Skip to content

Instantly share code, notes, and snippets.

@ssnover

ssnover/notes.md

Created April 4, 2024 19:12
Show Gist options
  • Save ssnover/1e3f74ba3d37b4cc98205e0324279127 to your computer and use it in GitHub Desktop.
Save ssnover/1e3f74ba3d37b4cc98205e0324279127 to your computer and use it in GitHub Desktop.
Download ZIP
Captive Portal debugging
Raw
notes.md

TLDR

In short, I had a working connection on OZO SSID for multiple weeks following the introduction of the captive portal. Since Sunday, March 31, I've had problems at the DNS layer and above. Logging into the WiFi does not lead to a captive portal, but instead drops the request. Trying to trigger the captive portal from the browser or curl with an http site does not work. Attempting to ping Google's DNS server at 8.8.8.8 or Cloudflare's at 1.1.1.1 also does not go through. I believe Unifi management server's captive portal is based on pfsense which functions by capturing and modifying the DNS response with a 302. Attempting to login on my phone managed to reveal the server's IP address and the below is my attempt to explore what flow the server was attempting to serve to clients. It revealed TLS/SSL certificate issues (perhaps the gateway has been configured to attempt to MitM TLS encrypted packets), but also revealed the login page for the management server on the guest network at port 8443.

Finally, might be a false signal, but the management login page had some info embedded in the HTML loaded by the Javascript which maybe indicated that the page was coming up as a fail-safe state.

Debugging with curl

On connect, the client is supposed to make an HTTP check to verify if there is a captive portal. On Ubuntu, it access http://nmcheck.gnome.org. The server is supposed to intercept the response with a 302 and give it an IP address for the captive portal. This means DNS has to work (the request is supposed to clear and the response is intercepted). This doesn't appear to be happening.

From my phone, I'm able to get the IP address of the management server: 216.128.138.123.

If I attempt to get the HTTP page:

$ curl -v http://216.128.138.123
*   Trying 216.128.138.123:80...
* Connected to 216.128.138.123 (216.128.138.123) port 80 (#0)
> GET / HTTP/1.1
> Host: 216.128.138.123
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Moved Temporarily
< Connection: close
< Location: http://216.128.138.123:8880/guest/s/og2uskeh/?ap=60:22:32:6a:e4:35&ec=lvROEjbGbMk-yumsNGYn08v2SxYEzdarA2blic62vUWis9JgZ2M5IVvSeY0ZcT2aD1sjXArDjYjOhD6IAKTlBKauVGMFOqxbaXYb2b-Ymx7GmP4spZK0SLjRZ4vN5ci3u7m-DkhVIugfZ5EjHySk5e_R6i3-cappD5fxOwcMLt8
< 
* Closing connection 0

That URL leads to the captive portal.

If I attempt get just the domain, it redirects to HTTPS:

$ curl -v http://216.128.138.123:8880
*   Trying 216.128.138.123:8880...
* Connected to 216.128.138.123 (216.128.138.123) port 8880 (#0)
> GET / HTTP/1.1
> Host: 216.128.138.123:8880
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Content-Length: 0
< Date: Wed, 03 Apr 2024 18:10:57 GMT
< Location: https://216.128.138.123:8880/
< Server: Caddy
< 
* Connection #0 to host 216.128.138.123 left intact

Getting the page with the arguments gets me a redirect, and sets a cookie:

$ curl -v "http://216.128.138.123:8880/guest/s/og2uskeh/?ap=60:22:32:6a:e4:35&ec=lvROEjbGbMk-yumsNGYn08v2SxYEzdarA2blic62vUWis9JgZ2M5IVvSeY0ZcT2aD1sjXArDjYjOhD6IAKTlBKauVGMFOqxbaXYb2b-Ymx7GmP4spZK0SLjRZ4vN5ci3u7m-DkhVIugfZ5EjHySk5e_R6i3-cappD5fxOwcMLt8"
*   Trying 216.128.138.123:8880...
* Connected to 216.128.138.123 (216.128.138.123) port 8880 (#0)
> GET /guest/s/og2uskeh/?ap=60:22:32:6a:e4:35&ec=lvROEjbGbMk-yumsNGYn08v2SxYEzdarA2blic62vUWis9JgZ2M5IVvSeY0ZcT2aD1sjXArDjYjOhD6IAKTlBKauVGMFOqxbaXYb2b-Ymx7GmP4spZK0SLjRZ4vN5ci3u7m-DkhVIugfZ5EjHySk5e_R6i3-cappD5fxOwcMLt8 HTTP/1.1
> Host: 216.128.138.123:8880
> User-Agent: curl/7.81.0
> Accept: */*
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Content-Length: 0
< Date: Wed, 03 Apr 2024 18:13:06 GMT
< Location: http://216.128.138.123:8882/redirect?ec=eDi7nzvykDM3PMzJ63znJ3ooNWY5tLVMGTLelQNVH4hAgo4Dht4dfveaE3X_KVeqI6429zFg40l1ZMY4udulprRGurIjEm2AeUKHYZcHVy1uxYK3jGHtNHnDlAqHhxxmygJPZ7zpE_8tdCeMi_UbdvNcuO6nU_A-oEjmXTu1X-BqHeh7nhdzTs-zv7y-3SeK
< Server: Caddy
< Set-Cookie: ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv
< 
* Connection #0 to host 216.128.138.123 left intact

Setting the cookie in my request to the redirect gets me a couple redirects:

$ curl -v --cookie "ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv" "http://216.128.138.123:8882/redirect?ec=eDi7nzvykDM3PMzJ63znJ3ooNWY5tLVMGTLelQNVH4hAgo4Dht4dfveaE3X_KVeqI6429zFg40l1ZMY4udulprRGurIjEm2AeUKHYZcHVy1uxYK3jGHtNHnDlAqHhxxmygJPZ7zpE_8tdCeMi_UbdvNcuO6nU_A-oEjmXTu1X-BqHeh7nhdzTs-zv7y-3SeK"
*   Trying 216.128.138.123:8882...
* Connected to 216.128.138.123 (216.128.138.123) port 8882 (#0)
> GET /redirect?ec=eDi7nzvykDM3PMzJ63znJ3ooNWY5tLVMGTLelQNVH4hAgo4Dht4dfveaE3X_KVeqI6429zFg40l1ZMY4udulprRGurIjEm2AeUKHYZcHVy1uxYK3jGHtNHnDlAqHhxxmygJPZ7zpE_8tdCeMi_UbdvNcuO6nU_A-oEjmXTu1X-BqHeh7nhdzTs-zv7y-3SeK HTTP/1.1
> Host: 216.128.138.123:8882
> User-Agent: curl/7.81.0
> Accept: */*
> Cookie: ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Moved Temporarily
< Connection: close
< Location: http://216.128.138.123/
< 
* Closing connection 0

Second redirect:

$ curl -v --cookie "ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv" "http://216.128.138.123"
*   Trying 216.128.138.123:80...
* Connected to 216.128.138.123 (216.128.138.123) port 80 (#0)
> GET / HTTP/1.1
> Host: 216.128.138.123
> User-Agent: curl/7.81.0
> Accept: */*
> Cookie: ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv
> 
* Mark bundle as not supporting multiuse
< HTTP/1.1 302 Found
< Location: https://216.128.138.123:8443
< Server: Caddy
< Date: Wed, 03 Apr 2024 18:16:37 GMT
< Content-Length: 0
< 
* Connection #0 to host 216.128.138.123 left intact

Finally a redirect to a HTTPS site, but this ends in certificate error:

$ curl -v --cookie "ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv" "https://216.128.138.123:8443"
*   Trying 216.128.138.123:8443...
* Connected to 216.128.138.123 (216.128.138.123) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
*  CAfile: /etc/ssl/certs/ca-certificates.crt
*  CApath: /etc/ssl/certs
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (OUT), TLS header, Unknown (21):
* TLSv1.3 (OUT), TLS alert, unknown CA (560):
* SSL certificate problem: unable to get local issuer certificate
* Closing connection 0
curl: (60) SSL certificate problem: unable to get local issuer certificate
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the web page mentioned above.

This seems to be due to a self-signed certificate, ignoring it with -k:

$ curl -v -k --cookie "ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv" "https://216.128.138.123:8443"
*   Trying 216.128.138.123:8443...
* Connected to 216.128.138.123 (216.128.138.123) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: [NONE]
*  start date: Apr  3 14:45:17 2024 GMT
*  expire date: Apr  4 02:45:17 2024 GMT
*  issuer: CN=Caddy Local Authority - ECC Intermediate
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x57a9c1f0eeb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET / HTTP/2
> Host: 216.128.138.123:8443
> user-agent: curl/7.81.0
> accept: */*
> cookie: ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 302 
< date: Wed, 03 Apr 2024 18:20:44 GMT
< location: /manage
< server: Caddy
< content-length: 0
< 
* Connection #0 to host 216.128.138.123 left intact

$ curl -v -k --cookie "ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv" "https://216.128.138.123:8443/manage"
*   Trying 216.128.138.123:8443...
* Connected to 216.128.138.123 (216.128.138.123) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: [NONE]
*  start date: Apr  3 14:45:17 2024 GMT
*  expire date: Apr  4 02:45:17 2024 GMT
*  issuer: CN=Caddy Local Authority - ECC Intermediate
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x5c4c67838eb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /manage HTTP/2
> Host: 216.128.138.123:8443
> user-agent: curl/7.81.0
> accept: */*
> cookie: ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 302 
< date: Wed, 03 Apr 2024 18:21:45 GMT
< location: /manage/account/login?redirect=%2Fmanage
< server: Caddy
< content-length: 0
< 
* Connection #0 to host 216.128.138.123 left intact

This appears to just eventually lead to the management login page:

$ curl -v -k --cookie "ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv" "https://216.128.138.123:8443/manage/account/login?redirect=%2Fmanage"
*   Trying 216.128.138.123:8443...
* Connected to 216.128.138.123 (216.128.138.123) port 8443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* TLSv1.0 (OUT), TLS header, Certificate Status (22):
* TLSv1.3 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS header, Certificate Status (22):
* TLSv1.3 (IN), TLS handshake, Server hello (2):
* TLSv1.2 (IN), TLS header, Finished (20):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Encrypted Extensions (8):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Certificate (11):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, CERT verify (15):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Finished (20):
* TLSv1.2 (OUT), TLS header, Finished (20):
* TLSv1.3 (OUT), TLS change cipher, Change cipher spec (1):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.3 (OUT), TLS handshake, Finished (20):
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256
* ALPN, server accepted to use h2
* Server certificate:
*  subject: [NONE]
*  start date: Apr  3 14:45:17 2024 GMT
*  expire date: Apr  4 02:45:17 2024 GMT
*  issuer: CN=Caddy Local Authority - ECC Intermediate
*  SSL certificate verify result: unable to get local issuer certificate (20), continuing anyway.
* Using HTTP2, server supports multiplexing
* Connection state changed (HTTP/2 confirmed)
* Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* Using Stream ID: 1 (easy handle 0x5a7014776eb0)
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
> GET /manage/account/login?redirect=%2Fmanage HTTP/2
> Host: 216.128.138.123:8443
> user-agent: curl/7.81.0
> accept: */*
> cookie: ec=ugbzZjGXjHCbRWTuDEpCRFTqu3s-QmzDI16qwkhHEqiIBtEobsgU5Ti55HAwwWYG1isnZxs3ZGr5SSU2wvnuba_COz0ZlmgG0oV0WrDnMT_k4U2FLEyHwTsM1OKLKdCO7NGFMZqQpkEseRojHOPlSIhvlBBbbSyeozjgrRPDLCcIupj5vDFbv2OEH0RRd8lv
> 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.3 (IN), TLS handshake, Newsession Ticket (4):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* Connection state changed (MAX_CONCURRENT_STREAMS == 250)!
* TLSv1.2 (OUT), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
* TLSv1.2 (IN), TLS header, Supplemental data (23):
< HTTP/2 200 
< accept-ranges: bytes
< cache-control: max-age=0
< content-type: text/html
< date: Wed, 03 Apr 2024 18:22:31 GMT
< expires: Wed, 03 Apr 2024 18:22:31 GMT
< last-modified: Mon, 25 Mar 2024 16:37:53 GMT
< server: Caddy
< vary: accept-encoding
< x-frame-options: SAMEORIGIN
< content-length: 1088
< 
* TLSv1.2 (IN), TLS header, Supplemental data (23):
<!DOCTYPE html><html lang="en"><head><meta charset="utf-8"><title>UniFi Network</title><meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no" unifi-prevent-focus-zoom><meta name="apple-itunes-app" content="app-id=1057750338"><base href="/manage/"><link rel="apple-touch-icon-precomposed" href="angular/gca760d32f/images/favicons/favicon-192.png?v=2"><meta name="msapplication-TileColor" content="#0193d7"><meta name="msapplication-TileImage" content="angular/gca760d32f/images/favicons/favicon-192.png?v=2"><link rel="apple-touch-icon-precomposed" sizes="192x192" href="angular/gca760d32f/images/favicons/favicon-192.png?v=2"><link rel="apple-touch-icon-precomposed" href="angular/gca760d32f/images/favicons/favicon-64.png?v=2" sizes="64x64"><link rel="icon" href="angular/gca760d32f/images/favicons/favicon-32.png?v=2" sizes="32x32"><link rel="icon" href="angular/gca760d32f/images/favicons/favicon-16.png?v=2" sizes="16x16"><script src="angular/gca760d32f/js/index.js" defer></script></head>* Connection #0 to host 216.128.138.123 left intact
<body></body><div id="unifi-network-app-container"></div></html>

It actually doesn't appear to require the cookie at this point, but the cert for the HTTPS connection is still bad.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment