urlscan.io logo urlscan.io
SecurityTrails logo

www.linkedin.com Open in urlscan Pro
2620:1ec:21::14  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://linkedin.lars-jaensch.de/
Effective URL: https://www.linkedin.com/checkpoint/challengesV2/AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2yPVz3eraJMyhEgiy2Ovtt...
Submission Tags: @phishunt_io
Submission: On April 19 via api from DE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 4 IPs in 1 countries across 3 domains to perform 6 HTTP transactions. The main IP is 2620:1ec:21::14, located in and belongs to . The main domain is www.linkedin.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on March 28th 2022. Valid for: 6 months.
This is the only time www.linkedin.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

Domain Requested by
1 www.linkedin.com de.linkedin.com
1 de.linkedin.com
1 linkedin.lars-jaensch.de
0 static-exp1.licdn.com Failed www.linkedin.com
6 4

This site contains no links.

Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-04-10 -
2023-04-09		 a year crt.sh
us.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-04-14 -
2022-10-14		 6 months crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2022-03-28 -
2022-09-28		 6 months crt.sh

This page contains 1 frames:

Primary Page: https://www.linkedin.com/checkpoint/challengesV2/AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2yPVz3eraJMyhEgiy2Ovtt1efnBBgb-16Ud3EKti_fIdPjUg?original_referer=https%3A%2F%2Flinkedin.lars-jaensch.de%2F
Frame ID: 6EB1716203EA15AFF110DE847D280A6F
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://linkedin.lars-jaensch.de/ Page URL
  2. https://de.linkedin.com/in/lars-j%C3%A4nsch-347547210 Page URL
  3. https://www.linkedin.com/checkpoint/challengesV2/AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2y... Page URL

Page Statistics

6
Requests

50 %
HTTPS

100 %
IPv6

3
Domains

4
Subdomains

4
IPs

1
Countries

14 kB
Transfer

22 kB
Size

10
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://linkedin.lars-jaensch.de/ Page URL
  2. https://de.linkedin.com/in/lars-j%C3%A4nsch-347547210 Page URL
  3. https://www.linkedin.com/checkpoint/challengesV2/AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2yPVz3eraJMyhEgiy2Ovtt1efnBBgb-16Ud3EKti_fIdPjUg?original_referer=https%3A%2F%2Flinkedin.lars-jaensch.de%2F Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

6 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
/
linkedin.lars-jaensch.de/ 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://linkedin.lars-jaensch.de/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:585d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
443fb3f7af24eaa05405da2639e99c6bad21b18175dae192e5fc7674a5973f23
Security Headers
Name Value
Strict-Transport-Security max-age=10368000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
6fe7a71e281059f5-MXP
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 19 Apr 2022 18:20:11 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IEgGmF10PBp%2BKpdOaBBJR%2F4DODWYiPJKz2wNR8tfhfy7RdK3Y318TKbfUu1ECVDLhYUVjHIbDD9UOSDcUbxxP%2BTA19jgLijaO8XH1k%2FJhsO3qzfgfBzoxb%2FjDjODPuP5wtd7tBJt4K5hIt57VdSnEIxEqFjc1xs%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
strict-transport-security
max-age=10368000; includeSubDomains; preload
vary
Accept-Encoding
lars-j%C3%A4nsch-347547210
de.linkedin.com/in/ 		2 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://de.linkedin.com/in/lars-j%C3%A4nsch-347547210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:119:50e8:101::9002:f05 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://linkedin.lars-jaensch.de/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
1757
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'; report-uri /security/csp?e=p&f=l
content-type
text/html
date
Tue, 19 Apr 2022 18:20:15 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
x-frame-options
sameorigin
x-li-fabric
prod-ltx1
x-li-pop
prod-ltx1
x-li-proto
http/2
x-li-uuid
ylZBTShf5xawq07obysAAA==
Primary Request AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2yPVz3eraJMyhEgiy2Ovtt1efnBBgb-16Ud3EKti_fIdPjUg
www.linkedin.com/checkpoint/challengesV2/ 		18 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.linkedin.com/checkpoint/challengesV2/AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2yPVz3eraJMyhEgiy2Ovtt1efnBBgb-16Ud3EKti_fIdPjUg?original_referer=https%3A%2F%2Flinkedin.lars-jaensch.de%2F
Requested by
Host: de.linkedin.com
URL: https://de.linkedin.com/in/lars-j%C3%A4nsch-347547210
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
cba2bb2986f20fb360f975c5e2272cb7d2ca060f0252cbc6904c12f3db406a1c
Security Headers
Name Value
Content-Security-Policy default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com www.linkedin.cn; report-uri /security/csp?e=p&f=rl
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options sameorigin

Request headers

Referer
https://de.linkedin.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
content-length
7375
content-security-policy
default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com www.linkedin.cn; report-uri /security/csp?e=p&f=rl
content-type
text/html; charset=utf-8
date
Tue, 19 Apr 2022 18:20:15 GMT
expect-ct
max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-cache
CONFIG_NOCACHE
x-content-type-options
nosniff
x-frame-options
sameorigin
x-fs-uuid
0005dd05edaeb58a69f647132d7fd86c
x-li-fabric
prod-ltx1
x-li-pop
afd-prod-ltx1-x
x-li-proto
http/2
x-li-uuid
AAXdBe2utYpp9kcTLX/YbA==
x-msedge-ref
Ref A: 42EA4C0E254945678D502987EDA7F6C8 Ref B: FRAEDGE0710 Ref C: 2022-04-19T18:20:15Z
b49i6jboqpekp8dj6gmp7on46
static-exp1.licdn.com/sc/h/ 		0
0
82u74mp8ty8rv4pow80wd72t3
static-exp1.licdn.com/sc/h/ 		0
0
9um8avm1ypqpnirvdoe8syb43
static-exp1.licdn.com/sc/h/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
static-exp1.licdn.com
URL
https://static-exp1.licdn.com/sc/h/b49i6jboqpekp8dj6gmp7on46
Domain
static-exp1.licdn.com
URL
https://static-exp1.licdn.com/sc/h/82u74mp8ty8rv4pow80wd72t3
Domain
static-exp1.licdn.com
URL
https://static-exp1.licdn.com/sc/h/9um8avm1ypqpnirvdoe8syb43

Verdicts & Comments Add Verdict or Comment

4 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| structuredClone object| oncontextlost object| oncontextrestored function| getScreenDetails

10 Cookies

Domain/Path Name / Value
.linkedin.com/ Name: bcookie
Value: "v=2&3b677584-b4b1-443e-8a73-dd4408147140"
.de.linkedin.com/ Name: bscookie
Value: "v=1&20220419182015629b6650-45a5-4975-8386-8c4a067a3cfaAQFlgmfZ34Z5a_SXVgxu7gPdK6OnBo9V"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTAzOTI0MTU7MjswMjEyrZNYOfu6ukw6XpkES2p8n0c/BBsPQUHCrGVumbgXMg==
.linkedin.com/ Name: lidc
Value: "b=TGST01:s=T:r=T:a=T:p=T:g=2807:u=1:x=1:i=1650392415:t=1650478815:v=2:sig=AQHmGh1hH6WeFbIzdif-5FdkqRXV_rbA"
de.linkedin.com/ Name: fid
Value: AQHlfYVKUXZWsgAAAYBDDbyoRC4JPj-A5cbTT2lX_DiFYFQ62Hpuo9ah9EYgVRbEWmSz8SiFN6uokA
.de.linkedin.com/ Name: JSESSIONID
Value: ajax:1497105319200583337
.linkedin.com/ Name: lang
Value: v=2&lang=de-de
de.linkedin.com/ Name: ccookie
Value: AQEYvWBsDNkqrAAAAYBDDbsYFWlKp1HBsq+uZS/f//p3SVQ7MgOF6StnsqL7T07yXSc2kI4kqLpjReHtYFYyeRntJjk+vziAOjvaSUB6CO9REmID7/KA2QPBRamUKX5rcSVdpRYfkk98194=
de.linkedin.com/ Name: li_cu
Value: /challengesV2/AQGOFWlod9YJRQAAAYBDDbzqpzSpbR6DsZ7qvU2B48Jfs5fWCw2yPVz3eraJMyhEgiy2Ovtt1efnBBgb-16Ud3EKti_fIdPjUg
de.linkedin.com/ Name: li_referer
Value: https://linkedin.lars-jaensch.de/

1 Console Messages

Source Level URL
Text
network error URL: https://de.linkedin.com/in/lars-j%C3%A4nsch-347547210
Message:
Failed to load resource: the server responded with a status of 999 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=10368000; includeSubDomains; preload