(cookieValues[i].indexOf(RDPCookieKey) == -1){
                        i++;
                    }
                    //get the value of the cookie then parse it to a JSON
                    try{
                        var infoJSON = JSON.parse(cookieValues[i].split('=')[1]);
                        //if we found a JSON we apply the values to 

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T18:03:53.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64c88cdf7d9c7ef91379ef1cf30f9595",
         "bodymmh3" : 442176742,
         "description" : "A HTML5 based RDP client",
         "header" : [
            {
               "value" : "Tue, 28 May 2024 04:45:39 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "af4f27eeabc6ed4d095aa9f52e1ef5b8",
         "headermmh3" : -334194866,
         "title" : "FreeRDP WebConnect: offline"
      },
      "length" : 16376
   },
   "asn" : "AS4816",
   "country" : "CN",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-cache, private\r\nContent-Length: 31119\r\nContent-Type: text/html\r\nDate: Wed, 06 Nov 2024 18:03:51 GMT\r\nLast-Modified: Tue, 28 May 2024 04:45:39 GMT\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n    <head>\r\n\t<link href='//fonts.googleapis.com/css?family=Quicksand' rel='stylesheet' type='text/css'>\r\n        <meta charset=\"utf-8\" />\r\n        <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\" />\r\n        <title>FreeRDP WebConnect: offline</title>\r\n        <meta name=\"robots\" content=\"nofollow\" />\r\n        <meta name=\"description\" content=\"A HTML5 based RDP client\">\r\n        <meta name=\"viewport\" content=\"width=device-width height=device-height user-scalable=no\">\r\n        <meta name=\"cursor-event-mode\" content=\"native\">\r\n        <meta name=\"touch-event-mode\" content=\"pure-with-mouse-conversion\">\r\n        <link rel=\"stylesheet\" href=\"css/style.css\">\r\n        <link rel=\"stylesheet\" href=\"css/vkb.css\">\r\n\t\t<link rel=\"stylesheet\" href=\"css/reactor.css\" />\r\n        <link rel=\"icon\" href=\"favicon.ico\" type=\"image/x-icon\" />\r\n        <script src=\"js/modernizr.js\"></script>\r\n        <script src=\"js/mootools.js\"></script>\r\n        <script src=\"js/simpletabs.js\"></script>\r\n        <script src=\"js/wsgate.js\"></script>\r\n        <script src=\"js/vkb.js\"></script>\r\n        <!--<script language=\"javascript\" type=\"text/javascript\" src=\"js/rdpevents.js\"></script>-->\r\n        <script language=\"javascript\" type=\"text/javascript\">\r\n            var wsBase = \"ws://<ip>:3310/wsgate\";\r\n            var RIMtablet = navigator.appVersion && (-1 != navigator.appVersion.indexOf('RIM Tablet'));\r\n            var mhx = 100;\r\n            var mhy = 100;\r\n            var dragX = 0;\r\n            var dragY = 0;\r\n            var inDrag = false;\r\n            var rdp = null;\r\n            var vkbd = null;\r\n            var embedded = false;\r\n\r\n            var externalConnection = false;\r\n\r\n            function initBody(){\r\n                //apply old settings\r\n                settingsApply();\r\n                initPopUpDeck();\r\n            }\r\n\r\n\r\n            //pop up message procedure\r\n            var popUpDeck = null;\r\n            var popUpElements = [];\r\n\r\n            function initPopUpDeck(){\r\n                popUpDeck = document.createElement('div');\r\n                document.body.appendChild(popUpDeck);\r\n\r\n                //popUpDeck.set('class', 'popupwrapper');\r\n            }\r\n\r\n            function cleanPopUpDeck(){\r\n                for(var i=0; i<popUpElements.length; i++){\r\n                    popUpElements[i].removeEvents();\r\n                    popUpElements[i].destroy();\r\n                }\r\n            }\r\n\r\n            function popUpMessage(type, msg, timeout, callback, center){\r\n                var newMessage = document.createElement('div');\r\n                popUpDeck.appendChild(newMessage);\r\n\r\n                newMessage.set('class', 'popupmessage');\r\n                newMessage.set('text', msg);\r\n                newMessage.addEvent('mousedown',\r\n                    function(){\r\n                        if(callback)\r\n                            callback();\r\n                        newMessage.destroy();\r\n                        newMessage = null;\r\n                    });\r\n\r\n                var color = {\r\n                    r: 255,\r\n                    g: 255,\r\n                    b: 255\r\n                };\r\n\r\n                if(type=='error'){\r\n                    color.r = 247;\r\n                    color.g = 203;\r\n                    color.b = 30;\r\n                }else\r\n                if(type=='message'){\r\n                    color.r = 107;\r\n                    color.g = 180;\r\n                    color.b = 229;\r\n                }else\r\n                if(type=='critical'){\r\n                    color.r = 255;\r\n                    color.g = 0;\r\n                    color.b = 0;\r\n                }\r\n\r\n                if(center){\r\n                    newMessage.setStyle('position','absolute');\r\n                    newMessage.setStyle('top', document.body.offsetHeight/2);\r\n                    newMessage.setStyle('z-index', '1235');\r\n                }\r\n                newMessage.setStyle('background-color','rgba(' + color.r\r\n                                                         + ',' + color.g\r\n                                                         + ',' + color.b\r\n                                                         + ', 0.8)' );\r\n\r\n                if(timeout){\r\n                    window.setTimeout(\r\n                        function(){\r\n                            if(newMessage){\r\n                                if(callback)\r\n                                    callback();\r\n                                newMessage.destroy();\r\n                            }\r\n                        },\r\n                        timeout*1000);\r\n                }\r\n\r\n                popUpElements.push(newMessage);\r\n\r\n                return newMessage;\r\n            }\r\n\r\n            function noInstancePopUp(){\r\n                popUpMessage('critical', \"This instance seems to be not working. Try to enter the console again.\", 0, noInstancePopUp, true);\r\n            }\r\n\r\n            function RDPStart(uri, title){\r\n                if(uri === undefined){\r\n                    uri = wsBase;\r\n                }\r\n                if(title === undefined){\r\n                    title = \"FreeRDP WebConnect: connected to \" + $('rdphost').value.trim();\r\n                }\r\n                /*if(!embedded){\r\n                    $('dvLoading').setStyles({'visibility':'visible'});\r\n                }*/\r\n                rdp = new wsgate.RDP(uri, $('screen'), !RIMtablet, RIMtablet, vkbd);\r\n\r\n                rdp.addEvent('alert', function(msg) {\r\n                    popUpMessage('error', msg, 5);\r\n                    });\r\n                rdp.addEvent('connected', function() {\r\n                        cleanPopUpDeck();\r\n                        document.title = title;\r\n                        button = $(\"rdpconnect\");\r\n                        button.removeEvents();\r\n                        window.removeEvent('resize', OnDesktopSize);\r\n                        button.value = '\u65ad\u5f00';\r\n                        button.addEvent('click', rdp.Disconnect.bind(rdp));\r\n                        window.addEvent(\"beforeunload\", rdp.Disconnect.bind(rdp));\r\n\t\t\t\t\t\t$(\"logoInfo\").innerHTML = \"\u5df2\u767b\u5f55\"\r\n                        });\r\n                rdp.addEvent('disconnected', function() {\r\n                        showDialog(true);\r\n                        if(embedded){\r\n                            $('maindialog').addClass('invisible');\r\n                            noInstancePopUp()\r\n                        }\r\n                        button = $(\"rdpconnect\");\r\n                        button.removeEvents();\r\n                        button.value = '\u7acb\u5373\u767b\u9646';\r\n                        button.addEvent('click', function(){RDPStart();});\r\n                        OnDesktopSize();\r\n\t\t\t\t\t\t$(\"logoInfo\").innerHTML = \"\u8bf7\u767b\u5f55\"\r\n                        window.addEvent('resize', OnDesktopSize);\r\n                        });\r\n                rdp.addEvent('mouserelease', ResetRdpMouseFlags);\r\n                rdp.addEvent('touch2', function() {\r\n                    ShowMouseHelper($('mousehelper').hasClass('invisible'));\r\n                });\r\n                rdp.addEvent('touch3', function() {\r\n                    vkbd.toggle();\r\n                });\r\n                rdp.addEvent('touch4', function() {\r\n                    if (confirm('\u786e\u5b9a\u8981\u65ad\u5f00\u5417?')) {\r\n                        rdp.Disconnect();\r\n                    }\r\n                });\r\n                showDialog(false);\r\n                rdp.Run();\r\n            }\r\n\r\n            function SetRdpMouseFlags() {\r\n                var mf = {\r\n                    'r': $('rclick').checked,\r\n                    'm': $('mclick').checked,\r\n                    'a': $('aclick').checked,\r\n                    's': $('sclick').checked,\r\n                    'c': $('cclick').checked,\r\n                };\r\n                rdp.SetArtificialMouseFlags(mf);\r\n            }\r\n            function ResetRdpMouseFlags() {\r\n                $('rclick').checked = false;\r\n                $('mclick').checked = false;\r\n                $('aclick').checked = false;\r\n                $('sclick').checked = false;\r\n                $('cclick').checked = false;\r\n                rdp.SetArtificialMouseFlags(null);\r\n            }\r\n            function ShowMouseHelper(show) {\r\n                var mh = $('mousehelper');\r\n                inDrag = false;\r\n                if (show) {\r\n                    mh.setStyles({'position':'absolute','top':mhy,'left':mhx,'z-index':999});\r\n                    mh.addEvent('mousedown',DragStart);\r\n                    $('rclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('mclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('aclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('sclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('cclick').addEvent('change', SetRdpMouseFlags);\r\n                    mh.removeClass('invisible');\r\n                } else {\r\n                    mh.removeEvents();\r\n                    mh.addClass('invisible');\r\n                    $('rclick').removeEvents();\r\n                    $('mclick').removeEvents();\r\n                    $('aclick').removeEvents();\r\n                    $('sclick').removeEvents();\r\n                    $('cclick').removeEvents();\r\n                }\r\n            }\r\n\r\n            function OnDesktopSize() {\r\n               ResizeCanvas($('dtsize').value);\r\n               DrawLogo();\r\n            }\r\n\r\n            function DragStart(evt) {\r\n                var mh = $('mousehelper');\r\n                if (!mh.hasClass('invisible')) {\r\n                    inDrag = true;\r\n                    dragX = evt.page.x;\r\n                    dragY = evt.page.y;\r\n                    window.addEvent('mouseup',DragEnd);\r\n                    window.addEvent('touchmove',DragMove);\r\n                }\r\n            }\r\n            function DragEnd(evt) {\r\n                inDrag = false;\r\n                var mh = $('mousehelper');\r\n                window.removeEvent('touchmove',DragMove);\r\n                window.removeEvent('mouseup',DragEnd);\r\n            }\r\n            function DragMove(evt) {\r\n                if (inDrag) {\r\n                    var dx = evt.page.x - dragX;\r\n                    var dy = evt.page.y - dragY;\r\n                    dragX = evt.page.x;\r\n                    dragY = evt.page.y;\r\n                    var mh = $('mousehelper');\r\n                    if (!mh.hasClass('invisible')) {\r\n                        mhx += dx;\r\n                        mhy += dy;\r\n                        mh.setStyles({'top':mhy,'left':mhx});\r\n                    }\r\n                }\r\n            }\r\n\r\n            function DrawLogo() {\r\n                    var logo = new Element('img', {'src': 'empty_on_purpose'});\r\n                    logo.addEvent('load', function() {\r\n                var scaleWCoeficient = 0.5;\r\n                var scaleHCoeficient = 0.5;\r\n                            var iw = this.width * scaleWCoeficient;\r\n                            var ih = this.height * scaleHCoeficient;\r\n                            var scale = ($('screen').height - 20) / ih;\r\n                            $('screen').getContext('2d').drawImage(this, 10, 10, Math.round(iw * scale), Math.round(ih * scale));\r\n                    }.bind(logo));\r\n            }\r\n\r\n            function ResizeCanvas(sz) {\r\n                var w, h;\r\n                if (sz == 'auto') {\r\n                    w = window.getCoordinates().width;\r\n                    h = window.getCoordinates().height;\r\n                    if (RIMtablet) {\r\n                        // Toplevel bar not removable\r\n                        h -= 31;\r\n                    }\r\n                    if (w % 2) {\r\n                        w -= 1;\r\n                    }\r\n                } else {\r\n                    var sza = sz.split('x');\r\n                    var w = sza[0];\r\n                    var h = sza[1];\r\n                }\r\n                $('screen').width = w-50;\r\n                $('screen').height = h-50;\r\n\t\t\t\t$('screen').style[\"margin\"] = \"0 auto\";\r\n            }\r\n\r\n\t    var sendDisconnect = function() {\r\n\t\tif (confirm('\u786e\u5b9a\u8981\u65ad\u5f00\u5417?')) {\r\n\t\t    $('extracommands').setStyles({'visibility':'hidden'});\r\n\t\t    rdp.Disconnect();\r\n\t\t\t$('rdppass').set('value', '')\r\n\t\t}\r\n            }\r\n\r\n            var altTabOn = false;\r\n            function altTabEvent(){\r\n                if(altTabOn){\r\n                    altTabOn = false;\r\n                    rdp.SendKey(2);//alt+tab release\r\n                    $('alttab').removeClass('extracommandshold');\r\n                }\r\n                else{\r\n                    altTabOn = true;\r\n                    rdp.SendKey(1);//alt+tab\r\n                    $('alttab').addClass('extracommandshold');\r\n                }\r\n            }\r\n\r\n            function showDialog(show) {\r\n                if (show) {\r\n                    ShowMouseHelper(false);\r\n                    var dlg = $('maindialog');\r\n                    var x = Math.round((window.getCoordinates().width - dlg.getCoordinates().width) / 2) + 'px';\r\n                    var y = Math.round((window.getCoordinates().height - dlg.getCoordinates().height) / 2) + 'px';\r\n                    $('extracommands').setStyles(\r\n                    {\r\n                        'visibility':'hidden'\r\n                    });\r\n                    $('dvLoading').setStyles(\r\n                    {\r\n                        'visibility':'hidden'\r\n                    });\r\n                    DrawLogo();\r\n                    dlg.setStyles({\r\n                        'z-index': 999\r\n                     }).removeClass('invisible');\r\n                } else {\r\n                    $('maindialog').addClass('invisible');\r\n                    $('extracommands').setStyles(\r\n                    {\r\n                        'visibility':'visible'\r\n                    });\r\n                    $('ctrlaltdelete').addEvent('click', function(){ rdp.SendKey(0); });\r\n                    $('alttab').addEvent('click', altTabEvent);\r\n                    $('disconnect').addEvent('click', sendDisconnect);\r\n                }\r\n            }\r\n\r\n            var RDPCookieKey = \"RDPinfoJSON\";\r\n            //sets a cookie with the settings inserted in the form\r\n            function settingsSet(){\r\n                var infoJSON = settingsGetJSON();\r\n                //remove password\r\n                infoJSON.pass = \"\";\r\n                document.cookie = RDPCookieKey + \"=\" + JSON.stringify(infoJSON) + \"; expires=Fri, 31 Dec 2030 23:59:59 GMT;\";\r\n            }\r\n            //change the form fields with respect with the cookie\r\n            function settingsApply(){\r\n                var url = location.search; //\u83b7\u53d6url\u4e2d\"?\"\u7b26\u540e\u7684\u5b57\u4e32\r\n\t\t\t\tvar theRequest = new Object();\r\n\t\t\t\tif (url.indexOf(\"?\") != -1) {\r\n\t\t\t\t\tvar str = url.substr(1);\r\n\t\t\t\t\tstrs = str.split(\"&\");\r\n\t\t\t\t\tfor(var i = 0; i < strs.length; i ++) {\r\n\t\t\t\t\t\ttheRequest[strs[i].split(\"=\")[0]] = strs[i].split(\"=\")[1];\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tif (Object.keys(theRequest).length) {\r\n\t\t\t\t\t$('rdphost').set('value',theRequest.Hostname);\r\n\t\t\t\t\t$('rdpport').set('value',theRequest.Port);\r\n\t\t\t\t\t$('rdppcb').set('value',theRequest.vmID);\r\n\t\t\t\t\t$('rdpuser').set('value',theRequest.User);\r\n\t\t\t\t\t$('nowallp').set('checked', theRequest.nowallp != 0);\r\n\t\t\t\t\t$('nowdrag').set('checked', theRequest.nowdrag != 0);\r\n\t\t\t\t\t$('nomani').set('checked', theRequest.nomani != 0);\r\n\t\t\t\t\t$('notheme').set('checked', theRequest.notheme != 0);\r\n\t\t\t\t\t$('nonla').set('checked', theRequest.nonla != 0);\r\n\t\t\t\t\t$('notls').set('checked', theRequest.notls != 0);\r\n\t\t\t\t}\r\n\t\t\t\t\r\n\t\t\t\t/*var cookie = document.cookie;\r\n                if(cookie){\r\n                    var cookieValues = cookie.split(';');\r\n                    var i = 0;\r\n                    //get the cookie for infoJSON\r\n                    while(cookieValues[i].indexOf(RDPCookieKey) == -1){\r\n                        i++;\r\n                    }\r\n                    //get the value of the cookie then parse it to a JSON\r\n                    try{\r\n                        var infoJSON = JSON.parse(cookieValues[i].split('=')[1]);\r\n                        //if we found a JSON we apply the values to ",
   "datamd5" : "33050c4b398e6e4c14b3f478e0e238ec",
   "datammh3" : 1465683030,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS63916",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "qq.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "Xiaoniaoyun",
      "organization" : "Shenzhen Qianhai bird cloud computing Co. Ltd.",
      "subnet" : "103.39.224.0/22"
   },
   "ip" : "103.39.226.2",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3310,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "103.39.224.0/21",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

116.235.20.93

Network

116.224.0.0/12

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

ASN

AS4812

Organization

China Telecom Group

Protocol

mysql

Source

datascan

Operating System

Linux Linux Kernel

Product

MariaDB MariaDB 5.5.51

CPE(s)

<enterprise field>: cpe

Data MD5

e75d2441c41c3f3a1676e7d0fe985103

R\x00\x00\x00
5.5.51-MariaDB\x00[\x08\x00\x00C6$N@5(g\x00\xff\xf7\x08\x02\x00\x0f\xa0\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00QA/f7|.kS>xe\x00mysql_native_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-06T07:16:34.000Z",
   "app" : {
      "length" : 123
   },
   "asn" : "AS4812",
   "city" : "Shanghai",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "R\\x00\\x00\\x00\n5.5.51-MariaDB\\x00[\\x08\\x00\\x00C6$N@5(g\\x00\\xff\\xf7\\x08\\x02\\x00\\x0f\\xa0\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00QA/f7|.kS>xe\\x00mysql_native_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "e75d2441c41c3f3a1676e7d0fe985103",
   "datammh3" : -1552120479,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET Shanghai province network",
      "subnet" : "116.232.0.0/14"
   },
   "ip" : "116.235.20.93",
   "ipv6" : "false",
   "latitude" : "31.2222",
   "location" : "31.2222,121.4581",
   "longitude" : "121.4581",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3310,
   "product" : "MariaDB",
   "productvendor" : "MariaDB",
   "productversion" : "5.5.51",
   "protocol" : "mysql",
   "seen_date" : "2024-11-06",
   "source" : "datascan",
   "subnet" : "116.224.0.0/12",
   "tls" : "false",
   "transport" : "tcp"
}

IP

103.156.68.155

Network

103.156.68.0/23

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://103.156.68.155:3310/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

F5 Nginx

CPE(s)

<enterprise field>: cpe

Data MD5

a3768245d18923b85ff9fbd3823b817e

HTTP Header MD5

a629a0fe278971ad61801ba6975ba467

HTTP Body MD5

4481ddb7dc4c86ee57d53e06632d175b

HTTP/1.1 400 Bad Request
Server: nginx
Date: Tue, 05 Nov 2024 22:04:58 GMT
Content-Type: text/html
Content-Length: 264
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body bgcolor="white">
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T22:04:59.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "4481ddb7dc4c86ee57d53e06632d175b",
         "bodymmh3" : 1578429100,
         "headermd5" : "a629a0fe278971ad61801ba6975ba467",
         "headermmh3" : 1462237904,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 409
   },
   "asn" : "AS4812",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx\r\nDate: Tue, 05 Nov 2024 22:04:58 GMT\r\nContent-Type: text/html\r\nContent-Length: 264\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body bgcolor=\"white\">\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "a3768245d18923b85ff9fbd3823b817e",
   "datammh3" : 227797036,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "bestidc.cn",
         "cnnic.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "RuguInfo",
      "organization" : "Shanghai Rugu Info&Tech Co.,Ltd.",
      "subnet" : "103.156.68.0/23"
   },
   "ip" : "103.156.68.155",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3310,
   "product" : "Nginx",
   "productvendor" : "F5",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "103.156.68.0/23",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

222.73.113.152

Network

222.72.0.0/15

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://222.73.113.152:3310/ 400

HTTP Title

400 The plain HTTP request was sent to HTTPS port

ASN

AS4812

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Product

F5 Nginx 1.24.0

CPE(s)

<enterprise field>: cpe

Data MD5

efe7a8ab8d5e555a3b561449b26241cd

HTTP Header MD5

c8b95a001a387b881ba4d381fd76232f

HTTP Body MD5

82f13e1d58f40bfc6e3e3962f2f9ca74

HTTP/1.1 400 Bad Request
Server: nginx/1.24.0
Date: Tue, 05 Nov 2024 17:31:40 GMT
Content-Type: text/html
Content-Length: 255
Connection: close

<html>
<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>
<body>
<center><h1>400 Bad Request</h1></center>
<center>The plain HTTP request was sent to HTTPS port</center>
<hr><center>nginx/1.24.0</center>
</body>
</html>

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T17:31:41.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "82f13e1d58f40bfc6e3e3962f2f9ca74",
         "bodymmh3" : -1928850511,
         "headermd5" : "c8b95a001a387b881ba4d381fd76232f",
         "headermmh3" : 1496462024,
         "title" : "400 The plain HTTP request was sent to HTTPS port"
      },
      "length" : 407
   },
   "asn" : "AS4812",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "HTTP/1.1 400 Bad Request\r\nServer: nginx/1.24.0\r\nDate: Tue, 05 Nov 2024 17:31:40 GMT\r\nContent-Type: text/html\r\nContent-Length: 255\r\nConnection: close\r\n\r\n<html>\r\n<head><title>400 The plain HTTP request was sent to HTTPS port</title></head>\r\n<body>\r\n<center><h1>400 Bad Request</h1></center>\r\n<center>The plain HTTP request was sent to HTTPS port</center>\r\n<hr><center>nginx/1.24.0</center>\r\n</body>\r\n</html>\r\n",
   "datamd5" : "efe7a8ab8d5e555a3b561449b26241cd",
   "datammh3" : -1617447289,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "apnic.net",
         "chinatelecom.cn",
         "online.sh.cn",
         "shtel.com.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET shanghai province network",
      "subnet" : "222.72.0.0/15"
   },
   "ip" : "222.73.113.152",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3310,
   "product" : "Nginx",
   "productvendor" : "F5",
   "productversion" : "1.24.0",
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "Bad Request",
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 400,
   "subnet" : "222.72.0.0/15",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

125.76.228.100

Network

125.76.224.0/19

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://125.76.228.100:3310/ 200

HTTP Title

FreeRDP WebConnect: offline

HTTP Description

A HTML5 based RDP client

ASN

AS4835

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Data MD5

1cdac3eda280f6c77b27d309dc9928ed

HTTP Header MD5

af4f27eeabc6ed4d095aa9f52e1ef5b8

HTTP Body MD5

64c88cdf7d9c7ef91379ef1cf30f9595

HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Length: 31121
Content-Type: text/html
Date: Tue, 05 Nov 2024 17:30:12 GMT
Last-Modified: Tue, 28 May 2024 04:45:39 GMT

<!DOCTYPE html>
<html>
    <head>
	<link href='//fonts.googleapis.com/css?family=Quicksand' rel='stylesheet' type='text/css'>
        <meta charset="utf-8" />
        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
        <title>FreeRDP WebConnect: offline</title>
        <meta name="robots" content="nofollow" />
        <meta name="description" content="A HTML5 based RDP client">
        <meta name="viewport" content="width=device-width height=device-height user-scalable=no">
        <meta name="cursor-event-mode" content="native">
        <meta name="touch-event-mode" content="pure-with-mouse-conversion">
        <link rel="stylesheet" href="css/style.css">
        <link rel="stylesheet" href="css/vkb.css">
		<link rel="stylesheet" href="css/reactor.css" />
        <link rel="icon" href="favicon.ico" type="image/x-icon" />
        <script src="js/modernizr.js"></script>
        <script src="js/mootools.js"></script>
        <script src="js/simpletabs.js"></script>
        <script src="js/wsgate.js"></script>
        <script src="js/vkb.js"></script>
        <!--<script language="javascript" type="text/javascript" src="js/rdpevents.js"></script>-->
        <script language="javascript" type="text/javascript">
            var wsBase = "ws://<ip>:3310/wsgate";
            var RIMtablet = navigator.appVersion && (-1 != navigator.appVersion.indexOf('RIM Tablet'));
            var mhx = 100;
            var mhy = 100;
            var dragX = 0;
            var dragY = 0;
            var inDrag = false;
            var rdp = null;
            var vkbd = null;
            var embedded = false;

            var externalConnection = false;

            function initBody(){
                //apply old settings
                settingsApply();
                initPopUpDeck();
            }


            //pop up message procedure
            var popUpDeck = null;
            var popUpElements = [];

            function initPopUpDeck(){
                popUpDeck = document.createElement('div');
                document.body.appendChild(popUpDeck);

                //popUpDeck.set('class', 'popupwrapper');
            }

            function cleanPopUpDeck(){
                for(var i=0; i<popUpElements.length; i++){
                    popUpElements[i].removeEvents();
                    popUpElements[i].destroy();
                }
            }

            function popUpMessage(type, msg, timeout, callback, center){
                var newMessage = document.createElement('div');
                popUpDeck.appendChild(newMessage);

                newMessage.set('class', 'popupmessage');
                newMessage.set('text', msg);
                newMessage.addEvent('mousedown',
                    function(){
                        if(callback)
                            callback();
                        newMessage.destroy();
                        newMessage = null;
                    });

                var color = {
                    r: 255,
                    g: 255,
                    b: 255
                };

                if(type=='error'){
                    color.r = 247;
                    color.g = 203;
                    color.b = 30;
                }else
                if(type=='message'){
                    color.r = 107;
                    color.g = 180;
                    color.b = 229;
                }else
                if(type=='critical'){
                    color.r = 255;
                    color.g = 0;
                    color.b = 0;
                }

                if(center){
                    newMessage.setStyle('position','absolute');
                    newMessage.setStyle('top', document.body.offsetHeight/2);
                    newMessage.setStyle('z-index', '1235');
                }
                newMessage.setStyle('background-color','rgba(' + color.r
                                                         + ',' + color.g
                                                         + ',' + color.b
                                                         + ', 0.8)' );

                if(timeout){
                    window.setTimeout(
                        function(){
                            if(newMessage){
                                if(callback)
                                    callback();
                                newMessage.destroy();
                            }
                        },
                        timeout*1000);
                }

                popUpElements.push(newMessage);

                return newMessage;
            }

            function noInstancePopUp(){
                popUpMessage('critical', "This instance seems to be not working. Try to enter the console again.", 0, noInstancePopUp, true);
            }

            function RDPStart(uri, title){
                if(uri === undefined){
                    uri = wsBase;
                }
                if(title === undefined){
                    title = "FreeRDP WebConnect: connected to " + $('rdphost').value.trim();
                }
                /*if(!embedded){
                    $('dvLoading').setStyles({'visibility':'visible'});
                }*/
                rdp = new wsgate.RDP(uri, $('screen'), !RIMtablet, RIMtablet, vkbd);

                rdp.addEvent('alert', function(msg) {
                    popUpMessage('error', msg, 5);
                    });
                rdp.addEvent('connected', function() {
                        cleanPopUpDeck();
                        document.title = title;
                        button = $("rdpconnect");
                        button.removeEvents();
                        window.removeEvent('resize', OnDesktopSize);
                        button.value = '断开';
                        button.addEvent('click', rdp.Disconnect.bind(rdp));
                        window.addEvent("beforeunload", rdp.Disconnect.bind(rdp));
						$("logoInfo").innerHTML = "已登录"
                        });
                rdp.addEvent('disconnected', function() {
                        showDialog(true);
                        if(embedded){
                            $('maindialog').addClass('invisible');
                            noInstancePopUp()
                        }
                        button = $("rdpconnect");
                        button.removeEvents();
                        button.value = '立即登陆';
                        button.addEvent('click', function(){RDPStart();});
                        OnDesktopSize();
						$("logoInfo").innerHTML = "请登录"
                        window.addEvent('resize', OnDesktopSize);
                        });
                rdp.addEvent('mouserelease', ResetRdpMouseFlags);
                rdp.addEvent('touch2', function() {
                    ShowMouseHelper($('mousehelper').hasClass('invisible'));
                });
                rdp.addEvent('touch3', function() {
                    vkbd.toggle();
                });
                rdp.addEvent('touch4', function() {
                    if (confirm('确定要断开吗?')) {
                        rdp.Disconnect();
                    }
                });
                showDialog(false);
                rdp.Run();
            }

            function SetRdpMouseFlags() {
                var mf = {
                    'r': $('rclick').checked,
                    'm': $('mclick').checked,
                    'a': $('aclick').checked,
                    's': $('sclick').checked,
                    'c': $('cclick').checked,
                };
                rdp.SetArtificialMouseFlags(mf);
            }
            function ResetRdpMouseFlags() {
                $('rclick').checked = false;
                $('mclick').checked = false;
                $('aclick').checked = false;
                $('sclick').checked = false;
                $('cclick').checked = false;
                rdp.SetArtificialMouseFlags(null);
            }
            function ShowMouseHelper(show) {
                var mh = $('mousehelper');
                inDrag = false;
                if (show) {
                    mh.setStyles({'position':'absolute','top':mhy,'left':mhx,'z-index':999});
                    mh.addEvent('mousedown',DragStart);
                    $('rclick').addEvent('change', SetRdpMouseFlags);
                    $('mclick').addEvent('change', SetRdpMouseFlags);
                    $('aclick').addEvent('change', SetRdpMouseFlags);
                    $('sclick').addEvent('change', SetRdpMouseFlags);
                    $('cclick').addEvent('change', SetRdpMouseFlags);
                    mh.removeClass('invisible');
                } else {
                    mh.removeEvents();
                    mh.addClass('invisible');
                    $('rclick').removeEvents();
                    $('mclick').removeEvents();
                    $('aclick').removeEvents();
                    $('sclick').removeEvents();
                    $('cclick').removeEvents();
                }
            }

            function OnDesktopSize() {
               ResizeCanvas($('dtsize').value);
               DrawLogo();
            }

            function DragStart(evt) {
                var mh = $('mousehelper');
                if (!mh.hasClass('invisible')) {
                    inDrag = true;
                    dragX = evt.page.x;
                    dragY = evt.page.y;
                    window.addEvent('mouseup',DragEnd);
                    window.addEvent('touchmove',DragMove);
                }
            }
            function DragEnd(evt) {
                inDrag = false;
                var mh = $('mousehelper');
                window.removeEvent('touchmove',DragMove);
                window.removeEvent('mouseup',DragEnd);
            }
            function DragMove(evt) {
                if (inDrag) {
                    var dx = evt.page.x - dragX;
                    var dy = evt.page.y - dragY;
                    dragX = evt.page.x;
                    dragY = evt.page.y;
                    var mh = $('mousehelper');
                    if (!mh.hasClass('invisible')) {
                        mhx += dx;
                        mhy += dy;
                        mh.setStyles({'top':mhy,'left':mhx});
                    }
                }
            }

            function DrawLogo() {
                    var logo = new Element('img', {'src': 'empty_on_purpose'});
                    logo.addEvent('load', function() {
                var scaleWCoeficient = 0.5;
                var scaleHCoeficient = 0.5;
                            var iw = this.width * scaleWCoeficient;
                            var ih = this.height * scaleHCoeficient;
                            var scale = ($('screen').height - 20) / ih;
                            $('screen').getContext('2d').drawImage(this, 10, 10, Math.round(iw * scale), Math.round(ih * scale));
                    }.bind(logo));
            }

            function ResizeCanvas(sz) {
                var w, h;
                if (sz == 'auto') {
                    w = window.getCoordinates().width;
                    h = window.getCoordinates().height;
                    if (RIMtablet) {
                        // Toplevel bar not removable
                        h -= 31;
                    }
                    if (w % 2) {
                        w -= 1;
                    }
                } else {
                    var sza = sz.split('x');
                    var w = sza[0];
                    var h = sza[1];
                }
                $('screen').width = w-50;
                $('screen').height = h-50;
				$('screen').style["margin"] = "0 auto";
            }

	    var sendDisconnect = function() {
		if (confirm('确定要断开吗?')) {
		    $('extracommands').setStyles({'visibility':'hidden'});
		    rdp.Disconnect();
			$('rdppass').set('value', '')
		}
            }

            var altTabOn = false;
            function altTabEvent(){
                if(altTabOn){
                    altTabOn = false;
                    rdp.SendKey(2);//alt+tab release
                    $('alttab').removeClass('extracommandshold');
                }
                else{
                    altTabOn = true;
                    rdp.SendKey(1);//alt+tab
                    $('alttab').addClass('extracommandshold');
                }
            }

            function showDialog(show) {
                if (show) {
                    ShowMouseHelper(false);
                    var dlg = $('maindialog');
                    var x = Math.round((window.getCoordinates().width - dlg.getCoordinates().width) / 2) + 'px';
                    var y = Math.round((window.getCoordinates().height - dlg.getCoordinates().height) / 2) + 'px';
                    $('extracommands').setStyles(
                    {
                        'visibility':'hidden'
                    });
                    $('dvLoading').setStyles(
                    {
                        'visibility':'hidden'
                    });
                    DrawLogo();
                    dlg.setStyles({
                        'z-index': 999
                     }).removeClass('invisible');
                } else {
                    $('maindialog').addClass('invisible');
                    $('extracommands').setStyles(
                    {
                        'visibility':'visible'
                    });
                    $('ctrlaltdelete').addEvent('click', function(){ rdp.SendKey(0); });
                    $('alttab').addEvent('click', altTabEvent);
                    $('disconnect').addEvent('click', sendDisconnect);
                }
            }

            var RDPCookieKey = "RDPinfoJSON";
            //sets a cookie with the settings inserted in the form
            function settingsSet(){
                var infoJSON = settingsGetJSON();
                //remove password
                infoJSON.pass = "";
                document.cookie = RDPCookieKey + "=" + JSON.stringify(infoJSON) + "; expires=Fri, 31 Dec 2030 23:59:59 GMT;";
            }
            //change the form fields with respect with the cookie
            function settingsApply(){
                var url = location.search; //获取url中"?"符后的字串
				var theRequest = new Object();
				if (url.indexOf("?") != -1) {
					var str = url.substr(1);
					strs = str.split("&");
					for(var i = 0; i < strs.length; i ++) {
						theRequest[strs[i].split("=")[0]] = strs[i].split("=")[1];
					}
				}
				if (Object.keys(theRequest).length) {
					$('rdphost').set('value',theRequest.Hostname);
					$('rdpport').set('value',theRequest.Port);
					$('rdppcb').set('value',theRequest.vmID);
					$('rdpuser').set('value',theRequest.User);
					$('nowallp').set('checked', theRequest.nowallp != 0);
					$('nowdrag').set('checked', theRequest.nowdrag != 0);
					$('nomani').set('checked', theRequest.nomani != 0);
					$('notheme').set('checked', theRequest.notheme != 0);
					$('nonla').set('checked', theRequest.nonla != 0);
					$('notls').set('checked', theRequest.notls != 0);
				}
				
				/*var cookie = document.cookie;
                if(cookie){
                    var cookieValues = cookie.split(';');
                    var i = 0;
                    //get the cookie for infoJSON
                    while(cookieValues[i].indexOf(RDPCookieKey) == -1){
                        i++;
                    }
                    //get the value of the cookie then parse it to a JSON
                    try{
                        var infoJSON = JSON.parse(cookieValues[i].split('=')[1]);
                        //if we found a JSON we apply the values t

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T17:30:13.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64c88cdf7d9c7ef91379ef1cf30f9595",
         "bodymmh3" : 2138724599,
         "description" : "A HTML5 based RDP client",
         "header" : [
            {
               "name" : "Last-Modified",
               "value" : "Tue, 28 May 2024 04:45:39 GMT"
            }
         ],
         "headermd5" : "af4f27eeabc6ed4d095aa9f52e1ef5b8",
         "headermmh3" : -1624777683,
         "title" : "FreeRDP WebConnect: offline"
      },
      "length" : 16374
   },
   "asn" : "AS4835",
   "country" : "CN",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-cache, private\r\nContent-Length: 31121\r\nContent-Type: text/html\r\nDate: Tue, 05 Nov 2024 17:30:12 GMT\r\nLast-Modified: Tue, 28 May 2024 04:45:39 GMT\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n    <head>\r\n\t<link href='//fonts.googleapis.com/css?family=Quicksand' rel='stylesheet' type='text/css'>\r\n        <meta charset=\"utf-8\" />\r\n        <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\" />\r\n        <title>FreeRDP WebConnect: offline</title>\r\n        <meta name=\"robots\" content=\"nofollow\" />\r\n        <meta name=\"description\" content=\"A HTML5 based RDP client\">\r\n        <meta name=\"viewport\" content=\"width=device-width height=device-height user-scalable=no\">\r\n        <meta name=\"cursor-event-mode\" content=\"native\">\r\n        <meta name=\"touch-event-mode\" content=\"pure-with-mouse-conversion\">\r\n        <link rel=\"stylesheet\" href=\"css/style.css\">\r\n        <link rel=\"stylesheet\" href=\"css/vkb.css\">\r\n\t\t<link rel=\"stylesheet\" href=\"css/reactor.css\" />\r\n        <link rel=\"icon\" href=\"favicon.ico\" type=\"image/x-icon\" />\r\n        <script src=\"js/modernizr.js\"></script>\r\n        <script src=\"js/mootools.js\"></script>\r\n        <script src=\"js/simpletabs.js\"></script>\r\n        <script src=\"js/wsgate.js\"></script>\r\n        <script src=\"js/vkb.js\"></script>\r\n        <!--<script language=\"javascript\" type=\"text/javascript\" src=\"js/rdpevents.js\"></script>-->\r\n        <script language=\"javascript\" type=\"text/javascript\">\r\n            var wsBase = \"ws://<ip>:3310/wsgate\";\r\n            var RIMtablet = navigator.appVersion && (-1 != navigator.appVersion.indexOf('RIM Tablet'));\r\n            var mhx = 100;\r\n            var mhy = 100;\r\n            var dragX = 0;\r\n            var dragY = 0;\r\n            var inDrag = false;\r\n            var rdp = null;\r\n            var vkbd = null;\r\n            var embedded = false;\r\n\r\n            var externalConnection = false;\r\n\r\n            function initBody(){\r\n                //apply old settings\r\n                settingsApply();\r\n                initPopUpDeck();\r\n            }\r\n\r\n\r\n            //pop up message procedure\r\n            var popUpDeck = null;\r\n            var popUpElements = [];\r\n\r\n            function initPopUpDeck(){\r\n                popUpDeck = document.createElement('div');\r\n                document.body.appendChild(popUpDeck);\r\n\r\n                //popUpDeck.set('class', 'popupwrapper');\r\n            }\r\n\r\n            function cleanPopUpDeck(){\r\n                for(var i=0; i<popUpElements.length; i++){\r\n                    popUpElements[i].removeEvents();\r\n                    popUpElements[i].destroy();\r\n                }\r\n            }\r\n\r\n            function popUpMessage(type, msg, timeout, callback, center){\r\n                var newMessage = document.createElement('div');\r\n                popUpDeck.appendChild(newMessage);\r\n\r\n                newMessage.set('class', 'popupmessage');\r\n                newMessage.set('text', msg);\r\n                newMessage.addEvent('mousedown',\r\n                    function(){\r\n                        if(callback)\r\n                            callback();\r\n                        newMessage.destroy();\r\n                        newMessage = null;\r\n                    });\r\n\r\n                var color = {\r\n                    r: 255,\r\n                    g: 255,\r\n                    b: 255\r\n                };\r\n\r\n                if(type=='error'){\r\n                    color.r = 247;\r\n                    color.g = 203;\r\n                    color.b = 30;\r\n                }else\r\n                if(type=='message'){\r\n                    color.r = 107;\r\n                    color.g = 180;\r\n                    color.b = 229;\r\n                }else\r\n                if(type=='critical'){\r\n                    color.r = 255;\r\n                    color.g = 0;\r\n                    color.b = 0;\r\n                }\r\n\r\n                if(center){\r\n                    newMessage.setStyle('position','absolute');\r\n                    newMessage.setStyle('top', document.body.offsetHeight/2);\r\n                    newMessage.setStyle('z-index', '1235');\r\n                }\r\n                newMessage.setStyle('background-color','rgba(' + color.r\r\n                                                         + ',' + color.g\r\n                                                         + ',' + color.b\r\n                                                         + ', 0.8)' );\r\n\r\n                if(timeout){\r\n                    window.setTimeout(\r\n                        function(){\r\n                            if(newMessage){\r\n                                if(callback)\r\n                                    callback();\r\n                                newMessage.destroy();\r\n                            }\r\n                        },\r\n                        timeout*1000);\r\n                }\r\n\r\n                popUpElements.push(newMessage);\r\n\r\n                return newMessage;\r\n            }\r\n\r\n            function noInstancePopUp(){\r\n                popUpMessage('critical', \"This instance seems to be not working. Try to enter the console again.\", 0, noInstancePopUp, true);\r\n            }\r\n\r\n            function RDPStart(uri, title){\r\n                if(uri === undefined){\r\n                    uri = wsBase;\r\n                }\r\n                if(title === undefined){\r\n                    title = \"FreeRDP WebConnect: connected to \" + $('rdphost').value.trim();\r\n                }\r\n                /*if(!embedded){\r\n                    $('dvLoading').setStyles({'visibility':'visible'});\r\n                }*/\r\n                rdp = new wsgate.RDP(uri, $('screen'), !RIMtablet, RIMtablet, vkbd);\r\n\r\n                rdp.addEvent('alert', function(msg) {\r\n                    popUpMessage('error', msg, 5);\r\n                    });\r\n                rdp.addEvent('connected', function() {\r\n                        cleanPopUpDeck();\r\n                        document.title = title;\r\n                        button = $(\"rdpconnect\");\r\n                        button.removeEvents();\r\n                        window.removeEvent('resize', OnDesktopSize);\r\n                        button.value = '\u65ad\u5f00';\r\n                        button.addEvent('click', rdp.Disconnect.bind(rdp));\r\n                        window.addEvent(\"beforeunload\", rdp.Disconnect.bind(rdp));\r\n\t\t\t\t\t\t$(\"logoInfo\").innerHTML = \"\u5df2\u767b\u5f55\"\r\n                        });\r\n                rdp.addEvent('disconnected', function() {\r\n                        showDialog(true);\r\n                        if(embedded){\r\n                            $('maindialog').addClass('invisible');\r\n                            noInstancePopUp()\r\n                        }\r\n                        button = $(\"rdpconnect\");\r\n                        button.removeEvents();\r\n                        button.value = '\u7acb\u5373\u767b\u9646';\r\n                        button.addEvent('click', function(){RDPStart();});\r\n                        OnDesktopSize();\r\n\t\t\t\t\t\t$(\"logoInfo\").innerHTML = \"\u8bf7\u767b\u5f55\"\r\n                        window.addEvent('resize', OnDesktopSize);\r\n                        });\r\n                rdp.addEvent('mouserelease', ResetRdpMouseFlags);\r\n                rdp.addEvent('touch2', function() {\r\n                    ShowMouseHelper($('mousehelper').hasClass('invisible'));\r\n                });\r\n                rdp.addEvent('touch3', function() {\r\n                    vkbd.toggle();\r\n                });\r\n                rdp.addEvent('touch4', function() {\r\n                    if (confirm('\u786e\u5b9a\u8981\u65ad\u5f00\u5417?')) {\r\n                        rdp.Disconnect();\r\n                    }\r\n                });\r\n                showDialog(false);\r\n                rdp.Run();\r\n            }\r\n\r\n            function SetRdpMouseFlags() {\r\n                var mf = {\r\n                    'r': $('rclick').checked,\r\n                    'm': $('mclick').checked,\r\n                    'a': $('aclick').checked,\r\n                    's': $('sclick').checked,\r\n                    'c': $('cclick').checked,\r\n                };\r\n                rdp.SetArtificialMouseFlags(mf);\r\n            }\r\n            function ResetRdpMouseFlags() {\r\n                $('rclick').checked = false;\r\n                $('mclick').checked = false;\r\n                $('aclick').checked = false;\r\n                $('sclick').checked = false;\r\n                $('cclick').checked = false;\r\n                rdp.SetArtificialMouseFlags(null);\r\n            }\r\n            function ShowMouseHelper(show) {\r\n                var mh = $('mousehelper');\r\n                inDrag = false;\r\n                if (show) {\r\n                    mh.setStyles({'position':'absolute','top':mhy,'left':mhx,'z-index':999});\r\n                    mh.addEvent('mousedown',DragStart);\r\n                    $('rclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('mclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('aclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('sclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('cclick').addEvent('change', SetRdpMouseFlags);\r\n                    mh.removeClass('invisible');\r\n                } else {\r\n                    mh.removeEvents();\r\n                    mh.addClass('invisible');\r\n                    $('rclick').removeEvents();\r\n                    $('mclick').removeEvents();\r\n                    $('aclick').removeEvents();\r\n                    $('sclick').removeEvents();\r\n                    $('cclick').removeEvents();\r\n                }\r\n            }\r\n\r\n            function OnDesktopSize() {\r\n               ResizeCanvas($('dtsize').value);\r\n               DrawLogo();\r\n            }\r\n\r\n            function DragStart(evt) {\r\n                var mh = $('mousehelper');\r\n                if (!mh.hasClass('invisible')) {\r\n                    inDrag = true;\r\n                    dragX = evt.page.x;\r\n                    dragY = evt.page.y;\r\n                    window.addEvent('mouseup',DragEnd);\r\n                    window.addEvent('touchmove',DragMove);\r\n                }\r\n            }\r\n            function DragEnd(evt) {\r\n                inDrag = false;\r\n                var mh = $('mousehelper');\r\n                window.removeEvent('touchmove',DragMove);\r\n                window.removeEvent('mouseup',DragEnd);\r\n            }\r\n            function DragMove(evt) {\r\n                if (inDrag) {\r\n                    var dx = evt.page.x - dragX;\r\n                    var dy = evt.page.y - dragY;\r\n                    dragX = evt.page.x;\r\n                    dragY = evt.page.y;\r\n                    var mh = $('mousehelper');\r\n                    if (!mh.hasClass('invisible')) {\r\n                        mhx += dx;\r\n                        mhy += dy;\r\n                        mh.setStyles({'top':mhy,'left':mhx});\r\n                    }\r\n                }\r\n            }\r\n\r\n            function DrawLogo() {\r\n                    var logo = new Element('img', {'src': 'empty_on_purpose'});\r\n                    logo.addEvent('load', function() {\r\n                var scaleWCoeficient = 0.5;\r\n                var scaleHCoeficient = 0.5;\r\n                            var iw = this.width * scaleWCoeficient;\r\n                            var ih = this.height * scaleHCoeficient;\r\n                            var scale = ($('screen').height - 20) / ih;\r\n                            $('screen').getContext('2d').drawImage(this, 10, 10, Math.round(iw * scale), Math.round(ih * scale));\r\n                    }.bind(logo));\r\n            }\r\n\r\n            function ResizeCanvas(sz) {\r\n                var w, h;\r\n                if (sz == 'auto') {\r\n                    w = window.getCoordinates().width;\r\n                    h = window.getCoordinates().height;\r\n                    if (RIMtablet) {\r\n                        // Toplevel bar not removable\r\n                        h -= 31;\r\n                    }\r\n                    if (w % 2) {\r\n                        w -= 1;\r\n                    }\r\n                } else {\r\n                    var sza = sz.split('x');\r\n                    var w = sza[0];\r\n                    var h = sza[1];\r\n                }\r\n                $('screen').width = w-50;\r\n                $('screen').height = h-50;\r\n\t\t\t\t$('screen').style[\"margin\"] = \"0 auto\";\r\n            }\r\n\r\n\t    var sendDisconnect = function() {\r\n\t\tif (confirm('\u786e\u5b9a\u8981\u65ad\u5f00\u5417?')) {\r\n\t\t    $('extracommands').setStyles({'visibility':'hidden'});\r\n\t\t    rdp.Disconnect();\r\n\t\t\t$('rdppass').set('value', '')\r\n\t\t}\r\n            }\r\n\r\n            var altTabOn = false;\r\n            function altTabEvent(){\r\n                if(altTabOn){\r\n                    altTabOn = false;\r\n                    rdp.SendKey(2);//alt+tab release\r\n                    $('alttab').removeClass('extracommandshold');\r\n                }\r\n                else{\r\n                    altTabOn = true;\r\n                    rdp.SendKey(1);//alt+tab\r\n                    $('alttab').addClass('extracommandshold');\r\n                }\r\n            }\r\n\r\n            function showDialog(show) {\r\n                if (show) {\r\n                    ShowMouseHelper(false);\r\n                    var dlg = $('maindialog');\r\n                    var x = Math.round((window.getCoordinates().width - dlg.getCoordinates().width) / 2) + 'px';\r\n                    var y = Math.round((window.getCoordinates().height - dlg.getCoordinates().height) / 2) + 'px';\r\n                    $('extracommands').setStyles(\r\n                    {\r\n                        'visibility':'hidden'\r\n                    });\r\n                    $('dvLoading').setStyles(\r\n                    {\r\n                        'visibility':'hidden'\r\n                    });\r\n                    DrawLogo();\r\n                    dlg.setStyles({\r\n                        'z-index': 999\r\n                     }).removeClass('invisible');\r\n                } else {\r\n                    $('maindialog').addClass('invisible');\r\n                    $('extracommands').setStyles(\r\n                    {\r\n                        'visibility':'visible'\r\n                    });\r\n                    $('ctrlaltdelete').addEvent('click', function(){ rdp.SendKey(0); });\r\n                    $('alttab').addEvent('click', altTabEvent);\r\n                    $('disconnect').addEvent('click', sendDisconnect);\r\n                }\r\n            }\r\n\r\n            var RDPCookieKey = \"RDPinfoJSON\";\r\n            //sets a cookie with the settings inserted in the form\r\n            function settingsSet(){\r\n                var infoJSON = settingsGetJSON();\r\n                //remove password\r\n                infoJSON.pass = \"\";\r\n                document.cookie = RDPCookieKey + \"=\" + JSON.stringify(infoJSON) + \"; expires=Fri, 31 Dec 2030 23:59:59 GMT;\";\r\n            }\r\n            //change the form fields with respect with the cookie\r\n            function settingsApply(){\r\n                var url = location.search; //\u83b7\u53d6url\u4e2d\"?\"\u7b26\u540e\u7684\u5b57\u4e32\r\n\t\t\t\tvar theRequest = new Object();\r\n\t\t\t\tif (url.indexOf(\"?\") != -1) {\r\n\t\t\t\t\tvar str = url.substr(1);\r\n\t\t\t\t\tstrs = str.split(\"&\");\r\n\t\t\t\t\tfor(var i = 0; i < strs.length; i ++) {\r\n\t\t\t\t\t\ttheRequest[strs[i].split(\"=\")[0]] = strs[i].split(\"=\")[1];\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tif (Object.keys(theRequest).length) {\r\n\t\t\t\t\t$('rdphost').set('value',theRequest.Hostname);\r\n\t\t\t\t\t$('rdpport').set('value',theRequest.Port);\r\n\t\t\t\t\t$('rdppcb').set('value',theRequest.vmID);\r\n\t\t\t\t\t$('rdpuser').set('value',theRequest.User);\r\n\t\t\t\t\t$('nowallp').set('checked', theRequest.nowallp != 0);\r\n\t\t\t\t\t$('nowdrag').set('checked', theRequest.nowdrag != 0);\r\n\t\t\t\t\t$('nomani').set('checked', theRequest.nomani != 0);\r\n\t\t\t\t\t$('notheme').set('checked', theRequest.notheme != 0);\r\n\t\t\t\t\t$('nonla').set('checked', theRequest.nonla != 0);\r\n\t\t\t\t\t$('notls').set('checked', theRequest.notls != 0);\r\n\t\t\t\t}\r\n\t\t\t\t\r\n\t\t\t\t/*var cookie = document.cookie;\r\n                if(cookie){\r\n                    var cookieValues = cookie.split(';');\r\n                    var i = 0;\r\n                    //get the cookie for infoJSON\r\n                    while(cookieValues[i].indexOf(RDPCookieKey) == -1){\r\n                        i++;\r\n                    }\r\n                    //get the value of the cookie then parse it to a JSON\r\n                    try{\r\n                        var infoJSON = JSON.parse(cookieValues[i].split('=')[1]);\r\n                        //if we found a JSON we apply the values t",
   "datamd5" : "1cdac3eda280f6c77b27d309dc9928ed",
   "datammh3" : -1544052364,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4835",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "xa.sn.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SN",
      "organization" : "China Telecom",
      "subnet" : "125.76.224.0/19"
   },
   "ip" : "125.76.228.100",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3310,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "125.76.224.0/19",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

101.231.56.118

Network

101.231.0.0/16

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

ASN

AS4812

Organization

China Telecom Group

Protocol

unknown

Source

datascan

Operating System

Linux Linux Kernel

Data MD5

e16db35644ba29190b8f786f602a7e10

\x00\x00\x00\x00\x00\x06\xf8\x03\x80\x00\x00\x01

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-05T00:41:31.000Z",
   "app" : {
      "length" : 12
   },
   "asn" : "AS4812",
   "country" : "CN",
   "data" : "\\x00\\x00\\x00\\x00\\x00\\x06\\xf8\\x03\\x80\\x00\\x00\\x01",
   "datamd5" : "e16db35644ba29190b8f786f602a7e10",
   "datammh3" : -1746182030,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "chinatelecom.cn",
         "online.sh.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "CHINANET-SH",
      "organization" : "CHINANET SHANGHAI PROVINCE NETWORK",
      "subnet" : "101.231.0.0/16"
   },
   "ip" : "101.231.56.118",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3310,
   "protocol" : "unknown",
   "seen_date" : "2024-11-05",
   "source" : "datascan",
   "subnet" : "101.231.0.0/16",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

103.39.221.40

Network

103.39.208.0/20

Device

<enterprise field>: device.class

Operating System

Microsoft Windows

URL

http://103.39.221.40:3310/ 200

HTTP Title

FreeRDP WebConnect: offline

HTTP Description

A HTML5 based RDP client

ASN

AS4816

Organization

China Telecom Group

Protocol

http

Source

datascan

Operating System

Microsoft Windows

Data MD5

e723786e9efbb52243aff20ea0a4dd8c

HTTP Header MD5

af4f27eeabc6ed4d095aa9f52e1ef5b8

HTTP Body MD5

64c88cdf7d9c7ef91379ef1cf30f9595

HTTP/1.1 200 OK
Cache-Control: no-cache, private
Content-Length: 31120
Content-Type: text/html
Date: Mon, 04 Nov 2024 15:31:47 GMT
Last-Modified: Tue, 28 May 2024 04:45:39 GMT

<!DOCTYPE html>
<html>
    <head>
	<link href='//fonts.googleapis.com/css?family=Quicksand' rel='stylesheet' type='text/css'>
        <meta charset="utf-8" />
        <meta http-equiv="X-UA-Compatible" content="IE=edge,chrome=1" />
        <title>FreeRDP WebConnect: offline</title>
        <meta name="robots" content="nofollow" />
        <meta name="description" content="A HTML5 based RDP client">
        <meta name="viewport" content="width=device-width height=device-height user-scalable=no">
        <meta name="cursor-event-mode" content="native">
        <meta name="touch-event-mode" content="pure-with-mouse-conversion">
        <link rel="stylesheet" href="css/style.css">
        <link rel="stylesheet" href="css/vkb.css">
		<link rel="stylesheet" href="css/reactor.css" />
        <link rel="icon" href="favicon.ico" type="image/x-icon" />
        <script src="js/modernizr.js"></script>
        <script src="js/mootools.js"></script>
        <script src="js/simpletabs.js"></script>
        <script src="js/wsgate.js"></script>
        <script src="js/vkb.js"></script>
        <!--<script language="javascript" type="text/javascript" src="js/rdpevents.js"></script>-->
        <script language="javascript" type="text/javascript">
            var wsBase = "ws://<ip>:3310/wsgate";
            var RIMtablet = navigator.appVersion && (-1 != navigator.appVersion.indexOf('RIM Tablet'));
            var mhx = 100;
            var mhy = 100;
            var dragX = 0;
            var dragY = 0;
            var inDrag = false;
            var rdp = null;
            var vkbd = null;
            var embedded = false;

            var externalConnection = false;

            function initBody(){
                //apply old settings
                settingsApply();
                initPopUpDeck();
            }


            //pop up message procedure
            var popUpDeck = null;
            var popUpElements = [];

            function initPopUpDeck(){
                popUpDeck = document.createElement('div');
                document.body.appendChild(popUpDeck);

                //popUpDeck.set('class', 'popupwrapper');
            }

            function cleanPopUpDeck(){
                for(var i=0; i<popUpElements.length; i++){
                    popUpElements[i].removeEvents();
                    popUpElements[i].destroy();
                }
            }

            function popUpMessage(type, msg, timeout, callback, center){
                var newMessage = document.createElement('div');
                popUpDeck.appendChild(newMessage);

                newMessage.set('class', 'popupmessage');
                newMessage.set('text', msg);
                newMessage.addEvent('mousedown',
                    function(){
                        if(callback)
                            callback();
                        newMessage.destroy();
                        newMessage = null;
                    });

                var color = {
                    r: 255,
                    g: 255,
                    b: 255
                };

                if(type=='error'){
                    color.r = 247;
                    color.g = 203;
                    color.b = 30;
                }else
                if(type=='message'){
                    color.r = 107;
                    color.g = 180;
                    color.b = 229;
                }else
                if(type=='critical'){
                    color.r = 255;
                    color.g = 0;
                    color.b = 0;
                }

                if(center){
                    newMessage.setStyle('position','absolute');
                    newMessage.setStyle('top', document.body.offsetHeight/2);
                    newMessage.setStyle('z-index', '1235');
                }
                newMessage.setStyle('background-color','rgba(' + color.r
                                                         + ',' + color.g
                                                         + ',' + color.b
                                                         + ', 0.8)' );

                if(timeout){
                    window.setTimeout(
                        function(){
                            if(newMessage){
                                if(callback)
                                    callback();
                                newMessage.destroy();
                            }
                        },
                        timeout*1000);
                }

                popUpElements.push(newMessage);

                return newMessage;
            }

            function noInstancePopUp(){
                popUpMessage('critical', "This instance seems to be not working. Try to enter the console again.", 0, noInstancePopUp, true);
            }

            function RDPStart(uri, title){
                if(uri === undefined){
                    uri = wsBase;
                }
                if(title === undefined){
                    title = "FreeRDP WebConnect: connected to " + $('rdphost').value.trim();
                }
                /*if(!embedded){
                    $('dvLoading').setStyles({'visibility':'visible'});
                }*/
                rdp = new wsgate.RDP(uri, $('screen'), !RIMtablet, RIMtablet, vkbd);

                rdp.addEvent('alert', function(msg) {
                    popUpMessage('error', msg, 5);
                    });
                rdp.addEvent('connected', function() {
                        cleanPopUpDeck();
                        document.title = title;
                        button = $("rdpconnect");
                        button.removeEvents();
                        window.removeEvent('resize', OnDesktopSize);
                        button.value = '断开';
                        button.addEvent('click', rdp.Disconnect.bind(rdp));
                        window.addEvent("beforeunload", rdp.Disconnect.bind(rdp));
						$("logoInfo").innerHTML = "已登录"
                        });
                rdp.addEvent('disconnected', function() {
                        showDialog(true);
                        if(embedded){
                            $('maindialog').addClass('invisible');
                            noInstancePopUp()
                        }
                        button = $("rdpconnect");
                        button.removeEvents();
                        button.value = '立即登陆';
                        button.addEvent('click', function(){RDPStart();});
                        OnDesktopSize();
						$("logoInfo").innerHTML = "请登录"
                        window.addEvent('resize', OnDesktopSize);
                        });
                rdp.addEvent('mouserelease', ResetRdpMouseFlags);
                rdp.addEvent('touch2', function() {
                    ShowMouseHelper($('mousehelper').hasClass('invisible'));
                });
                rdp.addEvent('touch3', function() {
                    vkbd.toggle();
                });
                rdp.addEvent('touch4', function() {
                    if (confirm('确定要断开吗?')) {
                        rdp.Disconnect();
                    }
                });
                showDialog(false);
                rdp.Run();
            }

            function SetRdpMouseFlags() {
                var mf = {
                    'r': $('rclick').checked,
                    'm': $('mclick').checked,
                    'a': $('aclick').checked,
                    's': $('sclick').checked,
                    'c': $('cclick').checked,
                };
                rdp.SetArtificialMouseFlags(mf);
            }
            function ResetRdpMouseFlags() {
                $('rclick').checked = false;
                $('mclick').checked = false;
                $('aclick').checked = false;
                $('sclick').checked = false;
                $('cclick').checked = false;
                rdp.SetArtificialMouseFlags(null);
            }
            function ShowMouseHelper(show) {
                var mh = $('mousehelper');
                inDrag = false;
                if (show) {
                    mh.setStyles({'position':'absolute','top':mhy,'left':mhx,'z-index':999});
                    mh.addEvent('mousedown',DragStart);
                    $('rclick').addEvent('change', SetRdpMouseFlags);
                    $('mclick').addEvent('change', SetRdpMouseFlags);
                    $('aclick').addEvent('change', SetRdpMouseFlags);
                    $('sclick').addEvent('change', SetRdpMouseFlags);
                    $('cclick').addEvent('change', SetRdpMouseFlags);
                    mh.removeClass('invisible');
                } else {
                    mh.removeEvents();
                    mh.addClass('invisible');
                    $('rclick').removeEvents();
                    $('mclick').removeEvents();
                    $('aclick').removeEvents();
                    $('sclick').removeEvents();
                    $('cclick').removeEvents();
                }
            }

            function OnDesktopSize() {
               ResizeCanvas($('dtsize').value);
               DrawLogo();
            }

            function DragStart(evt) {
                var mh = $('mousehelper');
                if (!mh.hasClass('invisible')) {
                    inDrag = true;
                    dragX = evt.page.x;
                    dragY = evt.page.y;
                    window.addEvent('mouseup',DragEnd);
                    window.addEvent('touchmove',DragMove);
                }
            }
            function DragEnd(evt) {
                inDrag = false;
                var mh = $('mousehelper');
                window.removeEvent('touchmove',DragMove);
                window.removeEvent('mouseup',DragEnd);
            }
            function DragMove(evt) {
                if (inDrag) {
                    var dx = evt.page.x - dragX;
                    var dy = evt.page.y - dragY;
                    dragX = evt.page.x;
                    dragY = evt.page.y;
                    var mh = $('mousehelper');
                    if (!mh.hasClass('invisible')) {
                        mhx += dx;
                        mhy += dy;
                        mh.setStyles({'top':mhy,'left':mhx});
                    }
                }
            }

            function DrawLogo() {
                    var logo = new Element('img', {'src': 'empty_on_purpose'});
                    logo.addEvent('load', function() {
                var scaleWCoeficient = 0.5;
                var scaleHCoeficient = 0.5;
                            var iw = this.width * scaleWCoeficient;
                            var ih = this.height * scaleHCoeficient;
                            var scale = ($('screen').height - 20) / ih;
                            $('screen').getContext('2d').drawImage(this, 10, 10, Math.round(iw * scale), Math.round(ih * scale));
                    }.bind(logo));
            }

            function ResizeCanvas(sz) {
                var w, h;
                if (sz == 'auto') {
                    w = window.getCoordinates().width;
                    h = window.getCoordinates().height;
                    if (RIMtablet) {
                        // Toplevel bar not removable
                        h -= 31;
                    }
                    if (w % 2) {
                        w -= 1;
                    }
                } else {
                    var sza = sz.split('x');
                    var w = sza[0];
                    var h = sza[1];
                }
                $('screen').width = w-50;
                $('screen').height = h-50;
				$('screen').style["margin"] = "0 auto";
            }

	    var sendDisconnect = function() {
		if (confirm('确定要断开吗?')) {
		    $('extracommands').setStyles({'visibility':'hidden'});
		    rdp.Disconnect();
			$('rdppass').set('value', '')
		}
            }

            var altTabOn = false;
            function altTabEvent(){
                if(altTabOn){
                    altTabOn = false;
                    rdp.SendKey(2);//alt+tab release
                    $('alttab').removeClass('extracommandshold');
                }
                else{
                    altTabOn = true;
                    rdp.SendKey(1);//alt+tab
                    $('alttab').addClass('extracommandshold');
                }
            }

            function showDialog(show) {
                if (show) {
                    ShowMouseHelper(false);
                    var dlg = $('maindialog');
                    var x = Math.round((window.getCoordinates().width - dlg.getCoordinates().width) / 2) + 'px';
                    var y = Math.round((window.getCoordinates().height - dlg.getCoordinates().height) / 2) + 'px';
                    $('extracommands').setStyles(
                    {
                        'visibility':'hidden'
                    });
                    $('dvLoading').setStyles(
                    {
                        'visibility':'hidden'
                    });
                    DrawLogo();
                    dlg.setStyles({
                        'z-index': 999
                     }).removeClass('invisible');
                } else {
                    $('maindialog').addClass('invisible');
                    $('extracommands').setStyles(
                    {
                        'visibility':'visible'
                    });
                    $('ctrlaltdelete').addEvent('click', function(){ rdp.SendKey(0); });
                    $('alttab').addEvent('click', altTabEvent);
                    $('disconnect').addEvent('click', sendDisconnect);
                }
            }

            var RDPCookieKey = "RDPinfoJSON";
            //sets a cookie with the settings inserted in the form
            function settingsSet(){
                var infoJSON = settingsGetJSON();
                //remove password
                infoJSON.pass = "";
                document.cookie = RDPCookieKey + "=" + JSON.stringify(infoJSON) + "; expires=Fri, 31 Dec 2030 23:59:59 GMT;";
            }
            //change the form fields with respect with the cookie
            function settingsApply(){
                var url = location.search; //获取url中"?"符后的字串
				var theRequest = new Object();
				if (url.indexOf("?") != -1) {
					var str = url.substr(1);
					strs = str.split("&");
					for(var i = 0; i < strs.length; i ++) {
						theRequest[strs[i].split("=")[0]] = strs[i].split("=")[1];
					}
				}
				if (Object.keys(theRequest).length) {
					$('rdphost').set('value',theRequest.Hostname);
					$('rdpport').set('value',theRequest.Port);
					$('rdppcb').set('value',theRequest.vmID);
					$('rdpuser').set('value',theRequest.User);
					$('nowallp').set('checked', theRequest.nowallp != 0);
					$('nowdrag').set('checked', theRequest.nowdrag != 0);
					$('nomani').set('checked', theRequest.nomani != 0);
					$('notheme').set('checked', theRequest.notheme != 0);
					$('nonla').set('checked', theRequest.nonla != 0);
					$('notls').set('checked', theRequest.notls != 0);
				}
				
				/*var cookie = document.cookie;
                if(cookie){
                    var cookieValues = cookie.split(';');
                    var i = 0;
                    //get the cookie for infoJSON
                    while(cookieValues[i].indexOf(RDPCookieKey) == -1){
                        i++;
                    }
                    //get the value of the cookie then parse it to a JSON
                    try{
                        var infoJSON = JSON.parse(cookieValues[i].split('=')[1]);
                        //if we found a JSON we apply the values to

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-04T15:31:48.000Z",
   "app" : {
      "http" : {
         "bodymd5" : "64c88cdf7d9c7ef91379ef1cf30f9595",
         "bodymmh3" : -1616431636,
         "description" : "A HTML5 based RDP client",
         "header" : [
            {
               "value" : "Tue, 28 May 2024 04:45:39 GMT",
               "name" : "Last-Modified"
            }
         ],
         "headermd5" : "af4f27eeabc6ed4d095aa9f52e1ef5b8",
         "headermmh3" : 712735747,
         "title" : "FreeRDP WebConnect: offline"
      },
      "length" : 16375
   },
   "asn" : "AS4816",
   "country" : "CN",
   "data" : "HTTP/1.1 200 OK\r\nCache-Control: no-cache, private\r\nContent-Length: 31120\r\nContent-Type: text/html\r\nDate: Mon, 04 Nov 2024 15:31:47 GMT\r\nLast-Modified: Tue, 28 May 2024 04:45:39 GMT\r\n\r\n<!DOCTYPE html>\r\n<html>\r\n    <head>\r\n\t<link href='//fonts.googleapis.com/css?family=Quicksand' rel='stylesheet' type='text/css'>\r\n        <meta charset=\"utf-8\" />\r\n        <meta http-equiv=\"X-UA-Compatible\" content=\"IE=edge,chrome=1\" />\r\n        <title>FreeRDP WebConnect: offline</title>\r\n        <meta name=\"robots\" content=\"nofollow\" />\r\n        <meta name=\"description\" content=\"A HTML5 based RDP client\">\r\n        <meta name=\"viewport\" content=\"width=device-width height=device-height user-scalable=no\">\r\n        <meta name=\"cursor-event-mode\" content=\"native\">\r\n        <meta name=\"touch-event-mode\" content=\"pure-with-mouse-conversion\">\r\n        <link rel=\"stylesheet\" href=\"css/style.css\">\r\n        <link rel=\"stylesheet\" href=\"css/vkb.css\">\r\n\t\t<link rel=\"stylesheet\" href=\"css/reactor.css\" />\r\n        <link rel=\"icon\" href=\"favicon.ico\" type=\"image/x-icon\" />\r\n        <script src=\"js/modernizr.js\"></script>\r\n        <script src=\"js/mootools.js\"></script>\r\n        <script src=\"js/simpletabs.js\"></script>\r\n        <script src=\"js/wsgate.js\"></script>\r\n        <script src=\"js/vkb.js\"></script>\r\n        <!--<script language=\"javascript\" type=\"text/javascript\" src=\"js/rdpevents.js\"></script>-->\r\n        <script language=\"javascript\" type=\"text/javascript\">\r\n            var wsBase = \"ws://<ip>:3310/wsgate\";\r\n            var RIMtablet = navigator.appVersion && (-1 != navigator.appVersion.indexOf('RIM Tablet'));\r\n            var mhx = 100;\r\n            var mhy = 100;\r\n            var dragX = 0;\r\n            var dragY = 0;\r\n            var inDrag = false;\r\n            var rdp = null;\r\n            var vkbd = null;\r\n            var embedded = false;\r\n\r\n            var externalConnection = false;\r\n\r\n            function initBody(){\r\n                //apply old settings\r\n                settingsApply();\r\n                initPopUpDeck();\r\n            }\r\n\r\n\r\n            //pop up message procedure\r\n            var popUpDeck = null;\r\n            var popUpElements = [];\r\n\r\n            function initPopUpDeck(){\r\n                popUpDeck = document.createElement('div');\r\n                document.body.appendChild(popUpDeck);\r\n\r\n                //popUpDeck.set('class', 'popupwrapper');\r\n            }\r\n\r\n            function cleanPopUpDeck(){\r\n                for(var i=0; i<popUpElements.length; i++){\r\n                    popUpElements[i].removeEvents();\r\n                    popUpElements[i].destroy();\r\n                }\r\n            }\r\n\r\n            function popUpMessage(type, msg, timeout, callback, center){\r\n                var newMessage = document.createElement('div');\r\n                popUpDeck.appendChild(newMessage);\r\n\r\n                newMessage.set('class', 'popupmessage');\r\n                newMessage.set('text', msg);\r\n                newMessage.addEvent('mousedown',\r\n                    function(){\r\n                        if(callback)\r\n                            callback();\r\n                        newMessage.destroy();\r\n                        newMessage = null;\r\n                    });\r\n\r\n                var color = {\r\n                    r: 255,\r\n                    g: 255,\r\n                    b: 255\r\n                };\r\n\r\n                if(type=='error'){\r\n                    color.r = 247;\r\n                    color.g = 203;\r\n                    color.b = 30;\r\n                }else\r\n                if(type=='message'){\r\n                    color.r = 107;\r\n                    color.g = 180;\r\n                    color.b = 229;\r\n                }else\r\n                if(type=='critical'){\r\n                    color.r = 255;\r\n                    color.g = 0;\r\n                    color.b = 0;\r\n                }\r\n\r\n                if(center){\r\n                    newMessage.setStyle('position','absolute');\r\n                    newMessage.setStyle('top', document.body.offsetHeight/2);\r\n                    newMessage.setStyle('z-index', '1235');\r\n                }\r\n                newMessage.setStyle('background-color','rgba(' + color.r\r\n                                                         + ',' + color.g\r\n                                                         + ',' + color.b\r\n                                                         + ', 0.8)' );\r\n\r\n                if(timeout){\r\n                    window.setTimeout(\r\n                        function(){\r\n                            if(newMessage){\r\n                                if(callback)\r\n                                    callback();\r\n                                newMessage.destroy();\r\n                            }\r\n                        },\r\n                        timeout*1000);\r\n                }\r\n\r\n                popUpElements.push(newMessage);\r\n\r\n                return newMessage;\r\n            }\r\n\r\n            function noInstancePopUp(){\r\n                popUpMessage('critical', \"This instance seems to be not working. Try to enter the console again.\", 0, noInstancePopUp, true);\r\n            }\r\n\r\n            function RDPStart(uri, title){\r\n                if(uri === undefined){\r\n                    uri = wsBase;\r\n                }\r\n                if(title === undefined){\r\n                    title = \"FreeRDP WebConnect: connected to \" + $('rdphost').value.trim();\r\n                }\r\n                /*if(!embedded){\r\n                    $('dvLoading').setStyles({'visibility':'visible'});\r\n                }*/\r\n                rdp = new wsgate.RDP(uri, $('screen'), !RIMtablet, RIMtablet, vkbd);\r\n\r\n                rdp.addEvent('alert', function(msg) {\r\n                    popUpMessage('error', msg, 5);\r\n                    });\r\n                rdp.addEvent('connected', function() {\r\n                        cleanPopUpDeck();\r\n                        document.title = title;\r\n                        button = $(\"rdpconnect\");\r\n                        button.removeEvents();\r\n                        window.removeEvent('resize', OnDesktopSize);\r\n                        button.value = '\u65ad\u5f00';\r\n                        button.addEvent('click', rdp.Disconnect.bind(rdp));\r\n                        window.addEvent(\"beforeunload\", rdp.Disconnect.bind(rdp));\r\n\t\t\t\t\t\t$(\"logoInfo\").innerHTML = \"\u5df2\u767b\u5f55\"\r\n                        });\r\n                rdp.addEvent('disconnected', function() {\r\n                        showDialog(true);\r\n                        if(embedded){\r\n                            $('maindialog').addClass('invisible');\r\n                            noInstancePopUp()\r\n                        }\r\n                        button = $(\"rdpconnect\");\r\n                        button.removeEvents();\r\n                        button.value = '\u7acb\u5373\u767b\u9646';\r\n                        button.addEvent('click', function(){RDPStart();});\r\n                        OnDesktopSize();\r\n\t\t\t\t\t\t$(\"logoInfo\").innerHTML = \"\u8bf7\u767b\u5f55\"\r\n                        window.addEvent('resize', OnDesktopSize);\r\n                        });\r\n                rdp.addEvent('mouserelease', ResetRdpMouseFlags);\r\n                rdp.addEvent('touch2', function() {\r\n                    ShowMouseHelper($('mousehelper').hasClass('invisible'));\r\n                });\r\n                rdp.addEvent('touch3', function() {\r\n                    vkbd.toggle();\r\n                });\r\n                rdp.addEvent('touch4', function() {\r\n                    if (confirm('\u786e\u5b9a\u8981\u65ad\u5f00\u5417?')) {\r\n                        rdp.Disconnect();\r\n                    }\r\n                });\r\n                showDialog(false);\r\n                rdp.Run();\r\n            }\r\n\r\n            function SetRdpMouseFlags() {\r\n                var mf = {\r\n                    'r': $('rclick').checked,\r\n                    'm': $('mclick').checked,\r\n                    'a': $('aclick').checked,\r\n                    's': $('sclick').checked,\r\n                    'c': $('cclick').checked,\r\n                };\r\n                rdp.SetArtificialMouseFlags(mf);\r\n            }\r\n            function ResetRdpMouseFlags() {\r\n                $('rclick').checked = false;\r\n                $('mclick').checked = false;\r\n                $('aclick').checked = false;\r\n                $('sclick').checked = false;\r\n                $('cclick').checked = false;\r\n                rdp.SetArtificialMouseFlags(null);\r\n            }\r\n            function ShowMouseHelper(show) {\r\n                var mh = $('mousehelper');\r\n                inDrag = false;\r\n                if (show) {\r\n                    mh.setStyles({'position':'absolute','top':mhy,'left':mhx,'z-index':999});\r\n                    mh.addEvent('mousedown',DragStart);\r\n                    $('rclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('mclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('aclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('sclick').addEvent('change', SetRdpMouseFlags);\r\n                    $('cclick').addEvent('change', SetRdpMouseFlags);\r\n                    mh.removeClass('invisible');\r\n                } else {\r\n                    mh.removeEvents();\r\n                    mh.addClass('invisible');\r\n                    $('rclick').removeEvents();\r\n                    $('mclick').removeEvents();\r\n                    $('aclick').removeEvents();\r\n                    $('sclick').removeEvents();\r\n                    $('cclick').removeEvents();\r\n                }\r\n            }\r\n\r\n            function OnDesktopSize() {\r\n               ResizeCanvas($('dtsize').value);\r\n               DrawLogo();\r\n            }\r\n\r\n            function DragStart(evt) {\r\n                var mh = $('mousehelper');\r\n                if (!mh.hasClass('invisible')) {\r\n                    inDrag = true;\r\n                    dragX = evt.page.x;\r\n                    dragY = evt.page.y;\r\n                    window.addEvent('mouseup',DragEnd);\r\n                    window.addEvent('touchmove',DragMove);\r\n                }\r\n            }\r\n            function DragEnd(evt) {\r\n                inDrag = false;\r\n                var mh = $('mousehelper');\r\n                window.removeEvent('touchmove',DragMove);\r\n                window.removeEvent('mouseup',DragEnd);\r\n            }\r\n            function DragMove(evt) {\r\n                if (inDrag) {\r\n                    var dx = evt.page.x - dragX;\r\n                    var dy = evt.page.y - dragY;\r\n                    dragX = evt.page.x;\r\n                    dragY = evt.page.y;\r\n                    var mh = $('mousehelper');\r\n                    if (!mh.hasClass('invisible')) {\r\n                        mhx += dx;\r\n                        mhy += dy;\r\n                        mh.setStyles({'top':mhy,'left':mhx});\r\n                    }\r\n                }\r\n            }\r\n\r\n            function DrawLogo() {\r\n                    var logo = new Element('img', {'src': 'empty_on_purpose'});\r\n                    logo.addEvent('load', function() {\r\n                var scaleWCoeficient = 0.5;\r\n                var scaleHCoeficient = 0.5;\r\n                            var iw = this.width * scaleWCoeficient;\r\n                            var ih = this.height * scaleHCoeficient;\r\n                            var scale = ($('screen').height - 20) / ih;\r\n                            $('screen').getContext('2d').drawImage(this, 10, 10, Math.round(iw * scale), Math.round(ih * scale));\r\n                    }.bind(logo));\r\n            }\r\n\r\n            function ResizeCanvas(sz) {\r\n                var w, h;\r\n                if (sz == 'auto') {\r\n                    w = window.getCoordinates().width;\r\n                    h = window.getCoordinates().height;\r\n                    if (RIMtablet) {\r\n                        // Toplevel bar not removable\r\n                        h -= 31;\r\n                    }\r\n                    if (w % 2) {\r\n                        w -= 1;\r\n                    }\r\n                } else {\r\n                    var sza = sz.split('x');\r\n                    var w = sza[0];\r\n                    var h = sza[1];\r\n                }\r\n                $('screen').width = w-50;\r\n                $('screen').height = h-50;\r\n\t\t\t\t$('screen').style[\"margin\"] = \"0 auto\";\r\n            }\r\n\r\n\t    var sendDisconnect = function() {\r\n\t\tif (confirm('\u786e\u5b9a\u8981\u65ad\u5f00\u5417?')) {\r\n\t\t    $('extracommands').setStyles({'visibility':'hidden'});\r\n\t\t    rdp.Disconnect();\r\n\t\t\t$('rdppass').set('value', '')\r\n\t\t}\r\n            }\r\n\r\n            var altTabOn = false;\r\n            function altTabEvent(){\r\n                if(altTabOn){\r\n                    altTabOn = false;\r\n                    rdp.SendKey(2);//alt+tab release\r\n                    $('alttab').removeClass('extracommandshold');\r\n                }\r\n                else{\r\n                    altTabOn = true;\r\n                    rdp.SendKey(1);//alt+tab\r\n                    $('alttab').addClass('extracommandshold');\r\n                }\r\n            }\r\n\r\n            function showDialog(show) {\r\n                if (show) {\r\n                    ShowMouseHelper(false);\r\n                    var dlg = $('maindialog');\r\n                    var x = Math.round((window.getCoordinates().width - dlg.getCoordinates().width) / 2) + 'px';\r\n                    var y = Math.round((window.getCoordinates().height - dlg.getCoordinates().height) / 2) + 'px';\r\n                    $('extracommands').setStyles(\r\n                    {\r\n                        'visibility':'hidden'\r\n                    });\r\n                    $('dvLoading').setStyles(\r\n                    {\r\n                        'visibility':'hidden'\r\n                    });\r\n                    DrawLogo();\r\n                    dlg.setStyles({\r\n                        'z-index': 999\r\n                     }).removeClass('invisible');\r\n                } else {\r\n                    $('maindialog').addClass('invisible');\r\n                    $('extracommands').setStyles(\r\n                    {\r\n                        'visibility':'visible'\r\n                    });\r\n                    $('ctrlaltdelete').addEvent('click', function(){ rdp.SendKey(0); });\r\n                    $('alttab').addEvent('click', altTabEvent);\r\n                    $('disconnect').addEvent('click', sendDisconnect);\r\n                }\r\n            }\r\n\r\n            var RDPCookieKey = \"RDPinfoJSON\";\r\n            //sets a cookie with the settings inserted in the form\r\n            function settingsSet(){\r\n                var infoJSON = settingsGetJSON();\r\n                //remove password\r\n                infoJSON.pass = \"\";\r\n                document.cookie = RDPCookieKey + \"=\" + JSON.stringify(infoJSON) + \"; expires=Fri, 31 Dec 2030 23:59:59 GMT;\";\r\n            }\r\n            //change the form fields with respect with the cookie\r\n            function settingsApply(){\r\n                var url = location.search; //\u83b7\u53d6url\u4e2d\"?\"\u7b26\u540e\u7684\u5b57\u4e32\r\n\t\t\t\tvar theRequest = new Object();\r\n\t\t\t\tif (url.indexOf(\"?\") != -1) {\r\n\t\t\t\t\tvar str = url.substr(1);\r\n\t\t\t\t\tstrs = str.split(\"&\");\r\n\t\t\t\t\tfor(var i = 0; i < strs.length; i ++) {\r\n\t\t\t\t\t\ttheRequest[strs[i].split(\"=\")[0]] = strs[i].split(\"=\")[1];\r\n\t\t\t\t\t}\r\n\t\t\t\t}\r\n\t\t\t\tif (Object.keys(theRequest).length) {\r\n\t\t\t\t\t$('rdphost').set('value',theRequest.Hostname);\r\n\t\t\t\t\t$('rdpport').set('value',theRequest.Port);\r\n\t\t\t\t\t$('rdppcb').set('value',theRequest.vmID);\r\n\t\t\t\t\t$('rdpuser').set('value',theRequest.User);\r\n\t\t\t\t\t$('nowallp').set('checked', theRequest.nowallp != 0);\r\n\t\t\t\t\t$('nowdrag').set('checked', theRequest.nowdrag != 0);\r\n\t\t\t\t\t$('nomani').set('checked', theRequest.nomani != 0);\r\n\t\t\t\t\t$('notheme').set('checked', theRequest.notheme != 0);\r\n\t\t\t\t\t$('nonla').set('checked', theRequest.nonla != 0);\r\n\t\t\t\t\t$('notls').set('checked', theRequest.notls != 0);\r\n\t\t\t\t}\r\n\t\t\t\t\r\n\t\t\t\t/*var cookie = document.cookie;\r\n                if(cookie){\r\n                    var cookieValues = cookie.split(';');\r\n                    var i = 0;\r\n                    //get the cookie for infoJSON\r\n                    while(cookieValues[i].indexOf(RDPCookieKey) == -1){\r\n                        i++;\r\n                    }\r\n                    //get the value of the cookie then parse it to a JSON\r\n                    try{\r\n                        var infoJSON = JSON.parse(cookieValues[i].split('=')[1]);\r\n                        //if we found a JSON we apply the values to",
   "datamd5" : "e723786e9efbb52243aff20ea0a4dd8c",
   "datammh3" : -184275052,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4816",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "qq.com"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "Xiaoniaoyun",
      "organization" : "Shenzhen Qianhai bird cloud computing Co. Ltd.",
      "subnet" : "103.39.208.0/20"
   },
   "ip" : "103.39.221.40",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Windows",
   "osvendor" : "Microsoft",
   "port" : 3310,
   "protocol" : "http",
   "protocolversion" : "1.1",
   "reason" : "OK",
   "seen_date" : "2024-11-04",
   "source" : "datascan",
   "status" : 200,
   "subnet" : "103.39.208.0/20",
   "tls" : "false",
   "transport" : "tcp",
   "url" : "/"
}

IP

106.75.252.97

Network

106.75.224.0/19

Device

<enterprise field>: device.class

Operating System

Linux Linux Kernel

ASN

AS4812

Organization

China Telecom Group

Protocol

mysql

Source

datascan

Operating System

Linux Linux Kernel

Product

Oracle MySQL 5.7.37

CPE(s)

<enterprise field>: cpe

Data MD5

982b10809014150f75420a693e6320b4

J\x00\x00\x00
5.7.37\x00\x12\x18\x08\x00O~I-JK8T\x00\xff\xff\x08\x02\x00\xff\xc1\x15\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00WH6\x08K\x1bP\x0e(M\ \x00mysql_native_password\x00!\x00\x00\x01\xff\x84\x04#08S01Got packets out of order

{
   "@category" : "datascan",
   "@timestamp" : "2024-11-04T13:56:31.000Z",
   "app" : {
      "length" : 115
   },
   "asn" : "AS4812",
   "country" : "CN",
   "cpe" : "<enterprise field>: cpe",
   "cpecount" : "<enterprise field>: cpecount",
   "data" : "J\\x00\\x00\\x00\n5.7.37\\x00\\x12\\x18\\x08\\x00O~I-JK8T\\x00\\xff\\xff\\x08\\x02\\x00\\xff\\xc1\\x15\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00\\x00WH6\\x08K\\x1bP\\x0e(M\\ \\x00mysql_native_password\\x00!\\x00\\x00\\x01\\xff\\x84\\x04#08S01Got packets out of order",
   "datamd5" : "982b10809014150f75420a693e6320b4",
   "datammh3" : 1119357559,
   "device" : {
      "class" : "<enterprise field>: device.class"
   },
   "geolocus" : {
      "asn" : "AS4812",
      "continent" : "AS",
      "continentname" : "Asia",
      "country" : "CN",
      "countryname" : "China",
      "domain" : [
         "cnnic.cn",
         "ucloud.cn"
      ],
      "isineu" : "false",
      "latitude" : "35.86166",
      "location" : "35.86166,104.195397",
      "longitude" : "104.195397",
      "netname" : "UCLOUD-NET",
      "organization" : "Shanghai UCloud Information Technology Company Limited",
      "subnet" : "106.75.224.0/19"
   },
   "ip" : "106.75.252.97",
   "ipv6" : "false",
   "latitude" : "34.7732",
   "location" : "34.7732,113.7220",
   "longitude" : "113.7220",
   "node" : {
      "country" : "<enterprise field>: node.country",
      "groupid" : "<enterprise field>: node.groupid",
      "id" : "<enterprise field>: node.id",
      "physicalcountry" : "<enterprise field>: node.physicalcountry"
   },
   "organization" : "China Telecom Group",
   "os" : "Linux Kernel",
   "osvendor" : "Linux",
   "port" : 3310,
   "product" : "MySQL",
   "productvendor" : "Oracle",
   "productversion" : "5.7.37",
   "protocol" : "mysql",
   "seen_date" : "2024-11-04",
   "source" : "datascan",
   "subnet" : "106.75.224.0/19",
   "tls" : "false",
   "transport" : "tcp"
}