Submitted URL: https://www.linkedin.login.is-nb.tk/
Effective URL: https://www.linkedin.login.is-nb.tk/uas/login
Submission: On September 17 via automatic, source certstream-suspicious

Summary

This website contacted 10 IPs in 4 countries across 9 domains to perform 22 HTTP transactions. The main IP is 23.254.202.252, located in Seattle, United States and belongs to HOSTWINDS, US. The main domain is www.linkedin.login.is-nb.tk.
TLS certificate: Issued by Let's Encrypt Authority X3 on September 17th 2020. Valid for: 3 months.
This is the only time www.linkedin.login.is-nb.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 6 23.254.202.252 54290 (HOSTWINDS)
7 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
2 2606:2800:233... 15133 (EDGECAST)
1 2a00:1450:400... 15169 (GOOGLE)
1 2620:1ec:21::16 8068 (MICROSOFT...)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 34.242.67.216 16509 (AMAZON-02)
2 52.209.239.68 16509 (AMAZON-02)
1 1 172.217.22.66 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
22 10
Domain Requested by
7 static-exp1.licdn.com www.linkedin.login.is-nb.tk
static-exp1.licdn.com
6 www.linkedin.login.is-nb.tk 2 redirects static-exp1.licdn.com
2 lnkd.demdex.net platform.linkedin-ei.com
2 platform.linkedin-ei.com static-exp1.licdn.com
platform.linkedin-ei.com
2 platform.linkedin.com static-exp1.licdn.com
platform.linkedin-ei.com
1 www.google.de
1 www.google.com 1 redirects
1 googleads.g.doubleclick.net 1 redirects
1 www.googleadservices.com 1 redirects
1 dpm.demdex.net platform.linkedin-ei.com
1 www.linkedin-ei.com static-exp1.licdn.com
1 accounts.google.com static-exp1.licdn.com
22 12

This site contains links to these domains. Also see Links.

Domain
linkedin.com
Subject Issuer Validity Valid
www.linkedin.login.is-nb.tk
Let's Encrypt Authority X3
2020-09-17 -
2020-12-16
3 months crt.sh
*.licdn.com
DigiCert SHA2 Secure Server CA
2019-04-01 -
2021-05-07
2 years crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA
2019-10-10 -
2021-10-14
2 years crt.sh
accounts.google.com
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh
www.linkedin-ei.com
DigiCert SHA2 Secure Server CA
2020-05-01 -
2020-11-01
6 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA
2018-01-09 -
2021-02-12
3 years crt.sh
www.google.de
GTS CA 1O1
2020-08-26 -
2020-11-18
3 months crt.sh

This page contains 2 frames:

Primary Page: https://www.linkedin.login.is-nb.tk/uas/login
Frame ID: 0DA48F8671148E0EE956DD5B043B8098
Requests: 21 HTTP requests in this frame

Frame: https://lnkd.demdex.net/dest5.html?d_nsid=0
Frame ID: A95F4A8FFB368BAE5773AA42E0ECBCE6
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. https://www.linkedin.login.is-nb.tk/ HTTP 302
    https://www.linkedin.login.is-nb.tk/school/universityofbc/ HTTP 302
    https://www.linkedin.login.is-nb.tk/uas/login Page URL

Page Statistics

22
Requests

95 %
HTTPS

67 %
IPv6

9
Domains

12
Subdomains

10
IPs

4
Countries

324 kB
Transfer

1005 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.linkedin.login.is-nb.tk/ HTTP 302
    https://www.linkedin.login.is-nb.tk/school/universityofbc/ HTTP 302
    https://www.linkedin.login.is-nb.tk/uas/login Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20
  • https://www.googleadservices.com/pagead/conversion/979305453/?random=1600360262403&cv=9&fst=1600360262403&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https%3A%2F%2Fwww.linkedin.login.is-nb.tk%2Fuas%2Flogin&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https://www.linkedin.login.is-nb.tk/uas/login&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=Ro9jX4ehHdmK7_UP_du0kA0&sscte=1&crd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https://www.linkedin.login.is-nb.tk/uas/login&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Ro9jX4ehHdmK7_UP_du0kA0&cid=CAQSKQCNIrLMFVFMjxmoSZLVRDnPtDK0F-2rDZXgZJQ-J6Jyd_GjO8AQOfie&random=127140380&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https://www.linkedin.login.is-nb.tk/uas/login&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Ro9jX4ehHdmK7_UP_du0kA0&cid=CAQSKQCNIrLMFVFMjxmoSZLVRDnPtDK0F-2rDZXgZJQ-J6Jyd_GjO8AQOfie&random=127140380&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCXd0k4a4XcZcPU_GXj9LKlwaF_vRt41KWUVBTTbeW7OUg68ziJuOjfXhV6qrYUwHt9RqZxKBc0SE8ej62Y_fEn

22 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request Cookie set login
www.linkedin.login.is-nb.tk/uas/
Redirect Chain
  • https://www.linkedin.login.is-nb.tk/
  • https://www.linkedin.login.is-nb.tk/school/universityofbc/
  • https://www.linkedin.login.is-nb.tk/uas/login
31 KB
32 KB
Document
General
Full URL
https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.254.202.252 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-775018.hostwindsdns.com
Software
/
Resource Hash
4733cb27b54f6f514256443473c45cb4da99b64143d55aa495ff878eec41a699

Request headers

Host
www.linkedin.login.is-nb.tk
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
XFum=a38e4e97f83033dcb430ec0787f5380397effb575a4c78cdba33a769c2c22384
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
Connection
close
Content-Type
text/html; charset=utf-8
Date
Thu, 17 Sep 2020 16:30:55 GMT
Expect-Ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Thu, 17 Sep 2020 06:07:32 UTC
Pragma
no-cache
Set-Cookie
lang=v=2&lang=en-us; Path=/; Domain=linkedin.login.is-nb.tk; Secure; SameSite=None JSESSIONID=ajax:1999778027461115844; Path=/; Domain=www.linkedin.login.is-nb.tk; Secure; SameSite=None bcookie=v=2&419f7ec9-566c-470b-8910-3405404e7cb5; Path=/; Domain=linkedin.login.is-nb.tk; Expires=Sun, 18 Sep 2022 04:08:27 GMT; Secure; SameSite=None bscookie=v=1&202009171630555c64c686-ff92-4d99-8b3c-e5b716360f0cAQH8H6FnudLGJxsyEUuqoWkYG4GULWJ2; Path=/; Domain=www.linkedin.login.is-nb.tk; Expires=Sun, 18 Sep 2022 04:08:27 GMT; HttpOnly; Secure; SameSite=None lissc=1; Path=/; Domain=linkedin.login.is-nb.tk; Expires=Fri, 17 Sep 2021 16:30:55 GMT; Secure; SameSite=None lidc=b=TGST03:g=2252:u=1:i=1600360255:t=1600446655:s=AQFh0NuqU1gwyTl10Z47gpgL816I9tBz; Path=/; Domain=linkedin.login.is-nb.tk; Expires=Fri, 18 Sep 2020 16:30:55 GMT; Secure; SameSite=None
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Fs-Uuid
7b0e65542c9f35164091e24d902b0000
X-Li-Fabric
prod-ltx1
X-Li-Pop
afd-prod-eda6
X-Li-Proto
http/1.1
X-Li-Uuid
ew5lVCyfNRZAkeJNkCsAAA==
X-Msedge-Ref
Ref A: 5E94C3CAA44C42249853E45011A4156A Ref B: DALEDGE1509 Ref C: 2020-09-17T16:30:55Z

Redirect headers

Connection
close
Content-Type
text/html
Location
https://www.linkedin.login.is-nb.tk/uas/login
Set-Cookie
XFum=a38e4e97f83033dcb430ec0787f5380397effb575a4c78cdba33a769c2c22384; Path=/; Domain=linkedin.login.is-nb.tk; Expires=Thu, 17 Sep 2020 17:30:54 GMT; Max-Age=3600
Transfer-Encoding
chunked
1iriok0tm9mhubpkfcwv4sqd3
static-exp1.licdn.com/sc/h/
125 KB
38 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/1iriok0tm9mhubpkfcwv4sqd3
Requested by
Host: www.linkedin.login.is-nb.tk
URL: https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
ad82ff7d49a21ed6e22ba93787f8ec16781449d09f5b48593de856d9893ba6fc

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2ab47c9cf2c0
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT
Connection
keep-alive
Content-Length
38322
X-LI-UUID
XSU8Jc7jMBaQIZ9/tSoAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Vary
Accept-Encoding
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
5d253c25cee3301690219f7fb52a0000
Expires
Thu, 02 Sep 2021 06:32:22 GMT
d7wyfy37fiuee5eoecdtn4vlx
static-exp1.licdn.com/sc/h/
61 KB
22 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/d7wyfy37fiuee5eoecdtn4vlx
Requested by
Host: www.linkedin.login.is-nb.tk
URL: https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
65da7fcb27811029632a3ba945aeb9f2f6b74625fc6311a3333f1e55d7298168

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2ba895923fe0
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT
Connection
keep-alive
Content-Length
21345
X-LI-UUID
QKuzda4sNRaA0lFixyoAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-efr5
Vary
Accept-Encoding
X-Li-Fabric
prod-lva1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
40abb375ae2c351680d25162c72a0000
Expires
Thu, 16 Sep 2021 05:32:50 GMT
3zt9doiz8ihzixj72ghcft3ki
static-exp1.licdn.com/sc/h/
63 KB
16 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/3zt9doiz8ihzixj72ghcft3ki
Requested by
Host: www.linkedin.login.is-nb.tk
URL: https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
0a63a221f688a0ef62207c52d3c340a1726a1cbfb183c2723cfe9dd790265033

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2b54657a4b80
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT
Connection
keep-alive
Content-Length
15768
X-LI-UUID
Uyxr2wBSJBYADEhokCsAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
X-Li-Fabric
prod-lva1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
532c6bdb00522416000c4868902b0000
Expires
Fri, 23 Jul 2021 07:45:31 GMT
byqtlviivgrjzt006a5gb1mi6
static-exp1.licdn.com/sc/h/
1 KB
1 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/byqtlviivgrjzt006a5gb1mi6
Requested by
Host: www.linkedin.login.is-nb.tk
URL: https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
99c52046d1df362721eb275cabcd169c7e105d0bbaf374a7c9f96ddf6c1216f2

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2ad7d3094810
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
558
X-LI-UUID
2tnbUa3tMBaA5Vl3wSoAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-tln1
Vary
Accept-Encoding
X-Li-Fabric
prod-lor1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
dad9db51aded301680e55977c12a0000
Expires
Thu, 02 Sep 2021 09:33:16 GMT
cub7b4x3z6travzqq3gp0tvnk
static-exp1.licdn.com/sc/h/
69 KB
24 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/cub7b4x3z6travzqq3gp0tvnk
Requested by
Host: www.linkedin.login.is-nb.tk
URL: https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
6213f9a675fc7d244a1dfc4007d15695053486055405902c4114c0786c4bda93

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2b8583255180
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT
Connection
keep-alive
Content-Length
23670
X-LI-UUID
fzKGe+vfMBagKA3WaysAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-efr5
Vary
Accept-Encoding
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
7f32867bebdf3016a0280dd66b2b0000
Expires
Thu, 02 Sep 2021 05:21:10 GMT
%2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
static-exp1.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.2.734/f/
202 KB
24 KB
Stylesheet
General
Full URL
https://static-exp1.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.2.734/f/%2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
Requested by
Host: www.linkedin.login.is-nb.tk
URL: https://www.linkedin.login.is-nb.tk/uas/login
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
de00aa0f2d71769dedc59764cafb89dbf98860cebf6c74de593ccc2cfbbca495

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
143
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/css
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Proto
http/1.1
X-EdgeConnect-MidMile-RTT
2
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
23709
X-LI-UUID
HT5ekIx6NRZQTg5PlCsAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-ech2
Vary
Accept-Encoding
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
1d3e5e908c7a3516504e0e4f942b0000
Expires
Fri, 17 Sep 2021 05:19:46 GMT
analytics.js
platform.linkedin.com/js/
60 KB
24 KB
Script
General
Full URL
https://platform.linkedin.com/js/analytics.js
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/cub7b4x3z6travzqq3gp0tvnk
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F53) /
Resource Hash
6b3c54156588e9cceed7aaaac4d9ec64c16f9d01a0e921b0915d367221e33d77

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 16:30:55 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
77603
x-cache
HIT
status
200
x-cdn-proto
HTTP2
content-length
23787
x-li-uuid
SEDl6ZdYNRbgo1eydysAAA==
server
ECAcc (frc/8F53)
last-modified
Wed, 16 Sep 2020 18:57:32 GMT
x-li-pop
prod-eda6
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=86400
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-ltx1
expires
Thu, 17 Sep 2020 18:57:32 GMT
5moyp6zgsc0eklmq85j0gf6h4
static-exp1.licdn.com/sc/h/
181 KB
62 KB
Script
General
Full URL
https://static-exp1.licdn.com/sc/h/5moyp6zgsc0eklmq85j0gf6h4
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1iriok0tm9mhubpkfcwv4sqd3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:10c:582::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
d87b1bc76da4bf067abea212dff5f43686116c581ccf58fdd6e8f0fe0254aed1

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Thu, 17 Sep 2020 16:30:55 GMT
Content-Encoding
gzip
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2b33d2100d90
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
63196
X-LI-UUID
SSHwF5VqHRYgCaXkLysAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
4921f017956a1d162009a5e42f2b0000
Expires
Wed, 30 Jun 2021 19:57:11 GMT
track
www.linkedin.login.is-nb.tk/li/
0
611 B
XHR
General
Full URL
https://www.linkedin.login.is-nb.tk/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/cub7b4x3z6travzqq3gp0tvnk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.254.202.252 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-775018.hostwindsdns.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Csrf-Token
ajax:1999778027461115844
Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type
application/json

Response headers

Pragma
no-cache
Date
Thu, 17 Sep 2020 16:30:56 GMT
X-Li-Pop
afd-prod-eda6
X-Msedge-Ref
Ref A: CA7E83446E3A42DD81981E3D9A26DAA8 Ref B: DALEDGE1509 Ref C: 2020-09-17T16:30:57Z
Expect-Ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
close
X-Li-Proto
http/1.1
X-Li-Uuid
6Ik8uiyfNRbAhojV3SoAAA==
X-Li-Fabric
prod-ltx1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
status
accounts.google.com/gsi/
40 B
719 B
XHR
General
Full URL
https://accounts.google.com/gsi/status?client_id=990339570472-k6nqn1tpmitg8pui82bfaun3jrpmiuhs.apps.googleusercontent.com&as=OuCO9V%2FIx9y0W%2FwYg7WEFQ
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/5moyp6zgsc0eklmq85j0gf6h4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
09c9de6e7f63045e764e1c381dff6e18a43e253a0c1ac06fdacaf5e521484bdd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-619wTHPvUKu39Hm1XXnb6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 16:30:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
status
403
content-disposition
attachment; filename="json.txt"; filename*=UTF-8''json.txt
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.linkedin.login.is-nb.tk
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-619wTHPvUKu39Hm1XXnb6g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
track
www.linkedin.login.is-nb.tk/li/
0
611 B
XHR
General
Full URL
https://www.linkedin.login.is-nb.tk/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/cub7b4x3z6travzqq3gp0tvnk
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.254.202.252 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-775018.hostwindsdns.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Csrf-Token
ajax:1999778027461115844
Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

Pragma
no-cache
Date
Thu, 17 Sep 2020 16:30:56 GMT
X-Li-Pop
afd-prod-eda6
X-Msedge-Ref
Ref A: A83AC7155E2C4A66A235228B900FB45D Ref B: DALEDGE1509 Ref C: 2020-09-17T16:30:57Z
Expect-Ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
close
X-Li-Proto
http/1.1
X-Li-Uuid
vZDDySyfNRZA0FGoYSsAAA==
X-Li-Fabric
prod-ltx1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.login.is-nb.tk/li/
0
611 B
XHR
General
Full URL
https://www.linkedin.login.is-nb.tk/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/1iriok0tm9mhubpkfcwv4sqd3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.254.202.252 Seattle, United States, ASN54290 (HOSTWINDS, US),
Reverse DNS
hwsrv-775018.hostwindsdns.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Csrf-Token
ajax:1999778027461115844
Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type
application/json

Response headers

Pragma
no-cache
Date
Thu, 17 Sep 2020 16:30:56 GMT
X-Li-Pop
afd-prod-eda6
X-Msedge-Ref
Ref A: 5298076D86704D348BE18BBFCEF015A1 Ref B: DALEDGE1509 Ref C: 2020-09-17T16:30:57Z
Expect-Ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
Transfer-Encoding
chunked
Content-Type
text/plain; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
close
X-Li-Proto
http/1.1
X-Li-Uuid
X9pUxyyfNRYAJ1iAYysAAA==
X-Li-Fabric
prod-ltx1
Expires
Thu, 01 Jan 1970 00:00:00 GMT
user
www.linkedin-ei.com/litms/api/metadata/
301 B
3 KB
XHR
General
Full URL
https://www.linkedin-ei.com/litms/api/metadata/user
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/d7wyfy37fiuee5eoecdtn4vlx
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::16 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e253e063e9d7816b06b2da9120ca0fcf825ce41cce0f7b7ec21f5d91b3f2b1e7
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' ffi.st static.licdn-ei.com media.licdn-ei.com static-exp1.licdn-ei.com static-exp2.licdn-ei.com media-exp1.licdn-ei.com media-exp2.licdn-ei.com https://media-src.linkedin-ei.com/media/ www.linkedin.com www.linkedin-ei.com spdy.linkedin-ei.com dms.licdn-ei.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://linkedin.sc.omtrdc.net/b/ss/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com static-src.linkedin-ei.com *.licdn-ei.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' ffi.st spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com platform.linkedin-ei.com spdy.linkedin-ei.com static-src.linkedin-ei.com *.licdn-ei.com lix.corp.linkedin.com lva1-lixr01.linkedin.biz static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com www.linkedin.com slideshare.www.linkedin-ei.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' http://qa-mailbox.corp.linkedin.com; report-uri https://www.linkedin-ei.com/platform-telemetry/csp?f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy
default-src *; connect-src 'self' ffi.st static.licdn-ei.com media.licdn-ei.com static-exp1.licdn-ei.com static-exp2.licdn-ei.com media-exp1.licdn-ei.com media-exp2.licdn-ei.com https://media-src.linkedin-ei.com/media/ www.linkedin.com www.linkedin-ei.com spdy.linkedin-ei.com dms.licdn-ei.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: https://linkedin.sc.omtrdc.net/b/ss/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com static-src.linkedin-ei.com *.licdn-ei.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' ffi.st spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com platform.linkedin-ei.com spdy.linkedin-ei.com static-src.linkedin-ei.com *.licdn-ei.com lix.corp.linkedin.com lva1-lixr01.linkedin.biz static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com www.linkedin.com slideshare.www.linkedin-ei.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' http://qa-mailbox.corp.linkedin.com; report-uri https://www.linkedin-ei.com/platform-telemetry/csp?f=l
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
status
200
x-li-ats-encoding
br/5
vary
Origin,Accept-Encoding
content-length
178
x-li-uuid
nX8Kqi2fNRZA8pvOqSsAAA==
pragma
no-cache
x-li-pop
afd-ei4
x-msedge-ref
Ref A: 23A83FD8BAAE4A739935BB548E90A2CD Ref B: FRAEDGE1121 Ref C: 2020-09-17T16:31:00Z
x-frame-options
sameorigin
date
Thu, 17 Sep 2020 16:31:00 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin-ei.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/json
access-control-allow-origin
https://www.linkedin.login.is-nb.tk
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
access-control-allow-credentials
true
x-li-proto
http/2
x-li-fabric
ei4
expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/
123 KB
40 KB
Script
General
Full URL
https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/d7wyfy37fiuee5eoecdtn4vlx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
fc57110ea69e23fc17b424ef826bc6177c28df60ea55140a405e974f468fa32d

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 16:31:01 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-cdn
AKAM
p3p
CP="CAO CUR ADM DEV PSA PSD OUR"
status
200
x-li-uuid
NDfmwC2fNRYw1cnBXysAAA==
server
Play
last-modified
Thu, 17 Sep 2020 05:21:38 GMT
x-li-pop
ei-ltx1
etag
"213030ee11fdd3d3c360858bec4aead4981b3daf"
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
ei-ltx1
utag.107.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/
9 KB
4 KB
Script
General
Full URL
https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.107.js?utv=ut4.46.202009102158
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00::210:ba0a , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
704c03388d696028b43d5a1c5d4b4b7d6de3305ab5da61f507e552595544b0c0

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 16:31:02 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-cdn
AKAM
p3p
CP="CAO CUR ADM DEV PSA PSD OUR"
status
200
content-length
3147
x-li-uuid
i7q/KJJ7NRYgVebTcisAAA==
server
Play
last-modified
Thu, 17 Sep 2020 05:21:38 GMT
x-li-pop
ei-ltx1
etag
"ac914f0e456fc379e5268117ab436f2dbea43bc3"
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
ei-ltx1
id
dpm.demdex.net/
611 B
1 KB
XHR
General
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.6.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14215E3D5995C57C0A495C55%40AdobeOrg&d_nsid=0&ts=1600360261787
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.242.67.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-242-67-216.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e2ea78056405012f1b449914de1a6965024ad54a31e6df49f2e4f73afda556f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v081-053d0db08.edge-irl1.demdex.com 5.78.0.20200908113611 3ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
Content-Encoding
gzip
X-TID
U4gNdV4gSxI=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.linkedin.login.is-nb.tk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
444
Expires
Thu, 01 Jan 1970 00:00:00 GMT
track
www.linkedin.login.is-nb.tk/li/
0
0

Cookie set dest5.html
lnkd.demdex.net/ Frame A95F
0
0
Document
General
Full URL
https://lnkd.demdex.net/dest5.html?d_nsid=0
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.239.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-239-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Host
lnkd.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.linkedin.login.is-nb.tk/uas/login
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Cookie
demdex=11717652193298519300000866358023916934
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer
https://www.linkedin.login.is-nb.tk/uas/login

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=21600
Content-Encoding
gzip
Content-Type
text/html
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified
Wed, 09 Sep 2020 13:37:19 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Set-Cookie
demdex=11717652193298519300000866358023916934;Path=/;Domain=.demdex.net;Expires=Tue, 16-Mar-2021 16:31:02 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security
max-age=31536000; includeSubDomains
Vary
Accept-Encoding, User-Agent
X-TID
WQ6wpdnmTKE=
Content-Length
2785
Connection
keep-alive
event
lnkd.demdex.net/
689 B
1 KB
XHR
General
Full URL
https://lnkd.demdex.net/event?d_dil_ver=9.4&_ts=1600360261791
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.209.239.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-209-239-68.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
0674f7390a9b0d3043357002f23c853d815e261f98de1cc7d6c84e88d0005ccf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v081-0dba8d60a.edge-irl1.demdex.com 5.78.0.20200908113611 5ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
QtBFe6ZSSeI=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://www.linkedin.login.is-nb.tk
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
689
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gtag-adwords.js
platform.linkedin.com/litms/vendor/google/
78 KB
29 KB
Script
General
Full URL
https://platform.linkedin.com/litms/vendor/google/gtag-adwords.js?id=AW-979305453
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:66b5:799a:7cd3:f74d:7071 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8F08) /
Resource Hash
f42b7a2cbb2607296976b3374653138109d4b2f05070c52820860ed1a83a98da

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date
Thu, 17 Sep 2020 16:31:02 GMT
content-encoding
gzip
x-cdn-client-ip-version
IPV6
x-cdn
ECST
age
380382
x-cache
HIT
status
200
x-cdn-proto
HTTP2
content-length
29593
x-li-uuid
N0gedTlFNBbQzdokxSoAAA==
server
ECAcc (frc/8F08)
last-modified
Wed, 09 Sep 2020 16:54:04 GMT
x-li-pop
prod-edc2
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=2628000
accept-ranges
bytes
x-li-proto
http/1.1
x-li-fabric
prod-lor1
expires
Fri, 17 Sep 2021 16:31:02 GMT
/
www.google.de/pagead/1p-conversion/979305453/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/979305453/?random=1600360262403&cv=9&fst=1600360262403&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=12...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=120...
  • https://www.google.com/pagead/1p-conversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&...
  • https://www.google.de/pagead/1p-conversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u...
42 B
107 B
Image
General
Full URL
https://www.google.de/pagead/1p-conversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https://www.linkedin.login.is-nb.tk/uas/login&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Ro9jX4ehHdmK7_UP_du0kA0&cid=CAQSKQCNIrLMFVFMjxmoSZLVRDnPtDK0F-2rDZXgZJQ-J6Jyd_GjO8AQOfie&random=127140380&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCXd0k4a4XcZcPU_GXj9LKlwaF_vRt41KWUVBTTbeW7OUg68ziJuOjfXhV6qrYUwHt9RqZxKBc0SE8ej62Y_fEn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.linkedin.login.is-nb.tk/uas/login
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 17 Sep 2020 16:31:02 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 17 Sep 2020 16:31:02 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/979305453/?random=1886095212&cv=9&fst=*&num=1&fmt=3&npa=1&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=https://www.linkedin.login.is-nb.tk/uas/login&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=Ro9jX4ehHdmK7_UP_du0kA0&cid=CAQSKQCNIrLMFVFMjxmoSZLVRDnPtDK0F-2rDZXgZJQ-J6Jyd_GjO8AQOfie&random=127140380&resp=GooglemKTybQhCsO&ipr=y&ezwbk=AZuM4hCXd0k4a4XcZcPU_GXj9LKlwaF_vRt41KWUVBTTbeW7OUg68ziJuOjfXhV6qrYUwHt9RqZxKBc0SE8ej62Y_fEn
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
h3-29=":443"; ma=2592000,h3-27=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.linkedin.login.is-nb.tk
URL
https://www.linkedin.login.is-nb.tk/li/track

Verdicts & Comments Add Verdict or Comment

42 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| trustedTypes object| LI object| artdeco object| _artdecoBakedCurves object| __core-js_shared__ undefined| utag_data object| utag_cfg_ovrd object| _0x4651 function| _0x5d07 object| rumTracking string| GoogleAnalyticsObject function| ga object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| apfcDf object| gapi object| _ object| gadgets object| osapi object| ___jsl object| oauth2 object| default_gsi object| closure_lm_345529 object| google object| __G_ID_CLIENT__ object| tealiumDil boolean| utag_condload object| utag boolean| __tealium_twc_switch function| DIL object| adobe function| Visitor object| s_c_il number| s_c_in string| gtagRename object| dataLayer function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager

7 Cookies

Domain/Path Name / Value
.linkedin.login.is-nb.tk/ Name: lang
Value: v=2&lang=en-us
.www.linkedin.login.is-nb.tk/ Name: bscookie
Value: v=1&202009171630555c64c686-ff92-4d99-8b3c-e5b716360f0cAQH8H6FnudLGJxsyEUuqoWkYG4GULWJ2
.linkedin.login.is-nb.tk/ Name: bcookie
Value: v=2&419f7ec9-566c-470b-8910-3405404e7cb5
.linkedin.login.is-nb.tk/ Name: lidc
Value: b=TGST03:g=2252:u=1:i=1600360255:t=1600446655:s=AQFh0NuqU1gwyTl10Z47gpgL816I9tBz
.linkedin.login.is-nb.tk/ Name: lissc
Value: 1
.www.linkedin.login.is-nb.tk/ Name: JSESSIONID
Value: ajax:1999778027461115844
.linkedin.login.is-nb.tk/ Name: XFum
Value: a38e4e97f83033dcb430ec0787f5380397effb575a4c78cdba33a769c2c22384

3 Console Messages

Source Level URL
Text
console-api error URL: https://static-exp1.licdn.com/sc/h/5moyp6zgsc0eklmq85j0gf6h4(Line 234)
Message:
[GSI_LOGGER]: The given origin is not allowed for the given client ID.
console-api log URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1600360200000(Line 8)
Message:
visitor.publishDestinations() result: The destination publishing iframe is already attached and loaded.
console-api error URL: https://static-exp1.licdn.com/sc/h/d7wyfy37fiuee5eoecdtn4vlx(Line 1)
Message:
[object XMLHttpRequest]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
dpm.demdex.net
googleads.g.doubleclick.net
lnkd.demdex.net
platform.linkedin-ei.com
platform.linkedin.com
static-exp1.licdn.com
www.google.com
www.google.de
www.googleadservices.com
www.linkedin-ei.com
www.linkedin.login.is-nb.tk
www.linkedin.login.is-nb.tk
172.217.22.66
23.254.202.252
2606:2800:233:66b5:799a:7cd3:f74d:7071
2620:1ec:21::16
2a00:1450:4001:801::200d
2a00:1450:4001:803::2002
2a00:1450:4001:809::2003
2a00:1450:4001:81f::2004
2a02:26f0:10c:582::25ea
2a02:26f0:6c00::210:ba0a
34.242.67.216
52.209.239.68
0674f7390a9b0d3043357002f23c853d815e261f98de1cc7d6c84e88d0005ccf
09c9de6e7f63045e764e1c381dff6e18a43e253a0c1ac06fdacaf5e521484bdd
0a63a221f688a0ef62207c52d3c340a1726a1cbfb183c2723cfe9dd790265033
4733cb27b54f6f514256443473c45cb4da99b64143d55aa495ff878eec41a699
6213f9a675fc7d244a1dfc4007d15695053486055405902c4114c0786c4bda93
65da7fcb27811029632a3ba945aeb9f2f6b74625fc6311a3333f1e55d7298168
6b3c54156588e9cceed7aaaac4d9ec64c16f9d01a0e921b0915d367221e33d77
704c03388d696028b43d5a1c5d4b4b7d6de3305ab5da61f507e552595544b0c0
99c52046d1df362721eb275cabcd169c7e105d0bbaf374a7c9f96ddf6c1216f2
ad82ff7d49a21ed6e22ba93787f8ec16781449d09f5b48593de856d9893ba6fc
d87b1bc76da4bf067abea212dff5f43686116c581ccf58fdd6e8f0fe0254aed1
de00aa0f2d71769dedc59764cafb89dbf98860cebf6c74de593ccc2cfbbca495
e253e063e9d7816b06b2da9120ca0fcf825ce41cce0f7b7ec21f5d91b3f2b1e7
e2ea78056405012f1b449914de1a6965024ad54a31e6df49f2e4f73afda556f0
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42b7a2cbb2607296976b3374653138109d4b2f05070c52820860ed1a83a98da
fc57110ea69e23fc17b424ef826bc6177c28df60ea55140a405e974f468fa32d