urlscan.io logo urlscan.io
SecurityTrails logo

m8zr.com Open in urlscan Pro
156.254.71.198  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
URL: http://m8zr.com/news/wp-admin/maint/linkedin/
Submission Tags: @ipnigh
Submission: On April 28 via api from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 9 IPs in 5 countries across 9 domains to perform 20 HTTP transactions. The main IP is 156.254.71.198, located in Johannesburg, South Africa and belongs to SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN. The main domain is m8zr.com.
This is the only time m8zr.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LinkedIn (Social Network)

Domain & IP information

IP Address AS Autonomous System
1 5 156.254.71.198 135357 (SKHT-AS S...)
4 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 2620:1ec:21::16 8068 (MICROSOFT...)
4 2a01:4a0:1338... 201011 (NETZBETRI...)
1 54.154.151.160 16509 (AMAZON-02)
1 2.16.186.56 20940 (AKAMAI-ASN1)
2 18.203.60.151 16509 (AMAZON-02)
1 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 1 172.217.16.194 15169 (GOOGLE)
20 9
5    156.254.71.198 (Johannesburg, South Africa)

ASN135357 (SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN)
m8zr.com
4    2a02:26f0:6c00:28c::25ea (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
static-exp1.licdn.com
1    2620:1ec:21::16 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.linkedin-ei.com
4    2a01:4a0:1338:28::c38a:ff08 (Germany)

ASN201011 (NETZBETRIEB-GMBH, DE)
platform.linkedin-ei.com
1    54.154.151.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-151-160.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    2.16.186.56 (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com
fast.lnkd.demdex.net
2    18.203.60.151 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-60-151.eu-west-1.compute.amazonaws.com
lnkd.demdex.net
1    2a02:26f0:6c00:299::25eb (Ascension Island)

ASN20940 (AKAMAI-ASN1, EU)
platform.linkedin.com
2    2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:819::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:825::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    172.217.16.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s08-in-f2.1e100.net
www.googleadservices.com
Domain Requested by
5 m8zr.com 1 redirects static-exp1.licdn.com
4 platform.linkedin-ei.com static-exp1.licdn.com
platform.linkedin-ei.com
4 static-exp1.licdn.com m8zr.com
2 www.google.de
2 www.google.com 2 redirects
2 googleads.g.doubleclick.net 2 redirects
2 lnkd.demdex.net platform.linkedin-ei.com
1 www.googleadservices.com 1 redirects
1 platform.linkedin.com platform.linkedin-ei.com
1 fast.lnkd.demdex.net platform.linkedin-ei.com
1 dpm.demdex.net platform.linkedin-ei.com
1 www.linkedin-ei.com static-exp1.licdn.com
20 12

This site contains links to these domains. Also see Links.

Domain
www.linkedin.com
linkedin.com
Subject Issuer Validity Valid
*.licdn.com
DigiCert SHA2 Secure Server CA		 2019-04-01 -
2021-05-07		 2 years crt.sh
www.linkedin-ei.com
DigiCert SHA2 Secure Server CA		 2020-04-10 -
2020-10-10		 6 months crt.sh
platform.linkedin.com
DigiCert SHA2 Secure Server CA		 2019-10-29 -
2020-07-15		 9 months crt.sh
*.demdex.net
DigiCert SHA2 High Assurance Server CA		 2018-01-09 -
2021-02-12		 3 years crt.sh
www.google.de
GTS CA 1O1		 2020-04-07 -
2020-06-30		 3 months crt.sh

This page contains 2 frames:

Primary Page: http://m8zr.com/news/wp-admin/maint/linkedin/
Frame ID: 8A5ECD66C9C131FD2C64FCF4055D6BD1
Requests: 19 HTTP requests in this frame

Frame: http://fast.lnkd.demdex.net/dest5.html?d_nsid=0
Frame ID: 6E3230A1000178FF6220B56C0CC5EADB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://m8zr.com/news/wp-admin/maint/linkedin HTTP 301
    http://m8zr.com/news/wp-admin/maint/linkedin/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

20
Requests

65 %
HTTPS

58 %
IPv6

9
Domains

12
Subdomains

9
IPs

5
Countries

169 kB
Transfer

600 kB
Size

0
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://m8zr.com/news/wp-admin/maint/linkedin HTTP 301
    http://m8zr.com/news/wp-admin/maint/linkedin/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 17
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=1588036539565&cv=9&fst=1588036539565&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fm8zr.com%2Fnews%2Fwp-admin%2Fmaint%2Flinkedin%2F&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP 302
  • https://www.google.com/pagead/1p-user-list/979305453/?random=1588036539565&cv=9&fst=1588035600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fm8zr.com%2Fnews%2Fwp-admin%2Fmaint%2Flinkedin%2F&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&is_vtc=1&random=999250696&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-user-list/979305453/?random=1588036539565&cv=9&fst=1588035600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fm8zr.com%2Fnews%2Fwp-admin%2Fmaint%2Flinkedin%2F&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&is_vtc=1&random=999250696&resp=GooglemKTybQhCsO&ipr=y
Request Chain 18
  • https://www.googleadservices.com/pagead/conversion/979305453/?random=1588036539567&cv=9&fst=1588036539567&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http%3A%2F%2Fm8zr.com%2Fnews%2Fwp-admin%2Fmaint%2Flinkedin%2F&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http://m8zr.com/news/wp-admin/maint/linkedin/&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=u4OnXrLPI9P0gAfd5ZWIBg&sscte=1&crd=&gtd= HTTP 302
  • https://www.google.com/pagead/1p-conversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http://m8zr.com/news/wp-admin/maint/linkedin/&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=u4OnXrLPI9P0gAfd5ZWIBg&cid=CAQSKQCNIrLMTXdWVY8W8ifLovezG7e1JEfxpJxdFSt6M2DU3topoJ2r4iYK&random=2366438873&resp=GooglemKTybQhCsO HTTP 302
  • https://www.google.de/pagead/1p-conversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http://m8zr.com/news/wp-admin/maint/linkedin/&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=u4OnXrLPI9P0gAfd5ZWIBg&cid=CAQSKQCNIrLMTXdWVY8W8ifLovezG7e1JEfxpJxdFSt6M2DU3topoJ2r4iYK&random=2366438873&resp=GooglemKTybQhCsO&ipr=y

20 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
m8zr.com/news/wp-admin/maint/linkedin/
Redirect Chain
  • http://m8zr.com/news/wp-admin/maint/linkedin
  • http://m8zr.com/news/wp-admin/maint/linkedin/
22 KB
7 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://m8zr.com/news/wp-admin/maint/linkedin/
Protocol
HTTP/1.1
Server
156.254.71.198 Johannesburg, South Africa, ASN135357 (SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
40e4f1bf9ba62da939a442350b7ddb45429cd9dfe389bd6f129a944b1d3d45d0

Request headers

Host
m8zr.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Server
nginx
Date
Tue, 28 Apr 2020 01:15:43 GMT
Content-Type
text/html; charset=UTF-8
Transfer-Encoding
chunked
Connection
keep-alive
Vary
Accept-Encoding
Content-Encoding
gzip

Redirect headers

Server
nginx
Date
Tue, 28 Apr 2020 01:15:43 GMT
Content-Type
text/html
Content-Length
162
Location
http://m8zr.com/news/wp-admin/maint/linkedin/
Connection
keep-alive
cpoav6rv4nn286rsydaj6z83d
static-exp1.licdn.com/sc/h/br/ 		121 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-exp1.licdn.com/sc/h/br/cpoav6rv4nn286rsydaj6z83d
Requested by
Host: m8zr.com
URL: http://m8zr.com/news/wp-admin/maint/linkedin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
41ce2cf10c691e23a3815ece5323c49d8c255d05a51dff06a16d9d0b264b51de

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Tue, 28 Apr 2020 01:15:38 GMT
Content-Encoding
br
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2b455e523e90
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
33489
X-LI-UUID
MAmMUnqMCRbwbtNNZisAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-eda6
X-Li-Fabric
prod-ltx1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
30098c527a8c0916f06ed34d662b0000
Expires
Tue, 27 Apr 2021 02:33:20 GMT
2ieeh0gfohcckb0f7ezjk4r0d
static-exp1.licdn.com/sc/h/br/ 		66 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static-exp1.licdn.com/sc/h/br/2ieeh0gfohcckb0f7ezjk4r0d
Requested by
Host: m8zr.com
URL: http://m8zr.com/news/wp-admin/maint/linkedin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
4acc901fa01b114bc53f8f39cab09d481c45ebefb446889aad00dbe86d73e3cc

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Tue, 28 Apr 2020 01:15:38 GMT
Content-Encoding
br
Content-Type
text/javascript
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2b62fa0d58d0
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
19936
X-LI-UUID
E3O0UXqMCRZgPUF8kCsAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
X-Li-Fabric
prod-lva1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
c513312eaba0f715a0ea168e442b0000
Expires
Tue, 27 Apr 2021 02:33:20 GMT
%2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
static-exp1.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.2.75/f/ 		160 KB
19 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static-exp1.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.2.75/f/%2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
Requested by
Host: m8zr.com
URL: http://m8zr.com/news/wp-admin/maint/linkedin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
61c968d6ea5f329e15b82224ca0c928ac90f54d15b343bc1ffd8ca64e25337c5

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Tue, 28 Apr 2020 01:15:38 GMT
Content-Encoding
gzip
Content-Type
text/css
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-FS-TXN-ID
2b223ed1dbf0
X-CDN-Proto
HTTP1
Remote-Cache-Status
TCP_HIT, TCP_HIT
Connection
keep-alive
Content-Length
18472
X-LI-UUID
BQ2/UXqMCRbwWxeO1CoAAA==
Server
Play
Timing-Allow-Origin
*
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-edc2
Vary
Accept-Encoding
X-Li-Fabric
prod-lva1
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
X-LI-Static-Content
1
X-FS-UUID
9cc5dc35f94c051610c98e24ee2a0000
Expires
Tue, 27 Apr 2021 02:33:20 GMT
cwn0a0e7hog2i33c88ucrvot5
static-exp1.licdn.com/sc/h/ 		8 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static-exp1.licdn.com/sc/h/cwn0a0e7hog2i33c88ucrvot5
Requested by
Host: m8zr.com
URL: http://m8zr.com/news/wp-admin/maint/linkedin/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:28c::25ea , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
779e6f64994afd63f7f3a9bdda69693df4a8315156567c1aa6daa8d1ebc87dd5

Request headers

Referer
https://static-exp1.licdn.com/sc/p/com.linkedin.checkpoint%3Acheckpoint-static-content%2B2.2.75/f/%2Fcheckpoint-frontend%2Fstylesheets%2Flogin%2Forganic%2Fdesktop_en_US.css
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-LI-Proto
http/1.1
Date
Tue, 28 Apr 2020 01:15:38 GMT
Content-Encoding
gzip
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-LI-Static-Content
1
X-CDN-Proto
HTTP1
Connection
keep-alive
Content-Length
1885
X-LI-UUID
rBhsf0WiexXgTYpxQisAAA==
Server
Play
Last-Modified
Mon, 05 Nov 2012 04:00:51 GMT
X-Li-Pop
prod-efr5
Vary
Accept-Encoding
Content-Type
image/svg+xml
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-CDN, X-CDN-CLIENT-IP-VERSION, X-CDN-Proto
Cache-Control
max-age=31536000, immutable
Timing-Allow-Origin
*
X-Li-Fabric
prod-lva1
Expires
Fri, 11 Dec 2020 10:53:27 GMT
user
www.linkedin-ei.com/litms/api/metadata/ 		136 B
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.linkedin-ei.com/litms/api/metadata/user
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/br/cpoav6rv4nn286rsydaj6z83d
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::16 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
46401b9319716c06ca884558d39bbdd8855d7acd0721f1406efe2bdaa5f59854
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' ffi.st static.licdn-ei.com media.licdn-ei.com static-exp1.licdn-ei.com static-exp2.licdn-ei.com media-exp1.licdn-ei.com media-exp2.licdn-ei.com https://media-src.linkedin-ei.com/media/ www.linkedin.com www.linkedin-ei.com spdy.linkedin-ei.com dms.licdn-ei.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com static-src.linkedin-ei.com *.licdn-ei.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' ffi.st spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com platform.linkedin-ei.com spdy.linkedin-ei.com static-src.linkedin-ei.com *.licdn-ei.com lix.corp.linkedin.com lva1-lixr01.linkedin.biz static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com www.linkedin.com slideshare.www.linkedin-ei.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' http://qa-mailbox.corp.linkedin.com; report-uri https://www.linkedin-ei.com/platform-telemetry/csp?f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
br
x-content-type-options
nosniff
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
status
200
x-li-ats-encoding
br/5
content-length
99
x-li-uuid
0Jr3e9HWCRbQzUqTaysAAA==
pragma
no-cache
x-li-pop
afd-ei-ltx1
x-msedge-ref
Ref A: 09740609A90E435E85148158257264A5 Ref B: FRAEDGE0809 Ref C: 2020-04-28T01:15:38Z
x-frame-options
sameorigin
date
Tue, 28 Apr 2020 01:15:38 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin-ei.com/platform-telemetry/ct"
vary
Origin,Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/json; charset=utf-8
access-control-allow-origin
http://m8zr.com
x-xss-protection
1; mode=block
cache-control
no-cache, no-store
access-control-allow-credentials
true
content-security-policy
default-src *; connect-src 'self' ffi.st static.licdn-ei.com media.licdn-ei.com static-exp1.licdn-ei.com static-exp2.licdn-ei.com media-exp1.licdn-ei.com media-exp2.licdn-ei.com https://media-src.linkedin-ei.com/media/ www.linkedin.com www.linkedin-ei.com spdy.linkedin-ei.com dms.licdn-ei.com https://dpm.demdex.net/id https://lnkd.demdex.net/event blob: platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com static-src.linkedin-ei.com *.licdn-ei.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' ffi.st spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com platform.linkedin-ei.com spdy.linkedin-ei.com static-src.linkedin-ei.com *.licdn-ei.com lix.corp.linkedin.com lva1-lixr01.linkedin.biz static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com www.linkedin.com slideshare.www.linkedin-ei.com https://snap.licdn.com/li.lms-analytics/insight.min.js platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' http://qa-mailbox.corp.linkedin.com; report-uri https://www.linkedin-ei.com/platform-telemetry/csp?f=l
x-li-proto
http/2
x-li-fabric
ei-ltx1
expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ 		34 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1588036500000
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/br/cpoav6rv4nn286rsydaj6z83d
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Play /
Resource Hash
e15c6a09ec453944498f1d29198b0a1cd17b3c2dc8ebdfd887885d33cf886768

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 01:15:39 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-cdn
AKAM
p3p
CP="CAO CUR ADM DEV PSA PSD OUR"
status
200
content-length
10496
x-li-uuid
Rzlge9HWCRbwMNhEaisAAA==
server
Play
last-modified
Mon, 27 Apr 2020 22:20:28 GMT
x-li-pop
ei-ltx1
etag
"5156027ace4f83e980d36632889e75e612a4cc73"
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-li-proto
http/1.1
akamai-age-ms
1588036539011
x-li-fabric
ei-ltx1
visitor-api.js
platform.linkedin-ei.com/litms/vendor/adobe/ 		43 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin-ei.com/litms/vendor/adobe/visitor-api.js?utv=ut4.46.201912172056
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1588036500000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Play /
Resource Hash
471188d7a3f39f1672fa456797affe01a6a15c52c058e44fbda8dcd8801714a8

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 01:15:39 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-cdn
AKAM
p3p
CP="CAO CUR ADM DEV PSA PSD OUR"
status
200
content-length
14341
x-li-uuid
jqEDJ2+QCRYAWyigaysAAA==
server
Play
last-modified
Fri, 24 Apr 2020 19:34:00 GMT
x-li-pop
ei-ltx1
etag
"eb6835ec7b94dd02655e8754a040fd3df754a71f"
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2628000
x-li-proto
http/1.1
x-li-fabric
ei-ltx1
dil.js
platform.linkedin-ei.com/litms/vendor/adobe/ 		31 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin-ei.com/litms/vendor/adobe/dil.js?utv=ut4.46.202004081946
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1588036500000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Play /
Resource Hash
77052aed3bf2ee3f5908c12b548509c1d8d1911579cfe825acbe8ba3db64c44c

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 28 Apr 2020 01:15:39 GMT
content-encoding
gzip
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
x-cdn
AKAM
p3p
CP="CAO CUR ADM DEV PSA PSD OUR"
status
200
content-length
10563
x-li-uuid
3q4FCJ9fBRZAB4wvZisAAA==
server
Play
last-modified
Fri, 10 Apr 2020 19:23:12 GMT
x-li-pop
ei-ltx1
etag
"e14247558ad10fde0b2494f03e23148f2bf17e98"
vary
Accept-Encoding
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
content-type
application/javascript; charset=utf-8
cache-control
max-age=2628000
x-li-proto
http/1.1
x-li-fabric
ei-ltx1
id
dpm.demdex.net/ 		548 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://dpm.demdex.net/id?d_visid_ver=3.3.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14215E3D5995C57C0A495C55%40AdobeOrg&d_nsid=0&ts=1588036539055
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/vendor/adobe/visitor-api.js?utv=ut4.46.201912172056
Protocol
HTTP/1.1
Server
54.154.151.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-151-160.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
395270c49505df6ccb938057dec612c4a0e205f19e0dbc409978a509d60e7601

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v066-055425f4d.edge-irl1.demdex.com 5.67.0.20200415110424 3ms (+1ms)
Pragma
no-cache
Content-Encoding
gzip
X-TID
76sQUXwYSG8=
Vary
Origin, Accept-Encoding, User-Agent
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://m8zr.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
394
Expires
Thu, 01 Jan 1970 00:00:00 GMT
utag.107.js
platform.linkedin-ei.com/litms/utag/checkpoint-frontend/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.107.js?utv=ut4.46.202004102054
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1588036500000
Protocol
HTTP/1.1
Server
2a01:4a0:1338:28::c38a:ff08 , Germany, ASN201011 (NETZBETRIEB-GMBH, DE),
Reverse DNS
Software
Play /
Resource Hash
94900f3d1a1876423b9b3ce46d90e2b8f6247c050180685d6991a7a08a56d897

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Tue, 28 Apr 2020 01:15:39 GMT
Content-Encoding
gzip
Content-Type
application/javascript; charset=utf-8
NEL
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.0001,"failure_fraction":1,"include_subdomains":true}
X-CDN
AKAM
P3P
CP="CAO CUR ADM DEV PSA PSD OUR"
Connection
keep-alive
Content-Length
3115
X-LI-UUID
/y4nE1vVCRYwRS2gaysAAA==
Server
Play
Last-Modified
Mon, 27 Apr 2020 22:20:28 GMT
X-Li-Pop
ei-ltx1
ETag
"cd949ee70526a8197b27617c9f3d1d4f9ba9d23d"
Vary
Accept-Encoding
Report-To
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin-ei.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric
ei-ltx1
Cache-Control
max-age=300
X-LI-Proto
http/1.1
track
m8zr.com/li/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://m8zr.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/br/2ieeh0gfohcckb0f7ezjk4r0d
Protocol
HTTP/1.1
Server
156.254.71.198 Johannesburg, South Africa, ASN135357 (SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
8f4a26ce0e0a31403886724a1b3185491babcfaf6da3505bee01928fb0ee21f1

Request headers

Csrf-Token
Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

Date
Tue, 28 Apr 2020 01:15:44 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Link
<http://www.m8zr.com/news/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
track
m8zr.com/li/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://m8zr.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/br/cpoav6rv4nn286rsydaj6z83d
Protocol
HTTP/1.1
Server
156.254.71.198 Johannesburg, South Africa, ASN135357 (SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
36874ddf4548b2593b6073c4512f79e7e7554597022968ae7c3306371a2af2dc

Request headers

Csrf-Token
Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-type
application/json

Response headers

Date
Tue, 28 Apr 2020 01:15:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Link
<http://www.m8zr.com/news/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
dest5.html
fast.lnkd.demdex.net/ Frame 6E32 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
http://fast.lnkd.demdex.net/dest5.html?d_nsid=0
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/vendor/adobe/visitor-api.js?utv=ut4.46.201912172056
Protocol
HTTP/1.1
Server
2.16.186.56 , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
a2-16-186-56.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash

Request headers

Host
fast.lnkd.demdex.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
Accept-Encoding
gzip, deflate
Accept-Language
en-US
Cookie
demdex=92133560463016760713086355653826968647
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
http://m8zr.com/news/wp-admin/maint/linkedin/

Response headers

Accept-Ranges
bytes
Content-Type
text/html
ETag
"2c9c2ee145ee280b85a217ad7045fae5:1580750826.437238"
Last-Modified
Mon, 03 Feb 2020 17:27:06 GMT
Server
AkamaiNetStorage
Vary
Accept-Encoding
Content-Encoding
gzip
Cache-Control
max-age=21600
Date
Tue, 28 Apr 2020 01:15:39 GMT
Content-Length
2785
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
event
lnkd.demdex.net/ 		626 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnkd.demdex.net/event?_ts=1588036539057
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/vendor/adobe/dil.js?utv=ut4.46.202004081946
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-60-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c426cbe1c15c482094d7c51620776983da29890b57155c834bfcbfe819ec8a79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v066-08b00a492.edge-irl1.demdex.com 5.67.0.20200415110424 5ms (+1ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
pBlgYKTuTok=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://m8zr.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
626
Expires
Thu, 01 Jan 1970 00:00:00 GMT
event
lnkd.demdex.net/ 		626 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://lnkd.demdex.net/event?_ts=1588036539106
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/vendor/adobe/dil.js?utv=ut4.46.202004081946
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.203.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-60-151.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
212e1fea74552cd533ea4dbe2213a0a4f0bd319e105ea07c6137d87c1d81bf06
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-v066-070aebaf2.edge-irl1.demdex.com 5.67.0.20200415110424 6ms (+0ms)
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GwclQMOAREA=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
http://m8zr.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
626
Expires
Thu, 01 Jan 1970 00:00:00 GMT
gtag-adwords.js
platform.linkedin.com/litms/vendor/google/ 		78 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.linkedin.com/litms/vendor/google/gtag-adwords.js?id=AW-979305453
Requested by
Host: platform.linkedin-ei.com
URL: https://platform.linkedin-ei.com/litms/utag/checkpoint-frontend/utag.js?cb=1588036500000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:299::25eb , Ascension Island, ASN20940 (AKAMAI-ASN1, EU),
Reverse DNS
Software
Play /
Resource Hash
e6f500a93604d8ecc9a6092b911b82417ee9fa11a66489ca8614e3fe41e0eb82

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

X-EdgeConnect-Origin-MEX-Latency
140, 140
Date
Tue, 28 Apr 2020 01:15:39 GMT
Content-Encoding
gzip
Content-Type
application/javascript; charset=utf-8
X-CDN-CLIENT-IP-VERSION
IPV6
X-CDN
AKAM
X-EdgeConnect-MidMile-RTT
4, 11
Connection
keep-alive
Content-Length
29357
X-LI-UUID
s35enYRyBRYgVXLj9yoAAA==
Server
Play
Last-Modified
Fri, 10 Apr 2020 19:23:12 GMT
X-Li-Pop
prod-ech2
ETag
"164add808597e17c4e70a1dce7623a8120cec61a"
Vary
Accept-Encoding
X-Li-Fabric
prod-ltx1
Cache-Control
max-age=2628000
X-LI-Proto
http/1.1
track
m8zr.com/li/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
http://m8zr.com/li/track
Requested by
Host: static-exp1.licdn.com
URL: https://static-exp1.licdn.com/sc/h/br/2ieeh0gfohcckb0f7ezjk4r0d
Protocol
HTTP/1.1
Server
156.254.71.198 Johannesburg, South Africa, ASN135357 (SKHT-AS Shenzhen Katherine Heng Technology Information Co., Ltd., CN),
Reverse DNS
Software
nginx /
Resource Hash
95ec14accecb0aeb4e87bdbb6d0899eb8b5eb1ddcc097205010c71c656ae7f33

Request headers

Csrf-Token
Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
content-type
application/json

Response headers

Date
Tue, 28 Apr 2020 01:15:45 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
Cache-Control
no-cache, must-revalidate, max-age=0
Transfer-Encoding
chunked
Connection
keep-alive
Link
<http://www.m8zr.com/news/wp-json/>; rel="https://api.w.org/"
Expires
Wed, 11 Jan 1984 05:00:00 GMT
/
www.google.de/pagead/1p-user-list/979305453/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=1588036539565&cv=9&fst=1588036539565&num=1&fmt=3&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=12...
  • https://www.google.com/pagead/1p-user-list/979305453/?random=1588036539565&cv=9&fst=1588035600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java...
  • https://www.google.de/pagead/1p-user-list/979305453/?random=1588036539565&cv=9&fst=1588035600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/979305453/?random=1588036539565&cv=9&fst=1588035600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fm8zr.com%2Fnews%2Fwp-admin%2Fmaint%2Flinkedin%2F&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&is_vtc=1&random=999250696&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 01:15:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Apr 2020 01:15:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-user-list/979305453/?random=1588036539565&cv=9&fst=1588035600000&num=1&fmt=3&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dgtag.config&frm=0&url=http%3A%2F%2Fm8zr.com%2Fnews%2Fwp-admin%2Fmaint%2Flinkedin%2F&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&is_vtc=1&random=999250696&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-conversion/979305453/
Redirect Chain
  • https://www.googleadservices.com/pagead/conversion/979305453/?random=1588036539567&cv=9&fst=1588036539567&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w...
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1...
  • https://www.google.com/pagead/1p-conversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=16...
  • https://www.google.de/pagead/1p-conversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=160...
42 B
110 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-conversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http://m8zr.com/news/wp-admin/maint/linkedin/&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=u4OnXrLPI9P0gAfd5ZWIBg&cid=CAQSKQCNIrLMTXdWVY8W8ifLovezG7e1JEfxpJxdFSt6M2DU3topoJ2r4iYK&random=2366438873&resp=GooglemKTybQhCsO&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:825::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://m8zr.com/news/wp-admin/maint/linkedin/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Apr 2020 01:15:39 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 28 Apr 2020 01:15:39 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
image/gif
location
https://www.google.de/pagead/1p-conversion/979305453/?random=239478723&cv=9&fst=*&num=1&fmt=3&label=ZRKoCICMpsUBEO2H_NID&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2sa3i1&sendb=1&data=event%3Dconversion&frm=0&url=http://m8zr.com/news/wp-admin/maint/linkedin/&tiba=LinkedIn%20Login%2C%20Sign%20in%20%7C%20LinkedIn&async=1&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&gtd=&is_vtc=1&ocp_id=u4OnXrLPI9P0gAfd5ZWIBg&cid=CAQSKQCNIrLMTXdWVY8W8ifLovezG7e1JEfxpJxdFSt6M2DU3topoJ2r4iYK&random=2366438873&resp=GooglemKTybQhCsO&ipr=y
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,h3-T050=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LinkedIn (Social Network)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| LI object| artdeco object| _artdecoBakedCurves object| __core-js_shared__ undefined| utag_data object| utag_cfg_ovrd object| tealiumDil boolean| utag_condload object| utag function| DIL function| e function| Visitor object| rumTracking object| s_c_il number| s_c_in string| gtagRename object| dataLayer function| gtag function| GooglemKTybQhCsO function| google_trackConversion object| google_tag_manager

0 Cookies

2 Console Messages

Source Level URL
Text
console-api error URL: https://static-exp1.licdn.com/sc/h/br/2ieeh0gfohcckb0f7ezjk4r0d(Line 1)
Message:
[object XMLHttpRequest]
console-api error URL: https://static-exp1.licdn.com/sc/h/br/cpoav6rv4nn286rsydaj6z83d(Line 3)
Message:
[object XMLHttpRequest]

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

dpm.demdex.net
fast.lnkd.demdex.net
googleads.g.doubleclick.net
lnkd.demdex.net
m8zr.com
platform.linkedin-ei.com
platform.linkedin.com
static-exp1.licdn.com
www.google.com
www.google.de
www.googleadservices.com
www.linkedin-ei.com
156.254.71.198
172.217.16.194
18.203.60.151
2.16.186.56
2620:1ec:21::16
2a00:1450:4001:819::2004
2a00:1450:4001:81d::2002
2a00:1450:4001:825::2003
2a01:4a0:1338:28::c38a:ff08
2a02:26f0:6c00:28c::25ea
2a02:26f0:6c00:299::25eb
54.154.151.160
212e1fea74552cd533ea4dbe2213a0a4f0bd319e105ea07c6137d87c1d81bf06
36874ddf4548b2593b6073c4512f79e7e7554597022968ae7c3306371a2af2dc
395270c49505df6ccb938057dec612c4a0e205f19e0dbc409978a509d60e7601
40e4f1bf9ba62da939a442350b7ddb45429cd9dfe389bd6f129a944b1d3d45d0
41ce2cf10c691e23a3815ece5323c49d8c255d05a51dff06a16d9d0b264b51de
46401b9319716c06ca884558d39bbdd8855d7acd0721f1406efe2bdaa5f59854
471188d7a3f39f1672fa456797affe01a6a15c52c058e44fbda8dcd8801714a8
4acc901fa01b114bc53f8f39cab09d481c45ebefb446889aad00dbe86d73e3cc
61c968d6ea5f329e15b82224ca0c928ac90f54d15b343bc1ffd8ca64e25337c5
77052aed3bf2ee3f5908c12b548509c1d8d1911579cfe825acbe8ba3db64c44c
779e6f64994afd63f7f3a9bdda69693df4a8315156567c1aa6daa8d1ebc87dd5
8f4a26ce0e0a31403886724a1b3185491babcfaf6da3505bee01928fb0ee21f1
94900f3d1a1876423b9b3ce46d90e2b8f6247c050180685d6991a7a08a56d897
95ec14accecb0aeb4e87bdbb6d0899eb8b5eb1ddcc097205010c71c656ae7f33
c426cbe1c15c482094d7c51620776983da29890b57155c834bfcbfe819ec8a79
e15c6a09ec453944498f1d29198b0a1cd17b3c2dc8ebdfd887885d33cf886768
e6f500a93604d8ecc9a6092b911b82417ee9fa11a66489ca8614e3fe41e0eb82
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629