Play interactive tourEdit tour

Windows Analysis Report
https://oauthservice.smarsh.com/OAuthSvc/Authorize?code=fS4JAIikS1LjqTtYQRSeO6YwvHbDzh4f1B0ycv8WFyQ4J5%2baA%2bwBCO3vAupLWt8AsBp7Vn7K5wV3UOn5Rn2eT6j2eosikMVkEJQzvYUvyod5qLNElgXFlQV0VxWNFnt0K7OxaDd%2fReJqkhpLX98kXuriPEHUaiFtJVpMnStC5oaikY%2ftHoaI5XSkSL6VwcYNWTJtmkpBgXNdTd7JG9bbfBV0IQFMiQLGp8om1f0qr%2f

Overview

General Information

Sample URL:	https://oauthservice.smarsh.com/OAuthSvc/Authorize?code=fS4JAIikS1LjqTtYQRSeO6YwvHbDzh4f1B0ycv8WFyQ4J5%2baA%2bwBCO3vAupLWt8AsBp7Vn7K5wV3UOn5Rn2eT6j2eosikMVkEJQzvYUvyod5qLNElgXFlQV0VxWNFnt0K7OxaDd%2fRe
Analysis ID:	1674442
Infos:

Detection

Score:	0
Range:	0 - 100
Confidence:	80%

Signatures

Detected suspicious crossdomain redirect

Classification

×

Joe Sandbox Signatures

• • Phishing
• • Compliance
• • Software Vulnerabilities
• • Networking
• • System Summary

Click to jump to signature section

Show All Signature Results

There are no malicious signatures, click here to show all signatures.

Phishing

Found iframes

Source: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-per...

HTTP Parser: Iframe src: https://lnkd.demdex.net/dest5.html?d_nsid=0#https%3A%2F%2Fwww.linkedin.com

HTML body contains password input

Source: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-per...

HTTP Parser: <input type="password" .../> found

META author tag missing

Source: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-per

HTTP Parser: No <meta name="author".. found

Source: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-per

HTTP Parser: No <meta name="author".. found

META copyright tag missing

Source: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-per...

HTTP Parser: No <meta name="copyright".. found

Source: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-per...

HTTP Parser: No <meta name="copyright".. found

Compliance

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 199.59.53.78:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.53.78:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.195.42:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.195.42:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.200.244.65:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.238.143.165:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.161.29.58:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.36.70.163:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.214.185.111:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.69.2:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.239.55.56:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.239.55.56:443 -> 192.168.2.16:49759 version: TLS 1.2

Software Vulnerabilities

Allocates a big amount of memory (probably used for heap spraying)

Source: chrome.exe

Memory has grown: Private usage: 13MB later: 43MB

Networking

Detected suspicious crossdomain redirect

Source: C:\Program Files\Google\Chrome\Application\chrome.exe

HTTP traffic: Redirect from: oauthservice.smarsh.com to https://www.linkedin.com/oauth/v2/authorization?response_type=code&client_id=2jky9tr3oq5j&redirect_uri=https%3a%2f%2foauthservice.smarsh.com%2foauthsvc%2fcallback%2flinkedin&state=gnkd0ktuj%2b1z%2f8is1hbtyihereducv3jxj%2ftbwxskbcf6f1vtpqjepuzidp%2bmgzhgfvi2wggja7vlfkuqcfq0ij7i6caajz31pszbdqstibilbjwg6cuwjvg%2fsetw%2bfv%2fngvinuzllvlb%2f2fre1xdfba29kyroorqla8vqc5sown7rzjycx551%2furuq653tezrwcbxrounebqhyn%2fqfvejl5bzpej20dnma6zoxqlcsq7kidtxwqq09lpzewdal6cmq6o027pdhol%2b3bs6h6ruy6vtnkfv1huegmihrs85itj1upor8wb%2f9%2b5xeaa1c4e0fgq8cduria5qv7u4bleq%3d%3d&scope=r_compliance

Connects to IPs without corresponding DNS lookups

Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 2.23.227.208
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 204.79.197.203
Source: unknown	TCP traffic detected without corresponding DNS query: 52.182.143.211
Source: unknown	TCP traffic detected without corresponding DNS query: 192.178.49.195
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.73.19
Source: unknown	TCP traffic detected without corresponding DNS query: 23.220.73.19
Source: unknown	TCP traffic detected without corresponding DNS query: 192.178.49.195

Downloads files from webservers via HTTP

Source: global traffic	HTTP traffic detected: GET /OAuthSvc/Authorize?code=fS4JAIikS1LjqTtYQRSeO6YwvHbDzh4f1B0ycv8WFyQ4J5%2baA%2bwBCO3vAupLWt8AsBp7Vn7K5wV3UOn5Rn2eT6j2eosikMVkEJQzvYUvyod5qLNElgXFlQV0VxWNFnt0K7OxaDd%2fReJqkhpLX98kXuriPEHUaiFtJVpMnStC5oaikY%2ftHoaI5XSkSL6VwcYNWTJtmkpBgXNdTd7JG9bbfBV0IQFMiQLGp8om1f0qr%2f7maurs2GECgNyt6AVY4gRkFx32kpzeMN4EfANVDNvn2PCJ85VQEoql5OKQq2jAlBYO0kJms5bofzyu1yzRuLt9hJqbWN5QLuX807l8HBuoXA%3d%3d&redirecturi=http%3a%2f%2fapp.smarsh.com%2fprinsite%2fSocialConnectionsUser%2fAuthorizeResponse HTTP/1.1Host: oauthservice.smarsh.comConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /oauth/v2/authorization?response_type=code&client_id=2jky9tr3oq5j&redirect_uri=https%3a%2f%2foauthservice.smarsh.com%2foauthsvc%2fcallback%2flinkedin&state=GNKd0ktUj%2b1z%2f8is1hbtYIHerEdUCV3jXj%2ftBWxSKBCf6F1vTpQJEPUziDP%2bMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%2fsEtW%2bfv%2fngviNuZllVLB%2f2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%2fuRuq653TeZrWCbXroUnEbqHYn%2fQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%2b3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%2f9%2b5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%3d%3d&scope=r_compliance HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-permission-list%2522%257D&fromSignIn=1&trk=oauth&cancel_redirect=%2Foauth%2Fv2%2Flogin-cancel%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-permission-list%2522%257D HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756
Source: global traffic	HTTP traffic detected: GET /sc/h/22dk9ugyzw8w4zwdwmjgrrah0 HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/4zdqd82d22ypca2l30r8sq1ee HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/6wrj4oxg26n0q721yet4xlq2g HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/19zukr8dnngfjrnx5ywkklaqp HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/9qzjkq1wsfpbwb54wjvgxvr1m HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/9s9k1e85xr27sb8rudoze5wgm HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/dv5v3hihfa7otuq9qx9snnehp HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /sc/h/3m4lyvbs6efg8pyhv7kupo6dh HTTP/1.1Host: static.licdn.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /litms/api/metadata/user HTTP/1.1Host: www.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-permission-list%2522%257D&fromSignIn=1&trk=oauth&cancel_redirect=%2Foauth%2Fv2%2Flogin-cancel%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-permission-list%2522%257DAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWlt
Source: global traffic	HTTP traffic detected: GET /litms/utag/checkpoint-frontend/utag.js?cb=1745607300000 HTTP/1.1Host: platform.linkedin.comConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: */*Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /sc/h/3m4lyvbs6efg8pyhv7kupo6dh HTTP/1.1Host: static.licdn.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /litms/api/metadata/user HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /platform-telemetry/li/apfcDf HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14215E3D5995C57C0A495C55%40AdobeOrg&d_nsid=0&ts=1745607311632 HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"Content-Type: application/x-www-form-urlencodedsec-ch-ua-mobile: ?0Accept: */*Origin: https://www.linkedin.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /apfc/collect HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CvVersion%7C5.1.1
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /platform-telemetry/li/apfcDf HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /dest5.html?d_nsid=0 HTTP/1.1Host: lnkd.demdex.netConnection: keep-alivesec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeSec-Fetch-Storage-Access: activeReferer: https://www.linkedin.com/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273
Source: global traffic	HTTP traffic detected: GET /id?d_visid_ver=5.1.1&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=14215E3D5995C57C0A495C55%40AdobeOrg&d_nsid=0&ts=1745607311632 HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"
Source: global traffic	HTTP traffic detected: GET /platform-telemetry/li/apfcDf HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CvVersion%7C5.1.1
Source: global traffic	HTTP traffic detected: GET /event?d_dil_ver=9.4&_ts=1745607311635 HTTP/1.1Host: lnkd.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTU5MjcyMTQ1NDc5MzExNzU2NzA3Nzc3NTQxOTgwNjg2ODEyNzM= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://lnkd.demdex.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CvVersion%7C5.1.1
Source: global traffic	HTTP traffic detected: GET /platform-telemetry/li/apfcDf HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CvVersion%7C5.1.1
Source: global traffic	HTTP traffic detected: GET /pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MTU5MjcyMTQ1NDc5MzExNzU2NzA3Nzc3NTQxOTgwNjg2ODEyNzM=&google_tc= HTTP/1.1Host: cm.g.doubleclick.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8X-Client-Data: CLbgygE=Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://lnkd.demdex.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: test_cookie=CheckForPermission
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CvVersion%7C5.1.1
Source: global traffic	HTTP traffic detected: GET /platform-telemetry/li/apfcDf HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CvVersion%7C5.1.1
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=1916BA03DE7969443FC2AFDADF06681D HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://lnkd.demdex.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273; dextp=771-1-1745607313472|1957-1-1745607313581
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEIiLOhUzICKL-8B2TB6Mx40&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-alivesec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"sec-ch-ua-mobile: ?0Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageSec-Fetch-Storage-Access: activeReferer: https://lnkd.demdex.net/Accept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273; dextp=771-1-1745607313472|1957-1-1745607313581
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=1957&dpuuid=1916BA03DE7969443FC2AFDADF06681D HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273; dextp=771-1-1745607313472|1957-1-1745607313581; dpm=15927214547931175670777754198068681273
Source: global traffic	HTTP traffic detected: GET /ibs:dpid=771&dpuuid=CAESEIiLOhUzICKL-8B2TB6Mx40&google_cver=1?gdpr=0&gdpr_consent= HTTP/1.1Host: dpm.demdex.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: demdex=15927214547931175670777754198068681273; dextp=771-1-1745607313472|1957-1-1745607313581; dpm=15927214547931175670777754198068681273
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCVS_14215E3D5995C57C0A495C55%40AdobeOrg=1; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CMCMID%7C16453141724348243720721715507786492402%7CMCAAMLH-1746212112%7C9%7CMCAAMB-1746212112%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1745614512s%7CNONE%7CvVersion%7C5.1.1; aam_uuid=15927214547931175670777754198068681273
Source: global traffic	HTTP traffic detected: GET /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptySec-Fetch-Storage-Access: activeAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-4569-85db-c91668d3b73c"; bscookie="v=1&202504251855072f7b94ba-c079-4bcf-8ed9-6257544fa814AQHZlRytp88PQiPItray1DWltwJ0LOMk"; lidc="b=TGST01:s=T:r=T:a=T:p=T:g=3564:u=1:x=1:i=1745607307:t=1745693707:v=2:sig=AQFkNXEyRuuv7qusnpcKj-S8cMyckS-q"; AMCVS_14215E3D5995C57C0A495C55%40AdobeOrg=1; AMCV_14215E3D5995C57C0A495C55%40AdobeOrg=-637568504%7CMCIDTS%7C20204%7CMCMID%7C16453141724348243720721715507786492402%7CMCAAMLH-1746212112%7C9%7CMCAAMB-1746212112%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1745614512s%7CNONE%7CvVersion%7C5.1.1; aam_uuid=15927214547931175670777754198068681273

Performs DNS lookups

Source: global traffic	DNS traffic detected: DNS query: oauthservice.smarsh.com
Source: global traffic	DNS traffic detected: DNS query: www.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: static.licdn.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: platform.linkedin.com
Source: global traffic	DNS traffic detected: DNS query: stun.l.google.com
Source: global traffic	DNS traffic detected: DNS query: dpm.demdex.net
Source: global traffic	DNS traffic detected: DNS query: lnkd.demdex.net
Source: global traffic	DNS traffic detected: DNS query: cm.g.doubleclick.net

Posts data to webserver

Source: unknown

HTTP traffic detected: POST /li/track HTTP/1.1Host: www.linkedin.comConnection: keep-aliveContent-Length: 5977sec-ch-ua-platform: "Windows"User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36sec-ch-ua: "Chromium";v="134", "Not:A-Brand";v="24", "Google Chrome";v="134"content-type: application/jsonCsrf-Token: ajax:0030622420987522081sec-ch-ua-mobile: ?0Accept: */*Origin: https://www.linkedin.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://www.linkedin.com/uas/login?session_redirect=%2Foauth%2Fv2%2Flogin-success%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-permission-list%2522%257D&fromSignIn=1&trk=oauth&cancel_redirect=%2Foauth%2Fv2%2Flogin-cancel%3Fapp_id%3D3264481%26auth_type%3DAC%26flow%3D%257B%2522state%2522%253A%2522GNKd0ktUj%252B1z%252F8is1hbtYIHerEdUCV3jXj%252FtBWxSKBCf6F1vTpQJEPUziDP%252BMGZHGfvi2wgGjA7VLFkUQCFq0iJ7I6CAajz31PSZbdQSTiBilbJwg6CUWjVG%252FsEtW%252Bfv%252FngviNuZllVLB%252F2FrE1xdFBA29kYrOORQLA8vQc5SOWn7RZJYcX551%252FuRuq653TeZrWCbXroUnEbqHYn%252FQfVeJL5BZpEj20dnma6zOXQLcSQ7kIdTXwQQ09LpzeWdal6cMQ6o027pdHOl%252B3BS6H6RUy6VTNkfv1huegMiHRS85iTj1uPoR8wB%252F9%252B5xeaa1C4e0fgq8cDUriA5qv7u4BLeQ%253D%253D%2522%252C%2522creationTime%2522%253A1745607307478%252C%2522scope%2522%253A%2522r_compliance%2522%252C%2522appId%2522%253A3264481%252C%2522authorizationType%2522%253A%2522OAUTH2_AUTHORIZATION_CODE%2522%252C%2522redirectUri%2522%253A%2522https%253A%252F%252Foauthservice.smarsh.com%252Foauthsvc%252Fcallback%252Flinkedin%2522%252C%2522currentStage%2522%253A%2522LOGIN_SUCCESS%2522%252C%2522currentSubStage%2522%253A0%252C%2522authFlowName%2522%253A%2522generic-permission-list%2522%257DAccept-Encoding: gzip, deflate, br, zstdAccept-Language: en-US,en;q=0.9Cookie: PLAY_SESSION=eyJhbGciOiJIUzI1NiJ9.eyJkYXRhIjp7ImZsb3dUcmFja2luZ0lkIjoiR3Y5THRzbDdUZmVyS0ltYVlhQlJPZz09In0sIm5iZiI6MTc0NTYwNzMwNywiaWF0IjoxNzQ1NjA3MzA3fQ.hplOs-8SFo79b_6YBGDCFJkfyaGmEjluUovqis0N_kU; JSESSIONID=ajax:0030622420987522081; lang=v=2&lang=en-us; bcookie="v=2&2a756141-f466-45

Tries to download or post to a non-existing HTTP route (HTTP/1.1 404 Not Found / 503 Service Unavailable / 403 Forbidden)

Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 319687Content-Type: text/htmlExpires: Thu, 01 Jan 1970 00:00:00 GMTStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: sameoriginContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'X-Li-Fabric: prod-ltx1X-Li-Pop: afd-prod-ltx1-xX-Li-Proto: http/1.1X-LI-UUID: AAYznt/M4QDgZ5jicPev1Q==X-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 6A99224779544568B3E7677E64703B13 Ref B: PHX31EDGE0517 Ref C: 2025-04-25T18:55:12ZDate: Fri, 25 Apr 2025 18:55:12 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 319687Content-Type: text/htmlExpires: Thu, 01 Jan 1970 00:00:00 GMTStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: sameoriginContent-Security-Policy: default-src 'none'; connect-src 'self' *.licdn.com *.linkedin.com cdn.linkedin.oribi.io dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ v.clarity.ms/collect *.microsoft.com *.adnxs.com *.tealiumiq.com login.microsoftonline.com www.google.com google.com adservice.google.com pagead2.googlesyndication.com td.doubleclick.net www.googletagmanager.com ad.doubleclick.net; script-src 'report-sample' 'sha256-th47JTnh6tX15SUn/I+GGmsOSXpa7dh5Skner77gxlY=' 'sha256-SSoodjUD3LGm2FfFCVHGqEb8D4UM3OOigidT2UKDcYg=' 'sha256-cKTgdnmO6+hXd85a9wKg1effVfVzenUAtUCyOKY9bQE=' 'sha256-DwtT8+ZZKpxH9pqZNAmJ3GdbLAh5SsYaXR3omTXPCns=' 'sha256-sV9jZa797T0QWBzcU/CNd4tpBhTnh+TFdLnfjlitl28=' 'sha256-aa/Q8CRBDSqTQbCIyioPhZaz+G+dbPyu7BzsjInEmiU=' 'sha256-THuVhwbXPeTR0HszASqMOnIyxqEgvGyBwSPBKBF/iMc=' 'sha256-zTIusdVJJeXz9+iox2a+pdDglzbpRpFVRzEwvW4AONk=' 'sha256-iC8MPqNLw0FDnsBf4DlSkFLNTwhkI85aouiAEB819ic=' 'sha256-2EqrEvcPzl8c6/TSGVvaVMEe7lg700MAz/te4/3kTYY=' 'sha256-y5uW69VItKj51mcc7UD9qfptDVUqicZL+bItEpvVNDw=' 'sha256-DatsFGoJ8gFkzzxo47Ou76WZ+3QBPOQHtBu9p9b3DhA=' 'sha256-k95cyM8gFgPziZe5VQ2IvJvBUVyd5zFt2CokIUwqdHE=' 'sha256-PyCXNcEkzRWqbiNr087fizmiBBrq9O6GGD8eV3P09Ik=' 'sha256-RFqsjmAF1N5LnfpaHFvPqFlVkeIS/DtTAFor+JjJJVc=' 'sha256-2SQ55Erm3CPCb+k03EpNxU9bdV3XL9TnVTriDs7INZ4=' 'sha256-S/KSPe186K/1B0JEjbIXcCdpB97krdzX05S+dHnQjUs=' 'sha256-9pXOIwF4N0gPltLd3AI69lkCjSC2H/Eb3sc5zdmUyYU=' 'sha256-jou6v/Nleyzoc+LXktAv1Fp8M807dVVxy7E/yzVljHc=' 'sha256-6E4e/3dSvj/8JZT2S2yR91mspqM6MyOpKl5lrhHsZa8=' 'sha256-3woF8BZ54TeXM+czaH3aXoaJsVpiamuAKFsXDykAR/Q=' 'sha256-vIfNcKb8ixJg1cfJIoNNYjWcm0lezj1/XpUNFiZyVsU=' 'sha256-cLsHUHFgT/VGX04cZrJ9xgm4HbzTR7ptutkxK+7BlMk=' 'sha256-BwU8jMnQYUhjOpsDVABpfddV/DlP1ZYrFcTumYw7x54=' 'sha256-wz6ika9i3WU3bpUPdhYDZeO/NrDQniDyiscN0LWnyaY=' 'sha256-3RIGhhApBii1KY+aW1xk7kFyoQY8vSVE5DfT7E9SJUc=' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com snap.licdn.com www.googletagmanager.com/gtag/js www.googleadservices.com/pagead/ www.google.com/pagead/ googleads.g.doubleclick.net/pagead/ adservice.google.com/pagead/ pagead2.googlesyndication.com/pagead/ www.googletagmanager.com/gtag/destination www.google.com/recaptcha/api.js www.gstatic.com/recaptcha/releases/ merchantpool1.linkedin.com/mdt.js; img-src data: blob: * android-webview-video-poster:; font-src data: *; style-src 'self' 'unsafe-inline' static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; media-src 'self' *.licdn.com *.lynda.com; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com stat
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 319687Content-Type: text/htmlExpires: Thu, 01 Jan 1970 00:00:00 GMTStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: sameoriginContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'X-Li-Fabric: prod-ltx1X-Li-Pop: afd-prod-ltx1-xX-Li-Proto: http/1.1X-LI-UUID: AAYznt/YkhqFvv7TOqKfaw==X-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 343C43D012924E1CAFC7A5620C7004B2 Ref B: PHX31EDGE0513 Ref C: 2025-04-25T18:55:13ZDate: Fri, 25 Apr 2025 18:55:13 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 319687Content-Type: text/htmlExpires: Thu, 01 Jan 1970 00:00:00 GMTStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: sameoriginContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'X-Li-Fabric: prod-ltx1X-Li-Pop: afd-prod-ltx1-xX-Li-Proto: http/1.1X-LI-UUID: AAYznt/kVBFhXs3U7y8ODg==X-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 1DA70497A5DD4010B9FC569A8AEBF940 Ref B: PHX31EDGE0617 Ref C: 2025-04-25T18:55:14ZDate: Fri, 25 Apr 2025 18:55:13 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 319687Content-Type: text/htmlExpires: Thu, 01 Jan 1970 00:00:00 GMTStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: sameoriginContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'X-Li-Fabric: prod-ltx1X-Li-Pop: afd-prod-ltx1-xX-Li-Proto: http/1.1X-LI-UUID: AAYznt/wUMXgu/wVn+js5Q==X-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 0D1AAC1FC18D487EB4FED71AA4377CA1 Ref B: PHX31EDGE0513 Ref C: 2025-04-25T18:55:15ZDate: Fri, 25 Apr 2025 18:55:15 GMTConnection: close
Source: global traffic	HTTP traffic detected: HTTP/1.1 404 Not FoundCache-Control: no-cache, no-storePragma: no-cacheContent-Length: 319687Content-Type: text/htmlExpires: Thu, 01 Jan 1970 00:00:00 GMTStrict-Transport-Security: max-age=31536000X-Content-Type-Options: nosniffX-Frame-Options: sameoriginContent-Security-Policy: default-src 'none'; frame-ancestors 'none'; form-action 'none'X-Li-Fabric: prod-ltx1X-Li-Pop: afd-prod-ltx1-xX-Li-Proto: http/1.1X-LI-UUID: AAYznt/8DcBoumGpP1olGA==X-Cache: CONFIG_NOCACHEX-MSEdge-Ref: Ref A: 8ACE0095D5DA4535ADBDEE3DB97656FE Ref B: PHX31EDGE0208 Ref C: 2025-04-25T18:55:15ZDate: Fri, 25 Apr 2025 18:55:15 GMTConnection: close

Uses HTTPS

Source: unknown	Network traffic detected: HTTP traffic on port 49708 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49739
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49738
Source: unknown	Network traffic detected: HTTP traffic on port 49717 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49734
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49733
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49732
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49731
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49730
Source: unknown	Network traffic detected: HTTP traffic on port 49732 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49711 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49728 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49729
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49728
Source: unknown	Network traffic detected: HTTP traffic on port 49714 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49727
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49726
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49725
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49724
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49723
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49722
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49721
Source: unknown	Network traffic detected: HTTP traffic on port 49706 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49731 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49712 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49729 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49717
Source: unknown	Network traffic detected: HTTP traffic on port 49715 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49716
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49715
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49714
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49713
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49712
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49711
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49734 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49709 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49710
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49673
Source: unknown	Network traffic detected: HTTP traffic on port 49726 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49723 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49709
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49708
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49706
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49705
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49733 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49710 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49727 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49713 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 49679 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 49724 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49671 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49721 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 49739 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 49725 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49722 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 49738 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 49673 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49705 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49730 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49716 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745

Uses secure TLS version for HTTPS connections

Source: unknown	HTTPS traffic detected: 199.59.53.78:443 -> 192.168.2.16:49706 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 199.59.53.78:443 -> 192.168.2.16:49705 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49708 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49712 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49713 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49711 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49715 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49714 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.131.42:443 -> 192.168.2.16:49710 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.69.4:443 -> 192.168.2.16:49716 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.195.42:443 -> 192.168.2.16:49726 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49725 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 151.101.195.42:443 -> 192.168.2.16:49731 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49735 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49734 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 150.171.22.12:443 -> 192.168.2.16:49737 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 54.200.244.65:443 -> 192.168.2.16:49739 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.238.143.165:443 -> 192.168.2.16:49744 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 35.161.29.58:443 -> 192.168.2.16:49745 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 52.36.70.163:443 -> 192.168.2.16:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 34.214.185.111:443 -> 192.168.2.16:49750 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 142.250.69.2:443 -> 192.168.2.16:49751 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.239.55.56:443 -> 192.168.2.16:49758 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 44.239.55.56:443 -> 192.168.2.16:49759 version: TLS 1.2

System Summary

Classification label

Source: classification engine

Classification label: clean0.win@28/11@31/247

Spawns processes

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,9015182159886145214,13597355579416511631,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2248 /prefetch:3
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://oauthservice.smarsh.com/OAuthSvc/Authorize?code=fS4JAIikS1LjqTtYQRSeO6YwvHbDzh4f1B0ycv8WFyQ4J5%2baA%2bwBCO3vAupLWt8AsBp7Vn7K5wV3UOn5Rn2eT6j2eosikMVkEJQzvYUvyod5qLNElgXFlQV0VxWNFnt0K7OxaDd%2fReJqkhpLX98kXuriPEHUaiFtJVpMnStC5oaikY%2ftHoaI5XSkSL6VwcYNWTJtmkpBgXNdTd7JG9bbfBV0IQFMiQLGp8om1f0qr%2f7maurs2GECgNyt6AVY4gRkFx32kpzeMN4EfANVDNvn2PCJ85VQEoql5OKQq2jAlBYO0kJms5bofzyu1yzRuLt9hJqbWN5QLuX807l8HBuoXA%3d%3d&redirecturi=http%3a%2f%2fapp.smarsh.com%2fprinsite%2fSocialConnectionsUser%2fAuthorizeResponse"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,9015182159886145214,13597355579416511631,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5052 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=1972,i,9015182159886145214,13597355579416511631,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5912 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,9015182159886145214,13597355579416511631,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=2248 /prefetch:3
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --no-pre-read-main-dll --field-trial-handle=1972,i,9015182159886145214,13597355579416511631,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5912 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --no-pre-read-main-dll --field-trial-handle=1972,i,9015182159886145214,13597355579416511631,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction --variations-seed-version --mojo-platform-channel-handle=5052 /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown

Found graphical window changes (likely an installer)

Source: Window Recorder

Window detected: More than 3 window changes detected