un5gmtkzggtb9apnm3rj8.lt.samf.me Open in urlscan Pro
3.71.255.151 Malicious Activity! Public Scan

Go To Rescan
Add Verdict Report

URL:
https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Submission: On July 14 via automatic, source openphish (July 14th 2023, 8:23:28 pm UTC) — Scanned from DE

Summary HTTP 19 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 2 IPs in 2 countries across 2 domains to perform 19 HTTP transactions. The main IP is 3.71.255.151, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is un5gmtkzggtb9apnm3rj8.lt.samf.me.
TLS certificate: Issued by R3 on July 7th 2023. Valid for: 3 months.

This is the only time un5gmtkzggtb9apnm3rj8.lt.samf.me was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: LinkedIn (Social Network)

Domain & IP information

	IP Address	AS Autonomous System
17	3.71.255.151 3.71.255.151	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:bdf::45 2620:1ec:bdf::45	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
19	2

17 3.71.255.151 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com

un5gmtkzggtb9apnm3rj8.lt.samf.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
un5gdu92ggta2k5q3w.lt.samf.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:bdf::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

ps.azurewaf.microsoft.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	samf.me un5gmtkzggtb9apnm3rj8.lt.samf.me un5gdu92ggta2k5q3w.lt.samf.me	1 MB
2	microsoft.com ps.azurewaf.microsoft.com — Cisco Umbrella Rank: 13574	457 B
19	2

	Domain	Requested by
11	un5gdu92ggta2k5q3w.lt.samf.me	un5gmtkzggtb9apnm3rj8.lt.samf.me un5gdu92ggta2k5q3w.lt.samf.me
6	un5gmtkzggtb9apnm3rj8.lt.samf.me	un5gdu92ggta2k5q3w.lt.samf.me
2	ps.azurewaf.microsoft.com	un5gdu92ggta2k5q3w.lt.samf.me
19	3

This site contains links to these domains. Also see Links.

Domain
un5myzb5x75jmqa0h6yddd8.lt.samf.me
un5h3983ggtb9apnm3rj8.lt.samf.me

Subject Issuer	Validity	Valid
*.lt.samf.me R3	`2023-07-07` - `2023-10-05`	3 months	crt.sh
ps.azurewaf.microsoft.com Microsoft Azure TLS Issuing CA 01	`2023-02-26` - `2024-02-21`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Frame ID: 3AEA5A9F831410BDEAFA85FDA16C119C
Requests: 18 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Einloggen | LinkedIn

Page Statistics

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

1516 kB
Transfer

1841 kB
Size

4
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://un5myzb5x75jmqa0h6yddd8.lt.samf.me/?trk=seo-authwall-base_footer-about
Title: Info

Search URL Search Domain Scan URL

URL: https://un5h3983ggtb9apnm3rj8.lt.samf.me/policies?trk=seo-authwall-base_footer-brand-policy
Title: Markenrichtlinine

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

19 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request authwall Show response
un5gmtkzggtb9apnm3rj8.lt.samf.me/ 55 KB
11 KB 336ms
299ms Document
text/html 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0e13b40351ccbabcc6312302b85bbce92e0eb7d7f65eaec429c23c23282e7c22

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store
Content-Encoding: gzip
Content-Length: 9467
Content-Type: text/html; charset=utf-8
Date: Fri, 14 Jul 2023 20:23:23 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Vary: Accept-Encoding
X-Cache: CONFIG_NOCACHE
X-Fs-Uuid: 000600783876cc5397c3c2ec47c11622
X-Li-Fabric: prod-lor1
X-Li-Pop: afd-prod-lor1-x
X-Li-Proto: http/1.1
X-Li-Uuid: AAYAeDh2zFOXw8LsR8EWIg==
X-Msedge-Ref: Ref A: FCFA0708744A402192C67BFD3DB421F9 Ref B: FRAEDGE1912 Ref C: 2023-07-14T20:23:23Z

GET
H/1.1 200
OK evk2uvgjlqmr27ul168y465j4 Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 400 KB
402 KB 136ms
99ms Script
text/javascript 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/evk2uvgjlqmr27ul168y465j4
Requested by: Host: un5gmtkzggtb9apnm3rj8.lt.samf.me
URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CA6) /
Resource Hash: b44d22355442d3209d207f07541b8e881a28bd8b631d4a088abb9be097dfe74b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 20:23:23 GMT
Content-Encoding: deflate
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 186842
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cdn-Client-Ip-Version: IPV4
X-Cache: HIT
X-Cdn-Proto: HTTP1
X-Ambry-Blob-Size: 408902
Content-Disposition: attachment
Content-Length: 410005
X-Li-Uuid: AAYATLfJaaIK8Ok+xgFa6A==
X-Ambry-User-Quota-Warning: HEALTHY
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0021616817; STORAGE_IN_GB=0.0
Last-Modified: Wed, 28 Jun 2023 03:37:41 GMT
Server: ECAcc (frc/4CA6)
X-Li-Pop: prod-lor1-x
Vary: Accept-Encoding
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Li-Fabric: prod-lor1
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets
X-Fs-Uuid: 0006004cb7c969a20af0e93ec6015ae8
Expires: Wed, 19 Jul 2023 16:29:21 GMT

GET
H/1.1 200
OK pqmejk74l9nswxswihb7km0y
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 336 KB
46 KB 52ms
16ms Stylesheet
text/css 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/pqmejk74l9nswxswihb7km0y
Requested by: Host: un5gmtkzggtb9apnm3rj8.lt.samf.me
URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CC7) /
Resource Hash: a1dde8e50dd1278dbc22c8e5fb241f40ceb84f3926640ef3f52d740ff1f639f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 20:23:23 GMT
Content-Encoding: br
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 186842
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Cdn-Proto: HTTP1
X-Ambry-Blob-Size: 344370
Content-Disposition: attachment
Content-Length: 46107
X-Li-Uuid: AAYATLfM/8Xgt5GDt6IdXg==
X-Ambry-User-Quota-Warning: HEALTHY
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.00241686; STORAGE_IN_GB=0.0
Last-Modified: Wed, 28 Jun 2023 03:37:41 GMT
Server: ECAcc (frc/4CC7)
X-Li-Pop: prod-ltx1-x
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Li-Fabric: prod-ltx1
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets
X-Fs-Uuid: 0006004cb7ccffc5e0b79183b7a21d5e
Expires: Wed, 19 Jul 2023 16:29:21 GMT

GET
H/1.1 200
OK 5mic7em4akle2l5km6kwwo2hf Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 183 KB
184 KB 61ms
61ms Script
text/javascript 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Requested by: Host: un5gmtkzggtb9apnm3rj8.lt.samf.me
URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4C84) /
Resource Hash: 987e9931dcec3b235fde4d23f0740b73a672229fe52d9bb66516649739edb6d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: deflate
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 261113
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-lva1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 0006003b6ce50a6b4231ce92f85bd576
Expires: Tue, 18 Jul 2023 19:51:30 GMT
Date: Fri, 14 Jul 2023 20:23:23 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 187447
Content-Length: 187567
X-Li-Uuid: AAYAO2zlCmtCMc6S+FvVdg==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0038206945; STORAGE_IN_GB=0.0
Last-Modified: Mon, 08 May 2023 13:15:37 GMT
Server: ECAcc (frc/4C84)
X-Li-Pop: prod-lva1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-lor1
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

GET
H/1.1 200
OK 9zcty9rd7wdbxtxmtardpetcb Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 608 KB
609 KB 98ms
98ms Script
text/javascript 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/9zcty9rd7wdbxtxmtardpetcb
Requested by: Host: un5gmtkzggtb9apnm3rj8.lt.samf.me
URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CF0) /
Resource Hash: cbd465433a6bf5cfe320ff5344028474706ab73494cd74a7e97e232eedd34387

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Date: Fri, 14 Jul 2023 20:23:24 GMT
Content-Encoding: deflate
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 186841
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Cdn-Proto: HTTP1
X-Ambry-Blob-Size: 621653
Content-Disposition: attachment
Content-Length: 623099
X-Li-Uuid: AAYATLfx1J/B8IetEuzXCg==
X-Ambry-User-Quota-Warning: HEALTHY
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.002770448; STORAGE_IN_GB=0.0
Last-Modified: Wed, 28 Jun 2023 03:37:41 GMT
Server: ECAcc (frc/4CF0)
X-Li-Pop: prod-lor1-x
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Li-Fabric: prod-lor1
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets
X-Fs-Uuid: 0006004cb7f1d49fc1f087ad12ecd70a
Expires: Wed, 19 Jul 2023 16:29:23 GMT

GET
H/1.1 200
OK ddi43qwelxeqjxdd45pe3fvs1 Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 2 KB
2 KB 33ms
18ms XHR
image/svg+xml 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CBD) /
Resource Hash: 870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: br
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 159085
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-ltx1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 000600532e5196fa04f0eb4e8d0dd671
Expires: Thu, 20 Jul 2023 00:11:59 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 2435
Content-Length: 903
X-Li-Uuid: AAYAUy5RlvoE8OtOjQ3WcQ==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0033343572; STORAGE_IN_GB=0.0
Last-Modified: Tue, 05 Apr 2022 02:04:43 GMT
Server: ECAcc (frc/4CBD)
X-Li-Pop: prod-lva1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-lva1
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

GET
H/1.1 200
OK 6y2czwba46q3wsh2b0d0g6trj Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 182 KB
184 KB 73ms
73ms Script
text/javascript 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/6y2czwba46q3wsh2b0d0g6trj
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CEE) /
Resource Hash: 114b4e7e57fa51b82a68e977a863b765abd8e4b13cc695dc81fcb340af3c6a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: deflate
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 167348
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-lor1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 0006005141c972bbf85286c8820476ca
Expires: Wed, 19 Jul 2023 21:54:16 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 186380
Content-Length: 186633
X-Li-Uuid: AAYAUUHJcrv4UobIggR2yg==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0033600838; STORAGE_IN_GB=0.0
Last-Modified: Fri, 14 Oct 2022 07:00:01 GMT
Server: ECAcc (frc/4CEE)
X-Li-Pop: prod-lor1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-lva1
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

GET
H/1.1 200
OK 8fkga714vy9b2wk5auqo5reeb Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 3 KB
2 KB 33ms
17ms XHR
image/svg+xml 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/8fkga714vy9b2wk5auqo5reeb
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CE9) /
Resource Hash: b9e0a92c496b900728000dbf48aa623a7eb0468c5814a8bf60c69d6cda05b149

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: br
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 159061
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-lor1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 000600532fc386671b75167318c1fa9e
Expires: Thu, 20 Jul 2023 00:12:23 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 2958
Content-Length: 1202
X-Li-Uuid: AAYAUy/DhmcbdRZzGMH6ng==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0030558505; STORAGE_IN_GB=0.0
Last-Modified: Tue, 05 Apr 2022 06:06:04 GMT
Server: ECAcc (frc/4CE9)
X-Li-Pop: prod-lor1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-lva1
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

GET
H/1.1 200
OK 5oas73nreunfgygkpe5iwmgrs Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 391 B
2 KB 40ms
24ms XHR
image/svg+xml 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5oas73nreunfgygkpe5iwmgrs
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CA2) /
Resource Hash: 55e3d046df49b2754cec5ecee990e526dbb272e70eb5bea625b4e68e64ce1715

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: br
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 158903
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-lor1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 000600533922a80fb20e91d6d635f528
Expires: Thu, 20 Jul 2023 00:15:01 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 391
Content-Length: 270
X-Li-Uuid: AAYAUzkiqA+yDpHW1jX1KA==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0018228323; STORAGE_IN_GB=0.0
Last-Modified: Tue, 05 Apr 2022 04:16:45 GMT
Server: ECAcc (frc/4CA2)
X-Li-Pop: prod-lor1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-ltx1
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

GET
H/1.1 200
OK gs508lg3t2o81tq7pmcgn6m2 Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 274 B
1 KB 37ms
21ms XHR
image/svg+xml 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/gs508lg3t2o81tq7pmcgn6m2
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CAA) /
Resource Hash: 5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: br
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 159012
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-lor1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 0006005332adace632c42d4f29442781
Expires: Thu, 20 Jul 2023 00:13:12 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 274
Content-Length: 183
X-Li-Uuid: AAYAUzKtrOYyxC1PKUQngQ==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0026787566; STORAGE_IN_GB=0.0
Last-Modified: Tue, 05 Apr 2022 06:12:23 GMT
Server: ECAcc (frc/4CAA)
X-Li-Pop: prod-lor1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-ltx1
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

GET
H/1.1 200
OK ddi43qwelxeqjxdd45pe3fvs1 Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 2 KB
2 KB 37ms
21ms XHR
image/svg+xml 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ddi43qwelxeqjxdd45pe3fvs1
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CBD) /
Resource Hash: 870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: br
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 159085
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: image/svg+xml
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-ltx1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 000600532e5196fa04f0eb4e8d0dd671
Expires: Thu, 20 Jul 2023 00:11:59 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 2435
Content-Length: 903
X-Li-Uuid: AAYAUy5RlvoE8OtOjQ3WcQ==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0033343572; STORAGE_IN_GB=0.0
Last-Modified: Tue, 05 Apr 2022 02:04:43 GMT
Server: ECAcc (frc/4CBD)
X-Li-Pop: prod-lva1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-lva1
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

POST
H/1.1 999
status code 999 gauge Show response
un5gmtkzggtb9apnm3rj8.lt.samf.me/directory/api/ingraphs/ 1 KB
3 KB 205ms
204ms XHR
text/html 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/directory/api/ingraphs/gauge
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 644031a68bde879af85bcc9cb3e6fa1e9a6b0f61d49307581974b5dbc09d3de8

Request headers

Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
x-li-pageInstance: urn:li:page:auth_wall_desktop_jsbeacon;ENsSFMF6Rx6moZAOnPeyAw==
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 20:23:23 GMT
X-Li-Pop: afd-prod-ltx1-x
X-Msedge-Ref: Ref A: 99BA0A13BF774F01A742F14C27DD898A Ref B: DUS30EDGE0719 Ref C: 2023-07-14T20:23:24Z
X-Cache: CONFIG_NOCACHE
Content-Type: text/html
Access-Control-Allow-Origin: https://un5gmtkzggtb9apnm3rj8.lt.samf.me
X-Li-Fabric: prod-ltx1
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
X-Li-Proto: http/1.1
Content-Length: 1530
X-Li-Uuid: AAYAeDiA0uyATC27qgv4dg==
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 6r58rkh35e7x4dqy7terugz6s Show response
un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/ 65 KB
67 KB 55ms
55ms Script
text/javascript 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/6r58rkh35e7x4dqy7terugz6s
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: ECAcc (frc/4CDA) /
Resource Hash: f9b458597ab62a32bb5bfee638311dc3f37dad56f42f401c5c78668c15bdd817

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

Content-Encoding: deflate
X-Ambry-Target-Account-Name: aero
X-Cdn: ECST
Age: 86549
X-Cdn-Proto: HTTP1
Content-Disposition: attachment
X-Ambry-User-Quota-Warning: HEALTHY
Vary: Accept-Encoding
Content-Type: text/javascript
Access-Control-Allow-Origin: *
X-Li-Source-Fabric: prod-lva1
Access-Control-Expose-Headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE
Cache-Control: max-age=604800, immutable
X-Li-Proto: http/1.1
X-Fs-Uuid: 0006006411c73071baff36259a76b29f
Expires: Thu, 20 Jul 2023 20:20:55 GMT
Date: Fri, 14 Jul 2023 20:23:24 GMT
Nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
X-Cdn-Client-Ip-Version: IPV4
X-Ambry-Request-Cost: READ_CAPACITY_UNIT=1.0; STORAGE_IN_GB=0.0
X-Cache: HIT
X-Ambry-Blob-Size: 66919
Content-Length: 66939
X-Li-Uuid: AAYAZBHHMHG6/zYlmnaynw==
X-Ambry-User-Quota-Usage: READ_CAPACITY_UNIT=0.0025011564; STORAGE_IN_GB=0.0
Last-Modified: Thu, 30 Mar 2023 10:45:45 GMT
Server: ECAcc (frc/4CDA)
X-Li-Pop: prod-ltx1-x
Report-To: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
X-Li-Fabric: prod-ltx1
Timing-Allow-Origin: *
X-Ambry-Target-Container-Name: assets

POST
H/1.1 200
OK track
un5gmtkzggtb9apnm3rj8.lt.samf.me/li/ 0
0 230ms
213ms Fetch
text/plain 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/li/track
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

content-encoding: gzip
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 20:23:23 GMT
X-Li-Pop: afd-prod-lor1-x
X-Msedge-Ref: Ref A: 13C58DF55DD8453E91B1A8E9C27A16F9 Ref B: FRAEDGE1922 Ref C: 2023-07-14T20:23:24Z
X-Cache: CONFIG_NOCACHE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://un5gmtkzggtb9apnm3rj8.lt.samf.me
X-Li-Fabric: prod-lor1
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
X-Li-Proto: http/1.1
Content-Length: 0
X-Li-Uuid: AAYAeDiBf99aR8Mla2xGkA==
Expires: Thu, 01 Jan 1970 00:00:00 GMT

OPTIONS
H2 204 event
ps.azurewaf.microsoft.com/v4/ 0
0 175ms
99ms Preflight 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ps.azurewaf.microsoft.com/v4/event?correlationId=47269a33-87dc-42ba-81e6-69a3bd2d4b7d&type=ping

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://un5gmtkzggtb9apnm3rj8.lt.samf.me
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: *
date: Fri, 14 Jul 2023 20:23:24 GMT
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0
strict-transport-security: max-age=2592000
x-azure-ref: 20230714T202324Z-7pdcd1dgb90dz9n9kfw9vcdxhn00000000hg00000002s28a
x-cache: CONFIG_NOCACHE
x-powered-by: ASP.NET

POST
H2 200 event Show response
ps.azurewaf.microsoft.com/v4/ 0
457 B 111ms
107ms XHR
text/plain 2620:1ec:bdf::45
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://ps.azurewaf.microsoft.com/v4/event?correlationId=47269a33-87dc-42ba-81e6-69a3bd2d4b7d&type=ping

Requested by

Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/6r58rkh35e7x4dqy7terugz6s

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:1ec:bdf::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 14 Jul 2023 20:23:24 GMT
strict-transport-security: max-age=2592000
x-powered-by: ASP.NET
x-azure-ref: 20230714T202324Z-7pdcd1dgb90dz9n9kfw9vcdxhn00000000hg00000002s29h
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
accept-ranges: bytes
content-length: 0
request-context: appId=cid-v1:b972f5ff-0dbf-487c-8b8c-19607927d2c0

POST
H/1.1 200
OK track
un5gmtkzggtb9apnm3rj8.lt.samf.me/li/ 0
0 144ms
143ms Fetch
text/plain 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/li/track
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

content-encoding: gzip
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 20:23:24 GMT
X-Li-Pop: afd-prod-lva1-x
X-Msedge-Ref: Ref A: C8C4EC2FEF1B4AD1803FAE51B6935315 Ref B: FRAEDGE1719 Ref C: 2023-07-14T20:23:24Z
X-Cache: CONFIG_NOCACHE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://un5gmtkzggtb9apnm3rj8.lt.samf.me
X-Li-Fabric: prod-lva1
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
X-Li-Proto: http/1.1
Content-Length: 0
X-Li-Uuid: AAYAeDiIg97JR5h4Vip6Cg==
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK track
un5gmtkzggtb9apnm3rj8.lt.samf.me/li/ 0
0 295ms
295ms Fetch
text/plain 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/li/track
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

content-encoding: gzip
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 20:23:26 GMT
X-Li-Pop: afd-prod-ltx1-x
X-Msedge-Ref: Ref A: 4A13235D3B0E47BC93272F3B860BFD61 Ref B: DUS30EDGE0417 Ref C: 2023-07-14T20:23:26Z
X-Cache: CONFIG_NOCACHE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://un5gmtkzggtb9apnm3rj8.lt.samf.me
X-Li-Fabric: prod-ltx1
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
X-Li-Proto: http/1.1
Content-Length: 0
X-Li-Uuid: AAYAeDihE4vrR452QHYDlA==
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK track
un5gmtkzggtb9apnm3rj8.lt.samf.me/li/ 0
0 136ms
136ms Fetch
text/plain 3.71.255.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/li/track
Requested by: Host: un5gdu92ggta2k5q3w.lt.samf.me
URL: https://un5gdu92ggta2k5q3w.lt.samf.me/aero-v1/sc/h/5mic7em4akle2l5km6kwwo2hf
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 3.71.255.151 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-71-255-151.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

content-encoding: gzip
Referer: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/authwall?trk=qf&original_referer=&sessionRedirect=https://un5ne8ugfpp46fzwxm1g.lt.samf.me/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.198 Safari/537.36
content-type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 14 Jul 2023 20:23:27 GMT
X-Li-Pop: afd-prod-lva1-x
X-Msedge-Ref: Ref A: 125095B88F3040B29E414DD381B25C9D Ref B: FRAEDGE1915 Ref C: 2023-07-14T20:23:28Z
X-Cache: CONFIG_NOCACHE
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://un5gmtkzggtb9apnm3rj8.lt.samf.me
X-Li-Fabric: prod-lva1
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
X-Li-Proto: http/1.1
Content-Length: 0
X-Li-Uuid: AAYAeDi9m3CE5PhuD6yVuw==
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: LinkedIn (Social Network)

17 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
un5gmtkzggtb9apnm3rj8.lt.samf.me/directory/api/ingraphs	1970-01-20 13:16:06	Name: trkCode Value: bf
un5gmtkzggtb9apnm3rj8.lt.samf.me/directory/api/ingraphs	1970-01-20 13:16:06	Name: trkInfo Value: AQGhJp0EctMi5gAAAYlWEo5g5oVizOnDDSofEURkKeGq_TIO3AVUIr_J9-o2cYzkwfaaM4ukHnMPafpxqhLnxO4f309R-GsMAT8ffzsBaXo8Z2Rt-W6X4_sQ-Dew9EafBk3GQhQ=
un5gmtkzggtb9apnm3rj8.lt.samf.me/	1970-01-20 13:26:11	Name: fid Value: AQGMVw4tATW8cAAAAYlWEo0dzO4RoOA5scUAuF4mJ_BbGywORm5NSDOCCbZbb2Niu4GbVTeE5u3OPA
un5gmtkzggtb9apnm3rj8.lt.samf.me/	1970-01-20 22:01:42	Name: li_alerts Value: e30=

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://un5gmtkzggtb9apnm3rj8.lt.samf.me/directory/api/ingraphs/gauge Message: Failed to load resource: the server responded with a status of 999 (status code 999)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ps.azurewaf.microsoft.com
un5gdu92ggta2k5q3w.lt.samf.me
un5gmtkzggtb9apnm3rj8.lt.samf.me
2620:1ec:bdf::45
3.71.255.151
0e13b40351ccbabcc6312302b85bbce92e0eb7d7f65eaec429c23c23282e7c22
114b4e7e57fa51b82a68e977a863b765abd8e4b13cc695dc81fcb340af3c6a41
55e3d046df49b2754cec5ecee990e526dbb272e70eb5bea625b4e68e64ce1715
5843ed3527bc1e0e105b4e4b15fbbff78c6d44efa024e2ae4a08a0e8c82e5d4c
644031a68bde879af85bcc9cb3e6fa1e9a6b0f61d49307581974b5dbc09d3de8
870436155a72b520f5918f62c6d8f981ef76510e3cd8280266a7c270f6fdad49
987e9931dcec3b235fde4d23f0740b73a672229fe52d9bb66516649739edb6d0
a1dde8e50dd1278dbc22c8e5fb241f40ceb84f3926640ef3f52d740ff1f639f0
b44d22355442d3209d207f07541b8e881a28bd8b631d4a088abb9be097dfe74b
b9e0a92c496b900728000dbf48aa623a7eb0468c5814a8bf60c69d6cda05b149
cbd465433a6bf5cfe320ff5344028474706ab73494cd74a7e97e232eedd34387
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
f9b458597ab62a32bb5bfee638311dc3f37dad56f42f401c5c78668c15bdd817

un5gmtkzggtb9apnm3rj8.lt.samf.me Open in urlscan Pro 3.71.255.151 Malicious Activity! Public Scan

Summary

urlscan.io Verdict: Potentially Malicious

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

19 Requests

100 %HTTPS

50 %IPv6

2 Domains

3 Subdomains

2 IPs

2 Countries

1516 kBTransfer

1841 kBSize

4 Cookies

2 Outgoing links

Redirected requests

19 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

17 JavaScript Global Variables

4 Cookies

1 Console Messages

Indicators

un5gmtkzggtb9apnm3rj8.lt.samf.me Open in urlscan Pro
3.71.255.151 Malicious Activity! Public Scan

Screenshot
Live screenshot

Full Image

19
Requests

100 %
HTTPS

50 %
IPv6

2
Domains

3
Subdomains

2
IPs

2
Countries

1516 kB
Transfer

1841 kB
Size

4
Cookies

19 HTTP transactions
0 data transactions

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!