urlscan.io logo urlscan.io
SecurityTrails logo

aegqdshsrjysr541sjrf.blob.core.windows.net Open in urlscan Pro
52.239.246.4  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.linkedin.com/slink?code=e3EsNBdb#asrlpatehlsp
Effective URL: https://aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html
Submission: On January 06 via manual from NZ — Scanned from NZ
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 2 IPs in 1 countries across 3 domains to perform 2 HTTP transactions. The main IP is 52.239.246.4, located in Tappahannock, United States and belongs to MICROSOFT-CORP-MSN-AS-BLOCK, US. The main domain is aegqdshsrjysr541sjrf.blob.core.windows.net.
TLS certificate: Issued by Microsoft RSA TLS CA 01 on December 21st 2022. Valid for: a year.
This is the only time aegqdshsrjysr541sjrf.blob.core.windows.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 13.107.42.14 8068 (MICROSOFT...)
1 52.239.246.4 8075 (MICROSOFT...)
1 172.99.173.188 398343 (BAXET-GROUP)
2 2
Apex Domain
Subdomains		 Transfer
1 verbalismetext.com
verbalismetext.com — Cisco Umbrella Rank: 303834
131 B
1 windows.net
aegqdshsrjysr541sjrf.blob.core.windows.net
633 B
1 linkedin.com
www.linkedin.com — Cisco Umbrella Rank: 712
2 KB
2 3

This site contains no links.

Subject Issuer Validity Valid
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2022-12-21 -
2023-12-21		 a year crt.sh
verbalismetext.com
R3		 2022-12-19 -
2023-03-19		 3 months crt.sh

This page contains 1 frames:

Frame: https://verbalismetext.com/0/0/0/eee48d0504e53d42a775e392c5ae6a66/2548
Frame ID: 7A610D4941E00A4C3A03EEA0881835FA
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.linkedin.com/slink?code=e3EsNBdb HTTP 301
    https://aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html Page URL

Page Statistics

2
Requests

100 %
HTTPS

0 %
IPv6

3
Domains

3
Subdomains

2
IPs

1
Countries

1 kB
Transfer

0 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.linkedin.com/slink?code=e3EsNBdb HTTP 301
    https://aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

2 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request 02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html
aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/
Redirect Chain
  • https://www.linkedin.com/slink?code=e3EsNBdb
  • https://aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html
230 B
633 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.239.246.4 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
7cf863ac6e1ae1636ed4e253b0a1ab954d1f6ac543277aa81596b14312fd3d12

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

Content-Length
230
Content-MD5
yzaauecYbcT+HUMeHyNMJQ==
Content-Type
text/html
Date
Fri, 06 Jan 2023 22:15:17 GMT
ETag
0x8DAEE95CA2DE925
Last-Modified
Wed, 04 Jan 2023 20:53:53 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type
BlockBlob
x-ms-lease-status
unlocked
x-ms-request-id
56083b2f-601e-011e-231c-22828b000000
x-ms-version
2009-09-19

Redirect headers

cache-control
no-cache, no-store
content-encoding
gzip
content-security-policy
default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
date
Fri, 06 Jan 2023 22:15:16 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://aegqdshsrjysr541sjrf.blob.core.windows.net/bvc2156y4j47liio456zet0gd/02cvbxtr5egtr8r7t4rq9ez5f1g4re7gte3.html#ezrh6451iy01df2h
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
sameorigin
x-li-fabric
prod-lor1
x-li-pop
afd-prod-lor1-x
x-li-proto
http/2
x-li-uuid
AAXxn8CZNq8TuNIXx4C4gA==
x-msedge-ref
Ref A: E414A3BD7F3F4405BA7B8D9F020B139E Ref B: SYD03EDGE1610 Ref C: 2023-01-06T22:15:16Z
2548
verbalismetext.com/0/0/0/eee48d0504e53d42a775e392c5ae6a66/ 		0
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://verbalismetext.com/0/0/0/eee48d0504e53d42a775e392c5ae6a66/2548
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
172.99.173.188 , United States, ASN398343 (BAXET-GROUP, US),
Reverse DNS
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://aegqdshsrjysr541sjrf.blob.core.windows.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
en-NZ,en;q=0.9

Response headers

content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 06 Jan 2023 22:15:21 GMT
server
Apache

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange

3 Cookies

Domain/Path Name / Value
.linkedin.com/ Name: bcookie
Value: "v=2&54b07adc-4e2b-44cb-8301-75cf3f5e576d"
.www.linkedin.com/ Name: bscookie
Value: "v=1&20230106221516a8fbe67e-4e06-4a71-839c-65e8b0a20941AQH7d4thu2hGU7Df-bkWocUoTOia67Zm"
.linkedin.com/ Name: lidc
Value: "b=OGST00:s=O:r=O:a=O:p=O:g=2878:u=1:x=1:i=1673043316:t=1673129716:v=2:sig=AQFZH8K0WDIQo2gmLTDwxmtzAVZSpG-Y"

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aegqdshsrjysr541sjrf.blob.core.windows.net
verbalismetext.com
www.linkedin.com
13.107.42.14
172.99.173.188
52.239.246.4
7cf863ac6e1ae1636ed4e253b0a1ab954d1f6ac543277aa81596b14312fd3d12
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855