Report - email.kunversion.com/ls/click?upn=UMX5qLbBXS3HTHjB5V2yGX5c3LY1U0-2BTMq7fpr-2FhmaOx4wauXAVEToQLOJMFH6EcREcdPp5b9QFVHMUEvi015w-3D-3DTBgE_MZt4kN-2FOkj8LYeuHAuxf8ly4fqjUJaAule-2Bpmn3UQKjH0ulDUWy-2BGEE-2F-2BzC5CPrUOZnoobkK79ZIgme-2FEbLNRgjW-2FBNRWYL3itUFdlJcOxm8E2NP20EEVWmURKnAhyTq7IJapcNUKaV-2FSx04Luzfl1zQLitvVr0qcgPry57kt3UM7mkdSaNV9Si59HaTS-2FdgOLSm52sRhtH0r-2Bue7roPmipY4SrGbgcwm80NEhINfo5u1T1aVDFCZUMLfzNGX-2FgdveAwY3QpDdn4gBTVVmLOKaVxrOeiRRP5IfqAc-2BT2KF5-2F64pfpAQMZqvUxOaaixlPgn32LSNr9Ex4fxaE3n-2BTdHiDi0SIfPZvqUocXoEFThdA1ku-2FMNU0pvwxpLtW6oRRIpBMreonMl2tRteIQvx2-2Fg-3D-3D

Report Overview

Visited public
2023-12-05 15:15:58
Tags
linkedin microsoft phishing
URL
email.kunversion.com/ls/click?upn=UMX5qLbBXS3HTHjB5V2yGX5c3LY1U0-2BTMq7fpr-2FhmaOx4wauXAVEToQLOJMFH6EcREcdPp5b9QFVHMUEvi015w-3D-3DTBgE_MZt4kN-2FOkj8LYeuHAuxf8ly4fqjUJaAule-2Bpmn3UQKjH0ulDUWy-2BGEE-2F-2BzC5CPrUOZnoobkK79ZIgme-2FEbLNRgjW-2FBNRWYL3itUFdlJcOxm8E2NP20EEVWmURKnAhyTq7IJapcNUKaV-2FSx04Luzfl1zQLitvVr0qcgPry57kt3UM7mkdSaNV9Si59HaTS-2FdgOLSm52sRhtH0r-2Bue7roPmipY4SrGbgcwm80NEhINfo5u1T1aVDFCZUMLfzNGX-2FgdveAwY3QpDdn4gBTVVmLOKaVxrOeiRRP5IfqAc-2BT2KF5-2F64pfpAQMZqvUxOaaixlPgn32LSNr9Ex4fxaE3n-2BTdHiDi0SIfPZvqUocXoEFThdA1ku-2FMNU0pvwxpLtW6oRRIpBMreonMl2tRteIQvx2-2Fg-3D-3D
Finishing URL
www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
IP / ASN
104.17.238.232
#13335 CLOUDFLARENET
Title
Sign In | LinkedIn
Phishing - LinkedIn

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
www.linkedin.com	608	2002-11-02	2015-06-18 18:10:03	2023-12-05 05:24:07	25 kB	44 kB	13.107.42.14
static.licdn.com	12070	2011-02-24	2012-10-18 10:55:00	2023-12-05 07:32:29	8.2 kB	206 kB	23.36.76.121
platform.linkedin.com	3785	2002-11-02	2012-05-21 15:08:59	2023-12-05 07:32:30	1.0 kB	7.8 kB	23.36.76.210
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	2.1 kB	113 kB	216.58.207.227
ps.azurewaf.microsoft.com	unknown	1991-05-02	2022-06-29 13:12:32	2023-12-05 07:41:38	1.2 kB	1.4 kB	13.107.246.53
play.google.com	34	1997-09-15	2013-05-31 01:24:35	2023-12-05 11:25:49	2.2 kB	3.2 kB	142.250.74.78
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-05 09:21:53	2.7 kB	236 kB	173.194.73.84
email.kunversion.com	249541	2010-07-07	2014-12-05 22:44:30	2023-12-04 19:37:27	1.0 kB	640 B	104.17.236.232

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US IP 173.194.73.84 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-05 00:18 Last Seen2024-08-20 16:45 Times Seen53 Hash be123e418f0f5e27f797df84ff3fd68b c3635f4c2eb37e565959b95489f26af5fa4f4aec 4c9879f4e913e147e1227d4d22374d8f225e5145d0b2f6ace8c6025c5543b850 Loading...

	static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m	ScriptElement	66 kB	2023-09-16	2025-05-10
Pretty URL static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 06:43 Last Seen2025-05-10 11:23 Times Seen5424 Hash 876f2fa2944feee72451e3a690d1985e d30f9cd73ba3bdda113f2e4a2513938fdd90c460 3aea2efa28a6c1ce964301fc7264ac01a38b63d2b98f65f53e3877157249ec0c Loading...

	www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes	ScriptElement	392 B	2023-03-07	2025-05-10
Pretty URL www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes IP 13.107.42.14 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-05-10 11:23 Times Seen6910 Hash e0a4dd818cea4496e55b30782ebd8da5 cf5eba9f6f20b2fa835908cf62af6f6b5bf62e8f 0dab6c146a09f20164cf3c68e3b3aeefa599fb74013ce407b41bbda7d6f70e10 Loading...

	static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p	ScriptElement	184 kB	2023-09-23	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 08:16 Last Seen2024-08-21 05:59 Times Seen498 Hash b3c0efe5673863cd5d15d9327956e521 0f2f2b7c426d53e19a41952881a50aa53cf4b2be 5a17a1bdee75a16150f30746c04708e2757f4f678582aca4ed892a4e4a81e52c Loading...

	static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj	ScriptElement	186 kB	2023-03-07	2025-03-29
Pretty URL static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41 Last Seen2025-03-29 17:55 Times Seen4449 Hash 7554ae17c5023ecc6d0ffc1e8775bc2f 37b39540102e29993f710047ed89bbe3b47a3a2b 6101eea4239ded7503b74732d078de0de0e31d9465de3876b1641802dd299200 Loading...

	accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ IP 173.194.73.84 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-05 00:51 Last Seen2024-08-20 16:45 Times Seen21 Hash b6ad8f02e56687aa35edff4a40f94503 a01a550776b997b6d2bcde7a738d591406ca8acc c905b15a8ae7a435f2c638acd9cd6bcf22f8f7242a65f65f4a494971bd804afb Loading...

	platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701789300000	ScriptElement	21 kB	2023-03-13	2024-08-21
Pretty URL platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701789300000 IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:46 Last Seen2024-08-21 09:38 Times Seen184 Hash 0c2b8986d74a36a37dc8e3201286c08e bbce2e43ca1c0971183de4c124b52505a71dd385 2d6c8342e9f1b0d7aeab334afbb5b66f07c2fe525d94c1dcf98a88b395c0afbb Loading...

	static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb	ScriptElement	418 kB	2023-09-27	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-27 21:15 Last Seen2024-08-21 05:39 Times Seen396 Hash 0b6a062b68f25755076f86c407cef6df e29e9527b66b1120140386cec385535f8e8be11c 9ca15b7249c35cab4b88522b3b6c2687d3e27b07bb6b46cbb704840b5507a32e Loading...

	static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il	ScriptElement	642 kB	2023-09-27	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-27 21:15 Last Seen2024-08-21 05:39 Times Seen170 Hash 9d5628f5a019ba604b667f3748c9e9ed 73ddd5bd7f58a51336e8e7eb8d2f21ab8d29749e 096e768ea8f1c91f85ddb295d6c713c3effacbabe098e3da7e3ded75cfa83617 Loading...

	accounts.google.com/_/gsi/_/js/k=gsi.gsi.en_US.l0gW8cfNiGI.O/am=AFCA/d=1/rs=AF0KOtUvd_mdMjORi1qJhR-dbm4LFQVGQg/m=credential_button_library	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/_/gsi/_/js/k=gsi.gsi.en_US.l0gW8cfNiGI.O/am=AFCA/d=1/rs=AF0KOtUvd_mdMjORi1qJhR-dbm4LFQVGQg/m=credential_button_library IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 00:18 Last Seen2024-08-20 16:45 Times Seen53 Hash 9334fbc8b32233fa291834a3a84ccb7a 0c2e96f450c895f3031a0e31932402aae2381951 e51581cb944e0c007fcf8fca56aaa20152af6122d5a919d4c9f827812b8296c8 Loading...

	accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.pqh5vAPlhH0.O/am=AFCA/d=1/rs=AF0KOtVeFPYe9kC3GunlrK7L8dQKwSEqRg/m=credential_button_library	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.pqh5vAPlhH0.O/am=AFCA/d=1/rs=AF0KOtVeFPYe9kC3GunlrK7L8dQKwSEqRg/m=credential_button_library IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 00:51 Last Seen2024-08-20 16:45 Times Seen21 Hash 78dd948011f4ddd085fdcacdccddf395 6fd1c2df97e9e1ce6946c400bf75a77171ec5424 bfadf2bb3dddcf4761290149539ec070a343f3a35a6b814c179c1829d72d2745 Loading...

HTTP Transactions (48)

URL IP Response Size

email.kunversion.com/ls/click?upn=UMX5qLbBXS3HTHjB5V2yGX5c3LY1U0-2BTMq7fpr-2FhmaOx4wauXAVEToQLOJMFH6EcREcdPp5b9QFVHMUEvi015w-3D-3DTBgE_MZt4kN-2FOkj8LYeuHAuxf8ly4fqjUJaAule-2Bpmn3UQKjH0ulDUWy-2BGEE-2F-2BzC5CPrUOZnoobkK79ZIgme-2FEbLNRgjW-2FBNRWYL3itUFdlJcOxm8E2NP20EEVWmURKnAhyTq7IJapcNUKaV-2FSx04Luzfl1zQLitvVr0qcgPry57kt3UM7mkdSaNV9Si59HaTS-2FdgOLSm52sRhtH0r-2Bue7roPmipY4SrGbgcwm80NEhINfo5u1T1aVDFCZUMLfzNGX-2FgdveAwY3QpDdn4gBTVVmLOKaVxrOeiRRP5IfqAc-2BT2KF5-2F64pfpAQMZqvUxOaaixlPgn32LSNr9Ex4fxaE3n-2BTdHiDi0SIfPZvqUocXoEFThdA1ku-2FMNU0pvwxpLtW6oRRIpBMreonMl2tRteIQvx2-2Fg-3D-3D

104.17.236.232

66 B

URL
email.kunversion.com/ls/click?upn=UMX5qLbBXS3HTHjB5V2yGX5c3LY1U0-2BTMq7fpr-2FhmaOx4wauXAVEToQLOJMFH6EcREcdPp5b9QFVHMUEvi015w-3D-3DTBgE_MZt4kN-2FOkj8LYeuHAuxf8ly4fqjUJaAule-2Bpmn3UQKjH0ulDUWy-2BGEE-2F-2BzC5CPrUOZnoobkK79ZIgme-2FEbLNRgjW-2FBNRWYL3itUFdlJcOxm8E2NP20EEVWmURKnAhyTq7IJapcNUKaV-2FSx04Luzfl1zQLitvVr0qcgPry57kt3UM7mkdSaNV9Si59HaTS-2FdgOLSm52sRhtH0r-2Bue7roPmipY4SrGbgcwm80NEhINfo5u1T1aVDFCZUMLfzNGX-2FgdveAwY3QpDdn4gBTVVmLOKaVxrOeiRRP5IfqAc-2BT2KF5-2F64pfpAQMZqvUxOaaixlPgn32LSNr9Ex4fxaE3n-2BTdHiDi0SIfPZvqUocXoEFThdA1ku-2FMNU0pvwxpLtW6oRRIpBMreonMl2tRteIQvx2-2Fg-3D-3D
IP
104.17.236.232:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
66 B (66 bytes)
Hash
f15e42cc46315354c9d687cbd38f0dc2
266ec7d5d2eb044917ddde19e6ea21b8bb5bd2b3
e31078a4818b6716b65d2fadd10f370a199b25cd92389592a97b8e7180574733

HTTP Headers

GET /ls/click?upn=UMX5qLbBXS3HTHjB5V2yGX5c3LY1U0-2BTMq7fpr-2FhmaOx4wauXAVEToQLOJMFH6EcREcdPp5b9QFVHMUEvi015w-3D-3DTBgE_MZt4kN-2FOkj8LYeuHAuxf8ly4fqjUJaAule-2Bpmn3UQKjH0ulDUWy-2BGEE-2F-2BzC5CPrUOZnoobkK79ZIgme-2FEbLNRgjW-2FBNRWYL3itUFdlJcOxm8E2NP20EEVWmURKnAhyTq7IJapcNUKaV-2FSx04Luzfl1zQLitvVr0qcgPry57kt3UM7mkdSaNV9Si59HaTS-2FdgOLSm52sRhtH0r-2Bue7roPmipY4SrGbgcwm80NEhINfo5u1T1aVDFCZUMLfzNGX-2FgdveAwY3QpDdn4gBTVVmLOKaVxrOeiRRP5IfqAc-2BT2KF5-2F64pfpAQMZqvUxOaaixlPgn32LSNr9Ex4fxaE3n-2BTdHiDi0SIfPZvqUocXoEFThdA1ku-2FMNU0pvwxpLtW6oRRIpBMreonMl2tRteIQvx2-2Fg-3D-3D HTTP/1.1
Host: email.kunversion.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 15:15:39 GMT
content-type: text/html; charset=utf-8
content-length: 66
location: https://www.linkedin.com/in/irina-sky-homes
x-robots-tag: noindex, nofollow
cf-cache-status: DYNAMIC
set-cookie: __cf_bm=Ff1410Qy46C43jtHCWGaZthOl8gHgTqMTLZryQOEdx0-1701789339-0-AYceKMHD8Srsjvpob3UHz7xiYMER9DE/jO29eTRt/OGJ9jQJC4Wuv9xohtqgx93erHDqovRWA+aEj+cifFCatmU=; path=/; expires=Tue, 05-Dec-23 15:45:39 GMT; domain=.email.kunversion.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 830d3eec6fde569b-OSL
X-Firefox-Spdy: h2

www.linkedin.com/in/irina-sky-homes

13.107.42.14

1.5 kB

URL
www.linkedin.com/in/irina-sky-homes
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.5 kB (1530 bytes)
Hash
895d2a337cecd4bf36e6ff9a7e669a63
9176c614fa5aca9af6ceba4996cc9128842803f7
644031a68bde879af85bcc9cb3e6fa1e9a6b0f61d49307581974b5dbc09d3de8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /in/irina-sky-homes HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 999 No Reason Phrase
cache-control: no-cache, no-store
pragma: no-cache
content-length: 1530
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; Domain=.linkedin.com; Expires=Wed, 04-Dec-2024 15:15:40 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; Domain=.www.linkedin.com; Expires=Wed, 04-Dec-2024 15:15:40 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE3MDE3ODkzMzk7MjswMjHu5s4FBv0cv+RSrP6aIE4VXHtaWQDo8W+5TbzLQpghnw==; Domain=.linkedin.com; Expires=Sun, 02 Jun 2024 15:15:39 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; Expires=Wed, 06 Dec 2023 15:15:40 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
trkCode=gf; Max-Age=5
trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=; Max-Age=5
rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; Max-Age=120; path=/; domain=.linkedin.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLUVOyuzLJ6oWIxiuQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 0A0B5089417A473A93968390E3D2B7ED Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:39Z
date: Tue, 05 Dec 2023 15:15:40 GMT
X-Firefox-Spdy: h2

www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes

13.107.42.14

200 OK

9.6 kB

URL User Request GET HTTP/2
www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (948)
Size
9.6 kB (9567 bytes)
Hash
9cbac8982d003c7ac21be97ecb84ec98
7e9a7abb0b0c816b36b5d6f4d4946d2c68a76850
aaae4c206d5d9c4e04abde81db78366fd707cbc809a5dc8b42aebe9a5d2877aa

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/in/irina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTswOzE3MDE3ODkzMzk7MjswMjHu5s4FBv0cv+RSrP6aIE4VXHtaWQDo8W+5TbzLQpghnw==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 9567
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; Max-Age=604800; Expires=Tue, 12 Dec 2023 15:15:40 GMT; Path=/
JSESSIONID=ajax:9078523511260655374; SameSite=None; Path=/; Domain=.www.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure
bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 15:15:40 GMT; SameSite=None
bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 15:15:40 GMT; HttpOnly; SameSite=None
x-fs-uuid: 00060bc4b523fe32d889615994f56dd5
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=grl
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLUj/jLYiWFZlPVt1Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BA970E2475F14A3388C5A99432DF5B38 Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:40Z
date: Tue, 05 Dec 2023 15:15:40 GMT
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca

23.36.76.121

200 OK

1.4 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
1.4 kB (1446 bytes)
Hash
b2ccd167c908a44e1dd69df79382286a
d9349f1bdcf3c1556cd77ae1f0029475596342aa
19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec

HTTP Headers

GET /aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 15 Aug 2023 17:34:20 GMT
last-modified: Tue, 05 Apr 2022 06:07:09 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
remote-cache-status: TCP_HIT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 24838
accept-ranges: bytes
content-type: image/x-icon
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1bb2d502bb223102ef6e95e5
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxuy1QK7IjEC726V5Q==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 1446
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1

23.36.76.121

200 OK

903 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (355)
Size
903 B (903 bytes)
Hash
e1ebda90bd5ae40a05d2fbc7a7b4f9a1
564b16fb3ad295432b850ff58e7a19d30cc6fb22
870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49

HTTP Headers

GET /aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 14 Nov 2023 07:22:22 GMT
last-modified: Tue, 05 Apr 2022 02:04:43 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2435
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1724a9df478e170d12b4f591
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxckqd9HjhcNErT1kQ==
remote-cache-status: TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 903
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs

23.36.76.121

200 OK

391 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
391 B (391 bytes)
Hash
5fdb7b403b3a41faa26c73b1aaaf7668
c46a275d28b78b77460e42ba248317378a91b70e
55e3d046df49b2754cec5ecee990e526dbb272e70eb5bea625b4e68e64ce1715

HTTP Headers

GET /aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sun, 26 Nov 2023 05:57:08 GMT
last-modified: Tue, 05 Apr 2022 04:16:45 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 2
x-edgeconnect-midmile-rtt: 18
x-edgeconnect-origin-mex-latency: 375
x-datastream-midmile-rtt: 18
x-datastream-origin-mex-latency: 375
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 391
accept-ranges: bytes
content-length: 391
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=5.361015E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005e75bbb4e6c1e1f329f136b73d2a2
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXnW7tObB4fMp8Ta3PSog==
date: Tue, 05 Dec 2023 15:15:41 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb

23.36.76.121

200 OK

1.2 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (664)
Size
1.2 kB (1209 bytes)
Hash
8e6f25f8189065407452b8b0c00426a3
7485d46647a459789f6e7319cfef6426a643244b
b9e0a92c496b900728000dbf48aa623a7eb0468c5814a8bf60c69d6cda05b149

HTTP Headers

GET /aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sun, 16 Jul 2023 19:48:41 GMT
last-modified: Tue, 05 Apr 2022 06:06:04 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 4
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2958
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f45a825ee09b3381e486ade56
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfT0WoJe4JszgeSGreVg==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 1209
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2

23.36.76.121

200 OK

274 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
274 B (274 bytes)
Hash
07dfbaf5f85030efc27e4a012488e13a
b4e6ac4f3dcd094bd4d326b537960328200384f6
5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c

HTTP Headers

GET /aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 05 Oct 2023 07:40:10 GMT
last-modified: Tue, 05 Apr 2022 06:12:23 GMT
cache-control: max-age=604800, immutable
x-edgeconnect-midmile-rtt: 18
x-edgeconnect-origin-mex-latency: 356
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 274
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df50329952323f6ad5485726632c
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfUDKZUjI/atVIVyZjLA==
content-length: 274
remote-cache-status: TCP_HIT
date: Tue, 05 Dec 2023 15:15:41 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x

23.36.76.121

200 OK

478 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (315)
Size
478 B (478 bytes)
Hash
e5308429c09ca0ed28eacf843ff14c65
ea1a0d5985600fd0699ad59744a3dff23f211080
b5d878bd7b1fdeb60ae0ebe05f2481f550767043518b1d404be8951ab2738150

HTTP Headers

GET /aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sat, 25 Nov 2023 05:36:40 GMT
last-modified: Wed, 05 Oct 2022 02:00:26 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0012224495; STORAGE_IN_GB=0.0
x-fs-uuid: 000602269d4151b17fa559dfc3ace34d
x-li-fabric: prod-ltx1
x-content-type-options: nosniff
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYCJp1BUbF/pVnfw6zjTQ==
x-ambry-blob-size: 478
accept-ranges: bytes
content-length: 478
content-type: image/svg+xml
content-disposition: attachment
remote-cache-status: TCP_HIT
date: Tue, 05 Dec 2023 15:15:41 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc

23.36.76.121

200 OK

241 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
241 B (241 bytes)
Hash
583edc3d198b3a1117b1c92000728248
83d2af855c97c89b0c403d4db92e0a58a3d01601
98db6b44a8d0d3d6555c5cc022144921572e719b75b630f4dd8e2ffe4727afc8

HTTP Headers

GET /aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 20 Oct 2023 09:02:20 GMT
last-modified: Wed, 05 Oct 2022 01:59:24 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
remote-cache-status: TCP_HIT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 241
accept-ranges: bytes
content-length: 241
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=9.8344666E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f664efdc410e9462df1d0620a25b
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX2ZO/cQQ6UYt8dBiCiWw==
date: Tue, 05 Dec 2023 15:15:41 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k

23.36.76.121

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
accept-ranges: bytes
content-type: text/css
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0017617684; STORAGE_IN_GB=0.0
x-fs-uuid: 00060675f042811d4b74066a5cc7359a
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYGdfBCgR1LdAZqXMc1mg==
x-edgeconnect-midmile-rtt: 0
x-edgeconnect-origin-mex-latency: 170
remote-cache-status: TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p

23.36.76.121

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 20 Sep 2023 11:17:08 GMT
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0010696752; STORAGE_IN_GB=0.0
x-fs-uuid: 0006071fa72092d5d02a781d42fd1ebd
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYHH6cgktXQKngdQv0evQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb

23.36.76.121

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:42 GMT
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0022808; STORAGE_IN_GB=0.0
x-fs-uuid: 000608744554fd183eebe1ce660c737d
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYIdEVU/Rg+6+HOZgxzfQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il

23.36.76.121

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0012488011; STORAGE_IN_GB=0.0
x-fs-uuid: 00060737060b052f969ab87f56a64ea8
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYHNwYLBS+Wmrh/VqZOqA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca

23.36.76.121

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 15 Aug 2023 17:34:20 GMT
last-modified: Tue, 05 Apr 2022 06:07:09 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
remote-cache-status: TCP_HIT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 24838
accept-ranges: bytes
content-type: image/x-icon
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1bb2d502bb223102ef6e95e5
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxuy1QK7IjEC726V5Q==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 1446
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo

23.36.76.121

200 OK

201 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
201 B (201 bytes)
Hash
daf7c1053e08e600e06c4115bf2181b4
452c1516e428c937762cac0842aec6fb3e48c84b
d960843fe85cfd71159433734acd16a8406bce0491bef7c4c361d6139168c64e

HTTP Headers

GET /aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 30 Nov 2023 05:56:47 GMT
last-modified: Tue, 05 Apr 2022 02:04:42 GMT
cache-control: max-age=604800, immutable
x-edgeconnect-midmile-rtt: 22
x-edgeconnect-origin-mex-latency: 155
x-datastream-cache-status: 1
remote-cache-status: TCP_HIT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 201
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1978c8cff3a2fb9c861bda08
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxl4yM/zovuchhvaCA==
content-length: 201
date: Tue, 05 Dec 2023 15:15:41 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8

23.36.76.121

200 OK

1.2 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603)
Size
1.2 kB (1157 bytes)
Hash
ecfa6f7d77da7dde7c2ad63721188fb8
3f30d694caf8ddbf98d4cd720cad7fe6705461de
a40ef94220192d445dcdd662392c4def2b31a5f305901fa4d5eb4a73f7ef9351

HTTP Headers

GET /aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 04 Oct 2022 02:46:14 GMT
last-modified: Fri, 13 May 2022 17:24:11 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 4
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2721
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df60b08be356d331e6e18726d8a5
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfYLCL41bTMebhhybYpQ==
x-edgeconnect-midmile-rtt: 21
x-edgeconnect-origin-mex-latency: 199
x-datastream-midmile-rtt: 21
x-datastream-origin-mex-latency: 199
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 1157
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m

23.36.76.121

200 OK

21 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (21278 bytes)
Hash
876f2fa2944feee72451e3a690d1985e
d30f9cd73ba3bdda113f2e4a2513938fdd90c460
3aea2efa28a6c1ce964301fc7264ac01a38b63d2b98f65f53e3877157249ec0c

HTTP Headers

GET /aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Sep 2023 09:28:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 65933
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 15 Sep 2023 18:17:25 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.004344321; STORAGE_IN_GB=0.0
x-fs-uuid: 000604dcfd0f4865758bc0ffd2855550
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYE3P0PSGV1i8D/0oVVUA==
remote-cache-status: TCP_HIT, TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 21278
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj

23.36.76.121

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 07:00:01 GMT
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=4.9860234E-4; STORAGE_IN_GB=0.0
x-fs-uuid: 0005fd2171df9ca9abf6ac8b57ee7e6a
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX9IXHfnKmr9qyLV+5+ag==
x-datastream-cache-status: 1
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/cookie-consent/

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/cookie-consent/
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /cookie-consent/ HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 74
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTswOzE3MDE3ODkzMzk7MjswMjHu5s4FBv0cv+RSrP6aIE4VXHtaWQDo8W+5TbzLQpghnw==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; Max-Age=15552000; Expires=Sun, 02 Jun 2024 15:15:41 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 15:15:41 GMT; SameSite=None
bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 15:15:41 GMT; HttpOnly; SameSite=None
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLU1W6IeuAKzUQpAaA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C6763B6A3A4849A3967F6BDFDA7F4260 Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:41Z
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 0
X-Firefox-Spdy: h2

platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701789300000

23.36.76.210

200 OK

7.3 kB

URL GET HTTP/2
platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701789300000
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectplatform.linkedin.com
Fingerprint4B:93:3D:B1:BC:00:2B:2E:AE:1F:AE:FD:0C:60:BD:19:AB:04:FE:CC
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20936), with no line terminators
Size
7.3 kB (7270 bytes)
Hash
0c2b8986d74a36a37dc8e3201286c08e
bbce2e43ca1c0971183de4c124b52505a71dd385
2d6c8342e9f1b0d7aeab334afbb5b66f07c2fe525d94c1dcf98a88b395c0afbb

HTTP Headers

GET /litms/utag/seo-directory-frontend/utag.js?cb=1701789300000 HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; li_gc=MTswOzE3MDE3ODkzMzk7MjswMjHu5s4FBv0cv+RSrP6aIE4VXHtaWQDo8W+5TbzLQpghnw==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; lang=v=2&lang=en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "1183eba592caaee0d37ff50f8a71ab8623266cc6"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Sat, 02 Dec 2023 16:52:02 GMT
content-encoding: gzip
content-length: 7270
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-lva1
x-content-type-options: nosniff
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
x-li-uuid: AAYLxLK7tNy9Ejaq2EtoYQ==
date: Tue, 05 Dec 2023 15:15:42 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/platform-telemetry/li/collect

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/platform-telemetry/li/collect
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /platform-telemetry/li/collect HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 1956
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==; Max-Age=604800; Expires=Tue, 12 Dec 2023 15:15:42 GMT; SameSite=None; Path=/; Secure
bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 15:15:42 GMT; SameSite=None
bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 15:15:42 GMT; HttpOnly; SameSite=None
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLU5oPlmoUbO+apIHw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 68BB1C21CAB04B2DA4D287051DBF1B61 Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:42Z
date: Tue, 05 Dec 2023 15:15:42 GMT
content-length: 0
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Size
27 kB (27431 bytes)
Hash
9ecc1a07aa9e5e87f04d31b49ca09897
a030a565d2168e505861d6f1de260dc1adf8b77b
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 495529
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Size
27 kB (27191 bytes)
Hash
20f7180ebc95ade510a7fbd4cbdc35b6
6cfc5afa73095577a20461de09d2a8f4b34d80e0
8087cf253743d85d9153ba12ce624c2e460e966c40a61928b3a036a2d452f45a

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:18:29 GMT
expires: Tue, 03 Dec 2024 23:18:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 57433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Size
27 kB (27191 bytes)
Hash
20f7180ebc95ade510a7fbd4cbdc35b6
6cfc5afa73095577a20461de09d2a8f4b34d80e0
8087cf253743d85d9153ba12ce624c2e460e966c40a61928b3a036a2d452f45a

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:18:29 GMT
expires: Tue, 03 Dec 2024 23:18:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 57433
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Size
27 kB (27431 bytes)
Hash
9ecc1a07aa9e5e87f04d31b49ca09897
a030a565d2168e505861d6f1de260dc1adf8b77b
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 495529
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 3288
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLU8Y4BDJRqVcswfDQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BD683D3C01C74F638D2B7A9CB929A2F9 Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:42Z
date: Tue, 05 Dec 2023 15:15:42 GMT
content-length: 0
X-Firefox-Spdy: h2

ps.azurewaf.microsoft.com/event?correlationId=fb8db03e-49c2-43c6-9e91-ec94855c88b1&type=ping

13.107.246.53

204 No Content

0 B

URL OPTIONS HTTP/2
ps.azurewaf.microsoft.com/event?correlationId=fb8db03e-49c2-43c6-9e91-ec94855c88b1&type=ping
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerMicrosoft Corporation
Subjectps.azurewaf.microsoft.com
FingerprintFC:AC:5C:FF:51:A1:16:2F:30:EF:E4:53:B9:A3:3C:30:82:09:E6:4B
ValiditySun, 26 Feb 2023 08:05:40 GMT - Wed, 21 Feb 2024 08:05:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event?correlationId=fb8db03e-49c2-43c6-9e91-ec94855c88b1&type=ping HTTP/1.1
Host: ps.azurewaf.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
set-cookie: TiPMix=86.47964692196575; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0nj5vZQAAAAC2b+w40OIJRYPx5aksY87gU1ZHMjBFREdFMDUwOQAzNmQyZWNiZi02MGQwLTQ5YWUtOWEyNy02YmZhOGI1MGU0OGQ=
date: Tue, 05 Dec 2023 15:15:41 GMT
X-Firefox-Spdy: h2

www.linkedin.com/litms/api/metadata/user

13.107.42.14

200 OK

226 B

URL GET HTTP/2
www.linkedin.com/litms/api/metadata/user
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (345), with no line terminators
Size
226 B (226 bytes)
Hash
ccb8e9f87744d3b614cadf7b951ae5ea
da1e0528d0b7377a965b569dae93a8ea0e8dbacb
6b6676ca025aaa38464ebd3b1a6c642e3d7feef94b66595fa183f0d76da5f222

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /litms/api/metadata/user HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTswOzE3MDE3ODkzMzk7MjswMjHu5s4FBv0cv+RSrP6aIE4VXHtaWQDo8W+5TbzLQpghnw==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 226
content-type: application/json
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLU95tosQMQYm3XtOw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 7D1A2D48180B4BEFB3393E5D84A6DC96 Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:41Z
date: Tue, 05 Dec 2023 15:15:42 GMT
X-Firefox-Spdy: h2

www.linkedin.com/aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb

13.107.42.14

200 OK

5.0 kB

URL GET HTTP/2
www.linkedin.com/aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (523)
Size
5.0 kB (5039 bytes)
Hash
c9af861b3945afc33b17cd522ca638ef
c599f4dcba079461272503b0b1c64e81a9263d4c
30594a90dd8a6944015a199be410d7f6810ba106a7d57d42f740c0da46a70865

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTswOzE3MDE3ODkzMzk7MjswMjHu5s4FBv0cv+RSrP6aIE4VXHtaWQDo8W+5TbzLQpghnw==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 5039
content-type: text/javascript
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Fri, 14 Oct 2022 06:29:29 GMT
accept-ranges: bytes
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 5039
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=7.409031E-4; STORAGE_IN_GB=0.0
strict-transport-security: max-age=31536000
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLU9/kt6GXMZwIrV/A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: BC11620F909745CE998638091C8DA03D Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:41Z
date: Tue, 05 Dec 2023 15:15:42 GMT
X-Firefox-Spdy: h2

ps.azurewaf.microsoft.com/event?correlationId=fb8db03e-49c2-43c6-9e91-ec94855c88b1&type=ping

13.107.246.53

204 No Content

0 B

URL OPTIONS HTTP/2
ps.azurewaf.microsoft.com/event?correlationId=fb8db03e-49c2-43c6-9e91-ec94855c88b1&type=ping
IP
13.107.246.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerMicrosoft Corporation
Subjectps.azurewaf.microsoft.com
FingerprintFC:AC:5C:FF:51:A1:16:2F:30:EF:E4:53:B9:A3:3C:30:82:09:E6:4B
ValiditySun, 26 Feb 2023 08:05:40 GMT - Wed, 21 Feb 2024 08:05:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?correlationId=fb8db03e-49c2-43c6-9e91-ec94855c88b1&type=ping HTTP/1.1
Host: ps.azurewaf.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1711
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
set-cookie: TiPMix=52.459718492035; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
access-control-allow-origin: *
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0nj5vZQAAAABQm/Qczf7LTaCwYA4DwxdOU1ZHMjBFREdFMDUwOQAzNmQyZWNiZi02MGQwLTQ5YWUtOWEyNy02YmZhOGI1MGU0OGQ=
date: Tue, 05 Dec 2023 15:15:41 GMT
content-length: 0
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb

23.36.76.121

200 OK

161 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65410)
Size
161 kB (161244 bytes)
Hash
0b6a062b68f25755076f86c407cef6df
e29e9527b66b1120140386cec385535f8e8be11c
9ca15b7249c35cab4b88522b3b6c2687d3e27b07bb6b46cbb704840b5507a32e

HTTP Headers

GET /aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
expires: Fri, 29 Sep 2023 18:59:02 GMT
last-modified: Thu, 21 Sep 2023 23:15:42 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 417634
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.003357283; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f726b22f73e13c58f8d6ae9105
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9yayL3PhPFj41q6RBQ==
remote-cache-status: TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:41 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 15988
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLVDpJSYJJgJ8pAbAQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EEE14CFC1C6647B1843AA67099C1D2AD Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:42Z
date: Tue, 05 Dec 2023 15:15:42 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1008
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLVFSIRKGq/oRMZDdQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 32E8417ECEDE48B3963474BD76F919DA Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:42Z
date: Tue, 05 Dec 2023 15:15:42 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1022
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLVTLZCJ2JchBKpv4g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EAB08CD2C1D4490587DADC2FA3F5B37A Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:43Z
date: Tue, 05 Dec 2023 15:15:43 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1022
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLVxseFAFZoNGKHXWg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A50F4F4327F14EE7B0941BF097B883FE Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:45Z
date: Tue, 05 Dec 2023 15:15:45 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1022
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLWQPZ7ItXsEeFLr1w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 01CD232E40964BB4803ECFF6CA9F7A4C Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:47Z
date: Tue, 05 Dec 2023 15:15:47 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1022
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLWuwcCZF/Y2HeX5bQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 868178E2E28945BAB622C5C1DE2B6DEC Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:49Z
date: Tue, 05 Dec 2023 15:15:49 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1022
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLXNRWxKbfg+f1Ymqg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E67EBA6F831E43A1A76E776E3E9C86E7 Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:51Z
date: Tue, 05 Dec 2023 15:15:51 GMT
content-length: 0
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

0 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 05 Dec 2023 15:15:52 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+462; expires=Thu, 04-Dec-2025 15:15:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:15:52 GMT
cache-control: private
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

131 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 453
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:52 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+937; expires=Thu, 04-Dec-2025 15:15:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:15:52 GMT
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

0 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 05 Dec 2023 15:15:52 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+760; expires=Thu, 04-Dec-2025 15:15:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:15:52 GMT
cache-control: private
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

131 B

URL POST HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 453
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 05 Dec 2023 15:15:52 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+136; expires=Thu, 04-Dec-2025 15:15:52 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 15:15:52 GMT
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1022
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Cookie: bcookie="v=2&d42f387d-7fdd-45ac-8af6-563b44cd321c"; bscookie="v=1&20231205151539fe91a263-9dce-49fa-8213-a56470c0e94bAQF3e3WPi_wxPsfNRLSe2kmKtFgFbZOw"; li_gc=MTs0MjsxNzAxNzg5MzQxOzI7MDIx84TBTiyhfvLzytSwDT2aCwxOlLhyQlq1WEufsQFOTes=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701789340:t=1701875740:v=2:sig=AQG066XZvf2U8aaokbg4SFkoekO-YYsW"; rtc=AQFF6eUs7o9dBQAAAYw6jJFg2-dYW8agRPSX0esk0wZEdtJxFC189QD2gmoeXXcQsx_3GEXL-nuRKzyNqXD0ROfDyD5Ko97B9RstOzoLBFF0Z38ySEqsDcS3RnTQUSVhBD56w182mSC-LOQVf8KqxH4QwoIdueiYj7GkvlogPp0r88Qaf2zJaYIkU18XdnkSw_Wq3zktt3TjgelW0x1tDgcPjwV-Lla1XKOXRaQpN4o2EgckZR5aVc4nfrb48YkLDw==; fid=AQHehW042p6pLwAAAYw6jJSr-S6exdwMTi_i_tKliMJELOd30w5X2mapd2WwRAEyQnV4WApQbXYnuw; JSESSIONID=ajax:9078523511260655374; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQHD2_FnkFxLTwAAAYw6jJpAYCFwqsWdV1uBf98JjOaYz8SzxhiJrXAXiEzdYGSv3fqDkU7m0e7lbQl5j6oPaWYFLg88Q4i73sK-IVUL9jlbDY8XZsDdRcAN0CFRdXofqSsKVq_DzNCqnspY1MCuE8NWVnJ-AxLSbCLvrGK3Ddx3HrOGiWK5C-zT3Z2xvQA2ePHyDxsr1ARyp1L3TCGKDfxq-yDZtcUaH5ML00F6s78t-kJhZ5gpatZKeQTR/28QDuj9jLFqRGN9S7yjg7piXmI9tkSiw2WWJh/g97KgPFSnNg4ekDSQ4JvRX0uu4l82e+ZfAe6RpEiGzB3w==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLxLXr5wyc88qvIqGkQw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 328A7AD47C3F48B58C71F0ED2283669A Ref B: OSL30EDGE0506 Ref C: 2023-12-05T15:15:53Z
date: Tue, 05 Dec 2023 15:15:53 GMT
content-length: 0
X-Firefox-Spdy: h2

accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US

173.194.73.84

200 OK

116 kB

URL GET HTTP/2
accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7754)
Size
116 kB (115717 bytes)
Hash
4f1d44d1f7c8f0e8851bcc6dfaf8ef83
f9417a7f3e2e95e2aff3abd95dfa0dbc59077e34
4a388e0dd164b360a5875d82d343de2f9429e7f0d0c8b7351ab87d8e5ec5c663

HTTP Headers

GET /gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347731_840921&as=K2G7UDD6t6jbbO52EKSyrQ&hl=en_US HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 15:15:42 GMT
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
content-security-policy: script-src 'nonce-K4LitZKXncE8KcxjX4xPUw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=K2G7UDD6t6jbbO52EKSyrQ

173.194.73.84

200 OK

40 B

URL GET HTTP/2
accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=K2G7UDD6t6jbbO52EKSyrQ
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
31ae39ba3f755da281ed7f56c4340b06
3597dd9f53ae7bdefb78848934357173bf3ed2ca
5faf88b688685f259ed0f27ef7357c6474bd80f627fe8886a989ca3b3ecb4ee9

HTTP Headers

GET /gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=K2G7UDD6t6jbbO52EKSyrQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 15:15:42 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: script-src 'nonce-FA0IT-dclWe8v4Lwo-4O1g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=K2G7UDD6t6jbbO52EKSyrQ

173.194.73.84

200 OK

40 B

URL GET HTTP/2
accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=K2G7UDD6t6jbbO52EKSyrQ
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
31ae39ba3f755da281ed7f56c4340b06
3597dd9f53ae7bdefb78848934357173bf3ed2ca
5faf88b688685f259ed0f27ef7357c6474bd80f627fe8886a989ca3b3ecb4ee9

HTTP Headers

GET /gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=K2G7UDD6t6jbbO52EKSyrQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 15:15:42 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-security-policy: script-src 'nonce-6b6wz7nWu4yBEfhReNf9nA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ

173.194.73.84

200 OK

116 kB

URL GET HTTP/2
accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ
IP
173.194.73.84:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQGPVnTn1bZUGgAAAYw6jJFg38nR2-kCVLfeXVRO-jr3JI9yG2LftScMIfJZvLIamS6OprFtQ6MCvsFUw6AUNzOjujIR9qagyLhHskCuTFwI-5JH4nZPqVHFtbqIYoZqTCkx6js=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Firina-sky-homes
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7754)
Size
116 kB (115720 bytes)
Hash
9e3d15fcb240616ebab9c0026763de08
27d46530b8214da94508ef46cb8bd49a56c50c64
f5116d773425a4b6c4afcd2f7cccc1c0172bf2c370c1b8d6c3bee5e6c5989a6c

HTTP Headers

GET /gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_347745_266668&as=K2G7UDD6t6jbbO52EKSyrQ HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 15:15:42 GMT
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-4ed9mxCubFDW-tq1CxKODQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by