ja.org.ua Open in urlscan Pro
2606:4700:3033::6815:f78  Malicious Activity! Public Scan

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

14 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
0 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response ja.org.ua/sitemap-image/linkedin-normal/	42 KB 32 KB	825ms 767ms	Document text/html	2606:4700:3033::6815:f78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 40acd7d76879e5cd1af1c25f66c840d84fa0e3f1070bf438eb7aa24b5469b625 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 accept-language de-DE,de;q=0.9 Response headers alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 cf-cache-status DYNAMIC cf-ray 6f879a399f940e02-MXP content-encoding br content-type text/html; charset=UTF-8 date Fri, 08 Apr 2022 02:34:11 GMT expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IiSseAy6bC%2FHyVNf7VoqHhva4myxHKDFe6TQsmkg%2Fs2tnSIGiBErGy66QS%2BJpLEVFfIfP3dlZ7KnvxcOwFl%2BSaZFinDYikqc2XvThoGcEi2cyTtz7%2BZi7cGpwtKyg8tE0cE3k8eUCEs%3D"}],"group":"cf-nel","max_age":604800} server cloudflare
GET H2	200	login.js Show response ja.org.ua/sitemap-image/linkedin-normal/js/	20 KB 6 KB	195ms 194ms	Script application/javascript	2606:4700:3033::6815:f78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ja.org.ua/sitemap-image/linkedin-normal/js/login.js Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2606:4700:3033::6815:f78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br cf-cache-status MISS last-modified Thu, 21 Jun 2018 01:29:08 GMT server cloudflare etag W/"5b2aff64-4f65" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WFCEdB6sf1o6tLIZBMFjBZjg3q%2FRS%2FMs8TzHR1B86O1qFbwQPh11yi43UWQYqoCARvs%2Bo1XIOTj967OnsA6moLWN3dx%2BMNCBn5thc4wew7lqZj9hi%2FRPXLf5kTc5AIDfjHxfRm6%2FYXc%3D"}],"group":"cf-nel","max_age":604800} content-type application/javascript cache-control max-age=315360000 nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} cf-ray 6f879a3e8aa40e02-MXP alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 31 Dec 2037 23:55:55 GMT
GET H2	200	6u4abakrebm97iir18d17rmu0 static-exp1.licdn.com/sc/h/	206 KB 19 KB	36ms 13ms	Stylesheet text/css	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/6u4abakrebm97iir18d17rmu0 Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8E9D) / Resource Hash 9edf0e1fc3ef5062d6aef1b537226c289970b6bb7bb5cd0f1855ad8fadecdd42 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/css x-cdn-client-ip-version IPV6 x-cdn ECST age 7325826 x-cache HIT x-cdn-proto HTTP2 content-length 18941 x-li-uuid AAXVccC9ntw2GzPa7MQs4Q== server ECAcc (frc/8E9D) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-lor1-x cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-lor1 access-control-allow-origin * access-control-expose-headers X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid 0005d571c0bd9edc361b33daecc42ce1 expires Fri, 13 Jan 2023 07:37:05 GMT
GET H2	200	9z2qszoigwown5438iofxsbd3 Show response static-exp1.licdn.com/sc/h/	134 KB 33 KB	40ms 17ms	Script text/javascript	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/9z2qszoigwown5438iofxsbd3 Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F5D) / Resource Hash 348df093a36c0b1c994a7d028a8db84e2f15715c3ede86d6338a20fe3eb7be32 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/javascript x-cdn-client-ip-version IPV6 x-cdn ECST age 7325827 x-cache HIT x-cdn-proto HTTP2 content-length 33831 x-li-uuid AAXVccC621hUn5Y97O9LPA== server ECAcc (frc/8F5D) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-lva1-x cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-lva1 access-control-allow-origin * access-control-expose-headers X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid 0005d571c0badb58549f963decef4b3c expires Fri, 13 Jan 2023 07:37:05 GMT
GET H2	200	2qwdjwm18c9qqjkkqgthouslg Show response static-exp1.licdn.com/sc/h/	62 KB 19 KB	48ms 25ms	Script text/javascript	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/2qwdjwm18c9qqjkkqgthouslg Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FA1) / Resource Hash ffbf8b87d477b1f917e6358124494745533f7820946c87bab5e9817202356b8a Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/javascript x-cdn-client-ip-version IPV6 x-cdn ECST age 7325826 x-cache HIT x-cdn-proto HTTP2 content-length 18846 x-li-uuid AAXVccC9SsYzAMJ1IpzeUw== server ECAcc (frc/8FA1) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-lor1-x cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-lor1 access-control-allow-origin * access-control-expose-headers X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid 0005d571c0bd4ac63300c275229cde53 expires Fri, 13 Jan 2023 07:37:05 GMT
GET H2	200	6jblk5oqhlo45xbkmcr7s4zix Show response static-exp1.licdn.com/sc/h/	64 KB 13 KB	39ms 16ms	Script text/javascript	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/6jblk5oqhlo45xbkmcr7s4zix Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F28) / Resource Hash 2072637eca86b31333f03dd2f363993776d87ec85be0f0970d80a08347cbe43f Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/javascript x-cdn-client-ip-version IPV6 x-cdn ECST age 20227483 x-cache HIT x-cdn-proto HTTP2 content-length 13554 x-li-uuid q5SK2VvumxbQJm1LFCsAAA== server ECAcc (frc/8F28) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-edc2 cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-lva1 access-control-allow-origin * x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid 0134c1cbdc868c16404c5e57572b0000 expires Mon, 27 Jun 2022 19:24:08 GMT
GET H2	200	eifp0ukycgmm5y0uay3omxuap Show response static-exp1.licdn.com/sc/h/	1 KB 598 B	51ms 29ms	Script text/javascript	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/eifp0ukycgmm5y0uay3omxuap Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8FD1) / Resource Hash 99c52046d1df362721eb275cabcd169c7e105d0bbaf374a7c9f96ddf6c1216f2 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/javascript x-cdn-client-ip-version IPV6 x-cdn ECST age 14862721 x-cache HIT x-cdn-proto HTTP2 content-length 460 x-li-uuid 3psn2JT9rhYghY6jfCsAAA== server ECAcc (frc/8FD1) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-edc2 cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-lva1 access-control-allow-origin * x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid de9b27d894fdae1620858ea37c2b0000 expires Tue, 18 Oct 2022 02:02:10 GMT
GET H2	200	z5z0fyn9degkqxthacxz44e4 Show response static-exp1.licdn.com/sc/h/	73 KB 22 KB	32ms 10ms	Script text/javascript	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/z5z0fyn9degkqxthacxz44e4 Requested by Host: ja.org.ua URL: https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F74) / Resource Hash c07f4c4caa7bf62915a154289d26250b2ae256215175e2f413cd5e664c94bde2 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/javascript x-cdn-client-ip-version IPV6 x-cdn ECST age 7325827 x-cache HIT x-cdn-proto HTTP2 content-length 21714 x-li-uuid AAXVccC6uSBs+o/fg0fdMA== server ECAcc (frc/8F74) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-lva1-x cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-lva1 access-control-allow-origin * access-control-expose-headers X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid 0005d571c0bab9206cfa8fdf8347dd30 expires Fri, 13 Jan 2023 07:37:05 GMT
GET H2	200	analytics.js Show response platform.linkedin-ei.com/js/	60 KB 24 KB	1840ms 585ms	Script text/javascript	2a02:26f0:3500:7::17d8:4dca AKAMAI-ASN1
General Check archive.org Show headers Download Go to Full URL https://platform.linkedin-ei.com/js/analytics.js Requested by Host: static-exp1.licdn.com URL: https://static-exp1.licdn.com/sc/h/z5z0fyn9degkqxthacxz44e4 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:26f0:3500:7::17d8:4dca Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL), Reverse DNS Software Play / Resource Hash 48923a58feaa387328008470b1ff2a9fed1500d035b35916e02f493c6659652c Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:13 GMT content-encoding gzip nel {"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true} x-cdn AKAM p3p CP="CAO CUR ADM DEV PSA PSD OUR" content-length 23794 x-li-uuid AAXcG24ku5Kao5B9UjvliQ== server Play x-li-pop ei-ltx1-x vary Accept-Encoding report-to {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true} content-type text/javascript; charset=UTF-8 cache-control public, max-age=600 x-li-proto http/1.1 x-li-fabric ei-ltx1 expires Fri, 8 Apr 2022 02:44:13 GMT
GET H2	200	50seqnxcfadh00enh9ffvk85k Show response static-exp1.licdn.com/sc/h/	181 KB 50 KB	12ms 12ms	Script text/javascript	2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 EDGECAST
General Check archive.org Show headers Download Go to Full URL https://static-exp1.licdn.com/sc/h/50seqnxcfadh00enh9ffvk85k Requested by Host: static-exp1.licdn.com URL: https://static-exp1.licdn.com/sc/h/9z2qszoigwown5438iofxsbd3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2606:2800:233:6a53:4ac1:3bc8:ee4e:5990 , United States, ASN15133 (EDGECAST, US), Reverse DNS Software ECAcc (frc/8F6D) / Resource Hash 597c946522dec4cf136d651c70944887b7e30adfb8aa5196815b0225283e1253 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:11 GMT content-encoding br content-type text/javascript x-cdn-client-ip-version IPV6 x-cdn ECST age 27121665 x-cache HIT x-cdn-proto HTTP2 content-length 51508 x-li-uuid 1YoB9SJwgxbgjbLNsioAAA== server ECAcc (frc/8F6D) timing-allow-origin * last-modified Mon, 05 Nov 2012 04:00:51 GMT x-li-pop prod-eda6 cache-control max-age=31536000, immutable vary Accept-Encoding x-li-fabric prod-ltx1 access-control-allow-origin * x-li-proto http/1.1 accept-ranges bytes x-li-static-content 1 x-fs-uuid 6e579deabd6f8116b00bb433542b0000 expires Sun, 22 May 2022 16:16:42 GMT
GET H2	403	status Show response accounts.google.com/gsi/	37 B 1 KB	85ms 62ms	XHR application/json	2a00:1450:4001:800::200d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=jvpGrCDfDdA9fUGomuDpIQ Requested by Host: static-exp1.licdn.com URL: https://static-exp1.licdn.com/sc/h/50seqnxcfadh00enh9ffvk85k Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:800::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software ESF / Resource Hash c86c1c34d7256d5e7a0964ffd9726b977626c434e4d7c850227ab0a3f8ac85a7 Security Headers Name Value Content-Security-Policy script-src 'report-sample' 'nonce-wfnovevGI2nW5M6okwXX/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http X-Content-Type-Options nosniff X-Frame-Options SAMEORIGIN X-Xss-Protection 0 Request headers accept-language de-DE,de;q=0.9 Referer https://ja.org.ua/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Response headers date Fri, 08 Apr 2022 02:34:12 GMT content-encoding gzip x-content-type-options nosniff content-disposition attachment; filename="json.txt"; filename*=UTF-8''json.txt access-control-allow-methods GET alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" x-xss-protection 0 pragma no-cache server ESF x-frame-options SAMEORIGIN report-to {"group":"ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx"}]} content-type application/json; charset=utf-8 access-control-allow-origin https://ja.org.ua cache-control no-cache, no-store, max-age=0, must-revalidate access-control-allow-credentials true content-security-policy script-src 'report-sample' 'nonce-wfnovevGI2nW5M6okwXX/w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http cross-origin-opener-policy-report-only same-origin; report-to="ATmXEA8yZBobgwIiz2di590e5SYDLXY4wfk_ZDc7gHnA6kYOBrrvhVTzN-6lvRQrKkkkGYBx" expires Mon, 01 Jan 1990 00:00:00 GMT
POST H3	404	track Show response ja.org.ua/li/	38 KB 10 KB	324ms 323ms	XHR text/html	2606:4700:3033::6815:f78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ja.org.ua/li/track Requested by Host: static-exp1.licdn.com URL: https://static-exp1.licdn.com/sc/h/z5z0fyn9degkqxthacxz44e4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab14e650ef11bf674815d6ad0bf62efa272698c3df1eb815cd8ddce876207ec9 Request headers Csrf-Token Referer https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-type application/json Response headers pragma no-cache date Fri, 08 Apr 2022 02:34:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare link <https://ja.org.ua/wp-json/>; rel="https://api.w.org/" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Cookie report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zX6eWM9WksjZkdW6jswgfUL4XRSOnqnApkak6Dy89d7O5nWbTzj1IX9Gda2h0T6OUsAtach%2BvIuno%2BXEwvf4va%2FHUD%2F2FUCHWFfsd5eiZQ1xio6cx7gZgdeViTF8vOf2xHv4cBbdRKA%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 6f879a421e8c73a3-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	404	track Show response ja.org.ua/li/	38 KB 10 KB	353ms 352ms	XHR text/html	2606:4700:3033::6815:f78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ja.org.ua/li/track Requested by Host: static-exp1.licdn.com URL: https://static-exp1.licdn.com/sc/h/9z2qszoigwown5438iofxsbd3 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab14e650ef11bf674815d6ad0bf62efa272698c3df1eb815cd8ddce876207ec9 Request headers Csrf-Token Referer https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 Content-type application/json Response headers pragma no-cache date Fri, 08 Apr 2022 02:34:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare link <https://ja.org.ua/wp-json/>; rel="https://api.w.org/" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Cookie report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gpNs0yJIfhEWQQuEgHQo7SCMYvfHy40mmMnhrTE3Hnuom5pnm1AqHYY5DXw3M%2Bnf7%2BN2iCkywdLI5RZ7UW8FigA2AQnRZCpDphu1elmz1mKBCSeZwA7z89Mc7dB1M%2FRG5tRrw79mkTs%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 6f879a42bf1773a3-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT
POST H3	404	track Show response ja.org.ua/li/	38 KB 10 KB	310ms 310ms	XHR text/html	2606:4700:3033::6815:f78 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://ja.org.ua/li/track Requested by Host: static-exp1.licdn.com URL: https://static-exp1.licdn.com/sc/h/z5z0fyn9degkqxthacxz44e4 Protocol H3 Security QUIC, , AES_128_GCM Server 2606:4700:3033::6815:f78 , United States, ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash ab14e650ef11bf674815d6ad0bf62efa272698c3df1eb815cd8ddce876207ec9 Request headers Csrf-Token Referer https://ja.org.ua/sitemap-image/linkedin-normal/?csdun= accept-language de-DE,de;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36 content-type application/json Response headers pragma no-cache date Fri, 08 Apr 2022 02:34:12 GMT content-encoding br cf-cache-status DYNAMIC nel {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server cloudflare link <https://ja.org.ua/wp-json/>; rel="https://api.w.org/" expect-ct max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct" vary Accept-Encoding, Cookie report-to {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Bb4erFjOBgofALZAdZSqgDWn9duKTnirK6Z3mBW21QXvCTLOIWD8s%2FqAr4m9fThFAwL4s3wWEFSsq%2F1fW0D%2Fp%2B5%2BVDJBE6or8Un%2Byx30tJYtskKAUAjBS9jTSyITEFrwNz7mESHzcZI%3D"}],"group":"cf-nel","max_age":604800} content-type text/html; charset=UTF-8 cache-control no-store, no-cache, must-revalidate cf-ray 6f879a43c83873a3-MRS alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400 expires Thu, 19 Nov 1981 08:52:00 GMT

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LinkedIn (Social Network) Generic (Online)

37 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails object| Aes object| Base64 object| Utf8 string| hea2p string| hea2t string| output string| ctrTxt object| LI object| artdeco object| _artdecoBakedCurves object| __core-js_shared__ object| utag_data object| utag_cfg_ovrd object| _0x3365 function| _0xcf3d object| rumTracking string| GoogleAnalyticsObject function| ga object| gapi object| _ object| gadgets object| osapi object| ___jsl object| oauth2 object| default_gsi object| closure_lm_98861 object| google object| __G_ID_CLIENT__ object| apfcDf object| google_tag_data object| gaplugins object| gaGlobal object| gaData

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			ja.org.ua/	1969-12-31 23:59:59	Name: PHPSESSID Value: 1lnga9o00felnb4kea43p15q1k
			.linkedin-ei.com/	1970-01-20 02:11:11	Name: lidc Value: "b=ETGST00:s=ET:r=ET:a=ET:p=ET:g=76:u=1:x=1:i=1649385253:t=1649471653:v=2:sig=AQEKpO3RjXBaom6WZbznCrZfmlS_7vzy"

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=jvpGrCDfDdA9fUGomuDpIQ Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://ja.org.ua/li/track Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ja.org.ua/li/track Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://ja.org.ua/li/track Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
ja.org.ua
platform.linkedin-ei.com
static-exp1.licdn.com
2606:2800:233:6a53:4ac1:3bc8:ee4e:5990
2606:4700:3033::6815:f78
2a00:1450:4001:800::200d
2a02:26f0:3500:7::17d8:4dca
2072637eca86b31333f03dd2f363993776d87ec85be0f0970d80a08347cbe43f
348df093a36c0b1c994a7d028a8db84e2f15715c3ede86d6338a20fe3eb7be32
40acd7d76879e5cd1af1c25f66c840d84fa0e3f1070bf438eb7aa24b5469b625
48923a58feaa387328008470b1ff2a9fed1500d035b35916e02f493c6659652c
597c946522dec4cf136d651c70944887b7e30adfb8aa5196815b0225283e1253
847c86ae982abe9180233276125b930b4a1b6f1bd12649b0c07535c1e984def8
99c52046d1df362721eb275cabcd169c7e105d0bbaf374a7c9f96ddf6c1216f2
9edf0e1fc3ef5062d6aef1b537226c289970b6bb7bb5cd0f1855ad8fadecdd42
ab14e650ef11bf674815d6ad0bf62efa272698c3df1eb815cd8ddce876207ec9
c07f4c4caa7bf62915a154289d26250b2ae256215175e2f413cd5e664c94bde2
c86c1c34d7256d5e7a0964ffd9726b977626c434e4d7c850227ab0a3f8ac85a7
ffbf8b87d477b1f917e6358124494745533f7820946c87bab5e9817202356b8a