Report - wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-

Report Overview

Submitted URL
wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
IP
182.23.24.50
ASN
#4800 PT Aplikanusa Lintasarta
Submitted
2023-05-20 19:16:26
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
6

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
wifi.retinad.com	unknown	unknown	2020-12-14	2023-03-08	5.7 kB	616 kB	182.23.24.50
ocsp.pki.goog	175	2016-06-13	2018-07-01	2023-05-20	666 B	1.4 kB	142.250.74.131
fonts.googleapis.com	8877	2005-01-25	2013-06-10	2023-05-20	893 B	15 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator
2023-05-20	medium	wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
2023-05-20	medium	wifi.retinad.com/js/manifest.js?id=38e0e2ec1e1f8e83111c4a41e9e1a926
2023-05-20	medium	wifi.retinad.com/js/wifi.js?id=65ed6d2b5e15565e9853d4473514b2e0

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (5)

	URL	Size	First Seen	Last Seen
	unknown	131 B	2023-05-20	2023-05-20
Pretty Introduced by Function Embedded in HTML false Observations First Seen2023-05-20 21:16:29 Last Seen2023-05-20 21:16:33 Times Seen2 Hash 5fe53287b36147ca67c808c614a1d97f 18707af26fd17ccc2b0236235f258feba6ac98f4 9ee832d88290c7e50e2783e6cfe62eb7b4323a87155c7676f1be4afa5353ccff Loading...

	unknown	38 B	2023-04-10	2024-04-27
Pretty Introduced by eventHandler Embedded in HTML false Observations First Seen2023-04-10 16:02:06 Last Seen2024-04-27 01:24:39 Times Seen13987 Hash 43e28c5553d54ed2964bd5147521769b 0a2b8c3db330a47aa7b9195e6dfdf944adb9240d d63026c985dc46aeb316574b7bf1828080c906238e35d5e34cb80414c0e70d23 Loading...

	wifi.retinad.com/js/manifest.js?id=38e0e2ec1e1f8e83111c4a41e9e1a926	4.4 kB	2023-05-20	2023-05-20
Pretty URL wifi.retinad.com/js/manifest.js?id=38e0e2ec1e1f8e83111c4a41e9e1a926 IP 182.23.24.50 ASN #4800 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 21:16:29 Last Seen2023-05-20 21:16:33 Times Seen4 Hash 38e0e2ec1e1f8e83111c4a41e9e1a926 edba83252d18ba3c1814e2f63d70525709e5ae92 56820ebb5b7d14311b48a9ab8e8a98aa4f928cdfe9a62883a0fa3543d042d69d Loading...

	wifi.retinad.com/js/vendor.js?id=fd1fa6b0f9c518638832b360cca84886	2.5 MB	2023-05-20	2023-05-20
Pretty URL wifi.retinad.com/js/vendor.js?id=fd1fa6b0f9c518638832b360cca84886 IP 182.23.24.50 ASN #4800 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 21:16:29 Last Seen2023-05-20 21:16:33 Times Seen4 Hash fd1fa6b0f9c518638832b360cca84886 fbafe47f0c46ee6ad827ce301b58dd70549aa328 b15eb8e478f0c138b34ca82063ce01cc608db98af9463adca9b119dc0e871dcf Loading...

	wifi.retinad.com/js/wifi.js?id=65ed6d2b5e15565e9853d4473514b2e0	196 kB	2023-05-20	2023-05-20
Pretty URL wifi.retinad.com/js/wifi.js?id=65ed6d2b5e15565e9853d4473514b2e0 IP 182.23.24.50 ASN #4800 PT Aplikanusa Lintasarta Introduced by scriptElement Embedded in HTML false Observations First Seen2023-05-20 21:16:29 Last Seen2023-05-20 21:16:33 Times Seen4 Hash 65ed6d2b5e15565e9853d4473514b2e0 096062ab7eae5a819ce078049f62c34b659688dd eb8a649da3e858e19b66cf3678a14eeb500686f3ac24887f61c905b9554e9ea0 Loading...

HTTP Transactions (9)

URL IP Response Size

wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-

182.23.24.50

200 OK

1.0 kB

URL User Request GET HTTP/1.1
wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
IP
182.23.24.50:443
ASN
#4800 PT Aplikanusa Lintasarta

Certificate
IssuerSectigo Limited
Subjectwifi.retinad.com
FingerprintCC:69:69:B1:D6:80:BB:21:E0:11:54:E9:F8:2F:4A:86:92:A2:CE:36
ValidityFri, 13 Jan 2023 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
1.0 kB (1036 bytes)
Hash
68290d395e7e6f487f880da8bd9dc37c
1a06819870f2ffcc88ee748d1f17a072c0d8091f
1f799711ad776b855ee98f1c135160a6f836c29061c7c4315ed4f9837a42c19d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk- HTTP/1.1
Host: wifi.retinad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 19:16:09 GMT
Server: Apache
X-Powered-By: PHP/8.1.19
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjkxVXpGYXhEZXprVHRDY3BBSitKbGc9PSIsInZhbHVlIjoiMmI5TTRnanlBMTczYjByYkVxYm02UTFpZ3I3anFKaUZncnp2djNTMFdUWFVnWGNUcnRReFc2OHhndE5OVnpTTjBjdGlkdWRSb0tsQStBMURMUDYyaTRLcVRGKzIzdGg5S013RGFSNnNsUmI1THA5bFRQenRHZkRzYmxFRkY3eG4iLCJtYWMiOiI2MGRkYzg3NWFjZjU4YWJlZDNmM2Y1ZGUzOWM1Mjc1MWM0MjhiYzhhOGMxNDYxNDM0OTk3ZTJkYzAxZjNhMTBlIiwidGFnIjoiIn0%3D; expires=Sat, 20 May 2023 21:16:09 GMT; Max-Age=7200; path=/; samesite=lax
retinad_session=eyJpdiI6InZHd2o0dFluZmptVUZaNVV1WHJIR0E9PSIsInZhbHVlIjoiRjlwYThUeEdveVhxdFRCemIxTy9ndkV6alVpU2lZSUlYZGFyeWVUV1VTTHhCcmIzQmhMcndBWG9ZaU9Pcmk0M21QaVgzUzBSQ2c3T2tsTDE1Y1REYlMzNUhCYi9LSkJpOTVESy9CY3BuaFd4dG1jeFJ6dExGREt3KzlOSTEycnciLCJtYWMiOiJhMjA0YzBkYjY1MTY0YzliY2U3OTE2ZWE3ODlmZjE3ZjhiM2JhMTQ2MDc4MzJkYjk2ZTMzMWRmM2E3NTE5MDFiIiwidGFnIjoiIn0%3D; expires=Sat, 20 May 2023 21:16:09 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e230bd19edbe270b64c2712bb2f9dbb5
d932899fff8b45dfec130d2732208a2d6a4e4a34
8ef123771795f843f243914eea0869a2c08fa20e20032644597b637fae48a08f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 19:16:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

472 B

URL
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e230bd19edbe270b64c2712bb2f9dbb5
d932899fff8b45dfec130d2732208a2d6a4e4a34
8ef123771795f843f243914eea0869a2c08fa20e20032644597b637fae48a08f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 20 May 2023 19:16:10 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/icon?family=Material+Icons

142.250.74.106

200 OK

812 B

URL GET HTTP/2
fonts.googleapis.com/icon?family=Material+Icons
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
gzip compressed data, max compression\012- data
Size
812 B (812 bytes)
Hash
d839fa7a3eaf87dfb3c65cca8693a297
a445120e30ae3856def501090337e4984abad244
1bf072304908bcda433ab0d812854aa3c5383165dca2d1d2cbb524540b930858

HTTP Headers

GET /icon?family=Material+Icons HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wifi.retinad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 May 2023 19:16:10 GMT
date: Sat, 20 May 2023 19:16:10 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

wifi.retinad.com/js/manifest.js?id=38e0e2ec1e1f8e83111c4a41e9e1a926

182.23.24.50

200 OK

2.5 kB

URL GET HTTP/1.1
wifi.retinad.com/js/manifest.js?id=38e0e2ec1e1f8e83111c4a41e9e1a926
IP
182.23.24.50:443
ASN
#4800 PT Aplikanusa Lintasarta

Requested by
https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Certificate
IssuerSectigo Limited
Subjectwifi.retinad.com
FingerprintCC:69:69:B1:D6:80:BB:21:E0:11:54:E9:F8:2F:4A:86:92:A2:CE:36
ValidityFri, 13 Jan 2023 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (4352), with no line terminators
Size
2.5 kB (2493 bytes)
Hash
38e0e2ec1e1f8e83111c4a41e9e1a926
edba83252d18ba3c1814e2f63d70525709e5ae92
56820ebb5b7d14311b48a9ab8e8a98aa4f928cdfe9a62883a0fa3543d042d69d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/manifest.js?id=38e0e2ec1e1f8e83111c4a41e9e1a926 HTTP/1.1
Host: wifi.retinad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Cookie: XSRF-TOKEN=eyJpdiI6IjkxVXpGYXhEZXprVHRDY3BBSitKbGc9PSIsInZhbHVlIjoiMmI5TTRnanlBMTczYjByYkVxYm02UTFpZ3I3anFKaUZncnp2djNTMFdUWFVnWGNUcnRReFc2OHhndE5OVnpTTjBjdGlkdWRSb0tsQStBMURMUDYyaTRLcVRGKzIzdGg5S013RGFSNnNsUmI1THA5bFRQenRHZkRzYmxFRkY3eG4iLCJtYWMiOiI2MGRkYzg3NWFjZjU4YWJlZDNmM2Y1ZGUzOWM1Mjc1MWM0MjhiYzhhOGMxNDYxNDM0OTk3ZTJkYzAxZjNhMTBlIiwidGFnIjoiIn0%3D; retinad_session=eyJpdiI6InZHd2o0dFluZmptVUZaNVV1WHJIR0E9PSIsInZhbHVlIjoiRjlwYThUeEdveVhxdFRCemIxTy9ndkV6alVpU2lZSUlYZGFyeWVUV1VTTHhCcmIzQmhMcndBWG9ZaU9Pcmk0M21QaVgzUzBSQ2c3T2tsTDE1Y1REYlMzNUhCYi9LSkJpOTVESy9CY3BuaFd4dG1jeFJ6dExGREt3KzlOSTEycnciLCJtYWMiOiJhMjA0YzBkYjY1MTY0YzliY2U3OTE2ZWE3ODlmZjE3ZjhiM2JhMTQ2MDc4MzJkYjk2ZTMzMWRmM2E3NTE5MDFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 19:16:09 GMT
Server: Apache
Last-Modified: Sat, 20 May 2023 14:58:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2493
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

wifi.retinad.com/js/wifi.js?id=65ed6d2b5e15565e9853d4473514b2e0

182.23.24.50

200 OK

58 kB

URL GET HTTP/1.1
wifi.retinad.com/js/wifi.js?id=65ed6d2b5e15565e9853d4473514b2e0
IP
182.23.24.50:443
ASN
#4800 PT Aplikanusa Lintasarta

Requested by
https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Certificate
IssuerSectigo Limited
Subjectwifi.retinad.com
FingerprintCC:69:69:B1:D6:80:BB:21:E0:11:54:E9:F8:2F:4A:86:92:A2:CE:36
ValidityFri, 13 Jan 2023 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65466)
Size
58 kB (58199 bytes)
Hash
65ed6d2b5e15565e9853d4473514b2e0
096062ab7eae5a819ce078049f62c34b659688dd
eb8a649da3e858e19b66cf3678a14eeb500686f3ac24887f61c905b9554e9ea0

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /js/wifi.js?id=65ed6d2b5e15565e9853d4473514b2e0 HTTP/1.1
Host: wifi.retinad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Cookie: XSRF-TOKEN=eyJpdiI6IjkxVXpGYXhEZXprVHRDY3BBSitKbGc9PSIsInZhbHVlIjoiMmI5TTRnanlBMTczYjByYkVxYm02UTFpZ3I3anFKaUZncnp2djNTMFdUWFVnWGNUcnRReFc2OHhndE5OVnpTTjBjdGlkdWRSb0tsQStBMURMUDYyaTRLcVRGKzIzdGg5S013RGFSNnNsUmI1THA5bFRQenRHZkRzYmxFRkY3eG4iLCJtYWMiOiI2MGRkYzg3NWFjZjU4YWJlZDNmM2Y1ZGUzOWM1Mjc1MWM0MjhiYzhhOGMxNDYxNDM0OTk3ZTJkYzAxZjNhMTBlIiwidGFnIjoiIn0%3D; retinad_session=eyJpdiI6InZHd2o0dFluZmptVUZaNVV1WHJIR0E9PSIsInZhbHVlIjoiRjlwYThUeEdveVhxdFRCemIxTy9ndkV6alVpU2lZSUlYZGFyeWVUV1VTTHhCcmIzQmhMcndBWG9ZaU9Pcmk0M21QaVgzUzBSQ2c3T2tsTDE1Y1REYlMzNUhCYi9LSkJpOTVESy9CY3BuaFd4dG1jeFJ6dExGREt3KzlOSTEycnciLCJtYWMiOiJhMjA0YzBkYjY1MTY0YzliY2U3OTE2ZWE3ODlmZjE3ZjhiM2JhMTQ2MDc4MzJkYjk2ZTMzMWRmM2E3NTE5MDFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 19:16:09 GMT
Server: Apache
Last-Modified: Fri, 19 May 2023 22:21:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 58199
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

wifi.retinad.com/js/vendor.js?id=fd1fa6b0f9c518638832b360cca84886

182.23.24.50

200 OK

552 kB

URL GET HTTP/1.1
wifi.retinad.com/js/vendor.js?id=fd1fa6b0f9c518638832b360cca84886
IP
182.23.24.50:443
ASN
#4800 PT Aplikanusa Lintasarta

Requested by
https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Certificate
IssuerSectigo Limited
Subjectwifi.retinad.com
FingerprintCC:69:69:B1:D6:80:BB:21:E0:11:54:E9:F8:2F:4A:86:92:A2:CE:36
ValidityFri, 13 Jan 2023 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65472)
Size
552 kB (552254 bytes)
Hash
fd1fa6b0f9c518638832b360cca84886
fbafe47f0c46ee6ad827ce301b58dd70549aa328
b15eb8e478f0c138b34ca82063ce01cc608db98af9463adca9b119dc0e871dcf

HTTP Headers

GET /js/vendor.js?id=fd1fa6b0f9c518638832b360cca84886 HTTP/1.1
Host: wifi.retinad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Cookie: XSRF-TOKEN=eyJpdiI6IjkxVXpGYXhEZXprVHRDY3BBSitKbGc9PSIsInZhbHVlIjoiMmI5TTRnanlBMTczYjByYkVxYm02UTFpZ3I3anFKaUZncnp2djNTMFdUWFVnWGNUcnRReFc2OHhndE5OVnpTTjBjdGlkdWRSb0tsQStBMURMUDYyaTRLcVRGKzIzdGg5S013RGFSNnNsUmI1THA5bFRQenRHZkRzYmxFRkY3eG4iLCJtYWMiOiI2MGRkYzg3NWFjZjU4YWJlZDNmM2Y1ZGUzOWM1Mjc1MWM0MjhiYzhhOGMxNDYxNDM0OTk3ZTJkYzAxZjNhMTBlIiwidGFnIjoiIn0%3D; retinad_session=eyJpdiI6InZHd2o0dFluZmptVUZaNVV1WHJIR0E9PSIsInZhbHVlIjoiRjlwYThUeEdveVhxdFRCemIxTy9ndkV6alVpU2lZSUlYZGFyeWVUV1VTTHhCcmIzQmhMcndBWG9ZaU9Pcmk0M21QaVgzUzBSQ2c3T2tsTDE1Y1REYlMzNUhCYi9LSkJpOTVESy9CY3BuaFd4dG1jeFJ6dExGREt3KzlOSTEycnciLCJtYWMiOiJhMjA0YzBkYjY1MTY0YzliY2U3OTE2ZWE3ODlmZjE3ZjhiM2JhMTQ2MDc4MzJkYjk2ZTMzMWRmM2E3NTE5MDFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 19:16:09 GMT
Server: Apache
Last-Modified: Thu, 18 May 2023 06:42:23 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

wifi.retinad.com/favicon.ico

182.23.24.50

200 OK

0 B

URL GET HTTP/1.1
wifi.retinad.com/favicon.ico
IP
182.23.24.50:443
ASN
#4800 PT Aplikanusa Lintasarta

Requested by
https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Certificate
IssuerSectigo Limited
Subjectwifi.retinad.com
FingerprintCC:69:69:B1:D6:80:BB:21:E0:11:54:E9:F8:2F:4A:86:92:A2:CE:36
ValidityFri, 13 Jan 2023 00:00:00 GMT - Thu, 18 Jan 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: wifi.retinad.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Cookie: XSRF-TOKEN=eyJpdiI6IjkxVXpGYXhEZXprVHRDY3BBSitKbGc9PSIsInZhbHVlIjoiMmI5TTRnanlBMTczYjByYkVxYm02UTFpZ3I3anFKaUZncnp2djNTMFdUWFVnWGNUcnRReFc2OHhndE5OVnpTTjBjdGlkdWRSb0tsQStBMURMUDYyaTRLcVRGKzIzdGg5S013RGFSNnNsUmI1THA5bFRQenRHZkRzYmxFRkY3eG4iLCJtYWMiOiI2MGRkYzg3NWFjZjU4YWJlZDNmM2Y1ZGUzOWM1Mjc1MWM0MjhiYzhhOGMxNDYxNDM0OTk3ZTJkYzAxZjNhMTBlIiwidGFnIjoiIn0%3D; retinad_session=eyJpdiI6InZHd2o0dFluZmptVUZaNVV1WHJIR0E9PSIsInZhbHVlIjoiRjlwYThUeEdveVhxdFRCemIxTy9ndkV6alVpU2lZSUlYZGFyeWVUV1VTTHhCcmIzQmhMcndBWG9ZaU9Pcmk0M21QaVgzUzBSQ2c3T2tsTDE1Y1REYlMzNUhCYi9LSkJpOTVESy9CY3BuaFd4dG1jeFJ6dExGREt3KzlOSTEycnciLCJtYWMiOiJhMjA0YzBkYjY1MTY0YzliY2U3OTE2ZWE3ODlmZjE3ZjhiM2JhMTQ2MDc4MzJkYjk2ZTMzMWRmM2E3NTE5MDFiIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 20 May 2023 19:16:11 GMT
Server: Apache
Last-Modified: Mon, 08 May 2023 09:20:04 GMT
Accept-Ranges: bytes
Content-Length: 0
Cache-Control: max-age=31536000
Expires: Sun, 19 May 2024 19:16:11 GMT
Vary: User-Agent
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon

fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900

142.250.74.106

200 OK

13 kB

URL GET HTTP/2
fonts.googleapis.com/css?family=Roboto:100,300,400,500,700,900
IP
142.250.74.106:443
ASN
#15169 GOOGLE

Requested by
https://wifi.retinad.com/next-module/b6417f112bd27848533e54885b66c288/page-banner-linked/VjFkMFQxTXhTa1pOVld4T1RXMVJlVll5TVhwUFVUMDk-
Certificate
IssuerGoogle Trust Services LLC
Subjectupload.video.google.com
Fingerprint9B:D0:53:C4:55:9D:41:A4:94:03:4A:2B:6A:5B:57:EB:EB:A5:F0:4A
ValidityMon, 24 Apr 2023 12:00:43 GMT - Mon, 17 Jul 2023 12:00:42 GMT

File type
ASCII text
Size
13 kB (12745 bytes)
Hash
cab222f7a352cb95160ade2bbba39be2
e0e5635227481ab966c10c7bc8a015c6132dda53
d175185dc8199dc8531d2c25a84073ad93a7c605a921b0168ed6106a193d21ee

HTTP Headers

GET /css?family=Roboto:100,300,400,500,700,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/111.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://wifi.retinad.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sat, 20 May 2023 19:16:10 GMT
date: Sat, 20 May 2023 19:16:10 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (5)

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (9)

URL User Request GET HTTP/1.1

IP

ASN

Certificate

File type

Size

Hash

Detections

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL

IP

ASN

File type

Size

Hash

HTTP Headers

URL GET HTTP/2