Report - sl.crehana.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz

Report Overview

Visited public
2023-12-05 12:59:37
Tags
linkedin microsoft phishing
URL
sl.crehana.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz
Finishing URL
www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
IP / ASN
54.167.46.12
#14618 AMAZON-AES
Title
Sign In | LinkedIn
Phishing - LinkedIn

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
sl.crehana.com	unknown	2015-03-06	2022-04-12 14:58:53	2023-08-28 02:29:28	613 B	523 B	52.86.157.11
app.salesloft.com	37350	2005-11-21	2018-05-28 08:27:11	2023-12-05 08:58:42	616 B	1.2 kB	52.29.209.52
ps.azurewaf.microsoft.com	unknown	1991-05-02	2022-06-29 13:12:32	2023-12-05 07:41:38	1.2 kB	1.4 kB	13.107.246.53
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-12-05 09:21:53	1.3 kB	118 kB	64.233.161.84
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-12-05 06:14:20	2.1 kB	113 kB	142.250.74.3
play.google.com	34	1997-09-15	2013-05-31 01:24:35	2023-12-05 11:25:49	2.2 kB	3.2 kB	142.250.74.14
linkedin.com	163	2002-11-02	2012-05-31 03:47:53	2023-12-03 06:03:46	409 B	378 B	13.107.42.14
www.linkedin.com	608	2002-11-02	2015-06-18 18:10:03	2023-12-05 05:24:07	22 kB	43 kB	13.107.42.14
static.licdn.com	12070	2011-02-24	2012-10-18 10:55:00	2023-12-05 07:32:29	10 kB	524 kB	23.36.76.210
platform.linkedin.com	3785	2002-11-02	2012-05-21 15:08:59	2023-12-05 07:32:30	968 B	7.8 kB	23.36.76.210

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz	ScriptElement	392 B	2023-03-07	2025-05-11
Pretty URL www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz IP 13.107.42.14 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-05-11 09:10 Times Seen6911 Hash e0a4dd818cea4496e55b30782ebd8da5 cf5eba9f6f20b2fa835908cf62af6f6b5bf62e8f 0dab6c146a09f20164cf3c68e3b3aeefa599fb74013ce407b41bbda7d6f70e10 Loading...

	static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p	ScriptElement	184 kB	2023-09-23	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 08:16 Last Seen2024-08-21 05:59 Times Seen498 Hash b3c0efe5673863cd5d15d9327956e521 0f2f2b7c426d53e19a41952881a50aa53cf4b2be 5a17a1bdee75a16150f30746c04708e2757f4f678582aca4ed892a4e4a81e52c Loading...

	platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701780900000	ScriptElement	21 kB	2023-03-13	2024-08-21
Pretty URL platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701780900000 IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:46 Last Seen2024-08-21 09:38 Times Seen184 Hash 0c2b8986d74a36a37dc8e3201286c08e bbce2e43ca1c0971183de4c124b52505a71dd385 2d6c8342e9f1b0d7aeab334afbb5b66f07c2fe525d94c1dcf98a88b395c0afbb Loading...

	accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.pqh5vAPlhH0.O/am=AFDA/d=1/rs=AF0KOtWhYqtbvFRUodzBjxojwRkGSO6WZA/m=credential_button_library	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.pqh5vAPlhH0.O/am=AFDA/d=1/rs=AF0KOtWhYqtbvFRUodzBjxojwRkGSO6WZA/m=credential_button_library IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 09:04 Last Seen2024-08-20 16:43 Times Seen27 Hash 51ea9d4abbf61da8a870701485a5f8b7 471805fdd326212c71fb3303bac1b2a7a306ba3d 3a1836d4ec08bd885a2670066ad512adde8c76f94b0b4760af9f95fa7d6f5187 Loading...

	accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167494_553560&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167494_553560&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg IP 64.233.161.84 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-05 09:04 Last Seen2024-08-20 16:43 Times Seen27 Hash 2fa2b1a2da8af4128da02f0fabb479a2 919e578f0da7076c9cb1c2fd29d382288cfae681 374fd3792f5dde54ca6a127c0c49f51bb93a40650543e039380c69fb28c9845a Loading...

	static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il	ScriptElement	642 kB	2023-09-27	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-27 21:15 Last Seen2024-08-21 05:39 Times Seen170 Hash 9d5628f5a019ba604b667f3748c9e9ed 73ddd5bd7f58a51336e8e7eb8d2f21ab8d29749e 096e768ea8f1c91f85ddb295d6c713c3effacbabe098e3da7e3ded75cfa83617 Loading...

	static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj	ScriptElement	186 kB	2023-03-07	2025-03-29
Pretty URL static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41 Last Seen2025-03-29 17:55 Times Seen4449 Hash 7554ae17c5023ecc6d0ffc1e8775bc2f 37b39540102e29993f710047ed89bbe3b47a3a2b 6101eea4239ded7503b74732d078de0de0e31d9465de3876b1641802dd299200 Loading...

	static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m	ScriptElement	66 kB	2023-09-16	2025-05-11
Pretty URL static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 06:43 Last Seen2025-05-11 09:10 Times Seen5425 Hash 876f2fa2944feee72451e3a690d1985e d30f9cd73ba3bdda113f2e4a2513938fdd90c460 3aea2efa28a6c1ce964301fc7264ac01a38b63d2b98f65f53e3877157249ec0c Loading...

	accounts.google.com/_/gsi/_/js/k=gsi.gsi.en_US.l0gW8cfNiGI.O/am=AFCA/d=1/rs=AF0KOtUvd_mdMjORi1qJhR-dbm4LFQVGQg/m=credential_button_library	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/_/gsi/_/js/k=gsi.gsi.en_US.l0gW8cfNiGI.O/am=AFCA/d=1/rs=AF0KOtUvd_mdMjORi1qJhR-dbm4LFQVGQg/m=credential_button_library IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-12-05 00:18 Last Seen2024-08-20 16:45 Times Seen53 Hash 9334fbc8b32233fa291834a3a84ccb7a 0c2e96f450c895f3031a0e31932402aae2381951 e51581cb944e0c007fcf8fca56aaa20152af6122d5a919d4c9f827812b8296c8 Loading...

	accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US	ScriptElement	107 kB	2023-12-05	2024-08-20
Pretty URL accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML true Observations First Seen2023-12-05 00:18 Last Seen2024-08-20 16:45 Times Seen53 Hash be123e418f0f5e27f797df84ff3fd68b c3635f4c2eb37e565959b95489f26af5fa4f4aec 4c9879f4e913e147e1227d4d22374d8f225e5145d0b2f6ace8c6025c5543b850 Loading...

	static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb	ScriptElement	418 kB	2023-09-27	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-27 21:15 Last Seen2024-08-21 05:39 Times Seen396 Hash 0b6a062b68f25755076f86c407cef6df e29e9527b66b1120140386cec385535f8e8be11c 9ca15b7249c35cab4b88522b3b6c2687d3e27b07bb6b46cbb704840b5507a32e Loading...

HTTP Transactions (52)

URL IP Response Size

sl.crehana.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz

52.86.157.11

145 B

URL
sl.crehana.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz
IP
52.86.157.11:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
145 B (145 bytes)
Hash
d54a71f1b5258aa41d2f0cbde1783a21
d8cde34c38b2aceee874d46a70ef4b24143f4b9c
6c3049dd674ba0164d46ba2520a736090c28a5e4e29e1dc306aa903070626902

HTTP Headers

GET /t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz HTTP/1.1
Host: sl.crehana.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 12:59:18 GMT
content-type: text/html
content-length: 145
location: https://app.salesloft.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz
strict-transport-security: max-age=31536000; includeSubDomains
x-robots-tag: noindex
X-Firefox-Spdy: h2

linkedin.com/in/thiagojcruz

13.107.42.14

0 B

URL
linkedin.com/in/thiagojcruz
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /in/thiagojcruz HTTP/1.1
Host: linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 301 Moved Permanently
Location: https://www.linkedin.com/in/thiagojcruz
X-Li-Fabric: prod-lva1
X-Li-Pop: afd-prod-lva1-x
X-Li-Proto: http/1.1
X-LI-UUID: AAYLws14VHEB+kahGY4Wdg==
X-Cache: CONFIG_NOCACHE
X-MSEdge-Ref: Ref A: DBA8F7448ED6444E805E8C9427A5F4C4 Ref B: OSL30EDGE0221 Ref C: 2023-12-05T12:59:18Z
Date: Tue, 05 Dec 2023 12:59:18 GMT
Content-Length: 0

www.linkedin.com/in/thiagojcruz

13.107.42.14

1.5 kB

URL
www.linkedin.com/in/thiagojcruz
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.5 kB (1530 bytes)
Hash
895d2a337cecd4bf36e6ff9a7e669a63
9176c614fa5aca9af6ceba4996cc9128842803f7
644031a68bde879af85bcc9cb3e6fa1e9a6b0f61d49307581974b5dbc09d3de8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /in/thiagojcruz HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 999 No Reason Phrase
cache-control: no-cache, no-store
pragma: no-cache
content-length: 1530
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; Domain=.linkedin.com; Expires=Wed, 04-Dec-2024 12:59:19 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; Domain=.www.linkedin.com; Expires=Wed, 04-Dec-2024 12:59:19 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; Domain=.linkedin.com; Expires=Sun, 02 Jun 2024 12:59:19 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; Expires=Wed, 06 Dec 2023 12:59:19 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
trkCode=gf; Max-Age=5
trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=; Max-Age=5
rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; Max-Age=120; path=/; domain=.linkedin.com
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws17T3cbGXf4v7CZyQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D9CFDBAD6C834D3983B558FAD9F206F3 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:19Z
date: Tue, 05 Dec 2023 12:59:19 GMT
X-Firefox-Spdy: h2

www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz

13.107.42.14

200 OK

9.6 kB

URL User Request GET HTTP/2
www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (948)
Size
9.6 kB (9562 bytes)
Hash
0fe320abfdfcf89219d0f183a94e95cb
e08e7ff325337a1394c913e459cdc3f2154fb846
9dd6b0e6737d5685b938b426c1b7e4612ec6dc9fe7cbc88d56fbfc103e478ccf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/in/thiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 9562
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; Max-Age=604800; Expires=Tue, 12 Dec 2023 12:59:20 GMT; Path=/
JSESSIONID=ajax:6539179455341854552; SameSite=None; Path=/; Domain=.www.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure
bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 12:59:20 GMT; SameSite=None
bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 12:59:20 GMT; HttpOnly; SameSite=None
x-fs-uuid: 00060bc2cd8abeda77493920f29fcdc3
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=grl
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2Kvtp3STkg8p/Nww==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 2752B84E33C5406D8BF5DD6A0C52D805 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:20Z
date: Tue, 05 Dec 2023 12:59:20 GMT
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb

23.36.76.210

200 OK

163 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
Unicode text, UTF-8 text, with very long lines (65410)
Size
163 kB (162690 bytes)
Hash
f53d1414b284b02a02492474d290c2ab
deff771ca98203f92a9c48c222415799109fbe8b
3d804057766724cf9ed925b01f7331a1d7f7ff0a313d5bd227cabc8dd039b808

HTTP Headers

GET /aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:42 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 417634
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:24 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.003357283; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f726b22f73e13c58f8d6ae9105
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9yayL3PhPFj41q6RBQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:20 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1

23.36.76.210

903 B

URL
static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (355)
Size
903 B (903 bytes)
Hash
e1ebda90bd5ae40a05d2fbc7a7b4f9a1
564b16fb3ad295432b850ff58e7a19d30cc6fb22
870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49

HTTP Headers

GET /aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 07 Nov 2023 12:29:24 GMT
last-modified: Tue, 05 Apr 2022 02:04:43 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2435
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1724a9df478e170d12b4f591
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxckqd9HjhcNErT1kQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 903
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il

23.36.76.210

200 OK

196 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65466)
Size
196 kB (195450 bytes)
Hash
0b6b326a4a3d93dc2d38912985774a6a
479d684d5fab43d9df96879ab5946cc396160678
8bd761cb1fabba93de8c408751fb9d8e096a7d5dcf0bab96ab6463c6011766eb

HTTP Headers

GET /aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 641765
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:37 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002140204; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f7277b59b4624d42fd03d1d865
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9yd7WbRiTUL9A9HYZQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:20 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs

23.36.76.210

200 OK

391 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
391 B (391 bytes)
Hash
5fdb7b403b3a41faa26c73b1aaaf7668
c46a275d28b78b77460e42ba248317378a91b70e
55e3d046df49b2754cec5ecee990e526dbb272e70eb5bea625b4e68e64ce1715

HTTP Headers

GET /aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sun, 26 Nov 2023 05:57:08 GMT
last-modified: Tue, 05 Apr 2022 04:16:45 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 391
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df9765f67f6e76f97e7dc464a523
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfl2X2f252+X59xGSlIw==
content-length: 391
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

app.salesloft.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz

52.29.209.52

374 B

URL
app.salesloft.com/t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz
IP
52.29.209.52:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document, ASCII text
Size
374 B (374 bytes)
Hash
a23a6238ba33662d5f05a6996aecf56d
f129ad5a7ddec23826257c2d224b05e3195f4c74
ee0b64df694cec774442de0fa12f05321c250c9e246a17483f02a3bcbe4c9c42

HTTP Headers

GET /t/106128/c/3bd5698b-3d34-4eb8-bd37-fb1b3cedb746/NB2HI4B2F4XWY2LONNSWI2LOFZRW63JPNFXC65DINFQWO33KMNZHK6Q=/linkedin-com-in-thiagojcruz HTTP/1.1
Host: app.salesloft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Tue, 05 Dec 2023 12:59:18 GMT
content-type: text/html; charset=utf-8
location: http://linkedin.com/in/thiagojcruz
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
referrer-policy: strict-origin-when-cross-origin
cache-control: no-cache
content-security-policy-report-only: default-src 'self' https: blob: data:; img-src 'self' https: http:; frame-ancestors 'none'
x-request-id: 6737df55c0e71947c4e1fcac101933f8
x-runtime: 0.046475
vary: Origin
strict-transport-security: max-age=31536000; includeSubDomains
x-entry-cluster: k8s-euro-pop-1
x-entry-pop: eu-central-1
x-global-request-start: t=1701781158.942
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x

23.36.76.210

200 OK

478 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (315)
Size
478 B (478 bytes)
Hash
e5308429c09ca0ed28eacf843ff14c65
ea1a0d5985600fd0699ad59744a3dff23f211080
b5d878bd7b1fdeb60ae0ebe05f2481f550767043518b1d404be8951ab2738150

HTTP Headers

GET /aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sat, 25 Nov 2023 05:36:40 GMT
last-modified: Wed, 05 Oct 2022 02:00:26 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0012224495; STORAGE_IN_GB=0.0
x-fs-uuid: 000602269d4151b17fa559dfc3ace34d
x-li-fabric: prod-ltx1
x-content-type-options: nosniff
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYCJp1BUbF/pVnfw6zjTQ==
x-ambry-blob-size: 478
accept-ranges: bytes
content-length: 478
content-type: image/svg+xml
content-disposition: attachment
remote-cache-status: TCP_HIT
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc

23.36.76.210

200 OK

241 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
241 B (241 bytes)
Hash
583edc3d198b3a1117b1c92000728248
83d2af855c97c89b0c403d4db92e0a58a3d01601
98db6b44a8d0d3d6555c5cc022144921572e719b75b630f4dd8e2ffe4727afc8

HTTP Headers

GET /aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 20 Oct 2023 09:02:20 GMT
last-modified: Wed, 05 Oct 2022 01:59:24 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 241
accept-ranges: bytes
content-length: 241
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=9.8344666E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f664efdc410e9462df1d0620a25b
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX2ZO/cQQ6UYt8dBiCiWw==
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
accept-ranges: bytes
content-type: text/css
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0025373497; STORAGE_IN_GB=0.0
x-fs-uuid: 000608f5f31fd593e4e8506e93dcbe34
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYI9fMf1ZPk6FBuk9y+NA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 06:07:09 GMT
accept-ranges: bytes
content-type: image/x-icon
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=5.2640386E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f3a2b2d05186fe7b63ce618854f9
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXzorLQUYb+e2POYYhU+Q==
x-datastream-cache-status: 1
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8

23.36.76.210

1.2 kB

URL
static.licdn.com/aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603)
Size
1.2 kB (1157 bytes)
Hash
ecfa6f7d77da7dde7c2ad63721188fb8
3f30d694caf8ddbf98d4cd720cad7fe6705461de
a40ef94220192d445dcdd662392c4def2b31a5f305901fa4d5eb4a73f7ef9351

HTTP Headers

GET /aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Mon, 14 Aug 2023 20:09:16 GMT
last-modified: Fri, 13 May 2022 17:24:11 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 4
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005e02282b26136e2a1fe3954eae57d
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXgIoKyYTbiof45VOrlfQ==
x-ambry-blob-size: 2721
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 1157
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m

23.36.76.210

200 OK

21 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (21278 bytes)
Hash
876f2fa2944feee72451e3a690d1985e
d30f9cd73ba3bdda113f2e4a2513938fdd90c460
3aea2efa28a6c1ce964301fc7264ac01a38b63d2b98f65f53e3877157249ec0c

HTTP Headers

GET /aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Sep 2023 09:28:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 65933
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 15 Sep 2023 18:17:25 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.004344321; STORAGE_IN_GB=0.0
x-fs-uuid: 000604dcfd0f4865758bc0ffd2855550
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYE3P0PSGV1i8D/0oVVUA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 21278
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k

23.36.76.210

200 OK

47 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (47025 bytes)
Hash
facfa1db64e09af4a005481437a748e8
9e192980ccc256fa05df990157259602b45ea0bb
4ed60c0e01c28adeb42fd4d0bbfda8ae30d053fdf003c05964fc28739f6a1dee

HTTP Headers

GET /aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 354625
accept-ranges: bytes
content-type: text/css
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:25 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0010390973; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f726bb40ce2814de9b44537837
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9ya7QM4oFN6bRFN4Nw==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:20 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p

23.36.76.210

0 B

URL
static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 28 Sep 2023 07:59:31 GMT
last-modified: Wed, 20 Sep 2023 11:17:08 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 183701
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002256512; STORAGE_IN_GB=0.0
x-fs-uuid: 000605d9be00d81675e52bb91e09bc54
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF2b4A2BZ15Su5Hgm8VA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo

23.36.76.210

201 B

URL
static.licdn.com/aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
201 B (201 bytes)
Hash
daf7c1053e08e600e06c4115bf2181b4
452c1516e428c937762cac0842aec6fb3e48c84b
d960843fe85cfd71159433734acd16a8406bce0491bef7c4c361d6139168c64e

HTTP Headers

GET /aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 30 Nov 2023 05:56:47 GMT
last-modified: Tue, 05 Apr 2022 02:04:42 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
remote-cache-status: TCP_HIT
x-edgeconnect-midmile-rtt: 29
x-edgeconnect-origin-mex-latency: 139
x-datastream-midmile-rtt: 29
x-datastream-origin-mex-latency: 139
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 201
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1978c8cff3a2fb9c861bda08
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxl4yM/zovuchhvaCA==
content-length: 201
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 641765
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:37 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002140204; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f7277b59b4624d42fd03d1d865
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9yd7WbRiTUL9A9HYZQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 04:16:45 GMT
accept-ranges: bytes
content-length: 391
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=1.0387858E-4; STORAGE_IN_GB=0.0
x-fs-uuid: 0005fa770caed6fc918d3e22e571f707
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX6dwyu1vyRjT4i5XH3Bw==
x-datastream-cache-status: 1
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 08 Sep 2023 19:09:05 GMT
last-modified: Tue, 05 Apr 2022 06:06:04 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2958
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f17221e0e5c7bafd429f0ba5c
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxciHg5ce6/UKfC6XA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 1209
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1

23.36.76.210

0 B

URL
static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
IP
23.36.76.210:0
ASN
#20940 Akamai International B.V.

Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 02:04:43 GMT
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002340006; STORAGE_IN_GB=0.0
x-fs-uuid: 00060089a04089946d703755a40d0cb6
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYAiaBAiZRtcDdVpA0Mtg==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 06:12:23 GMT
accept-ranges: bytes
content-length: 274
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=1.0162998E-4; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f32c58ed11d3167eaaaab139abda
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXzLFjtEdMWfqqqsTmr2g==
x-datastream-cache-status: 1
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 07:00:01 GMT
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=5.327519E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f89dda3f6f6a2b91081bc879c8b0
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX4ndo/b2orkQgbyHnIsA==
x-datastream-cache-status: 1
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sat, 25 Nov 2023 05:36:40 GMT
last-modified: Wed, 05 Oct 2022 02:00:26 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0012224495; STORAGE_IN_GB=0.0
x-fs-uuid: 000602269d4151b17fa559dfc3ace34d
x-li-fabric: prod-ltx1
x-content-type-options: nosniff
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYCJp1BUbF/pVnfw6zjTQ==
x-ambry-blob-size: 478
accept-ranges: bytes
content-length: 478
content-type: image/svg+xml
content-disposition: attachment
remote-cache-status: TCP_HIT
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 20 Oct 2023 09:02:20 GMT
last-modified: Wed, 05 Oct 2022 01:59:24 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 241
accept-ranges: bytes
content-length: 241
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=9.8344666E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f664efdc410e9462df1d0620a25b
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX2ZO/cQQ6UYt8dBiCiWw==
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701780900000

23.36.76.210

200 OK

7.3 kB

URL GET HTTP/2
platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701780900000
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectplatform.linkedin.com
Fingerprint4B:93:3D:B1:BC:00:2B:2E:AE:1F:AE:FD:0C:60:BD:19:AB:04:FE:CC
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20936), with no line terminators
Size
7.3 kB (7270 bytes)
Hash
0c2b8986d74a36a37dc8e3201286c08e
bbce2e43ca1c0971183de4c124b52505a71dd385
2d6c8342e9f1b0d7aeab334afbb5b66f07c2fe525d94c1dcf98a88b395c0afbb

HTTP Headers

GET /litms/utag/seo-directory-frontend/utag.js?cb=1701780900000 HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; lang=v=2&lang=en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "cee190e89e6dafbbe2da48b93918d4e29d74af44"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Sat, 02 Dec 2023 16:52:02 GMT
content-encoding: gzip
content-length: 7270
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-lor1
x-content-type-options: nosniff
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
x-li-uuid: AAYLwrn+60QWcFjIOs5HTA==
date: Tue, 05 Dec 2023 12:59:21 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/cookie-consent/

13.107.42.14

0 B

URL
www.linkedin.com/cookie-consent/
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /cookie-consent/ HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 74
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; Max-Age=15552000; Expires=Sun, 02 Jun 2024 12:59:21 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 12:59:21 GMT; SameSite=None
bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 12:59:21 GMT; HttpOnly; SameSite=None
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2dIrBKL3BW6+9xDA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 34D3E11FB943491480B882DFBC1D35B7 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:21Z
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 13108
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2dc+bD8I3nkq3QZQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5378566CDA9C402589F41F2E9C93A17B Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:21Z
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/litms/api/metadata/user

13.107.42.14

226 B

URL
www.linkedin.com/litms/api/metadata/user
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (345), with no line terminators
Size
226 B (226 bytes)
Hash
ccb8e9f87744d3b614cadf7b951ae5ea
da1e0528d0b7377a965b569dae93a8ea0e8dbacb
6b6676ca025aaa38464ebd3b1a6c642e3d7feef94b66595fa183f0d76da5f222

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /litms/api/metadata/user HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 226
content-type: application/json
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2dVsL9EX9hafd5/g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 1D158877655E4D3BB9EDFDC7FA04B324 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:21Z
date: Tue, 05 Dec 2023 12:59:21 GMT
X-Firefox-Spdy: h2

www.linkedin.com/aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb

13.107.42.14

5.0 kB

URL
www.linkedin.com/aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (523)
Size
5.0 kB (5039 bytes)
Hash
c9af861b3945afc33b17cd522ca638ef
c599f4dcba079461272503b0b1c64e81a9263d4c
30594a90dd8a6944015a199be410d7f6810ba106a7d57d42f740c0da46a70865

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTswOzE3MDE3ODExNTk7MjswMjE2oyq/gJBtj9kn+/d80Idr7xZtZzzTaVUtk0P/2Eq2pQ==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 5039
content-type: text/javascript
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Fri, 14 Oct 2022 06:29:29 GMT
accept-ranges: bytes
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 5039
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=9.2902046E-4; STORAGE_IN_GB=0.0
strict-transport-security: max-age=31536000
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2dd0d4IksfhoZZKA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5B4BFFF216BE4557B49EDBD50F8DA7AB Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:21Z
date: Tue, 05 Dec 2023 12:59:21 GMT
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj

23.36.76.210

200 OK

72 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (1354)
Size
72 kB (72235 bytes)
Hash
7554ae17c5023ecc6d0ffc1e8775bc2f
37b39540102e29993f710047ed89bbe3b47a3a2b
6101eea4239ded7503b74732d078de0de0e31d9465de3876b1641802dd299200

HTTP Headers

GET /aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 07:00:01 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 186380
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Wed, 12 Apr 2023 21:52:54 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=5.0265724E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f89dd07916e574a1271ededefff5
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX4ndB5FuV0oSce3t7/9Q==
remote-cache-status: TCP_HIT, TCP_HIT, TCP_HIT
x-datastream-cache-status: 1
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:21 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/platform-telemetry/li/collect

13.107.42.14

0 B

URL
www.linkedin.com/platform-telemetry/li/collect
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /platform-telemetry/li/collect HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 1904
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==; Max-Age=604800; Expires=Tue, 12 Dec 2023 12:59:21 GMT; SameSite=None; Path=/; Secure
bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 12:59:21 GMT; SameSite=None
bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 04-Dec-2024 12:59:21 GMT; HttpOnly; SameSite=None
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2gvySB4+BiCpd1hA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 28B09F3219184448B8D48BED7AB299CC Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:21Z
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 0
X-Firefox-Spdy: h2

ps.azurewaf.microsoft.com/event?correlationId=a741a491-a13f-4f3a-85eb-84962c3d6cbb&type=ping

13.107.246.53

0 B

URL
ps.azurewaf.microsoft.com/event?correlationId=a741a491-a13f-4f3a-85eb-84962c3d6cbb&type=ping
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event?correlationId=a741a491-a13f-4f3a-85eb-84962c3d6cbb&type=ping HTTP/1.1
Host: ps.azurewaf.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
set-cookie: TiPMix=36.93683668597896; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qR5vZQAAAABECUH62jNJQZ7SMEypjSoZU1ZHMjBFREdFMDUyMgAzNmQyZWNiZi02MGQwLTQ5YWUtOWEyNy02YmZhOGI1MGU0OGQ=
date: Tue, 05 Dec 2023 12:59:21 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

142.250.74.3

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Size
27 kB (27431 bytes)
Hash
9ecc1a07aa9e5e87f04d31b49ca09897
a030a565d2168e505861d6f1de260dc1adf8b77b
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 487349
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

142.250.74.3

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Size
27 kB (27431 bytes)
Hash
9ecc1a07aa9e5e87f04d31b49ca09897
a030a565d2168e505861d6f1de260dc1adf8b77b
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 29 Nov 2023 21:36:53 GMT
expires: Thu, 28 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 487349
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf

142.250.74.3

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Size
27 kB (27191 bytes)
Hash
20f7180ebc95ade510a7fbd4cbdc35b6
6cfc5afa73095577a20461de09d2a8f4b34d80e0
8087cf253743d85d9153ba12ce624c2e460e966c40a61928b3a036a2d452f45a

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:18:29 GMT
expires: Tue, 03 Dec 2024 23:18:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 49253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf

142.250.74.3

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
142.250.74.3:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Size
27 kB (27191 bytes)
Hash
20f7180ebc95ade510a7fbd4cbdc35b6
6cfc5afa73095577a20461de09d2a8f4b34d80e0
8087cf253743d85d9153ba12ce624c2e460e966c40a61928b3a036a2d452f45a

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 04 Dec 2023 23:18:29 GMT
expires: Tue, 03 Dec 2024 23:18:29 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
vary: Accept-Encoding
age: 49253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ps.azurewaf.microsoft.com/event?correlationId=a741a491-a13f-4f3a-85eb-84962c3d6cbb&type=ping

13.107.246.53

0 B

URL
ps.azurewaf.microsoft.com/event?correlationId=a741a491-a13f-4f3a-85eb-84962c3d6cbb&type=ping
IP
13.107.246.53:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?correlationId=a741a491-a13f-4f3a-85eb-84962c3d6cbb&type=ping HTTP/1.1
Host: ps.azurewaf.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1707
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
set-cookie: TiPMix=61.21298829926106; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
access-control-allow-origin: *
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0qh5vZQAAAAAXPdY2iVkLRowZwCa43M9qU1ZHMjBFREdFMDUyMgAzNmQyZWNiZi02MGQwLTQ5YWUtOWEyNy02YmZhOGI1MGU0OGQ=
date: Tue, 05 Dec 2023 12:59:21 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 22110
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws2sCgZFvW/kmAhpPg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A33B8D694A394FC7BA6B7D01B2C4E949 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:22Z
date: Tue, 05 Dec 2023 12:59:22 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1012
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws27H45YwlSjb2SYaA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C205F9EBD3F74B6D882F3877ABD81972 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:23Z
date: Tue, 05 Dec 2023 12:59:23 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1012
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws3Zp/ZeF44Tcw8EwA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5F9D16A3EED946D380C488718B3248D2 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:25Z
date: Tue, 05 Dec 2023 12:59:25 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1012
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws34JquXBsv52mQyPw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4D14DC0F7A7F413FADE9634680436E8E Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:27Z
date: Tue, 05 Dec 2023 12:59:27 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1012
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws4WtzkHauXY3SS99w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 3F08B99359F745F3A936C099BE074FC1 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:29Z
date: Tue, 05 Dec 2023 12:59:29 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1012
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws41NSnKXyn+f0hqQQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4F47DED5491D48AD958616333D3C5B52 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:31Z
date: Tue, 05 Dec 2023 12:59:31 GMT
content-length: 0
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.14

0 B

URL OPTIONS
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.14:0
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 05 Dec 2023 12:59:32 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+678; expires=Thu, 04-Dec-2025 12:59:32 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 12:59:32 GMT
cache-control: private
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.14

0 B

URL OPTIONS
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.14:0
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 05 Dec 2023 12:59:32 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+098; expires=Thu, 04-Dec-2025 12:59:32 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 12:59:32 GMT
cache-control: private
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.14

131 B

URL OPTIONS
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.14:0
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 454
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:32 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+183; expires=Thu, 04-Dec-2025 12:59:32 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 12:59:32 GMT
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.14

131 B

URL OPTIONS
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.14:0
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167485_70769&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 453
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 05 Dec 2023 12:59:32 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+034; expires=Thu, 04-Dec-2025 12:59:32 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Dec 2023 12:59:32 GMT
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1012
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Cookie: bcookie="v=2&838b79ba-cb15-44b8-8ed4-1f2159371b38"; bscookie="v=1&20231205125919c07139ce-952b-4996-88e5-145f8540ea14AQHGxuizL2wh8LhhL2wfUbk7U8Ve8NFj"; li_gc=MTs0MjsxNzAxNzgxMTYxOzI7MDIxT6IU8zQ7Ma/qhOnCFJl6yc/VrTp01xfd2Mp8ekO8uyo=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2661:u=1:x=1:i=1701781159:t=1701867559:v=2:sig=AQGSf3fp5QCe2TYzNI9uYC1CsXR04Dds"; rtc=AQHg_1LZARluaQAAAYw6D7xYGhmrl1ird676-9GwjA27K5MsNUIsM5fVy3_gNI7duMNoHbwVoN_uElh1jjNgIIfUOGmkX0PuBT9BJ1pA67aN4xPGaovdAWpyds3mlDq2fo_iNRnquVrJ3Po0h6SmElkoILS8SPI8S_dtICgGp65Kch15Nvb5bLOvUi9XWmVNU5FGlW1GwLX4R0GIgR1X1ri26xo=; fid=AQG8ySwkk8bXCwAAAYw6D8FpXlOcPnRbS848VJxeuPTISFNm0TKEzNfcIgLCjTj01JzJuXi-0vbWdA; JSESSIONID=ajax:6539179455341854552; lang=v=2&lang=en-us; li_alerts=e30=; fcookie=AQFpPz5xo-0fBAAAAYw6D8cV1ljJZFwqjNlhliXns-ndeNKjQpsUmqAXVFA4vtXUXJOA8ied82mKCL9yDzmWI8973l8ELvhmzoWG2Sj3TkYTYSIEpNLPEe26RshQa6tYBSyZuebsoCODF5HnNpZ0frkS3eqDibaSr0IEgC8s6ZeTB8MMSYgwXCtn99qT3KZcRSHwdy2nEwTwNQskFfTtFO123L27QHGiM4XnDokXgBb6EgKk0L5x6KzkMwX/dfLwVN6CkTY3bhhtHYJrHgnqOHSd3RTz616AerfLyjw/aRKJ3qFtuZV0gUlCq5zGoDKv+/lsI5eQZvDbFlLg==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLws5ULRWsrvvTZiIUrg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 94F342C9CE26497FB91AD20E7F802129 Ref B: OSL30EDGE0207 Ref C: 2023-12-05T12:59:33Z
date: Tue, 05 Dec 2023 12:59:33 GMT
content-length: 0
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg

64.233.161.84

200 OK

40 B

URL GET HTTP/2
accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
eec0ec6d6221d975b934921515a6a56d
1f3dbcfcf5bb458f9f1e17446e654a3127087c59
c4aeb354a2fcb9ea2a850a8040b8567c23dafa85ede52f258d82a0882b55bfbf

HTTP Headers

GET /gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 12:59:21 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-YLEJslu77jcp0fo5W5wWmw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167494_553560&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg

64.233.161.84

200 OK

116 kB

URL GET HTTP/2
accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167494_553560&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg
IP
64.233.161.84:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=gf&trkInfo=AQFszE3Wg9ohpgAAAYw6D7xYw5dCqv2j1X6fYM4OkPYSxa0ATBMWC3GGzzzeoK-FLOAa-TF_0SIVniyUkPc9yrgGzp8mbYo0b-R1LQc0w_AA0H8j5X2w157r04BeuelbFvPV8GE=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fin%2Fthiagojcruz
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
FingerprintF3:FB:54:1B:21:E9:69:01:41:02:BB:D0:97:A2:BA:45:72:5A:71:D8
ValidityMon, 20 Nov 2023 08:09:49 GMT - Mon, 12 Feb 2024 08:09:48 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7754)
Size
116 kB (115752 bytes)
Hash
8bf32aaca6550a8d5aaa6d38c9599273
229e139c6a53344680eb1ad686a7ebf1c9e54b2f
0a7d713f7f9c622dbed081bb2e03a4224b8b0f1ddec6401a98771407a6a7907a

HTTP Headers

GET /gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_167494_553560&as=%2F%2BkTe%2FtHeAtxsb%2FngjEEWg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 05 Dec 2023 12:59:21 GMT
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-spE8z0E0FN2lNA6gjmgJbQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by