![](/screenshots/6317779c-ba23-4272-a278-33f9a9597db8.png)
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link
Open in
urlscan Pro
209.94.90.2
Malicious Activity!
Public Scan
Effective URL: https://bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/index.html
Submission: On June 05 via automatic, source openphish — Scanned from DE
Summary
TLS certificate: Issued by E1 on April 16th 2024. Valid for: 3 months.
This is the only time bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link was scanned on urlscan.io!
urlscan.io Verdict: Potentially Malicious
Targeting these brands: LinkedIn (Social Network)Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
7 | 209.94.90.2 209.94.90.2 | 40680 (PROTOCOL) (PROTOCOL) | |
10 | 2606:2800:233... 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 | 15133 (EDGECAST) (EDGECAST) | |
1 | 144.2.9.2 144.2.9.2 | 14413 (LINKEDIN) (LINKEDIN) | |
2 | 2a00:1450:400... 2a00:1450:400c:c02::54 | 15169 (GOOGLE) (GOOGLE) | |
2 | 2620:1ec:51::16 2620:1ec:51::16 | 8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK) | |
3 | 2a02:26f0:350... 2a02:26f0:3500:16::215:149b | 20940 (AKAMAI-ASN1) (AKAMAI-ASN1) | |
2 | 52.200.226.43 52.200.226.43 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 54.157.100.210 54.157.100.210 | 14618 (AMAZON-AES) (AMAZON-AES) | |
1 | 2606:2800:233... 2606:2800:233:66b5:799a:7cd3:f74d:7071 | 15133 (EDGECAST) (EDGECAST) | |
2 2 | 216.58.206.66 216.58.206.66 | 15169 (GOOGLE) (GOOGLE) | |
2 2 | 142.250.186.130 142.250.186.130 | 15169 (GOOGLE) (GOOGLE) | |
2 2 | 216.58.206.68 216.58.206.68 | 15169 (GOOGLE) (GOOGLE) | |
2 | 142.250.186.35 142.250.186.35 | 15169 (GOOGLE) (GOOGLE) | |
32 | 11 |
ASN40680 (PROTOCOL, US)
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link |
ASN20940 (AKAMAI-ASN1, NL)
platform.linkedin-ei.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-52-200-226-43.compute-1.amazonaws.com
dpm.demdex.net | |
lnkd.demdex.net |
ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-100-210.compute-1.amazonaws.com
lnkd.demdex.net |
ASN15133 (EDGECAST, US)
platform.linkedin.com |
ASN15169 (GOOGLE, US)
PTR: mil07s08-in-f2.1e100.net
www.googleadservices.com |
ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads.g.doubleclick.net |
Apex Domain Subdomains |
Transfer | |
---|---|---|
10 |
licdn.com
static.licdn.com — Cisco Umbrella Rank: 2304 |
283 KB |
7 |
dweb.link
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link |
14 KB |
6 |
linkedin-ei.com
ponf.linkedin-ei.com www.linkedin-ei.com Failed platform.linkedin-ei.com |
53 KB |
4 |
google.com
2 redirects
accounts.google.com — Cisco Umbrella Rank: 40 www.google.com — Cisco Umbrella Rank: 5 |
1 KB |
3 |
demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 250 lnkd.demdex.net — Cisco Umbrella Rank: 5965 |
2 KB |
2 |
google.de
www.google.de — Cisco Umbrella Rank: 8139 |
128 B |
2 |
doubleclick.net
2 redirects
googleads.g.doubleclick.net — Cisco Umbrella Rank: 63 |
50 B |
2 |
googleadservices.com
2 redirects
www.googleadservices.com — Cisco Umbrella Rank: 137 |
46 B |
1 |
linkedin.com
platform.linkedin.com — Cisco Umbrella Rank: 3852 |
29 KB |
32 | 9 |
Domain | Requested by | |
---|---|---|
10 | static.licdn.com |
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link
static.licdn.com |
7 | bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link |
static.licdn.com
|
3 | platform.linkedin-ei.com |
static.licdn.com
platform.linkedin-ei.com |
2 | www.google.de | |
2 | www.google.com | 2 redirects |
2 | googleads.g.doubleclick.net | 2 redirects |
2 | www.googleadservices.com | 2 redirects |
2 | lnkd.demdex.net |
platform.linkedin-ei.com
|
2 | www.linkedin-ei.com |
static.licdn.com
|
2 | accounts.google.com |
static.licdn.com
|
1 | platform.linkedin.com |
platform.linkedin-ei.com
|
1 | dpm.demdex.net |
platform.linkedin-ei.com
|
1 | ponf.linkedin-ei.com | |
32 | 13 |
This site contains no links.
Subject Issuer | Validity | Valid | |
---|---|---|---|
dweb.link E1 |
2024-04-16 - 2024-07-15 |
3 months | crt.sh |
*.licdn.com DigiCert SHA2 Secure Server CA |
2023-08-02 - 2024-08-01 |
a year | crt.sh |
ponf.linkedin-ei.com DigiCert SHA2 Secure Server CA |
2024-03-11 - 2024-09-11 |
6 months | crt.sh |
accounts.google.com GTS CA 1C3 |
2024-05-13 - 2024-08-05 |
3 months | crt.sh |
www.linkedin-ei.com DigiCert SHA2 Secure Server CA |
2024-04-08 - 2024-10-08 |
6 months | crt.sh |
platform.linkedin.com DigiCert SHA2 Secure Server CA |
2024-03-29 - 2025-03-28 |
a year | crt.sh |
*.demdex.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-09-26 - 2024-10-26 |
a year | crt.sh |
This page contains 3 frames:
Primary Page:
https://bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/index.html
Frame ID: 1E6D7ABB57A5819667C00A6CCB7609F3
Requests: 29 HTTP requests in this frame
Frame:
https://accounts.google.com/gsi/button?logo_alignment=center&shape=pill&size=large&text=continue_with&theme=undefined&type=undefined&width=302&client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&iframe_id=gsi_9493_531972&as=uiaiAdpGiGjJZEm7PHviWg&hl=en_US
Frame ID: 692246BB1042FEC837BBD5CC0289E1AB
Requests: 1 HTTP requests in this frame
Frame:
https://lnkd.demdex.net/dest5.html?d_nsid=0
Frame ID: 4F4252F7984C8910F29BC7D296D1ED22
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/6317779c-ba23-4272-a278-33f9a9597db8.png)
Page Title
LinkedIn Login, Sign in | LinkedInPage URL History Show full URLs
-
http://bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/index.html
HTTP 307
https://bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/index.html Page URL
Page Statistics
0 Outgoing links
These are links going to different origins than the main page.
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/index.html
HTTP 307
https://bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/index.html Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 28- https://www.googleadservices.com/pagead/conversion/979305453/?random=1717593012027&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&oid=7123487688087571&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=250216580&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ct_cookie_present=false&eoid=CkAKEQjwmYCzBhDQ3o3Vqo-PuPQBEisAESRBagfqhRzFE1uDQQL6lbNZMSE7luATK2NzN7PUUW4lJBBI_bWjfG4d8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIusfrysTEhgMVbSMGAB0g8xbGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6U2h0dHBzOi8vYmFmeWJlaWdyMmYyZ2Zta2d0ZDJmYjY2ZmxyaHY1Mm81cHp0dTdjYjJjY3FpN3JmeXM1dW9wZWl0NHkuaXBmcy5kd2ViLmxpbmsv HTTP 302
- https://www.google.com/pagead/1p-conversion/979305453/?random=250216580&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ct_cookie_present=false&eoid=CkAKEQjwmYCzBhDQ3o3Vqo-PuPQBEisAESRBagfqhRzFE1uDQQL6lbNZMSE7luATK2NzN7PUUW4lJBBI_bWjfG4d8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIusfrysTEhgMVbSMGAB0g8xbGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6U2h0dHBzOi8vYmFmeWJlaWdyMmYyZ2Zta2d0ZDJmYjY2ZmxyaHY1Mm81cHp0dTdjYjJjY3FpN3JmeXM1dW9wZWl0NHkuaXBmcy5kd2ViLmxpbmsv&is_vtc=1&cid=CAQSKQDaQooLd7f7GBEMDH_XaJZnhEfrEEXjgrpoIHswBe8lxBQ_N24miPTJ&random=2288736451&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/979305453/?random=250216580&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ct_cookie_present=false&eoid=CkAKEQjwmYCzBhDQ3o3Vqo-PuPQBEisAESRBagfqhRzFE1uDQQL6lbNZMSE7luATK2NzN7PUUW4lJBBI_bWjfG4d8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIusfrysTEhgMVbSMGAB0g8xbGMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6U2h0dHBzOi8vYmFmeWJlaWdyMmYyZ2Zta2d0ZDJmYjY2ZmxyaHY1Mm81cHp0dTdjYjJjY3FpN3JmeXM1dW9wZWl0NHkuaXBmcy5kd2ViLmxpbmsv&is_vtc=1&cid=CAQSKQDaQooLd7f7GBEMDH_XaJZnhEfrEEXjgrpoIHswBe8lxBQ_N24miPTJ&random=2288736451&resp=GooglemKTybQhCsO&ipr=y
- https://www.googleadservices.com/pagead/conversion/979305453/?random=1717593012027&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&oid=7123487688087571&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP 302
- https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=430854347&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ct_cookie_present=false&eoid=CkAKEQjwmYCzBhDQ3o3Vqo-PuPQBEisAESRBapMjqTE9JDpWAXAc-XF6kxMxJqoj4PImNs_rT5X9YbzS-cxIoP8w8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIj8PrysTEhgMViW1BAh1nCwbxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6U2h0dHBzOi8vYmFmeWJlaWdyMmYyZ2Zta2d0ZDJmYjY2ZmxyaHY1Mm81cHp0dTdjYjJjY3FpN3JmeXM1dW9wZWl0NHkuaXBmcy5kd2ViLmxpbmsv HTTP 302
- https://www.google.com/pagead/1p-conversion/979305453/?random=430854347&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ct_cookie_present=false&eoid=CkAKEQjwmYCzBhDQ3o3Vqo-PuPQBEisAESRBapMjqTE9JDpWAXAc-XF6kxMxJqoj4PImNs_rT5X9YbzS-cxIoP8w8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIj8PrysTEhgMViW1BAh1nCwbxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6U2h0dHBzOi8vYmFmeWJlaWdyMmYyZ2Zta2d0ZDJmYjY2ZmxyaHY1Mm81cHp0dTdjYjJjY3FpN3JmeXM1dW9wZWl0NHkuaXBmcy5kd2ViLmxpbmsv&is_vtc=1&cid=CAQSKQDaQooL20wZJ_8sKesd9o8I7Lruf2dcSDhx2RZ4PxZIntBi5yOKH-z1&random=2479438230&resp=GooglemKTybQhCsO HTTP 302
- https://www.google.de/pagead/1p-conversion/979305453/?random=430854347&cv=9&fst=1717593012027&num=1&fmt=3&npa=1&label=Kc16CMr0-_0BEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=5&u_nmime=2>m=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fbafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link%2Findex.html&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ct_cookie_present=false&eoid=CkAKEQjwmYCzBhDQ3o3Vqo-PuPQBEisAESRBapMjqTE9JDpWAXAc-XF6kxMxJqoj4PImNs_rT5X9YbzS-cxIoP8w8P8HAQ&sscte=1&crd=CJW3sQIIscGxAgiwwbECCLnBsQI&pscrd=IhMIj8PrysTEhgMViW1BAh1nCwbxMgIIAzICCAQyAggHMgIICDICCAkyAggKMgIIAjICCAs6U2h0dHBzOi8vYmFmeWJlaWdyMmYyZ2Zta2d0ZDJmYjY2ZmxyaHY1Mm81cHp0dTdjYjJjY3FpN3JmeXM1dW9wZWl0NHkuaXBmcy5kd2ViLmxpbmsv&is_vtc=1&cid=CAQSKQDaQooL20wZJ_8sKesd9o8I7Lruf2dcSDhx2RZ4PxZIntBi5yOKH-z1&random=2479438230&resp=GooglemKTybQhCsO&ipr=y
32 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H3 |
Primary Request
index.html
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/ Redirect Chain
|
38 KB 12 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1sjpgjk18flzq8du4cxjl13ch
static.licdn.com/sc/h/ |
273 KB 24 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
8z6rxr4cu3kb0bf0f6w0l7uvs
static.licdn.com/sc/h/ |
253 KB 56 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
2y3qdqw0xpfk3qo1agmkdpn7x
static.licdn.com/sc/h/ |
93 KB 26 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
473v2cdto9klp3y6gfjcs28u2
static.licdn.com/sc/h/ |
74 KB 15 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ccg6j0toh362m9pa9exs90nin
static.licdn.com/sc/h/ |
2 KB 893 B |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
es8jfua30moj789rlzkfx9heo
static.licdn.com/sc/h/ |
243 KB 63 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
179r7h6dytjlclq68a906sd4s
static.licdn.com/sc/h/ |
72 KB 22 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
4k6diadsezedadhkq4uxfxss1
static.licdn.com/sc/h/ |
182 KB 62 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
1gpe377m8n1eq73qveizv5onv
static.licdn.com/sc/h/ |
38 KB 13 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.png
ponf.linkedin-ei.com/pixel/ |
43 B 107 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/li/ |
42 B 482 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
9lb1g1kp916tat669q9r5g2kz
static.licdn.com/sc/h/ |
32 KB 926 B |
Other
image/x-icon |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
button
accounts.google.com/gsi/ Frame 6922 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
status
accounts.google.com/gsi/ |
37 B 992 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/li/ |
42 B 482 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/li/ |
42 B 380 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST |
apfcDf
www.linkedin-ei.com/platform-telemetry/li/ |
0 0 |
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
apfcDf
www.linkedin-ei.com/platform-telemetry/li/ Frame |
0 0 |
Preflight
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user
www.linkedin-ei.com/litms/api/metadata/ |
342 B 2 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ |
137 KB 43 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
id
dpm.demdex.net/ |
624 B 1 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.107.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
utag.117.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ |
11 KB 4 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/li/ |
42 B 380 B |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/li/ |
42 B 380 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dest5.html
lnkd.demdex.net/ Frame 4F42 |
0 0 |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
event
lnkd.demdex.net/ |
529 B 996 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtag-adwords.js
platform.linkedin.com/litms/vendor/google/ |
78 KB 29 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-conversion/979305453/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
/
www.google.de/pagead/1p-conversion/979305453/ Redirect Chain
|
42 B 64 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H3 |
track
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/li/ |
42 B 380 B |
Ping
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Failed requests
These URLs were requested, but there was no response received. You will also see them in the list above.
- Domain
- www.linkedin-ei.com
- URL
- https://www.linkedin-ei.com/platform-telemetry/li/apfcDf
Verdicts & Comments Add Verdict or Comment
Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!
urlscan
Phishing against: LinkedIn (Social Network)33 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 undefined| utag_data object| utag_cfg_ovrd object| trackingEventDebugData object| artdeco object| _artdecoBakedCurves object| __core-js_shared__ object| _0x41e7 function| _0x561f function| triggerDnaApfcEvent object| default_gsi object| google object| __G_ID_CLIENT__ object| closure_lm_108251 object| AppleID object| apfcDf object| tealiumDil boolean| utag_condload object| landingPageUrl object| utag boolean| __tealium_twc_switch function| DIL object| adobe function| Visitor object| s_c_il number| s_c_in string| gtagRename object| dataLayer function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager16 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/ | Name: __cflb Value: 02DiuEUN8rMdVd556ogakWBDE3hE7FRTw2rEMXDJ8Gd7r |
|
.linkedin-ei.com/ | Name: lang Value: v=2&lang=de-de |
|
.linkedin-ei.com/ | Name: bcookie Value: "v=2&58588d23-4d07-46c8-8a2b-69f38e651a63" |
|
.www.linkedin-ei.com/ | Name: bscookie Value: "v=1&20240605131010d0c8323b-2722-4ad5-88cd-eb14af385defAQHYDPqpYPPr72_765EfduBuqBiwJXRi" |
|
.www.linkedin-ei.com/ | Name: JSESSIONID Value: ajax:-5577627570236728593 |
|
.linkedin-ei.com/ | Name: lidc Value: "b=ETGST06:s=ET:r=ET:a=ET:p=ET:g=145:u=1:x=1:i=1717593010:t=1717679410:v=2:sig=AQFNZD4dqfVVQJPuBrS0qDt0PQF-hWaK" |
|
.demdex.net/ | Name: demdex Value: 06086689182843733720581111311774246978 |
|
.bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/ | Name: AMCVS_14215E3D5995C57C0A495C55%40AdobeOrg Value: 1 |
|
.bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/ | Name: AMCV_14215E3D5995C57C0A495C55%40AdobeOrg Value: -637568504%7CMCIDTS%7C19880%7CMCMID%7C06297321796699255590639417226850540425%7CMCAAMLH-1718197811%7C7%7CMCAAMB-1718197811%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1717600211s%7CNONE%7CvVersion%7C5.1.1 |
|
.bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link/ | Name: aam_uuid Value: 06086689182843733720581111311774246978 |
|
.linkedin.com/ | Name: lidc Value: "b=VGST09:s=V:r=V:a=V:p=V:g=2914:u=1:x=1:i=1717593011:t=1717679411:v=2:sig=AQG6p-8RxmXOrUEXb6IuY_5OSnXiJpaJ" |
|
.demdex.net/ | Name: dextp Value: 771-1-1717593011972|1957-1-1717593012075 |
|
.bing.com/ | Name: MUID Value: 3B9CB1FA27F26FDD1C2EA56F26156E8F |
|
.c.bing.com/ | Name: MR Value: 0 |
|
.doubleclick.net/ | Name: IDE Value: AHWqTUlo3hDuSsoEAYrUil31Haww1wxWq7r1avUV6mXWUZV6rRbh29QlxPkBrkio |
|
.dpm.demdex.net/ | Name: dpm Value: 06086689182843733720581111311774246978 |
53 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
accounts.google.com
bafybeigr2f2gfmkgtd2fb66flrhv52o5pztu7cb2ccqi7rfys5uopeit4y.ipfs.dweb.link
dpm.demdex.net
googleads.g.doubleclick.net
lnkd.demdex.net
platform.linkedin-ei.com
platform.linkedin.com
ponf.linkedin-ei.com
static.licdn.com
www.google.com
www.google.de
www.googleadservices.com
www.linkedin-ei.com
www.linkedin-ei.com
142.250.186.130
142.250.186.35
144.2.9.2
209.94.90.2
216.58.206.66
216.58.206.68
2606:2800:233:66b5:799a:7cd3:f74d:7071
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
2620:1ec:51::16
2a00:1450:400c:c02::54
2a02:26f0:3500:16::215:149b
52.200.226.43
54.157.100.210
199a4b151d7ba7657f2d9a65c59cdb6d206cfd99ec841ae36819837d50ab4b97
42a498dc5f62d81801f8e753fc9a50af5bc1aabda8ab8b2960dce48211d7c023
4c2be3d866dc5a0f6b152d2a5764ae634ae5b13d761923b3b0f213338bda6c12
5d10ba7adf9cc820eccc13113fc116160254aa5adfeff8e79d62edba4bc52fb4
60b563ab65efeb6eadf0b815d1808c01b7b71287c4415f357a8701dbc3c47fd3
6101eea4239ded7503b74732d078de0de0e31d9465de3876b1641802dd299200
72bccd36c17aa93a7bb553557626bb720be60cde2357d817bd03af6be67cf08e
7c3190461704d64cb2fb3bbe447902518dcc8a93536e10b7d3475b8ecb836152
826073cee5569fb16b0aef88e1483a53afd19393fa1916a13cd46e34a92f7717
9900959f2e957457fc61789e118eda1923efd3a6ba4e0be5ab709fb7d26e0b30
9a0bbdb82c145aba5a40f243d11477723bd8eb982c0fd665a5c71360f157bf44
9e6de70903f4b0f70fc6b57dcc423aae2bd167d5bd5e3c7a4f8f3bc9ad795b24
bd3580fa64a24a72f97df0f382cb2d529568062394f30db2ade926fc2c92f814
c852b1105eb000028e9b27677996f8d4773daa31fa1aaf663cb6ae3a6857a50a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d23f4f7edb745d94c522d61fcbe0f7d0dc4d672974821bded7f5c794c5ea31fc
d4ddfb9dda4987506dfbdf0c45e4c1fcaa1db286aec663340ced8f7fe3acabba
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42b7a2cbb2607296976b3374653138109d4b2f05070c52820860ed1a83a98da
f6e913fbef0be8163aa97874419afd093425d4dde9a6fb5e0dbcdcdc2b8b47f6
f89934ac0709430477b8a664f72035461a08e79aab91944d71d695660d810c13
fb9b509d020c4c45ad497de7c4f7d1b22b4e7dc62339927fbf7e32e227932cb7