Report - dqwr-zgph.maillist-manage.net/click/1a150ea11ccb93d9/1a150ea11ccb62e1

Report Overview

Visited public
2023-11-28 17:12:52
Tags
linkedin microsoft phishing
URL
dqwr-zgph.maillist-manage.net/click/1a150ea11ccb93d9/1a150ea11ccb62e1
Finishing URL
www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
IP / ASN
136.143.182.68
#2639 ZOHO-AS
Title
Sign In | LinkedIn
Phishing - LinkedIn

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
play.google.com	34	1997-09-15	2013-05-31 01:24:35	2023-11-28 09:51:03	2.2 kB	3.2 kB	142.250.74.78
accounts.google.com	81	1997-09-15	2016-03-20 13:44:49	2023-11-28 08:10:31	2.7 kB	236 kB	142.250.74.45
dqwr-zgph.maillist-manage.net	unknown	unknown	No data	No data	535 B	712 B	136.143.182.68
www.linkedin.com	608	2002-11-02	2015-06-18 18:10:03	2023-11-27 18:12:09	26 kB	44 kB	13.107.42.14
static.licdn.com	12070	2011-02-24	2012-10-18 10:55:00	2023-11-27 18:18:02	11 kB	153 kB	23.36.76.210
platform.linkedin.com	3785	2002-11-02	2012-05-21 15:08:59	2023-11-27 18:13:10	984 B	7.8 kB	23.36.76.121
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2023-11-28 07:50:39	2.1 kB	113 kB	216.58.207.227
ps.azurewaf.microsoft.com	unknown	1991-05-02	2022-06-29 13:12:32	2023-11-28 05:27:40	1.2 kB	1.4 kB	13.107.213.53

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (11)

	URL	From	Size	First Seen	Last Seen
	www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies	ScriptElement	392 B	2023-03-07	2025-05-11
Pretty URL www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies IP 13.107.42.14 ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-07 12:05 Last Seen2025-05-11 09:10 Times Seen6911 Hash e0a4dd818cea4496e55b30782ebd8da5 cf5eba9f6f20b2fa835908cf62af6f6b5bf62e8f 0dab6c146a09f20164cf3c68e3b3aeefa599fb74013ce407b41bbda7d6f70e10 Loading...

	static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj	ScriptElement	186 kB	2023-03-07	2025-03-29
Pretty URL static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:41 Last Seen2025-03-29 17:55 Times Seen4449 Hash 7554ae17c5023ecc6d0ffc1e8775bc2f 37b39540102e29993f710047ed89bbe3b47a3a2b 6101eea4239ded7503b74732d078de0de0e31d9465de3876b1641802dd299200 Loading...

	platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701191400000	ScriptElement	21 kB	2023-03-13	2024-08-21
Pretty URL platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701191400000 IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:46 Last Seen2024-08-21 09:38 Times Seen184 Hash 0c2b8986d74a36a37dc8e3201286c08e bbce2e43ca1c0971183de4c124b52505a71dd385 2d6c8342e9f1b0d7aeab334afbb5b66f07c2fe525d94c1dcf98a88b395c0afbb Loading...

	accounts.google.com/_/gsi/_/js/k=gsi.gsi.en_US.DP4wobnzwJg.O/am=ANAw/d=1/rs=AF0KOtU4PkWSPZ0fBJ57cv_G77L9t3tt3A/m=credential_button_library	ScriptElement	107 kB	2023-11-28	2024-08-20
Pretty URL accounts.google.com/_/gsi/_/js/k=gsi.gsi.en_US.DP4wobnzwJg.O/am=ANAw/d=1/rs=AF0KOtU4PkWSPZ0fBJ57cv_G77L9t3tt3A/m=credential_button_library IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-28 18:12 Last Seen2024-08-20 17:34 Times Seen2 Hash b35d04647a0df6d44b597184f7249f63 aec8f75ca47b5419cf9182278feda2bbe3a522a3 734ba72879b86b74efc3f134eb9a2c4fd64c8559b09004f63b8615969878bac5 Loading...

	accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.dgYN1Jdp8UA.O/am=AFAg/d=1/rs=AF0KOtXHrd4RXEW_EZTjk7OzMKDscgBHXQ/m=credential_button_library	ScriptElement	107 kB	2023-11-15	2024-08-20
Pretty URL accounts.google.com/_/gsi/_/js/k=gsi.gsi.no.dgYN1Jdp8UA.O/am=AFAg/d=1/rs=AF0KOtXHrd4RXEW_EZTjk7OzMKDscgBHXQ/m=credential_button_library IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-15 13:33 Last Seen2024-08-20 19:29 Times Seen88 Hash e691e25c47479030fdd5ad909fd9ee4c 7e35a07975c7b33eea34439d3cf8d943b83a26d8 ea7a0810a297f0fc7a1f2e48689535fc8d9f6fd0b3cf41ba7e220583e1cf6db9 Loading...

	static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb	ScriptElement	418 kB	2023-09-27	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-27 21:15 Last Seen2024-08-21 05:39 Times Seen396 Hash 0b6a062b68f25755076f86c407cef6df e29e9527b66b1120140386cec385535f8e8be11c 9ca15b7249c35cab4b88522b3b6c2687d3e27b07bb6b46cbb704840b5507a32e Loading...

	static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p	ScriptElement	184 kB	2023-09-23	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-23 08:16 Last Seen2024-08-21 05:59 Times Seen498 Hash b3c0efe5673863cd5d15d9327956e521 0f2f2b7c426d53e19a41952881a50aa53cf4b2be 5a17a1bdee75a16150f30746c04708e2757f4f678582aca4ed892a4e4a81e52c Loading...

	static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il	ScriptElement	642 kB	2023-09-27	2024-08-21
Pretty URL static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-27 21:15 Last Seen2024-08-21 05:39 Times Seen170 Hash 9d5628f5a019ba604b667f3748c9e9ed 73ddd5bd7f58a51336e8e7eb8d2f21ab8d29749e 096e768ea8f1c91f85ddb295d6c713c3effacbabe098e3da7e3ded75cfa83617 Loading...

	static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m	ScriptElement	66 kB	2023-09-16	2025-05-11
Pretty URL static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m IP 23.36.76.210 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-09-16 06:43 Last Seen2025-05-11 09:10 Times Seen5425 Hash 876f2fa2944feee72451e3a690d1985e d30f9cd73ba3bdda113f2e4a2513938fdd90c460 3aea2efa28a6c1ce964301fc7264ac01a38b63d2b98f65f53e3877157249ec0c Loading...

	accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US	ScriptElement	107 kB	2023-11-28	2024-08-20
Pretty URL accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US IP 142.250.74.45 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-28 18:12 Last Seen2024-08-20 17:34 Times Seen2 Hash c5f995b80e76037666957b66fe177128 ff74e29fa9604c410432e51ecc628fc8062f093a 699735e399fd8d8bf9dc8a9573276a828e4e7c7084efc3da54fc5f59060f5ace Loading...

	accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw	ScriptElement	107 kB	2023-11-15	2024-08-20
Pretty URL accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw IP 142.250.74.45 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML true Observations First Seen2023-11-15 13:33 Last Seen2024-08-20 19:29 Times Seen87 Hash 12a3c1a6c5127c30a3e0abcf228aa458 389d84e7df5ee1b857fe4de9d74e6c396737c2ff 40183129a78fc5d0df8df2701860638027eb61f2ab16e59802dccb0a5deb4722 Loading...

HTTP Transactions (54)

URL IP Response Size

dqwr-zgph.maillist-manage.net/click/1a150ea11ccb93d9/1a150ea11ccb62e1

136.143.182.68

0 B

URL
dqwr-zgph.maillist-manage.net/click/1a150ea11ccb93d9/1a150ea11ccb62e1
IP
136.143.182.68:0
ASN
#2639 ZOHO-AS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /click/1a150ea11ccb93d9/1a150ea11ccb62e1 HTTP/1.1
Host: dqwr-zgph.maillist-manage.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 
Server: ZGS
Date: Tue, 28 Nov 2023 17:12:31 GMT
Content-Length: 0
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Set-Cookie: c72887300d=9d1a5f7292c8b82de0f3a3dc8d23aea9; Path=/
ZCAMPAIGN_CSRF_TOKEN=3227462c-0917-42ea-b718-f4f36c954d36;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=3227462c-0917-42ea-b718-f4f36c954d36;path=/;SameSite=Strict;Secure;priority=high
Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
X-Frame-Options: SAMEORIGIN
Location: https://www.linkedin.com/company/incture-technologies/mycompany/?viewAsMember=true
Strict-Transport-Security: max-age=63072000

www.linkedin.com/company/incture-technologies/mycompany/?viewAsMember=true

13.107.42.14

0 B

URL
www.linkedin.com/company/incture-technologies/mycompany/?viewAsMember=true
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /company/incture-technologies/mycompany/?viewAsMember=true HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://www.linkedin.com/company/incture-technologies
set-cookie: JSESSIONID=ajax:8794285456474418153; Domain=.www.linkedin.com; Path=/; Secure; SameSite=None
lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; Domain=.linkedin.com; Expires=Wed, 27-Nov-2024 17:12:32 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; Domain=.www.linkedin.com; Expires=Wed, 27-Nov-2024 17:12:32 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; Domain=.linkedin.com; Expires=Sun, 26 May 2024 17:12:32 GMT; Path=/; Secure; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; Expires=Wed, 29 Nov 2023 17:12:32 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
x-li-fabric: prod-lor1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=gg
x-li-source-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAYLOYYoi5aXorAOlnP2Xw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 89EFD8F2458D47359FFB4D8B305866FA Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:32Z
date: Tue, 28 Nov 2023 17:12:32 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/company/incture-technologies

13.107.42.14

1.5 kB

URL
www.linkedin.com/company/incture-technologies
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
1.5 kB (1530 bytes)
Hash
895d2a337cecd4bf36e6ff9a7e669a63
9176c614fa5aca9af6ceba4996cc9128842803f7
644031a68bde879af85bcc9cb3e6fa1e9a6b0f61d49307581974b5dbc09d3de8

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /company/incture-technologies HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 999 No Reason Phrase
cache-control: no-cache, no-store
pragma: no-cache
content-length: 1530
content-type: text/html
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: trkCode=bf; Max-Age=5
trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=; Max-Age=5
rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; Max-Age=120; path=/; domain=.linkedin.com
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYYsdOwi4D8O5o50Wg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 45A2FD3CE1B74C1FB23FB1A58509482F Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:32Z
date: Tue, 28 Nov 2023 17:12:32 GMT
X-Firefox-Spdy: h2

www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies

13.107.42.14

200 OK

9.6 kB

URL User Request GET HTTP/2
www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (948)
Size
9.6 kB (9566 bytes)
Hash
fda4ccafdff425fb18d660d41cb51f58
f187d95bd02a8154f32f3349f8300c64e87a47b1
165cd27ccba10ba0c003d9db198e7b1a3f9ca670c8ebcc48e96dd84fb50b4868

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/company/incture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 9566
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; Max-Age=604800; Expires=Tue, 05 Dec 2023 17:12:32 GMT; Path=/
bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 27-Nov-2024 17:12:32 GMT; SameSite=None
bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 27-Nov-2024 17:12:32 GMT; HttpOnly; SameSite=None
x-fs-uuid: 00060b39863418167dbea00209143ca1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=grl
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYY0GBZ9vqACCRQ8oQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: CC23D844BE8744B292D3B3D9383756CB Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:32Z
date: Tue, 28 Nov 2023 17:12:32 GMT
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca

23.36.76.210

200 OK

1.4 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size
1.4 kB (1446 bytes)
Hash
b2ccd167c908a44e1dd69df79382286a
d9349f1bdcf3c1556cd77ae1f0029475596342aa
19b079c09197fba68d021fa3ba394ec91703909ffd237efa3eb9a2bca13148ec

HTTP Headers

GET /aero-v1/sc/h/al2o9zrvru7aqj8e1x2rzsrca HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Wed, 09 Aug 2023 10:22:33 GMT
last-modified: Tue, 05 Apr 2022 06:07:09 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 2
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 24838
accept-ranges: bytes
content-type: image/x-icon
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f12c8dbe4f5e00f472f082274
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxLI2+T14A9HLwgidA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 1446
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1

23.36.76.210

200 OK

903 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (355)
Size
903 B (903 bytes)
Hash
e1ebda90bd5ae40a05d2fbc7a7b4f9a1
564b16fb3ad295432b850ff58e7a19d30cc6fb22
870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49

HTTP Headers

GET /aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 07 Nov 2023 12:29:24 GMT
last-modified: Tue, 05 Apr 2022 02:04:43 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2435
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1724a9df478e170d12b4f591
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxckqd9HjhcNErT1kQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 903
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb

23.36.76.210

200 OK

1.2 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (664)
Size
1.2 kB (1209 bytes)
Hash
8e6f25f8189065407452b8b0c00426a3
7485d46647a459789f6e7319cfef6426a643244b
b9e0a92c496b900728000dbf48aa623a7eb0468c5814a8bf60c69d6cda05b149

HTTP Headers

GET /aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 08 Sep 2023 19:09:05 GMT
last-modified: Tue, 05 Apr 2022 06:06:04 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2958
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f17221e0e5c7bafd429f0ba5c
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxciHg5ce6/UKfC6XA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 1209
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs

23.36.76.210

200 OK

391 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
391 B (391 bytes)
Hash
5fdb7b403b3a41faa26c73b1aaaf7668
c46a275d28b78b77460e42ba248317378a91b70e
55e3d046df49b2754cec5ecee990e526dbb272e70eb5bea625b4e68e64ce1715

HTTP Headers

GET /aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Sun, 26 Nov 2023 05:57:08 GMT
last-modified: Tue, 05 Apr 2022 04:16:45 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 391
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df9765f67f6e76f97e7dc464a523
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfl2X2f252+X59xGSlIw==
content-length: 391
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2

23.36.76.210

200 OK

274 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
274 B (274 bytes)
Hash
07dfbaf5f85030efc27e4a012488e13a
b4e6ac4f3dcd094bd4d326b537960328200384f6
5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c

HTTP Headers

GET /aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 05 Oct 2023 07:40:10 GMT
last-modified: Tue, 05 Apr 2022 06:12:23 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 274
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df50329952323f6ad5485726632c
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfUDKZUjI/atVIVyZjLA==
content-length: 274
remote-cache-status: TCP_HIT
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x

23.36.76.210

200 OK

478 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (315)
Size
478 B (478 bytes)
Hash
e5308429c09ca0ed28eacf843ff14c65
ea1a0d5985600fd0699ad59744a3dff23f211080
b5d878bd7b1fdeb60ae0ebe05f2481f550767043518b1d404be8951ab2738150

HTTP Headers

GET /aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 24 Oct 2023 02:54:16 GMT
last-modified: Wed, 05 Oct 2022 02:00:26 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0012224495; STORAGE_IN_GB=0.0
x-fs-uuid: 000602269d4151b17fa559dfc3ace34d
x-li-fabric: prod-ltx1
x-content-type-options: nosniff
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYCJp1BUbF/pVnfw6zjTQ==
x-ambry-blob-size: 478
accept-ranges: bytes
content-length: 478
content-type: image/svg+xml
content-disposition: attachment
remote-cache-status: TCP_HIT
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p

23.36.76.210

200 OK

56 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Size
56 kB (55904 bytes)
Hash
c1c6343356ed401e3f07797f2d2b8263
80e2cbf8b75aae993d04b9af8f489ba08b5410a5
6150d7fac1f413e980bb0d9505707b9e00a6d3b1663ce5cc3ca043462a44a6e7

HTTP Headers

GET /aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 28 Sep 2023 07:59:31 GMT
last-modified: Wed, 20 Sep 2023 11:17:08 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 183701
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002256512; STORAGE_IN_GB=0.0
x-fs-uuid: 000605d9be00d81675e52bb91e09bc54
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF2b4A2BZ15Su5Hgm8VA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
accept-ranges: bytes
content-type: text/css
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0025373497; STORAGE_IN_GB=0.0
x-fs-uuid: 000608f5f31fd593e4e8506e93dcbe34
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYI9fMf1ZPk6FBuk9y+NA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k

23.36.76.210

200 OK

47 kB

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
47 kB (47025 bytes)
Hash
facfa1db64e09af4a005481437a748e8
9e192980ccc256fa05df990157259602b45ea0bb
4ed60c0e01c28adeb42fd4d0bbfda8ae30d053fdf003c05964fc28739f6a1dee

HTTP Headers

GET /aero-v1/sc/h/eujtb1vcrk214ujxju6c7aa5k HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 354625
accept-ranges: bytes
content-type: text/css
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:25 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0010390973; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f726bb40ce2814de9b44537837
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9ya7QM4oFN6bRFN4Nw==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/obrlaav59g6ii1bi1f00nkdb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:42 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 417634
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:24 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.003357283; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f726b22f73e13c58f8d6ae9105
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9yayL3PhPFj41q6RBQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/9bbuw1exqj19blmqn9zm4f9il HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Thu, 21 Sep 2023 23:15:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 641765
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 29 Sep 2023 18:55:37 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002140204; STORAGE_IN_GB=0.0
x-fs-uuid: 000605f7277b59b4624d42fd03d1d865
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF9yd7WbRiTUL9A9HYZQ==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/an3u8gpta43rgjny4tzujbn6p HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Thu, 28 Sep 2023 07:59:31 GMT
last-modified: Wed, 20 Sep 2023 11:17:08 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 183701
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002256512; STORAGE_IN_GB=0.0
x-fs-uuid: 000605d9be00d81675e52bb91e09bc54
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYF2b4A2BZ15Su5Hgm8VA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8

23.36.76.210

200 OK

1.2 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603)
Size
1.2 kB (1157 bytes)
Hash
ecfa6f7d77da7dde7c2ad63721188fb8
3f30d694caf8ddbf98d4cd720cad7fe6705461de
a40ef94220192d445dcdd662392c4def2b31a5f305901fa4d5eb4a73f7ef9351

HTTP Headers

GET /aero-v1/sc/h/e12h2cd8ac580qen9qdd0qks8 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Mon, 14 Aug 2023 20:09:16 GMT
last-modified: Fri, 13 May 2022 17:24:11 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 4
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005e02282b26136e2a1fe3954eae57d
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXgIoKyYTbiof45VOrlfQ==
x-ambry-blob-size: 2721
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 1157
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo

23.36.76.210

200 OK

201 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
201 B (201 bytes)
Hash
daf7c1053e08e600e06c4115bf2181b4
452c1516e428c937762cac0842aec6fb3e48c84b
d960843fe85cfd71159433734acd16a8406bce0491bef7c4c361d6139168c64e

HTTP Headers

GET /aero-v1/sc/h/cyolgscd0imw2ldqppkrb84vo HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Wed, 29 Nov 2023 15:18:43 GMT
last-modified: Tue, 05 Apr 2022 02:04:42 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
remote-cache-status: TCP_HIT
x-edgeconnect-midmile-rtt: 29
x-edgeconnect-origin-mex-latency: 139
x-datastream-midmile-rtt: 29
x-datastream-origin-mex-latency: 139
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 201
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f1978c8cff3a2fb9c861bda08
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxl4yM/zovuchhvaCA==
content-length: 201
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m

23.36.76.210

200 OK

21 kB

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type
ASCII text, with very long lines (65536), with no line terminators
Size
21 kB (21278 bytes)
Hash
876f2fa2944feee72451e3a690d1985e
d30f9cd73ba3bdda113f2e4a2513938fdd90c460
3aea2efa28a6c1ce964301fc7264ac01a38b63d2b98f65f53e3877157249ec0c

HTTP Headers

GET /aero-v1/sc/h/80ndnja80f2uvg4l8sj2su82m HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 08 Sep 2023 09:28:41 GMT
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 65933
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
expires: Fri, 15 Sep 2023 18:17:25 GMT
cache-control: max-age=604800, immutable
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.004344321; STORAGE_IN_GB=0.0
x-fs-uuid: 000604dcfd0f4865758bc0ffd2855550
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYE3P0PSGV1i8D/0oVVUA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 21278
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 02:04:43 GMT
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.002340006; STORAGE_IN_GB=0.0
x-fs-uuid: 00060089a04089946d703755a40d0cb6
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYAiaBAiZRtcDdVpA0Mtg==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 08 Sep 2023 19:09:05 GMT
last-modified: Tue, 05 Apr 2022 06:06:04 GMT
cache-control: max-age=604800, immutable
remote-cache-status: TCP_HIT
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 2958
accept-ranges: bytes
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: STORAGE_IN_GB=0.0
x-fs-uuid: 0005df4f17221e0e5c7bafd429f0ba5c
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXfTxciHg5ce6/UKfC6XA==
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 1209
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 04:16:45 GMT
accept-ranges: bytes
content-length: 391
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=1.0387858E-4; STORAGE_IN_GB=0.0
x-fs-uuid: 0005fa770caed6fc918d3e22e571f707
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX6dwyu1vyRjT4i5XH3Bw==
x-datastream-cache-status: 1
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2 HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Tue, 05 Apr 2022 06:12:23 GMT
accept-ranges: bytes
content-length: 274
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=1.0162998E-4; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f32c58ed11d3167eaaaab139abda
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXzLFjtEdMWfqqqsTmr2g==
x-datastream-cache-status: 1
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x

23.36.76.210

200 OK

0 B

URL GET HTTP/2
static.licdn.com/aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/dkgve44sisif1wgwp8ozaxu1x HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Tue, 24 Oct 2023 02:54:16 GMT
last-modified: Wed, 05 Oct 2022 02:00:26 GMT
cache-control: max-age=604800, immutable
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0012224495; STORAGE_IN_GB=0.0
x-fs-uuid: 000602269d4151b17fa559dfc3ace34d
x-li-fabric: prod-ltx1
x-content-type-options: nosniff
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAYCJp1BUbF/pVnfw6zjTQ==
x-ambry-blob-size: 478
accept-ranges: bytes
content-length: 478
content-type: image/svg+xml
content-disposition: attachment
remote-cache-status: TCP_HIT
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/582r9vsvwmiwa75ujfqps3ivc HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
expires: Fri, 20 Oct 2023 09:02:20 GMT
last-modified: Wed, 05 Oct 2022 01:59:24 GMT
cache-control: max-age=604800, immutable
x-datastream-cache-status: 1
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 241
accept-ranges: bytes
content-length: 241
content-type: image/svg+xml
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=9.8344666E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f664efdc410e9462df1d0620a25b
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX2ZO/cQQ6UYt8dBiCiWw==
date: Tue, 28 Nov 2023 17:12:33 GMT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj

23.36.76.210

200 OK

0 B

URL HEAD HTTP/2
static.licdn.com/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj
IP
23.36.76.210:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectstatic-exp1.licdn.com
FingerprintA4:83:15:AF:E8:24:5C:22:E6:8D:67:8F:10:52:F1:9D:B4:3A:90:23
ValidityFri, 17 Mar 2023 00:00:00 GMT - Tue, 19 Mar 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

HEAD /aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj HTTP/1.1
Host: static.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
last-modified: Fri, 14 Oct 2022 07:00:01 GMT
accept-ranges: bytes
content-type: text/javascript
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=5.327519E-5; STORAGE_IN_GB=0.0
x-fs-uuid: 0005f89dda3f6f6a2b91081bc879c8b0
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAX4ndo/b2orkQgbyHnIsA==
x-datastream-cache-status: 1
vary: Accept-Encoding
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 20
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701191400000

23.36.76.121

200 OK

7.3 kB

URL GET HTTP/2
platform.linkedin.com/litms/utag/seo-directory-frontend/utag.js?cb=1701191400000
IP
23.36.76.121:443
ASN
#20940 Akamai International B.V.

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectplatform.linkedin.com
Fingerprint4B:93:3D:B1:BC:00:2B:2E:AE:1F:AE:FD:0C:60:BD:19:AB:04:FE:CC
ValidityWed, 17 May 2023 00:00:00 GMT - Thu, 16 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (20936), with no line terminators
Size
7.3 kB (7270 bytes)
Hash
0c2b8986d74a36a37dc8e3201286c08e
bbce2e43ca1c0971183de4c124b52505a71dd385
2d6c8342e9f1b0d7aeab334afbb5b66f07c2fe525d94c1dcf98a88b395c0afbb

HTTP Headers

GET /litms/utag/seo-directory-frontend/utag.js?cb=1701191400000 HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Cookie: lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
etag: "db1f0755886135b07b01222911bc904b7e6fb19d"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Tue, 28 Nov 2023 00:48:52 GMT
content-encoding: gzip
content-length: 7270
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-lor1
x-content-type-options: nosniff
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
x-li-uuid: AAYLOX0sB6av7L/m8WsP4g==
date: Tue, 28 Nov 2023 17:12:33 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/cookie-consent/

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/cookie-consent/
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /cookie-consent/ HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 74
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; Max-Age=15552000; Expires=Sun, 26 May 2024 17:12:33 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 27-Nov-2024 17:12:33 GMT; SameSite=None
bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 27-Nov-2024 17:12:33 GMT; HttpOnly; SameSite=None
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZD4yI3GqgaZFdAJw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9CA673049B454858AD5244940DCA6A7D Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:33Z
date: Tue, 28 Nov 2023 17:12:33 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/litms/api/metadata/user

13.107.42.14

200 OK

226 B

URL GET HTTP/2
www.linkedin.com/litms/api/metadata/user
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
JSON data\012- , ASCII text, with very long lines (345), with no line terminators
Size
226 B (226 bytes)
Hash
ccb8e9f87744d3b614cadf7b951ae5ea
da1e0528d0b7377a965b569dae93a8ea0e8dbacb
6b6676ca025aaa38464ebd3b1a6c642e3d7feef94b66595fa183f0d76da5f222

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /litms/api/metadata/user HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 226
content-type: application/json
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZEMchfEPhwEEBZAw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4CADB532E6264424AE6B6821B707352F Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:33Z
date: Tue, 28 Nov 2023 17:12:33 GMT
X-Firefox-Spdy: h2

www.linkedin.com/platform-telemetry/li/collect

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/platform-telemetry/li/collect
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /platform-telemetry/li/collect HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 1934
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==; Max-Age=604800; Expires=Tue, 05 Dec 2023 17:12:34 GMT; SameSite=None; Path=/; Secure
bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; domain=.linkedin.com; Path=/; Secure; Expires=Wed, 27-Nov-2024 17:12:34 GMT; SameSite=None
bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; domain=.www.linkedin.com; Path=/; Secure; Expires=Wed, 27-Nov-2024 17:12:34 GMT; HttpOnly; SameSite=None
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZHy/9B1jKyQlz+Rw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 322FF9918F9545188231D12AC5D6CD5E Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:34Z
date: Tue, 28 Nov 2023 17:12:34 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb

13.107.42.14

200 OK

5.0 kB

URL GET HTTP/2
www.linkedin.com/aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type
ASCII text, with very long lines (523)
Size
5.0 kB (5039 bytes)
Hash
c9af861b3945afc33b17cd522ca638ef
c599f4dcba079461272503b0b1c64e81a9263d4c
30594a90dd8a6944015a199be410d7f6810ba106a7d57d42f740c0da46a70865

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

GET /aero-v1/sc/h/bxullzz73p3hhf78t6sj3w6pb HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 5039
content-type: text/javascript
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Fri, 14 Oct 2022 06:29:29 GMT
accept-ranges: bytes
x-ambry-target-account-name: aero
x-ambry-target-container-name: assets
x-ambry-blob-size: 5039
content-disposition: attachment
x-content-type-options: nosniff
x-ambry-request-cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
x-ambry-user-quota-warning: HEALTHY
x-ambry-user-quota-usage: READ_CAPACITY_UNIT=0.0023950986; STORAGE_IN_GB=0.0
strict-transport-security: max-age=31536000
x-frame-options: sameorigin
content-security-policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.microsoft.com *.adnxs.com; script-src 'report-sample' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-wy4DvlEW9PHPIGvQJW6Wv4woBSa/0LJHs8LHsBVVXCs=' 'sha256-065A0cJTDQ+hyKvufSL/flW02hIbgLndOINLRWux6To=' 'sha256-Ga5SLB8hPdWUE8Wb6LgZ05D9Z5vrdLAaPbDBW2m3BI8=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src 'self' www.youtube.com/embed/ www.youtube-nocookie.com/embed/ lnkd.demdex.net smartlock.google.com accounts.google.com player.vimeo.com *.linkedin.com www.slideshare.net *.megaphone.fm *.omny.fm *.sounder.fm msit.powerbi.com app.powerbi.com linkedin.github.io *.licdn.com *.adnxs.com acdn.adnxs-simple.com radar.cedexis.com; frame-ancestors 'self' *.www.linkedin.com:*; manifest-src 'self'; report-uri https://www.linkedin.com/security/csp?f=default
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZMoqjsUCRJdiLMXg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4ECBBD37C97642598E21A21EEEED7AA9 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:33Z
date: Tue, 28 Nov 2023 17:12:34 GMT
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Size
27 kB (27431 bytes)
Hash
9ecc1a07aa9e5e87f04d31b49ca09897
a030a565d2168e505861d6f1de260dc1adf8b77b
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:36:53 GMT
expires: Thu, 21 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 502541
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google Sans MediumRegularGoogle;GoogleSans-Medium\012- data
Size
27 kB (27431 bytes)
Hash
9ecc1a07aa9e5e87f04d31b49ca09897
a030a565d2168e505861d6f1de260dc1adf8b77b
ebeace42646aa327b1fa6225f70120658993d4796cc9103484a6f068d3a58a6d

HTTP Headers

GET /s/googlesans/v14/4UabrENHsxJlGDuGo1OIlLU94YtzCwM.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27431
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Nov 2023 21:36:53 GMT
expires: Thu, 21 Nov 2024 21:36:53 GMT
cache-control: public, max-age=31536000
age: 502541
last-modified: Mon, 22 Apr 2019 23:43:31 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Size
27 kB (27191 bytes)
Hash
20f7180ebc95ade510a7fbd4cbdc35b6
6cfc5afa73095577a20461de09d2a8f4b34d80e0
8087cf253743d85d9153ba12ce624c2e460e966c40a61928b3a036a2d452f45a

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:49 GMT
expires: Fri, 22 Nov 2024 23:21:49 GMT
cache-control: public, max-age=31536000
age: 409845
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf

216.58.207.227

200 OK

27 kB

URL GET HTTP/2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
216.58.207.227:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.gstatic.com
FingerprintE5:79:1F:1A:04:3F:B9:B0:FB:41:4E:B5:E5:97:AD:FE:D9:2C:4A:CD
ValidityMon, 23 Oct 2023 11:24:07 GMT - Mon, 15 Jan 2024 11:24:06 GMT

File type
TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Size
27 kB (27191 bytes)
Hash
20f7180ebc95ade510a7fbd4cbdc35b6
6cfc5afa73095577a20461de09d2a8f4b34d80e0
8087cf253743d85d9153ba12ce624c2e460e966c40a61928b3a036a2d452f45a

HTTP Headers

GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 23 Nov 2023 23:21:49 GMT
expires: Fri, 22 Nov 2024 23:21:49 GMT
cache-control: public, max-age=31536000
age: 409845
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ps.azurewaf.microsoft.com/event?correlationId=073f5711-5fe5-489a-a771-cff7226cf669&type=ping

13.107.213.53

204 No Content

0 B

URL OPTIONS HTTP/2
ps.azurewaf.microsoft.com/event?correlationId=073f5711-5fe5-489a-a771-cff7226cf669&type=ping
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerMicrosoft Corporation
Subjectps.azurewaf.microsoft.com
FingerprintFC:AC:5C:FF:51:A1:16:2F:30:EF:E4:53:B9:A3:3C:30:82:09:E6:4B
ValiditySun, 26 Feb 2023 08:05:40 GMT - Wed, 21 Feb 2024 08:05:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /event?correlationId=073f5711-5fe5-489a-a771-cff7226cf669&type=ping HTTP/1.1
Host: ps.azurewaf.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
set-cookie: TiPMix=51.21966004927473; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0gh9mZQAAAABnfE95uO8uQrLbxQJk21mpU1ZHMjBFREdFMDYxNQAzNmQyZWNiZi02MGQwLTQ5YWUtOWEyNy02YmZhOGI1MGU0OGQ=
date: Tue, 28 Nov 2023 17:12:34 GMT
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 13456
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTswOzE3MDExOTE1NTI7MjswMjHUk+wpDfQLItwwDpkEdKLZSwMt/fwWWaFTAwbbe5qSsg==; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZMi7mXgO5imljyPg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E7C3A89E2D724EAFAC12FD4C2E54EC36 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:33Z
date: Tue, 28 Nov 2023 17:12:34 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 22668
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZP9ckD9d/VCaiUbw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F61AE99B169449438C5314918BF96A37 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:34Z
date: Tue, 28 Nov 2023 17:12:34 GMT
content-length: 0
X-Firefox-Spdy: h2

ps.azurewaf.microsoft.com/event?correlationId=073f5711-5fe5-489a-a771-cff7226cf669&type=ping

13.107.213.53

204 No Content

0 B

URL OPTIONS HTTP/2
ps.azurewaf.microsoft.com/event?correlationId=073f5711-5fe5-489a-a771-cff7226cf669&type=ping
IP
13.107.213.53:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerMicrosoft Corporation
Subjectps.azurewaf.microsoft.com
FingerprintFC:AC:5C:FF:51:A1:16:2F:30:EF:E4:53:B9:A3:3C:30:82:09:E6:4B
ValiditySun, 26 Feb 2023 08:05:40 GMT - Wed, 21 Feb 2024 08:05:40 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /event?correlationId=073f5711-5fe5-489a-a771-cff7226cf669&type=ping HTTP/1.1
Host: ps.azurewaf.microsoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 1727
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
set-cookie: TiPMix=96.14953037367; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
x-ms-routing-name=self; path=/; HttpOnly; Domain=mouselogdatacollection.azurewebsites.net; Max-Age=3600; Secure; SameSite=None
access-control-allow-origin: *
strict-transport-security: max-age=2592000
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
x-azure-ref: 0gh9mZQAAAACXHxNPwRJbQrLgxgLt47p1U1ZHMjBFREdFMDYxNQAzNmQyZWNiZi02MGQwLTQ5YWUtOWEyNy02YmZhOGI1MGU0OGQ=
date: Tue, 28 Nov 2023 17:12:35 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYZhnWJL89WwwRCOYQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: B0A4AAA0FB074C48AC95A1FB130E86AF Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:35Z
date: Tue, 28 Nov 2023 17:12:35 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYaAGVh3M5IZG4MKMg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F5B03D557FE9435F8A8306E40732D0D9 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:37Z
date: Tue, 28 Nov 2023 17:12:37 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYaen3a/KcrO5p+yiQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5EC0FC10ED3640C29BFAF5FE2A957FBB Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:39Z
date: Tue, 28 Nov 2023 17:12:39 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYa9Lu8ZdReZc8vYxw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 4BFB6FA721EB472CBF737C884972A76A Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:41Z
date: Tue, 28 Nov 2023 17:12:41 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYbbyD6og9pP4ZOnrw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 8E3958A1E81D44DFB1921CE126A79A36 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:43Z
date: Tue, 28 Nov 2023 17:12:43 GMT
content-length: 0
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

0 B

URL OPTIONS HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 28 Nov 2023 17:12:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+340; expires=Thu, 27-Nov-2025 17:12:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 17:12:44 GMT
cache-control: private
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

0 B

URL OPTIONS HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-goog-authuser
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-max-age: 86400
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
content-type: text/plain; charset=UTF-8
date: Tue, 28 Nov 2023 17:12:44 GMT
server: Playlog
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+801; expires=Thu, 27-Nov-2025 17:12:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 17:12:44 GMT
cache-control: private
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

131 B

URL OPTIONS HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 452
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:44 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+549; expires=Thu, 27-Nov-2025 17:12:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 17:12:44 GMT
X-Firefox-Spdy: h2

play.google.com/log?format=json&hasfast=true&authuser=0

142.250.74.78

200 OK

131 B

URL OPTIONS HTTP/2
play.google.com/log?format=json&hasfast=true&authuser=0
IP
142.250.74.78:443
ASN
#15169 GOOGLE

Requested by
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
Certificate
IssuerGoogle Trust Services LLC
Subject*.google.com
Fingerprint4C:0D:17:8C:F1:30:7C:3A:6F:9B:8E:B4:83:0E:5C:BD:ED:17:3E:95
ValidityMon, 23 Oct 2023 11:18:24 GMT - Mon, 15 Jan 2024 11:18:23 GMT

File type
JSON data\012- , ASCII text, with no line terminators
Size
131 B (131 bytes)
Hash
ca0b7e866005f6774d284b9f438ebfd2
53644f5ee3640189bdb223473ba6a2d46606c556
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

HTTP Headers

POST /log?format=json&hasfast=true&authuser=0 HTTP/1.1
Host: play.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-AuthUser: 0
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Content-Length: 453
Origin: https://accounts.google.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://accounts.google.com
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web
content-type: text/plain; charset=UTF-8
content-encoding: gzip
date: Tue, 28 Nov 2023 17:12:44 GMT
server: Playlog
cache-control: private
content-length: 131
x-xss-protection: 0
x-frame-options: SAMEORIGIN
set-cookie: CONSENT=PENDING+967; expires=Thu, 27-Nov-2025 17:12:44 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 28 Nov 2023 17:12:44 GMT
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYb6Ph7ZqIzLboVrLw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: ECE3DEEEC1924219BEE3CF6522AADF59 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:45Z
date: Tue, 28 Nov 2023 17:12:45 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL POST HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:443
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerDigiCert Inc
Subjectwww.linkedin.com
FingerprintDD:64:0D:6C:03:1D:AA:A9:68:F2:FB:0C:02:7A:52:34:27:C9:FD:D9
ValidityFri, 03 Nov 2023 00:00:00 GMT - Fri, 03 May 2024 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - LinkedIn

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1040
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Cookie: JSESSIONID=ajax:8794285456474418153; lang=v=2&lang=en-us; bcookie="v=2&b183f7d7-b045-41e0-858d-b76770e69f94"; bscookie="v=1&202311281712329a0166e1-d0f8-48fe-89cc-091af818d6ebAQEVmwQ2iYicbUragaXrV480_NKhAGvP"; li_gc=MTs0MjsxNzAxMTkxNTUzOzI7MDIxULA61wjgGbmyu58LTZ6Rb++JG6yigYajk+zNK/N0xIQ=; lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2649:u=1:x=1:i=1701191552:t=1701277952:v=2:sig=AQF4vPQDeBoF5814eQ-Ty7GJlajsQWbd"; rtc=AQFz3jSyBdVjPAAAAYwW6wwAYqtHEkE2vf_-KhlXw7AKPdvilMRYDXVWIZoAHhre15KXAyfjm2LK_4yiTXnSU6PDFkgYbE1lu6Ou610dxlHpnqOojEufL40oA3EsD67YADY3UsKUp-MY_YOCOmyzqMp7C8qRjvgTg7qcOPJgH9U1gof2fnNU2pCkM3QNAvvia887ZkWxqgZKXH5jol8me8-YQM8MPKYbu_pQsfs_Ow==; fid=AQEsgqz5E32HuwAAAYwW6w-BLvbo2tvNkccmUDZJnk0WPz9KyT_8RofECVQIztDQKtZXYyToZsDzDw; li_alerts=e30=; fcookie=AQFEF0yFayuxoAAAAYwW6xS8s3Sw1Nvj9Cdo-nclhrQwnWYsXQDEb_T3HpD4-VhDISWp7c-V4OsqIkYdiTy9v3kq5YEJrqTRL1Lvkq38KQJbiEE0abxz4I21ZC44jpz5X7hiox6Ge08tQe4K8Zs74RN24T63ie0jjxN7QH8JfFJI5Ax1jbCAS1D_VavdtXLzi2m8VBTtB4_DbisCHtCgC2WcbUBRDtV_p3QcNvMfJ9arSBH_3JYpjzGd7QLiPE8ammhZe2cgz9tUs31Qj9mhzGhYNQC1pC5w9WlBP0p8paCbI36NhXtgpF9v1BlT7STLfNkgr/c4CS0TrMUw==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-frame-options: sameorigin
content-security-policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAYLOYcYwG/CCOInDSP3Kw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: C385A6FD1128474BA2EA8594A0CA4B43 Ref B: OSL30EDGE0311 Ref C: 2023-11-28T17:12:47Z
date: Tue, 28 Nov 2023 17:12:47 GMT
content-length: 0
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=CoUn0ZVKoPY%2FUwFoygfdSw

142.250.74.45

200 OK

40 B

URL GET HTTP/2
accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=CoUn0ZVKoPY%2FUwFoygfdSw
IP
142.250.74.45:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2c98800db31bbfddd131afb5175fd79d
0f42804f7fa9532c569a8af006ed51574052f723
96deb184f32330ec2e3e8837d6c94d96eef78384641f89771105c7ecccc4bbe1

HTTP Headers

GET /gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=CoUn0ZVKoPY%2FUwFoygfdSw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 17:12:34 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-rvztJi3YM2FHilBY1onbLQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw

142.250.74.45

200 OK

115 kB

URL GET HTTP/2
accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw
IP
142.250.74.45:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7754)
Size
115 kB (115432 bytes)
Hash
d6d97f9f5823819c40c894f9f91cc7b4
9052ae2540265b1b4a5cad2e03d43d88eb92c93f
777c336f7f6ea0f1807313bf0e3f1cefc425b1cf88d2b19989b4e2784fcd7f7f

HTTP Headers

GET /gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=325px&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558071_928250&as=CoUn0ZVKoPY%2FUwFoygfdSw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 17:12:34 GMT
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-1VcVJhvyQjYIvbgqJGEmnA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US

142.250.74.45

200 OK

116 kB

URL GET HTTP/2
accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US
IP
142.250.74.45:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (7754)
Size
116 kB (115503 bytes)
Hash
f23ed2211518587844917cec9cdbd8ad
b4935a1e14472dd3c53a453eb029d069c1acd3ec
c283f00f7054cced52f0fa95b300a6adbe1c1efaa1fae30c359ffad97f98bab2

HTTP Headers

GET /gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=-2&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_558064_446692&as=CoUn0ZVKoPY%2FUwFoygfdSw&hl=en_US HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 17:12:34 GMT
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: same-site
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-plC3OmBgrAwRenKLht9nDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=CoUn0ZVKoPY%2FUwFoygfdSw

142.250.74.45

200 OK

40 B

URL GET HTTP/2
accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=CoUn0ZVKoPY%2FUwFoygfdSw
IP
142.250.74.45:443
ASN
#15169 GOOGLE

Requested by
https://www.linkedin.com/authwall?trk=bf&trkInfo=AQEQry0YG3iaVwAAAYwW6wwAQqH68N08HNDeRWdLcw0yep7M9VG4Wo42_D31rP6CPid0XCfT4fnyN0NWaH0sHkhts9po8Fr0RIrJh3Nm3S8ZYxnKYfbb0VRGZ5dfL5QHOLwk86c=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2Fincture-technologies
Certificate
IssuerGoogle Trust Services LLC
Subjectaccounts.google.com
Fingerprint1E:A9:E1:96:78:1D:08:FC:96:C8:C2:34:4F:02:D3:3D:FA:9A:D2:6B
ValidityMon, 23 Oct 2023 11:25:04 GMT - Mon, 15 Jan 2024 11:25:03 GMT

File type
ASCII text, with no line terminators
Size
40 B (40 bytes)
Hash
2c98800db31bbfddd131afb5175fd79d
0f42804f7fa9532c569a8af006ed51574052f723
96deb184f32330ec2e3e8837d6c94d96eef78384641f89771105c7ecccc4bbe1

HTTP Headers

GET /gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=CoUn0ZVKoPY%2FUwFoygfdSw HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
DNT: 1
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 28 Nov 2023 17:12:34 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'nonce-qgcpGjYgoQX9qRW61egWDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by