urlscan.io logo urlscan.io
SecurityTrails logo

lo.candidcrm.com Open in urlscan Pro
44.209.215.113  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://email-verification.us-east-1.amazonaws.com/?Context=696138008662&X-Amz-Date=20231025T194512Z&Identity.IdentityName=danielle.goff%40fairwaym...
Effective URL: https://lo.candidcrm.com/candid-verification-success/
Submission: On October 25 via manual from US — Scanned from US
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 1 countries across 7 domains to perform 17 HTTP transactions. The main IP is 44.209.215.113, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is lo.candidcrm.com.
TLS certificate: Issued by R3 on September 28th 2023. Valid for: 3 months.
This is the only time lo.candidcrm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 54.80.94.248 14618 (AMAZON-AES)
8 44.209.215.113 14618 (AMAZON-AES)
2 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:e0:... 13335 (CLOUDFLAR...)
2 35.209.0.180 19527 (GOOGLE-2)
1 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
17 6
1    54.80.94.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-94-248.compute-1.amazonaws.com
email-verification.us-east-1.amazonaws.com
8    44.209.215.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-215-113.compute-1.amazonaws.com
lo.candidcrm.com
2    2607:f8b0:4004:c17::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
2    35.209.0.180 (Council Bluffs, United States)

ASN19527 (GOOGLE-2, US)
PTR: 180.0.209.35.bc.googleusercontent.com
candid.inc
1    2607:f8b0:4004:c0b::54 (Ashburn, United States)

ASN15169 (GOOGLE, US)
accounts.google.com
2    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
8 candidcrm.com
lo.candidcrm.com
245 KB
2 gstatic.com
fonts.gstatic.com
80 KB
2 candid.inc
candid.inc
10 KB
2 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1951
70 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 113
2 KB
1 google.com
accounts.google.com — Cisco Umbrella Rank: 71
78 KB
1 amazonaws.com
email-verification.us-east-1.amazonaws.com
130 B
17 7
Domain Requested by
8 lo.candidcrm.com lo.candidcrm.com
2 fonts.gstatic.com fonts.googleapis.com
2 candid.inc lo.candidcrm.com
2 use.fontawesome.com lo.candidcrm.com
use.fontawesome.com
2 fonts.googleapis.com lo.candidcrm.com
1 accounts.google.com lo.candidcrm.com
1 email-verification.us-east-1.amazonaws.com 1 redirects
17 7

This site contains links to these domains. Also see Links.

Domain
candid.inc
candidcrm.cloudforce.com
www.linkedin.com
Subject Issuer Validity Valid
lo.candidcrm.com
R3		 2023-09-28 -
2023-12-27		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
use.fontawesome.com
Cloudflare Inc ECC CA-3		 2023-10-12 -
2024-10-10		 a year crt.sh
candid.inc
R3		 2023-09-01 -
2023-11-30		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-09-28 -
2023-12-21		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://lo.candidcrm.com/candid-verification-success/
Frame ID: 3F87204E477878C374719FD04DDB30D1
Requests: 17 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LO Reviews

Page URL History Show full URLs

  1. https://email-verification.us-east-1.amazonaws.com/?Context=696138008662&X-Amz-Date=20231025T194512Z&Identity.IdentityName=dani... HTTP 302
    https://lo.candidcrm.com/candid-verification-success/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • accounts\.google\.com/gsi/client
Overall confidence: 100%
Detected patterns
  • /_nuxt/
Overall confidence: 100%
Detected patterns
  • <[^>]+\sdata-v(?:ue)?-
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

17
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

7
Subdomains

6
IPs

1
Countries

486 kB
Transfer

1308 kB
Size

1
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://email-verification.us-east-1.amazonaws.com/?Context=696138008662&X-Amz-Date=20231025T194512Z&Identity.IdentityName=danielle.goff%40fairwaymc.com&X-Amz-Algorithm=AWS4-HMAC-SHA256&Identity.IdentityType=EmailAddress&X-Amz-SignedHeaders=host&TemplateName=EmailTemplateNew&X-Amz-Credential=AKIAVM67ZIEFRDECB3HF%2F20231025%2Fus-east-1%2Fses%2Faws4_request&Operation=ConfirmVerification&Namespace=Bacon&X-Amz-Signature=b116482893e2b7ce1bf865f5264c07d5df596df37f2dad5cef824fa292c1c591 HTTP 302
    https://lo.candidcrm.com/candid-verification-success/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

17 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
lo.candidcrm.com/candid-verification-success/
Redirect Chain
  • https://email-verification.us-east-1.amazonaws.com/?Context=696138008662&X-Amz-Date=20231025T194512Z&Identity.IdentityName=danielle.goff%40fairwaymc.com&X-Amz-Algorithm=AWS4-HMAC-SHA256&Identity.Id...
  • https://lo.candidcrm.com/candid-verification-success/
131 KB
22 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c9aa19a40871c6d52c190247248edbce0e09781e2272209c59992d6466990e5c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36
accept-language
en-US,en;q=0.9

Response headers

Accept-Ranges
none
Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Wed, 25 Oct 2023 19:52:42 GMT
ETag
"20c18-BioGJyk6cHn7q407bn8CrwPFqtE"
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
Vary
Accept-Encoding

Redirect headers

content-length
0
content-type
text/xml
date
Wed, 25 Oct 2023 19:52:42 GMT
location
https://lo.candidcrm.com/candid-verification-success/
x-amzn-requestid
058a3c67-4666-4303-a7ff-135f3f1bca8d
0f5699f.js
lo.candidcrm.com/_nuxt/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/0f5699f.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bad8c23ba4be0db4ed204f87e2e86b095b559c3ae75ef90e7440ad15cf49bd15

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"b6e-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
98c1de9.js
lo.candidcrm.com/_nuxt/ 		305 KB
107 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/98c1de9.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
c4d2e609c3a0c206826934605b121825ec45283184cbbe83993c0042fbb0700a

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:42 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"4c3d1-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
6084f30.js
lo.candidcrm.com/_nuxt/ 		153 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/6084f30.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
b0e9705c32294be72be650d27843fb95c5dd7ff5dcf3504d5c7573f8d8899c6d

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"2625a-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
d389f5f.js
lo.candidcrm.com/_nuxt/ 		169 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/d389f5f.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
bdac67b4b44c53061123f51bc44a0a2a145a02a0e44cf347b98252dc3f68f339

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"2a5e1-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
f548ed5.js
lo.candidcrm.com/_nuxt/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/f548ed5.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f4c6751df271112d477635fdcbe9ddb2496fdcd0c07fd2a1780961afd64c64bd

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"73cc-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
4352528.js
lo.candidcrm.com/_nuxt/ 		54 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/4352528.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
7e6f580bf0f29d7adbd54dc2adb7c967198b1b69d81424ba67f9066b09adc415

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"d8cb-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
b844eab.js
lo.candidcrm.com/_nuxt/ 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lo.candidcrm.com/_nuxt/b844eab.js
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.209.215.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-209-215-113.compute-1.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
00240b4e66591579178a2b3904c69f746f268b7d63d74de903683a94f686b5b4

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/candid-verification-success/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

Date
Wed, 25 Oct 2023 19:52:43 GMT
Content-Encoding
gzip
Last-Modified
Fri, 13 Oct 2023 09:48:15 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
W/"b089-18b286fc318"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
css2
fonts.googleapis.com/ 		16 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a3328bc67f9ab80d6355d84ceb03d614a62a80b8264c4e494e0be95333d52e22
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 19:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 18:57:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 19:52:43 GMT
css2
fonts.googleapis.com/ 		16 KB
835 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Raleway:wght@100;200;300;400;500;600;700;800;900&display=swap
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
4a1589e623c8c242c56354dd3003c3a9cb5d91d9d6057ea1c90a08bef99d8507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 25 Oct 2023 19:52:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 25 Oct 2023 18:57:10 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 25 Oct 2023 19:52:43 GMT
all.css
use.fontawesome.com/releases/v5.0.13/css/ 		40 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=6.2.2.1687506611
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 19:52:43 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 22 Sep 2023 01:44:09 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
91423
etag
W/"d61bfe9b56c13ecff5313ee3abb45e8b"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yMnLDXMOG07knatRBm9FOxgOlo9RN4ylIGG0%2Bmg3AyotsWoVzaiCRXmiN6sxWKLiKkt4z41fsFH4DFKba0kub91onjbXBhLiLhXpnFRHVw%2BYuVacbN7j32pRhFDhdW2adGhCWgf4FE4KTwPG2%2BZa0vQV"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
81bd0064e8b88cb9-EWR
alt-svc
h3=":443"; ma=86400
logo-mobile.png
candid.inc/wp-content/themes/candid/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candid.inc/wp-content/themes/candid/img/logo-mobile.png
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.0.180 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
180.0.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
2b70cccacf900e0b6ddd12d22f11ef3871005cae82023499334349fddaca7b72

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 19:52:43 GMT
last-modified
Fri, 29 Sep 2023 06:45:01 GMT
server
nginx
etag
"b26-60679c38c0c5c"
content-type
image/png
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
2854
x-proxy-cache
HIT
candid-logo-circle1.png
candid.inc/wp-content/themes/candid/img/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://candid.inc/wp-content/themes/candid/img/candid-logo-circle1.png
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.209.0.180 Council Bluffs, United States, ASN19527 (GOOGLE-2, US),
Reverse DNS
180.0.209.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0f44b1d9c0c1a46684e5445fa7b3bfa1f0d7abae26d16e36a372a40375877c7f

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 19:52:43 GMT
last-modified
Fri, 29 Sep 2023 06:45:01 GMT
server
nginx
etag
"1c2f-60679c38c1044"
content-type
image/png
x-httpd
1
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
7215
x-proxy-cache
HIT
client
accounts.google.com/gsi/ 		198 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/gsi/client
Requested by
Host: lo.candidcrm.com
URL: https://lo.candidcrm.com/candid-verification-success/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c0b::54 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
cda2fe781e886b54242c47f537f5ebe227a25e9ce800b705e208dbf1f73f0274
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-RtyTePAEbodxYCqBMCn-_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-US,en;q=0.9
Referer
https://lo.candidcrm.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 19:52:43 GMT
content-security-policy
script-src 'report-sample' 'nonce-RtyTePAEbodxYCqBMCn-_A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
x-frame-options
SAMEORIGIN
report-to
{"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=1800
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
expires
Wed, 25 Oct 2023 19:52:43 GMT
JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 		32 KB
33 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Montserrat:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lo.candidcrm.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Fri, 20 Oct 2023 23:33:11 GMT
x-content-type-options
nosniff
age
418772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33092
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 22:51:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 19 Oct 2024 23:33:11 GMT
1Ptug8zYS_SKggPNyC0ITw.woff2
fonts.gstatic.com/s/raleway/v29/ 		47 KB
47 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/raleway/v29/1Ptug8zYS_SKggPNyC0ITw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Raleway:wght@100;200;300;400;500;600;700;800;900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://lo.candidcrm.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Sun, 22 Oct 2023 14:24:24 GMT
x-content-type-options
nosniff
age
278899
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
48208
x-xss-protection
0
last-modified
Wed, 13 Sep 2023 23:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 21 Oct 2024 14:24:24 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.13/webfonts/ 		60 KB
60 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.0.13/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=6.2.2.1687506611
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c

Request headers

Referer
https://use.fontawesome.com/releases/v5.0.13/css/all.css?ver=6.2.2.1687506611
Origin
https://lo.candidcrm.com
accept-language
en-US,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.117 Safari/537.36

Response headers

date
Wed, 25 Oct 2023 19:52:43 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
161
alt-svc
h3=":443"; ma=86400
content-length
61336
last-modified
Fri, 22 Sep 2023 01:44:10 GMT
server
cloudflare
etag
"3654744dc6d6c37c9b3582b57622df5e"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R4%2BURSgjH4aD%2BJGxOm1IPAvJJ%2F%2FICNikVQUH3JdjDTEk7fODEpqggPuzWkfYYCxqE%2BcFkk2Q3N%2FC7tE39YJuU2xB6ZXEEVxnU9bUEC5P7q8IvycJR4mZTq5VIkc5Y62HgjTerNZPQBxg6GgQNAIYGVLt"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
81bd0066aaf0c3f0-EWR

Verdicts & Comments Add Verdict or Comment

19 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture number| _gtm_init number| doNotTrack object| _gtm_ids function| _gtm_inject object| __NUXT__ object| default_gsi object| _F_toggles object| google object| webpackJsonp function| installComponents object| regeneratorRuntime function| setImmediate function| clearImmediate object| onNuxtReadyCbs function| onNuxtReady object| $nuxt object| closure_lm_32958 object| dataLayer

1 Cookies

Domain/Path Name / Value
lo.candidcrm.com/ Name: auth.strategy
Value: facebook

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
candid.inc
email-verification.us-east-1.amazonaws.com
fonts.googleapis.com
fonts.gstatic.com
lo.candidcrm.com
use.fontawesome.com
2606:4700:e0::ac40:660b
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c0b::54
2607:f8b0:4004:c17::5f
35.209.0.180
44.209.215.113
54.80.94.248
00240b4e66591579178a2b3904c69f746f268b7d63d74de903683a94f686b5b4
0f44b1d9c0c1a46684e5445fa7b3bfa1f0d7abae26d16e36a372a40375877c7f
1ddd3b7b68a96da02979f972e4e9a8b6af63b5a17c75d7c7e0e3901d9f3a729c
2b70cccacf900e0b6ddd12d22f11ef3871005cae82023499334349fddaca7b72
43730866612149a27f49159d7c4f19185c8694bb91bf41abc884a6fe1346e96e
4a1589e623c8c242c56354dd3003c3a9cb5d91d9d6057ea1c90a08bef99d8507
7e6f580bf0f29d7adbd54dc2adb7c967198b1b69d81424ba67f9066b09adc415
8cbc049ddbd7ca67068451ce754401833499959c4c6ed7b98f664d42e0597808
a3328bc67f9ab80d6355d84ceb03d614a62a80b8264c4e494e0be95333d52e22
b0e9705c32294be72be650d27843fb95c5dd7ff5dcf3504d5c7573f8d8899c6d
bad8c23ba4be0db4ed204f87e2e86b095b559c3ae75ef90e7440ad15cf49bd15
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bdac67b4b44c53061123f51bc44a0a2a145a02a0e44cf347b98252dc3f68f339
c4d2e609c3a0c206826934605b121825ec45283184cbbe83993c0042fbb0700a
c9aa19a40871c6d52c190247248edbce0e09781e2272209c59992d6466990e5c
cda2fe781e886b54242c47f537f5ebe227a25e9ce800b705e208dbf1f73f0274
f4c6751df271112d477635fdcbe9ddb2496fdcd0c07fd2a1780961afd64c64bd