Overview

URLcsv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VW8kPc1PYc68W6gDsHt1RFyqgW1RGk9h4QcYc0N3mxJ6_3pl37V1-WJV7CgBHjW8cs4Mk4QnT3KVYL9b12r41F6W12SVVP8mjJk-W7zHmnB9fZSFnW8q4qYq8g0mySV6PyQ82t6xt9W25M7hy2Cyc_GW21gztg88qHQrW2bD1MT4VgJSgVyJpXN4V9j6rW1_T0hX8qTmwbN3fHppfJ_K26W1qQWXx8pCjw5W6svxDk15MmypW4yhnkl6TBHcHW3G8bZW2FNf5nW3vSKJ-1mkqjDW8PZ_5l3tLRkRW8HYj425yLzhZW4ptM673DjRy6W8gmrxM33LW2YW6rs-wn46QfYVW3yF9888FtLxYW5yV6np5gHjs1W6_Spy69hGL1GW63Q9cf5XxSFK36Km1
IP 104.18.30.105 ()
ASN#13335 CLOUDFLARENET
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-09-23 09:33:39 UTC
StatusLoading report..
IDS alerts0
Blocklist alert2
urlquery alerts No alerts detected
Tags None

Domain Summary (14)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
csv1v04.na1.hubspotlinks.com (2) 0 2021-09-30 18:22:47 UTC 2022-09-16 20:55:30 UTC 104.18.30.105 Domain (hubspotlinks.com) ranked at: 28717
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-09-23 04:04:38 UTC 93.184.220.29
www.gstatic.com (1) 0 2016-07-26 09:37:06 UTC 2022-09-23 04:35:51 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-09-23 04:02:43 UTC 34.120.237.76
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-09-23 04:33:41 UTC 34.117.237.239
platform.linkedin.com (1) 3785 2014-10-23 11:50:28 UTC 2022-09-22 05:02:16 UTC 23.36.76.210
static-exp1.licdn.com (19) 3079 2017-09-11 05:11:26 UTC 2022-09-23 05:34:36 UTC 23.36.76.121
accounts.google.com (1) 81 2016-09-05 09:39:47 UTC 2022-09-23 06:07:31 UTC 216.58.207.237
www.linkedin.com (12) 608 2014-04-09 13:16:08 UTC 2022-09-23 04:48:36 UTC 13.107.42.14
push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-09-23 05:02:25 UTC 35.161.6.128
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-09-23 04:02:41 UTC 143.204.55.25
ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-09-23 04:02:50 UTC 142.250.74.3
firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-09-23 05:06:00 UTC 143.204.55.36
r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-09-23 04:34:39 UTC 23.36.77.32

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-09-22 2 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VW8kPc1PYc68W6gDsHt1RFyqgW1 (...) LinkedIn Corporation

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-09-23 2 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v04/VW8kPc1PYc68W6gDsHt1RFyqgW1 (...) Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

URL www.linkedin.com/directory/api/ingraphs/counter
IP  13.107.42.14
Magic gzip compressed data, max compression\012- data
Size 66
MD5 f6ca86a32e9ce1a4a744fb52cbbb9c3b
SHA1 c05ad9d07fd02a1cea9b6d2554275c045c6cf5b0
SHA256 c782d6661c0d94ba0ad593161919e18a815b81d27fd811949165cfd7c01e80e5
Analyzer Analysed Verdict Comment
VirusTotal 0/0  VirusTotal Report

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 104.18.30.105
Date UQ / IDS / BL URL IP
2022-10-14 09:02:28 +0000 0 - 0 - 1 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v (...) 104.18.30.105
2022-10-05 21:10:21 +0000 0 - 0 - 2 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v (...) 104.18.30.105
2022-09-23 09:33:39 +0000 0 - 0 - 2 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v (...) 104.18.30.105
2022-09-16 21:00:05 +0000 0 - 0 - 3 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v (...) 104.18.30.105
2022-09-16 20:59:39 +0000 0 - 0 - 3 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v (...) 104.18.30.105


Last 5 reports on ASN: CLOUDFLARENET
Date UQ / IDS / BL URL IP
2023-01-29 12:10:42 +0000 8 - 0 - 4 outlookoffice.dropboks.workers.dev/ 172.67.164.121
2023-01-29 12:10:25 +0000 0 - 2 - 3 fixgroupfactor.com/Download.zip?c=AAVi1mOsJwU (...) 188.114.96.1
2023-01-29 12:09:56 +0000 29 - 1 - 10 ccrsolar.com.br/wp-content/SUPPORT/loginweb.p (...) 188.114.97.1
2023-01-29 12:09:48 +0000 29 - 1 - 10 ccrsolar.com.br/wp-content/SUPPORT/loginweb.p (...) 188.114.97.1
2023-01-29 12:09:43 +0000 0 - 1 - 0 cdn.discordapp.com/attachments/10254480472510 (...) 162.159.130.233


Last 5 reports on domain: hubspotlinks.com
Date UQ / IDS / BL URL IP
2023-01-28 18:11:35 +0000 0 - 1 - 1 csv1v04.na1.hubspotlinks.com/Ctc/T7%20113/csv (...) 104.18.37.211
2023-01-19 20:00:52 +0000 0 - 0 - 1 cykdl04.na1.hubspotlinks.com/Ctc/OQ+113/cYkDl (...) 104.18.37.211
2023-01-09 08:15:36 +0000 0 - 0 - 0 cnlcb04.na1.hubspotlinks.com/Ctc/ZT+113/cNLcb04 104.18.37.211
2023-01-07 18:59:53 +0000 0 - 0 - 1 csv1v04.na1.hubspotlinks.com/Ctc/T7+113/csv1v (...) 104.18.37.211
2023-01-04 19:20:10 +0000 0 - 0 - 0 chsl004.na1.hubspotlinks.com/Ctc/I5+113/cHSL0 (...) 172.64.150.45


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2023-01-14 09:26:50 +0000 0 - 0 - 2 hello.studioqv.com/index.php/campaigns/pq170g (...) 75.119.141.56
2023-01-13 18:49:01 +0000 0 - 0 - 1 view.bottomlineadvantagegroup.com/click/1/530 (...) 52.53.211.236
2023-01-11 16:33:04 +0000 0 - 0 - 1 proxy.quickmail.com/click/1/523823824/3f57b60 (...) 54.157.4.65
2023-01-11 16:18:34 +0000 0 - 0 - 2 proxy.quickmail.com/click/1/528007302/b7b3b6b (...) 34.201.80.84
2023-01-11 15:52:49 +0000 0 - 0 - 1 hello.ez-advisor.com/click/1/521834707/954c04 (...) 52.53.211.236

JavaScript

Executed Scripts (9)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (57)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 23 Sep 2022 09:14:07 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IQXp_tzDoO6t3tJICUy1kuJwEcxIMKLX5gVjUrjTWf2mLg14yGjfzw==
Age: 1160


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20443
Expires: Fri, 23 Sep 2022 15:14:10 GMT
Date: Fri, 23 Sep 2022 09:33:27 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.25
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 23 Sep 2022 04:35:15 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M2iZ1oJ5x5eO59-mN8Bz_zgWjUEWLf3xM3pOZHzy7sQm_7mb05AOnQ==
age: 17893
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 23 Sep 2022 09:33:27 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.36
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Fri, 23 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Fri, 23 Sep 2022 09:19:49 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: S3IeC0jg_s2Dml6yfQGKuqzJU2A2etDHjslHgaKCEMqk36dQ6pdP_w==
Age: 1806


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 963
Cache-Control: 'max-age=158059'
Date: Fri, 23 Sep 2022 09:33:28 GMT
Last-Modified: Fri, 23 Sep 2022 09:17:25 GMT
Server: ECS (ska/F71D)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /company/18056569?utm_campaign=Security%20Ransomware&utm_medium=email&_hsmi=226656658&_hsenc=p2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw&utm_content=225582642&utm_source=hs_email HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         13.107.42.14
HTTP/2 999 No Reason Phrase
content-type: text/html
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 1530
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; Domain=.linkedin.com; Expires=Sat, 23-Sep-2023 09:33:28 GMT; Path=/; Secure; SameSite=None bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; Domain=.www.linkedin.com; Expires=Sat, 23-Sep-2023 09:33:28 GMT; Path=/; HttpOnly; Secure; SameSite=None li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; Domain=.linkedin.com; Expires=Wed, 22 Mar 2023 09:33:28 GMT; Path=/; Secure; SameSite=None lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1663925608:t=1664012008:v=2:sig=AQEEqrFozRYgtxDhAmqOnq1q0iMtu3kC"; Expires=Sat, 24 Sep 2022 09:33:28 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure trkCode=gf; Max-Age=5 trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=; Max-Age=5 rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; Max-Age=120; path=/; domain=.linkedin.com
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7Q4vy/7caim4iklQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: AD09D1B34F49448E8C6A667165D44CED Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:28Z
date: Fri, 23 Sep 2022 09:33:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   1530
Md5:    895d2a337cecd4bf36e6ff9a7e669a63
Sha1:   9176c614fa5aca9af6ceba4996cc9128842803f7
Sha256: 644031a68bde879af85bcc9cb3e6fa1e9a6b0f61d49307581974b5dbc09d3de8
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 47ahCz+LinTo9qb2+gHRFw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         35.161.6.128
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xleB4XLPGhcsKYafBPueGA1Jd78=

                                        
                                            GET /authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/company/18056569?utm_campaign=Security%20Ransomware&utm_medium=email&_hsmi=226656658&_hsenc=p2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw&utm_content=225582642&utm_source=hs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1663925608:t=1664012008:v=2:sig=AQEEqrFozRYgtxDhAmqOnq1q0iMtu3kC"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 8205
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Accept-Encoding
set-cookie: fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; Max-Age=604800; Expires=Fri, 30 Sep 2022 09:33:28 GMT; Path=/ JSESSIONID=ajax:1977020562551648159; SameSite=None; Path=/; Domain=.www.linkedin.com; Secure lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=linkedin.com; Secure
x-fs-uuid: 0005e954ded3f26f7589168931f6def4
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7T8m91iRaJMfbe9A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9F22D18BC6AC4658BB563552651B1E88 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:28Z
date: Fri, 23 Sep 2022 09:33:28 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (948)
Size:   8205
Md5:    0fabb8c45c494be263da0357e34f36ad
Sha1:   8651659bc368f21bd38b28ff598939c32dd39bae
Sha256: d4f6a17883c1838b374dc200b4840bad570c934421dbf3ddb4c074d1c9193067
                                        
                                            GET /sc/h/f215enrs1berognq3c1cn30wk HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/css
                                        
server: Play
expires: Fri, 16 Jun 2023 19:34:53 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 0005e195bb59fbfad61d4cce9f408546
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhlbtZ+/rWHUzOn0CFRg==
remote-cache-status: TCP_HIT, TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:28 GMT
content-length: 33813
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   33813
Md5:    562681bc836990db48373242b6d7a47c
Sha1:   60a28aa3fe168fda12acd11b5cd68803c9a0976e
Sha256: 84440308528c84664a1b62d23e8fdaf914baa65d118e79d949562710d70183dc
                                        
                                            GET /sc/h/al2o9zrvru7aqj8e1x2rzsrca HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/x-icon
                                        
server: Play
expires: Wed, 20 Apr 2022 01:56:22 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: b9f74414396e7716d06d8d2cc62a0000
x-li-fabric: prod-lva1
x-li-pop: prod-ech2
x-li-proto: http/1.1
x-li-uuid: ufdEFDludxbQbY0sxioAAA==
remote-cache-status: TCP_HIT, TCP_HIT, TCP_HIT
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 1446
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 4 icons, 16x16, 32 bits/pixel, 24x24, 32 bits/pixel\012- data
Size:   1446
Md5:    4261f70f4cf08dd726ad76a6aed67cf4
Sha1:   beb48108393dc1fb18c05d183cca94343919dc36
Sha256: e2e5eb50f0a4b47de523471fc46fd0122bc1b8568aca14545056b899108f528f
                                        
                                            GET /sc/h/8fkga714vy9b2wk5auqo5reeb HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Play
expires: Wed, 20 Apr 2022 01:56:22 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: c9aa9316396e771650a2c64a7e2b0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-uuid: yaqTFjludxZQosZKfisAAA==
remote-cache-status: TCP_HIT, TCP_HIT, TCP_HIT
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 1209
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (664)
Size:   1209
Md5:    c1e1c64d789b81d27d6bb19ac7b2e7f7
Sha1:   75a1bf886b4f3aba8a9ed666ecd558b0b7f9d418
Sha256: 1b11ad6ab9bc256f2e2bb1d6bf3904af5cfa724a393302af36e540dd7df39eed
                                        
                                            GET /sc/h/5oas73nreunfgygkpe5iwmgrs HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 15 Mar 2023 06:44:11 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
unused62: 8096267
server: Play
x-li-static-content: 1
x-fs-uuid: a96a0ab858a67716b0eb0df4892b0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: qWoKuFimdxaw6w30iSsAAA==
content-length: 391
remote-cache-status: TCP_HIT
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   391
Md5:    5fdb7b403b3a41faa26c73b1aaaf7668
Sha1:   c46a275d28b78b77460e42ba248317378a91b70e
Sha256: 55e3d046df49b2754cec5ecee990e526dbb272e70eb5bea625b4e68e64ce1715
                                        
                                            GET /sc/h/gs508lg3t2o81tq7pmcgn6m2 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Fri, 10 Feb 2023 18:31:40 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
unused62: 8096267
server: Play
x-li-static-content: 1
x-fs-uuid: bc2a95246e7b77160002d8f7b52a0000
x-li-fabric: prod-lva1
x-li-pop: prod-ech2
x-li-proto: http/1.1
x-li-uuid: vCqVJG57dxYAAtj3tSoAAA==
content-length: 274
remote-cache-status: TCP_HIT
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   274
Md5:    07dfbaf5f85030efc27e4a012488e13a
Sha1:   b4e6ac4f3dcd094bd4d326b537960328200384f6
Sha256: 5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c
                                        
                                            GET /sc/h/b4jgwnrrzl0qfc47qjfws95pj HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Wed, 14 Dec 2022 14:09:50 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
unused62: 8096267
server: Play
x-li-static-content: 1
x-fs-uuid: 839276ebc97b7716f0fe1565c32a0000
x-li-fabric: prod-lva1
x-li-pop: prod-edc2
x-li-proto: http/1.1
x-li-uuid: g5J268l7dxbw/hVlwyoAAA==
content-length: 820
remote-cache-status: TCP_HIT
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   820
Md5:    bbef0b818a81de5579827911c1af5127
Sha1:   59f7afad4f4b744adacbeff7b6598d197a06d9d8
Sha256: affe486de5aeb7dcfa7eaa5a69b6866b138243413e68600554a32958420576f3
                                        
                                            GET /sc/h/e785q99h29qs2x2x9sey0p946 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Fri, 16 Jun 2023 19:34:53 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 0005e195bb5a756b7eef2d936c1ca8ea
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhlbtadWt+7y2TbByo6g==
remote-cache-status: TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:28 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   151390
Md5:    1cfd5991011bc0bcb4d486ae2bd18715
Sha1:   77a2392314692ffa2e3e639bf4d71fa6c60ed592
Sha256: 260430b7e94c69c77adb6aae51c00bbb5c8cb1b0b224c87dbd118576d56136d1
                                        
                                            GET /sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Play
expires: Wed, 20 Apr 2022 01:56:22 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 25b0012c396e771670e019b17f2b0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: JbABLDludxZw4BmxfysAAA==
unused62: 8096267
remote-cache-status: TCP_HIT, TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 903
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (355)
Size:   903
Md5:    52607677c7773adecb8d49e15826c534
Sha1:   e0967a35189a8d07f382d215e9f9a877bc6727b5
Sha256: 2c385e5a99ad80990a4e9d8df2113ffb5cddf19a809eb5d7e6cac9b4c120750c
                                        
                                            GET /sc/h/ddi43qwelxeqjxdd45pe3fvs1 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Play
expires: Wed, 20 Apr 2022 01:56:22 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 25b0012c396e771670e019b17f2b0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
x-li-uuid: JbABLDludxZw4BmxfysAAA==
unused62: 8096267
remote-cache-status: TCP_HIT, TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 903
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (355)
Size:   903
Md5:    52607677c7773adecb8d49e15826c534
Sha1:   e0967a35189a8d07f382d215e9f9a877bc6727b5
Sha256: 2c385e5a99ad80990a4e9d8df2113ffb5cddf19a809eb5d7e6cac9b4c120750c
                                        
                                            GET /sc/h/6m72nwm0qwbluhdie8pkavpnf HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Tue, 20 Sep 2022 19:18:29 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 5bc31937e29da616401c4a8acb2a0000
x-li-fabric: prod-lva1
x-li-pop: prod-edc2
x-li-proto: http/1.1
x-li-uuid: W8MZN+KdphZAHEqKyyoAAA==
remote-cache-status: TCP_HIT, TCP_HIT
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 36578
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (594)
Size:   36578
Md5:    a0a26f9898197d9cf4ea0c2108cc9228
Sha1:   733bc125b057c0099996a369504fa1cf8d6b09e7
Sha256: cec1d615dc73d04aa7caf3785e9bad6543160307ce329e62605c46f796f0017f
                                        
                                            HEAD /sc/h/f215enrs1berognq3c1cn30wk HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/css
                                        
server: Play
expires: Fri, 16 Jun 2023 20:08:45 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
content-length: 0
x-fs-uuid: 0005e1963477ccfc7c19590acd54e687
x-li-fabric: prod-ltx1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhljR3zPx8GVkKzVTmhw==
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

                                        
                                            HEAD /sc/h/e785q99h29qs2x2x9sey0p946 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Fri, 16 Jun 2023 21:02:36 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
content-length: 0
x-fs-uuid: 0005e196f50dfd005e44c0db257aa57e
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhlvUN/QBeRMDbJXqlfg==
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

                                        
                                            HEAD /sc/h/30mhj8nly9ra3xprp0x2shxy2 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Fri, 16 Jun 2023 20:08:45 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
content-length: 0
x-fs-uuid: 0005e196347796b6820e91142a6d47f9
x-li-fabric: prod-lva1
x-li-pop: prod-lva1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhljR3lraCDpEUKm1H+Q==
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

                                        
                                            GET /sc/h/30mhj8nly9ra3xprp0x2shxy2 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Fri, 16 Jun 2023 19:34:53 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 0005e195bb62f6c7558b66bcec28058f
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhlbti9sdVi2a87CgFjw==
remote-cache-status: TCP_HIT, TCP_HIT, TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:28 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65466)
Size:   141536
Md5:    ab4f02bb12a61d2c481c3f7d95d649f2
Sha1:   457029489a943077ff5bd245975218420674029c
Sha256: 2baa98e1e9aaac2eec5b14ec1f1735b6fcf7b51ebca4018ab341e00deff16148
                                        
                                            HEAD /sc/h/k8yb4adb70ind5v5xmldsqha HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.linkedin.com/
Origin: https://www.linkedin.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Fri, 16 Jun 2023 19:33:49 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 0005e195b791cbb079fe875f147f3796
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhlbeRy7B5/odfFH83lg==
remote-cache-status: TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2

                                        
                                            GET /sc/h/e12h2cd8ac580qen9qdd0qks8 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: Play
expires: Wed, 29 Mar 2023 20:53:37 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 0005db619f765bdc02843089ef425a33
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXbYZ92W9wChDCJ70JaMw==
remote-cache-status: TCP_HIT
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 1157
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (603)
Size:   1157
Md5:    9812fe3d95c8774a5bcc73235c9d3904
Sha1:   9591ea0ffa691d64e45bd70b15515b6c401c36c8
Sha256: 7d45bfce3a26003fbd4853d897bc6f93ff87ae9342de62cef9595f96263eeed7
                                        
                                            GET /sc/h/cyolgscd0imw2ldqppkrb84vo HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: image/svg+xml
                                        
expires: Fri, 16 Dec 2022 16:50:21 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
cache-control: max-age=31536000, immutable
unused62: 8096267
server: Play
x-li-static-content: 1
x-fs-uuid: de178611037c77164072bd8dfc2a0000
x-li-fabric: prod-ltx1
x-li-pop: prod-eda6
x-li-proto: http/1.1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-uuid: 3heGEQN8dxZAcr2N/CoAAA==
content-length: 201
remote-cache-status: TCP_HIT
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size:   201
Md5:    daf7c1053e08e600e06c4115bf2181b4
Sha1:   452c1516e428c937762cac0842aec6fb3e48c84b
Sha256: d960843fe85cfd71159433734acd16a8406bce0491bef7c4c361d6139168c64e
                                        
                                            POST /directory/api/ingraphs/gauge HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
x-li-pageInstance: urn:li:page:auth_wall_desktop_company_jsbeacon;2wMT7kdVTkmofL20bzKz2g==
Csrf-Token: ajax:1977020562551648159
Content-Length: 96
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1663925608:t=1664012008:v=2:sig=AQEEqrFozRYgtxDhAmqOnq1q0iMtu3kC"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-fs-uuid: 0005e954dedfb763c6fc187ac8fdbc85
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7ft2PG/Bh6yP28hQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 17B82FBAA0DE4E70A5875803148B855C Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:29Z
date: Fri, 23 Sep 2022 09:33:28 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 09:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /litms/api/metadata/user HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1663925608:t=1664012008:v=2:sig=AQEEqrFozRYgtxDhAmqOnq1q0iMtu3kC"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: application/json
                                        
cache-control: no-cache, no-store
pragma: no-cache
content-length: 222
content-encoding: gzip
expires: Thu, 01 Jan 1970 00:00:00 GMT
vary: Origin,Accept-Encoding
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7hBZcuiH1uxwQWOg==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: A2F237CE697D40359B34136A02A84940 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:29Z
date: Fri, 23 Sep 2022 09:33:29 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (327), with no line terminators
Size:   222
Md5:    3b043030f5c65ef5b35841a681e372f9
Sha1:   8320a7ae24261ff8eec369b80dc37f6effd3f721
Sha256: 36000ff91b147b6ddbb2314ca4773620e8f19b61c1dfd4191b36da203bd1f5b4
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 09:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 09:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.hC77psvnnZA.es5.O/d=1/rs=AOaEmlESZ1176GxDlln9ct2PnWDtNC_3Lg/m=base HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://accounts.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="boq-infra/identity-boq-js-css-signers"
report-to: {"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-length: 34851
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 19 Sep 2022 20:22:54 GMT
expires: Tue, 19 Sep 2023 20:22:54 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Sat, 17 Sep 2022 03:41:23 GMT
age: 306635
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (868)
Size:   34851
Md5:    61edd4421042de6005f66418e5780161
Sha1:   183ab13973b949ff70c16b08ce026257d422cef2
Sha256: bc930a08d5ccad0206afda57d6f7ffc6c0a4715d82f093a01885060bc97d9c49
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 23 Sep 2022 09:33:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /sc/h/bxullzz73p3hhf78t6sj3w6pb HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google
Sec-Fetch-Dest: worker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/javascript
                                        
cache-control: max-age=31536000, immutable
content-length: 1672
content-encoding: gzip
expires: Tue, 19 Sep 2023 23:11:53 GMT
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
vary: Accept-Encoding
x-li-static-content: 1
access-control-allow-origin: *
x-fs-uuid: 0005e90fd65797e2aa7c6f3fe1c0df0e
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-cdn-client-ip-version: IPV6
x-cdn-proto: HTTP1
x-li-uuid: AAXpVN7lm7KRaTJedp5l3Q==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 850D4DA0EDAE47D2801AD55ACD93DE4D Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:29Z
date: Fri, 23 Sep 2022 09:33:29 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (523)
Size:   1672
Md5:    526e654805f1fc57a5a9923b00c509b5
Sha1:   195cf74d9fa852a646de70aa3388e31c2583f4a3
Sha256: 498d56bddf2407a18dc16b84b3dc418c0fcddc7909de19c6617e286f02dca6ef
                                        
                                            GET /litms/utag/seo-directory-frontend/utag.js?cb=1663925400000 HTTP/1.1 
Host: platform.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2393:u=1:x=1:i=1663925608:t=1664012008:v=2:sig=AQEEqrFozRYgtxDhAmqOnq1q0iMtu3kC"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; lang=v=2&lang=en-us
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

search
                                         23.36.76.210
HTTP/2 404 Not Found
content-type: text/html
                                        
server: Play
cache-control: max-age=300
content-encoding: gzip
content-length: 51659
x-li-fabric: prod-ltx1
x-li-pop: prod-ltx1-x
x-li-proto: http/1.1
x-li-uuid: AAXpVN7hzLkMlE7s0mKhVQ==
x-edgeconnect-midmile-rtt: 16
x-edgeconnect-origin-mex-latency: 153
date: Fri, 23 Sep 2022 09:33:29 GMT
vary: Accept-Encoding
set-cookie: lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; Expires=Sat, 24 Sep 2022 09:33:29 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
x-cdn-client-ip-version: IPV4
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (25835)
Size:   51659
Md5:    c9251860a4aa82a01b66828f69b38562
Sha1:   f0d52bda833cd529211113b6ec0a10e42544beb8
Sha256: 1ec2c0741951e69f7d5d5cd08fbda3db6b881d2c0f17355669c5c93c754b7ade
                                        
                                            GET /o/oauth2/iframe HTTP/1.1 
Host: accounts.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         216.58.207.237
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Fri, 23 Sep 2022 09:33:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-embedder-policy: require-corp
cross-origin-opener-policy: same-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'nonce-gn3MsxvkGvJi2D0rj5NGDA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document, ASCII text, with no line terminators
Size:   272
Md5:    409a9f4065b69ef3e7a49e4e3278b5da
Sha1:   1784b8dfbb4016e7294b8c56388fe7256e18b84c
Sha256: 900980fc01f8cadb7d8de13a03409edd4b2accc5a3669ea0f3694ee4970ae40c
                                        
                                            POST /platform-telemetry/li/collect HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 1877
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: fcookie=AQEC69JyNkZQSwAAAYNpseT977agC48ci2QXUyNJLGlprij2yOzX90zSLpdJt9X2wksuqaa5VRJvYVUzVNQs29BaGZ3bcqi1oPZXpbVWAV2DPg5WZ4B9yazzMDjSzYxR08KNzvVDNw98qKdrO3h-bBK4L8lcks8bNiocRZ43gtT2J9KHxsCfRpWXpIz_jrOeJMhL6msHjCSw-dt6ProGVToB7_537sFBCm8Z9xKWwkC63kTWIWl5O5z0BcPtFfjlb2zQ9Rkqltbw0UeeXtMk1tLyTMw6hzCurQ8DsGMdi+IETUYXWfku+tSE9jgs39hbNudd0UV5G+rprfWGpv7YKZ2KBpYaWX1BVY0zjQ==; Max-Age=604800; Expires=Fri, 30 Sep 2022 09:33:29 GMT; SameSite=None; Path=/; Secure
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7lKHlPtEpVTILYew==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 283ABB01265F44388498ABD6AB2B4110 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:29Z
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /directory/api/ingraphs/counter HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Csrf-Token: ajax:1977020562551648159
Content-Length: 99
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
x-fs-uuid: 0005e954dee62afea6168e2375153f3a
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7mKv6mFo4jdRU/Og==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 41EB125FC0B04664BC394A92F0646A4C Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:29Z
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   66
Md5:    f6ca86a32e9ce1a4a744fb52cbbb9c3b
Sha1:   c05ad9d07fd02a1cea9b6d2554275c045c6cf5b0
Sha256: c782d6661c0d94ba0ad593161919e18a815b81d27fd811949165cfd7c01e80e5

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17524
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 09:33:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17524
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 09:33:29 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17523
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 09:33:30 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17523
Expires: Fri, 23 Sep 2022 14:25:33 GMT
Date: Fri, 23 Sep 2022 09:33:30 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffccf6ade-04f7-4d15-943c-bde343725d94.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8029
x-amzn-requestid: 2fc5c63d-5cef-42f4-a6d2-b55f51c57af6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0tHjGoAMFcFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-73f2f78a2d1ca8fc666d2571;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 7DX67a-HmEh76IorINvRU61AKtSiimdPnHFnYeR2OJezZJ1_mJq0MA==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 21:48:22 GMT
age: 42308
etag: "1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8029
Md5:    02a682b4703bb9d6381c762726c05531
Sha1:   1d7f7b4cfdd7425213a21afdd1d5a5d8d11d0e54
Sha256: fb672de67420a239fe5d7e2588f640150ed29883fe2a46ded160385e3265004c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53fa68ad-0fdf-4958-b6f1-e38245c20380.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4947
x-amzn-requestid: 2d8325c6-7564-4fab-86ad-75bc44451ac8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YzHtOFNXoAMF5iQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632ab987-30ba7b1d6088630236d03486;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 07:13:11 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3NJdOO87M_on7FBlPCczqwUtjsq75kEXAxq9CcsiHDvuaUDCYhd9LQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:32 GMT
age: 41158
etag: "944c0453511761e101cb9e50ba8af7545e32e357"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4947
Md5:    d22173527a1bc9b264170aaa07491248
Sha1:   944c0453511761e101cb9e50ba8af7545e32e357
Sha256: c04b0975162a54e0afc5ae4a863f8e8393415d455e8f7ff3fc67a47868e09ec0
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb77ad616-c829-40b4-8b70-2be46252d64c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10279
x-amzn-requestid: 2ff2c324-51c5-484d-b049-3eacbdc1024a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yyj8THHdoAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a804e-0f4da4ba2a84679b3fd297fc;Sampled=0
x-amzn-remapped-date: Wed, 21 Sep 2022 03:09:02 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: z0uCxl-5L4gijwJsCjssxmgnJr4yhzvtiZdcX4wOXzgiuh8-Yj92vg==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Sep 2022 04:32:56 GMT
age: 18034
etag: "60a83a1618ffae06e49ca3002bac1db9980dcfe8"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10279
Md5:    8ea5f06ad31f0cedd2cb5c6df82f35f4
Sha1:   60a83a1618ffae06e49ca3002bac1db9980dcfe8
Sha256: 5f6a4cb92c016ef0f229b11d727e9680a15b10782b5bfe9e66ad9d100b458d8d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0ea09a2e-db97-4846-b5c4-9bc0e69977bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 13000
x-amzn-requestid: 0658a29b-3c96-431c-ab00-952ab7365e1f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioLNHd1oAMFkbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420ad-488015441a19070348de1398;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Vhg1m3Tpmoo68IBbutFCvjCLD6iBW3YWysB7hA837CwDK3DSSFp_KA==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 09:35:19 GMT
age: 86291
etag: "06f5f63e681d711bd68626805c5dd2b902ebf9cf"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   13000
Md5:    634db5bfe2b27e608c3f3518b0c44ebb
Sha1:   06f5f63e681d711bd68626805c5dd2b902ebf9cf
Sha256: 935d3442ed37fe78df5fe40fac87ca00466a3e19ef3c72a80dae17ffbcacd45d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ac88c56-4515-47b4-9c1e-7745782bd306.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10127
x-amzn-requestid: 456e3c6a-e173-433e-8d54-d787cb50b7e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y0sHmCoAMFVSg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4ea-7a07b336571396533e48b4cb;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: gWZNsIn_FEbYwMeR1JArmPEgyuHEGgWsfb-wB6P_NrmoHhNgvGWoPw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:07:28 GMT
age: 41162
etag: "48c10714503e8dfdd3e3c3d39b919ef2792f0d15"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10127
Md5:    b877ead4a15221fdd278ef27f281a7ec
Sha1:   48c10714503e8dfdd3e3c3d39b919ef2792f0d15
Sha256: f4a1d5abcfa4092828e004b6c0605a7a24e4133d275312f613dceff875971daf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98db69a9-8416-4b0b-b1b4-1ed196b985e5.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5340
x-amzn-requestid: b13bc974-e15d-43a4-a918-fbc35b09a36f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y4Y19HljIAMFY8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632cd4f2-2cb226ba4bd7c7e74d9ab2db;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8DCVWC4Ihr4R21i3ySyiWdUK0aGymTE22B842ZKolG-ZThiKSMX-uQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Sep 2022 22:11:26 GMT
age: 40924
etag: "0264e73c4cfff0bb255757c7e1c760a5ad3ece80"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5340
Md5:    3b318ea5c36d2b22b925f7dfe382df5f
Sha1:   0264e73c4cfff0bb255757c7e1c760a5ad3ece80
Sha256: 0c2f58ea4f5f32bb327f292e1b8fb5a4a60230bffc3abc440a624df27ec0d6bc
                                        
                                            POST /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 14928
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google; fcookie=AQEC69JyNkZQSwAAAYNpseT977agC48ci2QXUyNJLGlprij2yOzX90zSLpdJt9X2wksuqaa5VRJvYVUzVNQs29BaGZ3bcqi1oPZXpbVWAV2DPg5WZ4B9yazzMDjSzYxR08KNzvVDNw98qKdrO3h-bBK4L8lcks8bNiocRZ43gtT2J9KHxsCfRpWXpIz_jrOeJMhL6msHjCSw-dt6ProGVToB7_537sFBCm8Z9xKWwkC63kTWIWl5O5z0BcPtFfjlb2zQ9Rkqltbw0UeeXtMk1tLyTMw6hzCurQ8DsGMdi+IETUYXWfku+tSE9jgs39hbNudd0UV5G+rprfWGpv7YKZ2KBpYaWX1BVY0zjQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7sK8sLxFtOaeoPbA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F6AF5C556EDD4A7B98A4B71F5A094AD4 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:30Z
date: Fri, 23 Sep 2022 09:33:29 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1539
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google; fcookie=AQEC69JyNkZQSwAAAYNpseT977agC48ci2QXUyNJLGlprij2yOzX90zSLpdJt9X2wksuqaa5VRJvYVUzVNQs29BaGZ3bcqi1oPZXpbVWAV2DPg5WZ4B9yazzMDjSzYxR08KNzvVDNw98qKdrO3h-bBK4L8lcks8bNiocRZ43gtT2J9KHxsCfRpWXpIz_jrOeJMhL6msHjCSw-dt6ProGVToB7_537sFBCm8Z9xKWwkC63kTWIWl5O5z0BcPtFfjlb2zQ9Rkqltbw0UeeXtMk1tLyTMw6hzCurQ8DsGMdi+IETUYXWfku+tSE9jgs39hbNudd0UV5G+rprfWGpv7YKZ2KBpYaWX1BVY0zjQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7viXhHdBSHnn+H/A==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9EF746665B6F454D92E757708507D934 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:30Z
date: Fri, 23 Sep 2022 09:33:30 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1522
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google; fcookie=AQEC69JyNkZQSwAAAYNpseT977agC48ci2QXUyNJLGlprij2yOzX90zSLpdJt9X2wksuqaa5VRJvYVUzVNQs29BaGZ3bcqi1oPZXpbVWAV2DPg5WZ4B9yazzMDjSzYxR08KNzvVDNw98qKdrO3h-bBK4L8lcks8bNiocRZ43gtT2J9KHxsCfRpWXpIz_jrOeJMhL6msHjCSw-dt6ProGVToB7_537sFBCm8Z9xKWwkC63kTWIWl5O5z0BcPtFfjlb2zQ9Rkqltbw0UeeXtMk1tLyTMw6hzCurQ8DsGMdi+IETUYXWfku+tSE9jgs39hbNudd0UV5G+rprfWGpv7YKZ2KBpYaWX1BVY0zjQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN7+zeC8WXAKK07Iog==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 23AB120B06834E3CA18B31DDE42EA730 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:31Z
date: Fri, 23 Sep 2022 09:33:31 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1522
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google; fcookie=AQEC69JyNkZQSwAAAYNpseT977agC48ci2QXUyNJLGlprij2yOzX90zSLpdJt9X2wksuqaa5VRJvYVUzVNQs29BaGZ3bcqi1oPZXpbVWAV2DPg5WZ4B9yazzMDjSzYxR08KNzvVDNw98qKdrO3h-bBK4L8lcks8bNiocRZ43gtT2J9KHxsCfRpWXpIz_jrOeJMhL6msHjCSw-dt6ProGVToB7_537sFBCm8Z9xKWwkC63kTWIWl5O5z0BcPtFfjlb2zQ9Rkqltbw0UeeXtMk1tLyTMw6hzCurQ8DsGMdi+IETUYXWfku+tSE9jgs39hbNudd0UV5G+rprfWGpv7YKZ2KBpYaWX1BVY0zjQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN8dZ52Kg/Sa617hJw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E8A3383F43034C4FBB1EDDF13843C573 Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:33Z
date: Fri, 23 Sep 2022 09:33:33 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            POST /li/track HTTP/1.1 
Host: www.linkedin.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1522
Origin: https://www.linkedin.com
Connection: keep-alive
Referer: https://www.linkedin.com/authwall?trk=gf&trkInfo=AQH3gImkfXBE2AAAAYNpsd5ADMHWhUNGhYpdQPme55DlNhq0HQUH5EL9Vct5DRGRKkSWkLsn_Fks0HHzr1upAC1NYzqfVEgbg0KICvQRaENVFbVYj39bMsNryIpkPyUZqDjXN-0=&original_referer=&sessionRedirect=https%3A%2F%2Fwww.linkedin.com%2Fcompany%2F18056569%3Futm_campaign%3DSecurity%2520Ransomware%26utm_medium%3Demail%26_hsmi%3D226656658%26_hsenc%3Dp2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw%26utm_content%3D225582642%26utm_source%3Dhs_email
Cookie: bcookie="v=2&61313b6e-e726-4e84-857e-40c6a8bd3ee6"; bscookie="v=1&20220923093328b86d2f5d-be80-40fd-890d-2043393300e6AQH7_0dE4a_tX75dRrx-NQ_1blXam57T"; li_gc=MTswOzE2NjM5MjU2MDg7MjswMjGyQL1YTyYuRXFA1qrX82fbpZy1AZ66E9giaUIutioxJg==; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=2920:u=1:x=1:i=1663925609:t=1664012009:v=2:sig=AQG3TWc0SZQLxNqidrzI7LONM0Ey--o0"; rtc=AQGVAPTcP61l2AAAAYNpsd5A0nLxPah5XtsiNnKNeH8evuZDWCCIdoZZ8lqEL1iirTsnKt_jz42NGh21v_e_n6EGwIYzTo849jVOK0Dyfd5HFgTlIHpZ0sycEEKriHP1Ug8Xyd_frHD9FhRVOGeet5QzGkb_6k-4OSBGCwZZ2tHsGefjRPQ6ybKedLImqAOvIoimyU-w3JeXoeVPWscAJer_YdexFXg8Uuin3CcvTZZI9-C47Tp3puRrSc5w7Xb9Kw==; fid=AQEJE1suivZ5gAAAAYNpseBfmHoet9rtq0JxIRN7k_QGtkLlSxS0WHUB94J6Q__Z77VwcMjVnW1Mug; JSESSIONID=ajax:1977020562551648159; lang=v=2&lang=en-us; li_alerts=e30=; G_ENABLED_IDPS=google; fcookie=AQEC69JyNkZQSwAAAYNpseT977agC48ci2QXUyNJLGlprij2yOzX90zSLpdJt9X2wksuqaa5VRJvYVUzVNQs29BaGZ3bcqi1oPZXpbVWAV2DPg5WZ4B9yazzMDjSzYxR08KNzvVDNw98qKdrO3h-bBK4L8lcks8bNiocRZ43gtT2J9KHxsCfRpWXpIz_jrOeJMhL6msHjCSw-dt6ProGVToB7_537sFBCm8Z9xKWwkC63kTWIWl5O5z0BcPtFfjlb2zQ9Rkqltbw0UeeXtMk1tLyTMw6hzCurQ8DsGMdi+IETUYXWfku+tSE9jgs39hbNudd0UV5G+rprfWGpv7YKZ2KBpYaWX1BVY0zjQ==
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         13.107.42.14
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
                                        
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
access-control-allow-origin: https://www.linkedin.com
access-control-allow-credentials: true
content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com https://*.qualtrics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXpVN870urPbtDRBaL+Tw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: E20000A17E5947D7ADF348247E85F17D Ref B: OSL30EDGE0508 Ref C: 2022-09-23T09:33:35Z
date: Fri, 23 Sep 2022 09:33:35 GMT
content-length: 0
X-Firefox-Spdy: h2

                                        
                                            GET /Ctc/T7+113/csv1v04/VW8kPc1PYc68W6gDsHt1RFyqgW1RGk9h4QcYc0N3mxJ6_3pl37V1-WJV7CgBHjW8cs4Mk4QnT3KVYL9b12r41F6W12SVVP8mjJk-W7zHmnB9fZSFnW8q4qYq8g0mySV6PyQ82t6xt9W25M7hy2Cyc_GW21gztg88qHQrW2bD1MT4VgJSgVyJpXN4V9j6rW1_T0hX8qTmwbN3fHppfJ_K26W1qQWXx8pCjw5W6svxDk15MmypW4yhnkl6TBHcHW3G8bZW2FNf5nW3vSKJ-1mkqjDW8PZ_5l3tLRkRW8HYj425yLzhZW4ptM673DjRy6W8gmrxM33LW2YW6rs-wn46QfYVW3yF9888FtLxYW5yV6np5gHjs1W6_Spy69hGL1GW63Q9cf5XxSFK36Km1 HTTP/1.1 
Host: csv1v04.na1.hubspotlinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         104.18.30.105
HTTP/2 200 OK
content-type: text/html;charset=utf-8
                                        
date: Fri, 23 Sep 2022 09:33:27 GMT
x-robots-tag: none
referrer-policy: no-referrer
vary: Accept-Encoding
x-hubspot-correlation-id: 336f6df9-4a6c-45b3-8559-f2697d4a56ae
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f247675f0cb518-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: LinkedIn Corporation
    - fortinet: Phishing
                                        
                                            GET /events/public/v1/encoded/track/tc/T7+113/csv1v04/VW8kPc1PYc68W6gDsHt1RFyqgW1RGk9h4QcYc0N3mxJ6_3pl37V1-WJV7CgBHjW8cs4Mk4QnT3KVYL9b12r41F6W12SVVP8mjJk-W7zHmnB9fZSFnW8q4qYq8g0mySV6PyQ82t6xt9W25M7hy2Cyc_GW21gztg88qHQrW2bD1MT4VgJSgVyJpXN4V9j6rW1_T0hX8qTmwbN3fHppfJ_K26W1qQWXx8pCjw5W6svxDk15MmypW4yhnkl6TBHcHW3G8bZW2FNf5nW3vSKJ-1mkqjDW8PZ_5l3tLRkRW8HYj425yLzhZW4ptM673DjRy6W8gmrxM33LW2YW6rs-wn46QfYVW3yF9888FtLxYW5yV6np5gHjs1W6_Spy69hGL1GW63Q9cf5XxSFK36Km1?_ud=7c039bc9-c58b-4ae9-a974-5903f829dea5 HTTP/1.1 
Host: csv1v04.na1.hubspotlinks.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         104.18.30.105
HTTP/2 307 Temporary Redirect
                                        
date: Fri, 23 Sep 2022 09:33:28 GMT
location: https://www.linkedin.com/company/18056569?utm_campaign=Security%20Ransomware&utm_medium=email&_hsmi=226656658&_hsenc=p2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw&utm_content=225582642&utm_source=hs_email
x-robots-tag: none
link: <https://www.linkedin.com/company/18056569?utm_campaign=Security%20Ransomware&utm_medium=email&_hsmi=226656658&_hsenc=p2ANqtz-8uQ1dMDhRCnlRiIuVFbI5V2yEHGHWI8uR_uA1tGa4cE6LDCWrhqjzuzHOOPKj0JxQ4npEdQuTLoICVNAjGvNpY4Em9r4nkv5W4uRezI87HcO1sjdw&utm_content=225582642&utm_source=hs_email>; rel="canonical"
referrer-policy: no-referrer
x-hubspot-correlation-id: 17a340ca-4c3b-4c4d-991c-286ab25ac48a
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 74f2476a8abdb518-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sc/h/98lptr8kagfxge22q7k1fps8 HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Tue, 26 Jul 2022 16:45:40 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 4824ed890b65951670ea7088632b0000
x-li-fabric: prod-lva1
x-li-pop: prod-edc2
x-li-proto: http/1.1
x-li-uuid: SCTtiQtllRZw6nCIYysAAA==
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:29 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sc/h/k8yb4adb70ind5v5xmldsqha HTTP/1.1 
Host: static-exp1.licdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.linkedin.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         23.36.76.121
HTTP/2 200 OK
content-type: text/javascript
                                        
server: Play
expires: Fri, 16 Jun 2023 19:33:49 GMT
cache-control: max-age=31536000, immutable
last-modified: Mon, 05 Nov 2012 04:00:51 GMT
x-li-static-content: 1
x-fs-uuid: 0005e195b791cbb079fe875f147f3796
x-li-fabric: prod-lor1
x-li-pop: prod-lor1-x
x-li-proto: http/1.1
access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
x-li-uuid: AAXhlbeRy7B5/odfFH83lg==
remote-cache-status: TCP_HIT
vary: Accept-Encoding
content-encoding: gzip
date: Fri, 23 Sep 2022 09:33:28 GMT
x-cache: TCP_HIT
x-cdn-proto: HTTP2
x-cdn-client-ip-version: IPV4
timing-allow-origin: *
access-control-allow-origin: *
x-cdn: AKAM
X-Firefox-Spdy: h2


--- Additional Info ---