Report - csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5

Report Overview

Submitted URL
csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1
IP
104.18.30.105
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-14 09:02:28
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
2

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	658 B	1.6 kB	93.184.220.29
accounts.google.com	81	2016-03-20T13:44:49Z	2023-03-09T06:20:40Z	969 B	38 kB	216.58.207.237
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.7 kB	3.5 kB	142.250.74.3
www.linkedin.com	608	2015-06-18T18:10:03Z	2023-03-09T09:57:52Z	12 kB	31 kB	13.107.42.14
ponf.linkedin.com	18578	2020-12-13T16:52:45Z	2023-03-09T19:39:01Z	795 B	162 B	144.2.9.1
platform.linkedin.com	3785	2012-05-21T15:08:59Z	2023-03-09T05:27:51Z	676 B	42 kB	23.36.76.121
static-exp1.licdn.com	3079	2017-09-11T07:11:26Z	2023-03-08T12:45:39Z	4.3 kB	229 kB	23.36.76.121
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.2 kB	50 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.0 kB	5.3 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
csv1v04.na1.hubspotlinks.com	unknown	2021-09-30T20:22:47Z	2023-01-28T19:11:24Z	1.9 kB	1.3 kB	104.18.30.105
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	44.242.32.27

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-13	medium	csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1	LinkedIn Corporation

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	static-exp1.licdn.com/sc/h/1gpe377m8n1eq73qveizv5onv	39 kB	2023-03-07	2024-04-26
Pretty URL static-exp1.licdn.com/sc/h/1gpe377m8n1eq73qveizv5onv IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:22 Last Seen2024-04-26 01:43:47 Times Seen4162 Hash f5629c31bca5301ab5980247effef360 f61db978aa8c26a7001df3f7600515b9f07f5231 c852b1105eb000028e9b27677996f8d4773daa31fa1aaf663cb6ae3a6857a50a Loading...

	accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.linkedin.com&rpcToken=606176883.4178649	31 B	2023-03-07	2024-04-24
Pretty URL accounts.google.com/o/oauth2/iframe#origin=https%3A%2F%2Fwww.linkedin.com&rpcToken=606176883.4178649 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-24 19:12:54 Times Seen2601 Hash 671ffb739b15d1f76fe0bfda3211d6a4 cdd0e50d2d0ab5e871821f1e5b1245343edf17bf 1efcb4c5cb4522989514356d42b18a77598da23e50a212d4f74d084ff80b8c33 Loading...

	platform.linkedin.com/litms/utag/checkpoint-frontend/utag.js?cb=1665738000000	132 kB	2023-03-07	2023-03-10
Pretty URL platform.linkedin.com/litms/utag/checkpoint-frontend/utag.js?cb=1665738000000 IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:55 Last Seen2023-03-10 09:14:02 Times Seen1 Hash 85251de3ebb4e2612139408db1c99d65 9715f572d19d01f11bf9699bed75800b133230e2 aebabe2d6799eef2c297b8444e443a65a6c91b081ea59d09763e92117bd02d24 Loading...

	csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1	3.9 kB	2023-03-10	2023-03-10
Pretty URL csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1 IP 104.18.30.105 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:14:02 Last Seen2023-03-10 09:14:02 Times Seen1 Hash f8c50da105a7e9472fa1e990c7e70c49 49325321620a90eef0399f58092a8f3f202a4fce 8500394137d847e2cab0940147d49e4c0540637a1ca1ede494b98467bb1e5bc6 Loading...

	static-exp1.licdn.com/sc/h/e87ijph4dlizqq0l6vwpyw452	89 kB	2023-03-10	2023-03-11
Pretty URL static-exp1.licdn.com/sc/h/e87ijph4dlizqq0l6vwpyw452 IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:14:02 Last Seen2023-03-11 14:22:28 Times Seen1 Hash 8312d719e5be93631ec9a8040fb17ff4 f34427a8d507ccb28da051a24603ac2a664fdf29 1a587ea554bf7e7dfc3e4ae5dde3ecc748708899dff61397a1172ec0ebfc7a25 Loading...

	static-exp1.licdn.com/sc/h/8ddascte8uiyhhufy6qlnhw2b	223 kB	2023-03-07	2024-04-16
Pretty URL static-exp1.licdn.com/sc/h/8ddascte8uiyhhufy6qlnhw2b IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:07 Last Seen2024-04-16 12:21:51 Times Seen337 Hash 0455bdf0d67047723a204a280faf9148 462430ba34af9bb60fc8a3fa8cf04845d9d34df1 190472cc8b749d317cc6d4c27a5022d250df931fb04507c307ef640a452200da Loading...

	www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.NMpHIH0iQ08.es5.O/d=1/rs=AOaEmlFL86S7ffYzOSjmScPzHV5GN32AVg/m=base	101 kB	2023-03-10	2023-03-10
Pretty URL www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.NMpHIH0iQ08.es5.O/d=1/rs=AOaEmlFL86S7ffYzOSjmScPzHV5GN32AVg/m=base IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:14:02 Last Seen2023-03-10 11:55:35 Times Seen1 Hash 9bbc6a1fe49ca7f5bb567c567d35cf1b 1448e70693ee7d8f9bdc864b4c7e5282ec6e535c d8101b5918c6da9e18e4cfe57eeabd853d2bdbc250da91010f08e137a4388e93 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 12:14:14 Times Seen37091254 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	static-exp1.licdn.com/sc/h/5odsca7qyx6fr1a98zjez142h	69 kB	2023-03-10	2023-03-10
Pretty URL static-exp1.licdn.com/sc/h/5odsca7qyx6fr1a98zjez142h IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:14:03 Last Seen2023-03-10 09:14:03 Times Seen1 Hash f317a8478f0a9eae5bd6299c816ca55a d98d7483cfc5ff83ce8c10689852dcced00421d2 97269aec1f83d0cc6614398151413a7bd1e0b0344372aafcbb5384e09bd98db7 Loading...

	static-exp1.licdn.com/sc/h/29p29a9hgc1mlat3p1r83gg9o	1.8 kB	2023-03-08	2023-03-13
Pretty URL static-exp1.licdn.com/sc/h/29p29a9hgc1mlat3p1r83gg9o IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:56:36 Last Seen2023-03-13 19:56:05 Times Seen1 Hash b1282143714b9acc4c4416b3f501d368 9a3c12db6ed166a844d45e4eaf69114b8e3b875d 951abebf26ed21223695d1a6aac9ffc412cb08cf9222ef4d1234322e3b264e56 Loading...

	static-exp1.licdn.com/sc/h/84fpq9merojrilm067r9x3jdk	108 kB	2023-03-07	2023-07-20
Pretty URL static-exp1.licdn.com/sc/h/84fpq9merojrilm067r9x3jdk IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:07 Last Seen2023-07-20 05:54:36 Times Seen109 Hash 6fc305c39f6393c4d9b00cf6dfec3d9b 23cb4da504dbb3c74a5c76d89afc66192658d27b da24b61af1e6da7f2389ece9a26cd05be607d766f49f4eb8a78f6d933419fb6a Loading...

HTTP Transactions (50)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 14 Oct 2022 08:36:55 GMT
Expires: Fri, 14 Oct 2022 08:46:50 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Wsavwdaluysru6iCkCSt41rISeLkX5jCuFGkMEKwbRnXapZw33xHuw==
Age: 1522

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2b424d8c01b211c56d5b44b92e4e4153
b1fdab18f23271eee58ae1482f8af25badc2ffda
1c82a5fd2bc3f16a66becb5e1924e8c9edd39386622dc2e5ed296442f4307b2b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1C82A5FD2BC3F16A66BECB5E1924E8C9EDD39386622DC2E5ED296442F4307B2B"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7427
Expires: Fri, 14 Oct 2022 11:06:04 GMT
Date: Fri, 14 Oct 2022 09:02:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bce7a9c1ff7500c4cfad5c3a3581a939
74b8dadf6ead0ce5d1d72e40a2eac554c5f5430c
6c840089371a0e25d60d0d76d6400348b0cdfb5967876c7b88e2b4a2aaf01a03

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6C840089371A0E25D60D0D76D6400348B0CDFB5967876C7B88E2B4A2AAF01A03"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8985
Expires: Fri, 14 Oct 2022 11:32:02 GMT
Date: Fri, 14 Oct 2022 09:02:17 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: VbD6Ux1s3yhDkxWOnKbI92gjehJZoTu2UO1iD0KYCvO1RPDHHJQMDDLRpyXsnLx1xgmghLsceLc=
x-amz-request-id: K6VSWZVBHA3Q11KB
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 14 Oct 2022 09:02:05 GMT
age: 12
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 09:02:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 14 Oct 2022 08:07:43 GMT
Expires: Fri, 14 Oct 2022 08:36:15 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: _XfjJwPLQxnt9VWJhfcv8kTJcaYRbnCU6BQomXMWBYDD7mHpTITz1A==
Age: 3275

csv1v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1?_ud=b9f04613-fb00-45d0-9407-233f662d1f0b&_jss=1&_fl=8&_pl=0&_hc=16&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1280,1024

104.18.30.105

307 Temporary Redirect

0 B

URL HTTP/2
csv1v04.na1.hubspotlinks.com/events/public/v1/encoded/track/tc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1?_ud=b9f04613-fb00-45d0-9407-233f662d1f0b&_jss=1&_fl=8&_pl=0&_hc=16&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1280,1024
IP
104.18.30.105:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /events/public/v1/encoded/track/tc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1?_ud=b9f04613-fb00-45d0-9407-233f662d1f0b&_jss=1&_fl=8&_pl=0&_hc=16&_lg=en-US,en&_plt=Linux%20x86_64&_scr=1280,1024 HTTP/1.1
Host: csv1v04.na1.hubspotlinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 307 Temporary Redirect
date: Fri, 14 Oct 2022 09:02:18 GMT
location: https://www.linkedin.com/company/18056569?utm_campaign=Security%20Ransomware&utm_medium=email&_hsmi=229435890&_hsenc=p2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY&utm_content=229437280&utm_source=hs_email
x-robots-tag: none
link: <https://www.linkedin.com/company/18056569?utm_campaign=Security%20Ransomware&utm_medium=email&_hsmi=229435890&_hsenc=p2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY&utm_content=229437280&utm_source=hs_email>; rel="canonical"
referrer-policy: no-referrer
x-hubspot-correlation-id: 7eac2f06-74d7-40c7-af05-43d4ea858195
access-control-allow-credentials: false
vary: origin
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 759f22a3ea5ab50c-OSL
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
90336661a2936bdb9efcc26998693b34
bee3b0e35ce901bff835d43a0f22eb0765ab8264
717bf09925581cc0668632ad10dfc2b714e77f9ba2c3852e8cf3ead552fde950

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2588
Cache-Control: max-age=172061
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:18 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 08:49:59 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.242.32.27

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.242.32.27:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rRwOSHPGnw5WBpsaOZDjYg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qX5krE2HM4F1MLiyIDnSYN2359Q=

www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email

13.107.42.14

200 OK

12 kB

URL HTTP/2
www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (37608)
Size
12 kB (12525 bytes)
Hash
2a8e78feb202733a4f81b79f2211fc47
ea826ff99a39952333cc2d4e3b004fe48d45e9c1
cc9479972f41d8da92bf12c0eb2bb0a62ccba90c722fd0ae744a93200d5fa294

HTTP Headers

GET /uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 12525
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
last-modified: Wed, 12 Oct 2022 19:26:14 UTC
vary: Accept-Encoding
x-fs-uuid: 0005eafae20c571b6e8f7d68dc62d7f3
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com www.linkedin.cn; report-uri /security/csp?e=p&f=rl
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIMVxtuj31o3GLX8w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EB5E0782E5C248659999FC1DB44893F5 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:18Z
date: Fri, 14 Oct 2022 09:02:18 GMT
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/cp4bnwpzcs9vftav2pzhwzl0g

23.36.76.121

200 OK

50 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/cp4bnwpzcs9vftav2pzhwzl0g
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (65529), with no line terminators
Size
50 kB (50495 bytes)
Hash
d67b13f4659a9f10cac346eaba23c920
0fbdddbdae44922949e449542968d66696f79c80
4f9665e2dc878df79b7fe29b626d4988fb603d8953e3e1e2305d0a5726242c50

HTTP Headers

GET /sc/h/cp4bnwpzcs9vftav2pzhwzl0g HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Play
expires: Thu, 12 Oct 2023 16:30:58 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 0005ead8eaee2f32c589ec9b567662f0
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXq2OruLzLFieybVnZi8A==
content-length: 50495
remote-cache-status: TCP_HIT, TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/5x551rv91h1545imm4yjueanc

23.36.76.121

200 OK

15 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/5x551rv91h1545imm4yjueanc
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
C source, Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Size
15 kB (15224 bytes)
Hash
6401b0b5fb92e59a78192418196c5768
756f189185b07cd7f022f1d4bcca6e2cd3a7aaae
b1ec2ddbd5874bdf218e8c959844f06e723ffe5432acb5ed6170893a122b3471

HTTP Headers

GET /sc/h/5x551rv91h1545imm4yjueanc HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Play
expires: Sat, 15 Apr 2023 16:24:37 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 0005dcb3d8c297283845833b8ab665e6
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXcs9jClyg4RYM7irZl5g==
content-length: 15224
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/29p29a9hgc1mlat3p1r83gg9o

23.36.76.121

200 OK

684 B

URL HTTP/2
static-exp1.licdn.com/sc/h/29p29a9hgc1mlat3p1r83gg9o
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (1821), with no line terminators
Size
684 B (684 bytes)
Hash
2654f45f67cd1ecd63a3fd02b247a95c
ee1e43257369d58da3157bc30494872e39496063
d4de59c14a227719bf63c198e1c722bd085ebda7c6185b261b47b8913c819e4d

HTTP Headers

GET /sc/h/29p29a9hgc1mlat3p1r83gg9o HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Play
expires: Thu, 21 Sep 2023 17:07:08 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 0005e932f992b61256dc0c187ccf0d0c
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXpMvmSthJW3AwYfM8NDA==
content-length: 684
remote-cache-status: TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/5odsca7qyx6fr1a98zjez142h

23.36.76.121

200 OK

20 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/5odsca7qyx6fr1a98zjez142h
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (44012)
Size
20 kB (19898 bytes)
Hash
5fe5811fc24d5f41f388c40bcfb3b5d9
9b171e773fff719eb87679d9f649b53efab6b40d
4600bf2de02abb4caad9d917b198aa56098b53201a042f3dd38c746373d24b70

HTTP Headers

GET /sc/h/5odsca7qyx6fr1a98zjez142h HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Play
expires: Thu, 21 Sep 2023 16:46:39 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 0005e932b0511994901e7922877ca622
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXpMrBRGZSQHnkih3ymIg==
content-length: 19898
remote-cache-status: TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/5jnfboyjxw2i8fvx01pgwxvi8

23.36.76.121

200 OK

23 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/5jnfboyjxw2i8fvx01pgwxvi8
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
23 kB (22815 bytes)
Hash
5dad165945be5a5f28d5d1b987d14dc0
2e03d97d497a8d13635ee670fdc3b4c9614461cf
03251ba0414a82d43c517fc0654fe6c5d4868776f0350bcbe444e10b2f892b2c

HTTP Headers

GET /sc/h/5jnfboyjxw2i8fvx01pgwxvi8 HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Play
expires: Thu, 21 Sep 2023 18:02:28 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
content-encoding: br
x-li-static-content: 1
content-type: text/css
x-fs-uuid: 0005e933bf7b529d33b7a3b8f65b255d
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXpM797Up0zt6O49lslXQ==
content-length: 22815
remote-cache-status: TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/55ggxxse8uyjdh2x78ht3j40q

23.36.76.121

200 OK

5.5 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/55ggxxse8uyjdh2x78ht3j40q
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Size
5.5 kB (5491 bytes)
Hash
570444c1d08879f7fa18c069df4c221a
feb1d03978df22f0981eab5bc769c90e7e781ff5
517d2aa829f04ab4d8bf778b71de5e7817a7705c24d3d8db4616002091392a6e

HTTP Headers

GET /sc/h/55ggxxse8uyjdh2x78ht3j40q HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
expires: Wed, 15 Mar 2023 06:42:59 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
unused62: 8096267
server: Play
content-encoding: br
x-li-static-content: 1
content-type: image/png
x-fs-uuid: 04c00bc5fda47716f0f06b3bc32a0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: BMALxf2kdxbw8Gs7wyoAAA==
content-length: 5491
remote-cache-status: TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/9lb1g1kp916tat669q9r5g2kz

23.36.76.121

200 OK

799 B

URL HTTP/2
static-exp1.licdn.com/sc/h/9lb1g1kp916tat669q9r5g2kz
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size
799 B (799 bytes)
Hash
a2049549507b80977c2ac1598de5f213
aed7836a4e77428e1ec69b63a4515488e58d79fe
e0504e067c92c5439a98951c7ad9319fe3da9106afc0dec4ebfa6a5788bf0a7a

HTTP Headers

GET /sc/h/9lb1g1kp916tat669q9r5g2kz HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
expires: Tue, 07 Feb 2023 20:06:30 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
unused62: 8096267
server: Play
content-encoding: br
x-li-static-content: 1
content-type: image/x-icon
x-fs-uuid: a74a955909787716b02ac8cbcd2a0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: p0qVWQl4dxawKsjLzSoAAA==
content-length: 799
remote-cache-status: TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/8ddascte8uiyhhufy6qlnhw2b

23.36.76.121

200 OK

60 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/8ddascte8uiyhhufy6qlnhw2b
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (760)
Size
60 kB (59843 bytes)
Hash
8d670d8624d12eb2ea6a709d0b84c793
49f416a3ca10294f3825ff366c6cd65244fe3d69
6bba5608cabff05375c93073fcaf51cc650df2e05f5f592ff1f896ce566ee061

HTTP Headers

GET /sc/h/8ddascte8uiyhhufy6qlnhw2b HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
expires: Thu, 18 Aug 2022 06:14:11 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
server: Play
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 4911b6ba9b519c16f020299a932b0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: SRG2uptRnBbwICmakysAAA==
content-length: 59843
remote-cache-status: TCP_HIT
unused62: 8096267
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/84fpq9merojrilm067r9x3jdk

23.36.76.121

200 OK

32 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/84fpq9merojrilm067r9x3jdk
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (594)
Size
32 kB (32423 bytes)
Hash
893612e81de61ce06827b3384f2079d8
8710637b3942434d697a0ec28774775947d7db8f
b85544f8a376430adf08d8efd605ed3046df6c19af1c9a91fc62f04f8b7bbe51

HTTP Headers

GET /sc/h/84fpq9merojrilm067r9x3jdk HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
expires: Fri, 02 Sep 2022 05:47:56 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
server: Play
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 88e0ccac31eba01610f30acda32b0000
x-li-fabric: prod-lor1
x-li-pop: prod-edc2
x-li-proto: http/1.1
x-li-uuid: iODMrDHroBYQ8wrNoysAAA==
content-length: 32423
remote-cache-status: TCP_HIT
unused62: 8096267
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/1gpe377m8n1eq73qveizv5onv

23.36.76.121

200 OK

13 kB

URL HTTP/2
static-exp1.licdn.com/sc/h/1gpe377m8n1eq73qveizv5onv
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (7566)
Size
13 kB (13154 bytes)
Hash
18bab5c3a5007c99d4cba0ca2050971b
7da781d13a9dbc0464fa418d8e99a007e9843c3d
db1ae725d93f71d9191e4e5c013ed0ca74424bd02e7fc6ced795d9f51de63f4a

HTTP Headers

GET /sc/h/1gpe377m8n1eq73qveizv5onv HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
expires: Sat, 26 Aug 2023 01:53:44 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
server: Play
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 0a9d6ce11f5bad16b00010e0be2a0000
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: Cp1s4R9brRawABDgvioAAA==
content-length: 13154
remote-cache-status: TCP_HIT
unused62: 8096267
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3820e68819e3478c9524c9d426016dd1
ec2ff6c8f6976d578bee8fd03e804ebd96a75904
8c6a1c774384a4a22dad78eb7bd76535527f02e06a936578eda9d15088a90b74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3820e68819e3478c9524c9d426016dd1
ec2ff6c8f6976d578bee8fd03e804ebd96a75904
8c6a1c774384a4a22dad78eb7bd76535527f02e06a936578eda9d15088a90b74

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1545
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIWh2dJao3vMkV9tg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FE2B9FB479674D86AA49EBF6E2E1EF87 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:19Z
date: Fri, 14 Oct 2022 09:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c34d125247c0e1bbe9e8093c47f2c614
902dedd4071b414961f6044291d3cc4c8e8d5759
c702f572cc4280100b3a1e98cd4fd2542504860d942e37798bff477379fb16ec

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5744
Cache-Control: max-age=157939
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:19 GMT
Etag: "6348d51e-1d7"
Expires: Sun, 16 Oct 2022 04:54:38 GMT
Last-Modified: Fri, 14 Oct 2022 03:18:54 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f1123c03abcec7a41d77c94c3e445531
130c0a00aa31b36978fafd594ba6675358ac2117
f057d281b93305bd01078ef0ed79b459dc42d9bcfd49320111b1ff18571a7b38

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accounts.google.com/o/oauth2/iframe

216.58.207.237

200 OK

35 kB

URL HTTP/2
accounts.google.com/o/oauth2/iframe
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type
HTML document, ASCII text, with very long lines (868)
Size
35 kB (35089 bytes)
Hash
e2e0f8cebd313f87db10f4e04930cc5b
c6c93a02ba496c6e184fddf89f3de7bcca11da64
93d16735d673616cb217e949ca73bca497aa1491c260d81e056cdb0e78aed54f

HTTP Headers

GET /o/oauth2/iframe HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Oct 2022 09:02:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy: same-origin; report-to="IdpIFrameHttp"
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'nonce-hF1TYp-NqRo6AEDQvCzkaA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
report-to: {"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Csrf-Token: ajax:1939945716672260384
Content-Length: 769
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIYaJ4l6vCOVYXkaA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5B20A39969874B9285ED845B4C4E4FD0 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:19Z
date: Fri, 14 Oct 2022 09:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 09:02:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Csrf-Token: ajax:1939945716672260384
Content-Length: 779
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIYiw2atSZFnjR5aA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: AFEA49A8F9DC4FB3B086C2C8EFB48588 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:19Z
date: Fri, 14 Oct 2022 09:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Csrf-Token: ajax:1939945716672260384
Content-Length: 884
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIZguQE4ZpkK26k+g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 5C56DD3C8413450A933115E9FF4D37B0 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:19Z
date: Fri, 14 Oct 2022 09:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Csrf-Token: ajax:1939945716672260384
Content-Length: 8573
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIbn0tZIMch62gOMg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D8CFF07A3DEE4359A7372C7794332385 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:19Z
date: Fri, 14 Oct 2022 09:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Csrf-Token: ajax:1939945716672260384
Content-Length: 777
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIcG1ITBZw2tNH6Iw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9A7A12E28230490DA7BF18D8EF4B94E8 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:19Z
date: Fri, 14 Oct 2022 09:02:19 GMT
content-length: 0
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15151
Expires: Fri, 14 Oct 2022 13:14:51 GMT
Date: Fri, 14 Oct 2022 09:02:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15151
Expires: Fri, 14 Oct 2022 13:14:51 GMT
Date: Fri, 14 Oct 2022 09:02:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15151
Expires: Fri, 14 Oct 2022 13:14:51 GMT
Date: Fri, 14 Oct 2022 09:02:20 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15151
Expires: Fri, 14 Oct 2022 13:14:51 GMT
Date: Fri, 14 Oct 2022 09:02:20 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg

34.120.237.76

200 OK

6.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.7 kB (6685 bytes)
Hash
b1a0e7692a42450c5880b6bf2c3e600f
3c567806bfec9a195235f1c1e3c3e4bc647fdde9
318e462ae5b2da302cc3fa6539270866a352f011ebcc9ea35eef50c38fe9fe24

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6685
x-amzn-requestid: 8d5aa091-bf24-4ab1-a33b-73795e951da1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EENeIAMF9Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-36c8c3d75b57c8df3b0644a0;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf8nte3n3LzQdLXnv6MfnVk2LO0b0CjSfyiaxK2UWsM2DLsm-xEAgA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:56:52 GMT
age: 36328
etag: "3c567806bfec9a195235f1c1e3c3e4bc647fdde9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F235cefb2-34b9-4a5f-9454-5616c32314ab.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10111 bytes)
Hash
341ec16075556d00b28a745a7a396c7d
47d15dfbe0ab4c7f3ed2d22cb74615104d1d3dcf
e712d77e15b46ef6e83d9bd1e7ccabe03e48bdcc35b1c123e06a1f066511b353

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F235cefb2-34b9-4a5f-9454-5616c32314ab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10111
x-amzn-requestid: 89d16968-73eb-4a94-a57d-93dece89ff12
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9nAZHUzoAMFz4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488535-1b06a19c07126f89666e5ad7;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f4D1d0orD1iodyMRa7n_NzwOMDhbVDF0JZj31DGaWTvqCCwih5tuEQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:55:11 GMT
age: 36429
etag: "47d15dfbe0ab4c7f3ed2d22cb74615104d1d3dcf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8183 bytes)
Hash
c3368090318fe53289f4e0fe284ee1e2
ec5e3f3d6a334d0b8a92ce06327b5b145002087c
73bb52c89af285a60360a119d3f21b0d7309ea7fd26a36c1e46fe6b1b9f25164

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8183
x-amzn-requestid: f41fdb47-83e8-48f9-95ac-a79e2bfc521d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tu8FwCoAMF_OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347332c-67bc08ef6315488e07fc3c4c;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CGpa_I95VYqIP5j-OWRJ_xLopy7H9wlZRPSTP_mL-hymbOqhelsTCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:50:40 GMT
age: 40300
etag: "ec5e3f3d6a334d0b8a92ce06327b5b145002087c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6005 bytes)
Hash
5c2fb169144739a1240a832df181cf24
a7eb3a1289135eeafd639dffba6daf3e0bd0aee5
6f471bf8a40088a008efc818c762f8ec99988b9b68478034762cf872c809d246

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6005
x-amzn-requestid: f9cd6d19-f5f8-44ad-a809-9c66b2cea9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m7YEw7oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488515-74c9354b031430335dfea732;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2ajNm0eHqNm4Rel0IY5TN-cQSUP3b1PGbu-DkiSEY3vJZThcU2Jkxg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:48:24 GMT
age: 40436
etag: "a7eb3a1289135eeafd639dffba6daf3e0bd0aee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602472cb-312a-40b4-8d11-7c84be9e8992.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.3 kB (7265 bytes)
Hash
3df3df53b79f46f964bf0ccf34dfbc6e
ec1000d7fdea0299b3af4055358386f638051601
35c21c1897e29fa86e968332e908dd4c91f008aa53d4b57c4024170e5858dc26

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F602472cb-312a-40b4-8d11-7c84be9e8992.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7265
x-amzn-requestid: d55c92dc-b78e-4b67-becd-096a9f3110cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m8NHdJIAMF0rQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348851a-4d960dad67f360fd7c45320e;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: m9n5AWyucg7n9y8x24WnFFjsYfBltDF43FvwjV_mdGKzsHOx1_DxWw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:45:48 GMT
age: 40592
etag: "ec1000d7fdea0299b3af4055358386f638051601"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F632226c4-240c-4da7-964e-05e8c7eda9e6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.5 kB (5545 bytes)
Hash
a7d50fbdca33195d0f62b882545991a2
b6176b0973df1708dd03cbfcfba95fbb34fc12d7
0def0d270de3149cd15734b7ad2ed0b4da12bfd8d2ad77500034ac27bf3dc0fa

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F632226c4-240c-4da7-964e-05e8c7eda9e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5545
x-amzn-requestid: 369c52b4-50bf-4e4c-8a10-b4483f9fc7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m8OGALoAMFmlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6348851a-0ca1f453344f80be4f02ec41;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:30 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 0lGqLTQVXDUPj7i12MyGU53ernlCsK0tWVyV8m-Rj75HuuTTcbMeXg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:47:36 GMT
age: 40484
etag: "b6176b0973df1708dd03cbfcfba95fbb34fc12d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ponf.linkedin.com/pixel/tracking.png?reqid=8331fafe-eb95-4e27-ab98-3444f177e756&pageInstance=urn%3Ali%3Apage%3Acheckpoint_lg_uasLogin%3BxracKq4QTFG4V2tZVfwEcg%3D%3D&js=enabled

144.2.9.1

200 OK

43 B

URL HTTP/2
ponf.linkedin.com/pixel/tracking.png?reqid=8331fafe-eb95-4e27-ab98-3444f177e756&pageInstance=urn%3Ali%3Apage%3Acheckpoint_lg_uasLogin%3BxracKq4QTFG4V2tZVfwEcg%3D%3D&js=enabled
IP
144.2.9.1:0
ASN
#14413 LINKEDIN

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /pixel/tracking.png?reqid=8331fafe-eb95-4e27-ab98-3444f177e756&pageInstance=urn%3Ali%3Apage%3Acheckpoint_lg_uasLogin%3BxracKq4QTFG4V2tZVfwEcg%3D%3D&js=enabled HTTP/1.1
Host: ponf.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx/1.20.1
date: Fri, 14 Oct 2022 09:02:19 GMT
content-type: image/gif
X-Firefox-Spdy: h2

platform.linkedin.com/litms/utag/checkpoint-frontend/utag.js?cb=1665738000000

23.36.76.121

200 OK

42 kB

URL HTTP/2
platform.linkedin.com/litms/utag/checkpoint-frontend/utag.js?cb=1665738000000
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (36458)
Size
42 kB (41692 bytes)
Hash
9e239253d6e989a10a763c42281a3d23
bc49325a9ded6c99c393983d1844d89fdb70a3a1
d2443c22aecf87a39b35ea77f4de02b5372f5db9835733d042fa0025cc3cef4f

HTTP Headers

GET /litms/utag/checkpoint-frontend/utag.js?cb=1665738000000 HTTP/1.1
Host: platform.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
etag: "bc6813253280dfaf64bef1ff7388f8acd3c73a85"
server: Play
accept-ranges: bytes
cache-control: max-age=300
last-modified: Thu, 13 Oct 2022 16:16:08 GMT
content-encoding: gzip
content-type: application/javascript; charset=utf-8
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXq+sOTsriPOEJ1jVTQOQ==
content-length: 41692
date: Fri, 14 Oct 2022 09:02:20 GMT
vary: Accept-Encoding
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2

www.linkedin.com/litms/api/metadata/user

13.107.42.14

200 OK

222 B

URL HTTP/2
www.linkedin.com/litms/api/metadata/user
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JSON data\012- , ASCII text, with very long lines (327), with no line terminators
Size
222 B (222 bytes)
Hash
3b043030f5c65ef5b35841a681e372f9
8320a7ae24261ff8eec369b80dc37f6effd3f721
36000ff91b147b6ddbb2314ca4773620e8f19b61c1dfd4191b36da203bd1f5b4

HTTP Headers

GET /litms/api/metadata/user HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-length: 222
content-type: application/json
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Origin,Accept-Encoding
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uIjDEVsjZXyvKxiPw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: DA4994F06FBE48A291AA4DCFFB76A940 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:20Z
date: Fri, 14 Oct 2022 09:02:20 GMT
X-Firefox-Spdy: h2

www.linkedin.com/li/track

13.107.42.14

200 OK

0 B

URL HTTP/2
www.linkedin.com/li/track
IP
13.107.42.14:0
ASN
#8068 MICROSOFT-CORP-MSN-AS-BLOCK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /li/track HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Csrf-Token: ajax:1939945716672260384
Content-Length: 749
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/uas/login?session_redirect=%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D229435890%26_hsenc%3Dp2ANqtz-98OEbStm_nfjdP5GI9kApSaVQdUmjhznWdaI2YhdZLZNDz0rkgd9aIzFqKZzrMuvRGvXj_Zmh-jOv_yOROKDqXupjQVsVP9w0DTWG9fPf8Ibul9tY%26utm_content%3D229437280%26utm_source%3Dhs_email
Cookie: bcookie="v=2&1d0aa250-bc37-4bc5-8e41-a8c24db1f237"; bscookie="v=1&2022052402390220657ab3-a47f-4a36-8a7c-2aab5758f00aAQGP2qunaPAL0pAZ3hGPqJVWhlRgfmja"; li_gc=MTswOzE2NTMzNTk5NDI7MjswMjGUwmdulP1Odielt+uL7VqWyUjl6vuj1QmpUWsBM00u7Q==; li_alerts=e30=; G_ENABLED_IDPS=google; li_rm=AQHPCLH_VZaJvAAAAYEyL9reCWmsMQ_NRC7m6HYFYbBLs5J_yXaiwENf4PbW6OnKwU8m8m4Huxxbec1J4OmwjdroR-0bHjNTs7BYesg49EEQCjRrc8EkjFfZ; JSESSIONID=ajax:1939945716672260384; lang=v=2&lang=en-us; lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2401:u=1:x=1:i=1665738138:t=1665824538:v=2:sig=AQG3YGBr3yG0ruqeqhEljcYrJjMeV14t"
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
cache-control: no-cache, no-store
pragma: no-cache
content-type: text/plain; charset=utf-8
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXq+uImQvROJqlb1kpwlA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9FD48A3B44EE44D0BBFC7782D4197384 Ref B: OSL30EDGE0419 Ref C: 2022-10-14T09:02:20Z
date: Fri, 14 Oct 2022 09:02:20 GMT
content-length: 0
X-Firefox-Spdy: h2

static-exp1.licdn.com/sc/h/e87ijph4dlizqq0l6vwpyw452

23.36.76.121

200 OK

0 B

URL HTTP/2
static-exp1.licdn.com/sc/h/e87ijph4dlizqq0l6vwpyw452
IP
23.36.76.121:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sc/h/e87ijph4dlizqq0l6vwpyw452 HTTP/1.1
Host: static-exp1.licdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Play
expires: Thu, 12 Oct 2023 16:30:46 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
content-encoding: br
x-li-static-content: 1
content-type: text/javascript
x-fs-uuid: 0005ead8ea32f7cdb88ff2b02dc5201b
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXq2Ooy9824j/KwLcUgGw==
content-length: 25210
remote-cache-status: TCP_HIT, TCP_HIT
date: Fri, 14 Oct 2022 09:02:19 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=VkNs3qItNCLw77%2Bz91L%2Fcg

216.58.207.237

200 OK

0 B

URL HTTP/2
accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=VkNs3qItNCLw77%2Bz91L%2Fcg
IP
216.58.207.237:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=VkNs3qItNCLw77%2Bz91L%2Fcg HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
x-content-type-options: nosniff
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
access-control-allow-methods: GET
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 14 Oct 2022 09:02:19 GMT
content-disposition: attachment; filename="json.txt"; filename*=UTF-8''json.txt
content-security-policy: script-src 'nonce-UN4NSoD1CkHLhz8mcjeiPg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1

104.18.30.105

200 OK

0 B

URL HTTP/2
csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1
IP
104.18.30.105:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
openphish	LinkedIn Corporation

HTTP Headers

GET /Ctc/T7+113/csv1v04/VWgrg_2FP1-FW3MgVN_6xP_ndW7swsJQ4R4_8nN5LPbT13q90pV1-WJV7CgHM_W6bFP432PRxxPVZZDmV1kXmjSW6BX2pG6l-X2mVhbrFF2vxsRYW7-Gz-S60m52FW5TTfqG4YdxDZW4CkCtl4yqF6QW36DXb-6F2gB4W313q0z1CMGStW6CLx9r8ZB62yW88pGnr18jd3hW1d1DX02HYxpHVvc_h33-4WFkW1vZKJN3KFkQCW4sQLtt2rrqfTW3tS1s74bz71kW6tsNjW1RvhFVW16Tc6F44Y21vW25Kp1r2m_RhsW4VfGBN93CmD_W3d2BfY3nKnNkW2xz4708L9_ypVF8Hhr4Fvc92N28pFxnkL_ZyW5mQ5rs5z5_xqW2sVZPd2GNyzT3jZv1 HTTP/1.1
Host: csv1v04.na1.hubspotlinks.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 14 Oct 2022 09:02:18 GMT
content-type: text/html;charset=utf-8
x-robots-tag: none
referrer-policy: no-referrer
vary: origin
x-hubspot-correlation-id: d6153ac4-50be-4bc9-82dc-fc888fa876b3
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 759f22a06d29b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP