postclosingsurvey.candidcrm.com Open in urlscan Pro
2600:9000:2359:7600:17:25f4:fc00:93a1 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://postclosingsurvey.candidcrm.com/
Submission: On November 21 via automatic, source certstream-suspicious (November 21st 2024, 7:27:54 am UTC) — Scanned from DE

Summary HTTP 10 Redirects Behaviour Indicators

Summary

This website contacted 5 IPs in 2 countries across 5 domains to perform 10 HTTP transactions. The main IP is 2600:9000:2359:7600:17:25f4:fc00:93a1, located in United States and belongs to AMAZON-02, US. The main domain is postclosingsurvey.candidcrm.com.
TLS certificate: Issued by Amazon RSA 2048 M02 on December 21st 2023. Valid for: a year.

This is the only time postclosingsurvey.candidcrm.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
5	2600:9000:235... 2600:9000:2359:7600:17:25f4:fc00:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 2	2606:4700::68... 2606:4700::6811:f7cb	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2003	15169 (GOOGLE) (GOOGLE)
10	5

5 2600:9000:2359:7600:17:25f4:fc00:93a1 (United States)

ASN16509 (AMAZON-02, US)

postclosingsurvey.candidcrm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:f7cb (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
5	candidcrm.com postclosingsurvey.candidcrm.com	99 KB
2	gstatic.com fonts.gstatic.com	46 KB
2	unpkg.com 1 redirects unpkg.com — Cisco Umbrella Rank: 740	123 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 29	956 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 225	11 KB
10	5

	Domain	Requested by
5	postclosingsurvey.candidcrm.com	postclosingsurvey.candidcrm.com
2	fonts.gstatic.com	fonts.googleapis.com
2	unpkg.com	1 redirects postclosingsurvey.candidcrm.com
1	fonts.googleapis.com	postclosingsurvey.candidcrm.com
1	cdnjs.cloudflare.com	postclosingsurvey.candidcrm.com
10	5

This site contains no links.

Subject Issuer	Validity	Valid
postclosingsurvey.candidcrm.com Amazon RSA 2048 M02	`2023-12-21` - `2025-01-19`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-09-28` - `2024-12-27`	3 months	crt.sh
upload.video.google.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh
*.gstatic.com WR2	`2024-10-21` - `2025-01-13`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://postclosingsurvey.candidcrm.com/
Frame ID: F6C0D51776A95266E6590C08497A462A
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Post Closing Survey

Detected technologies

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

<[^>]+\sdata-v(?:ue)?-

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Page Statistics

10
Requests

90 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

278 kB
Transfer

769 kB
Size

0
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js HTTP 302
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

10 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
postclosingsurvey.candidcrm.com/ 713 B
1 KB 70ms
8ms Document
text/html 2600:9000:2359:7600:17:25f4:fc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postclosingsurvey.candidcrm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:7600:17:25f4:fc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3f153db4d1d599603c70e5acf2d982e300c63f00459cf3747d957d37f37e5bfd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
age: 10
content-length: 713
content-type: text/html
date: Thu, 21 Nov 2024 07:27:40 GMT
etag: "1119e921daf0cec2a7d96474050213ba"
last-modified: Thu, 23 May 2024 08:01:52 GMT
server: AmazonS3
via: 1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
x-amz-cf-id: r71Ml-3IzK80Rwx-MLiuVZNWOxkfgU45atAErknpBYeLYQ9vYqCxmQ==
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-amz-version-id: pHPK22POTFJBp.2gy.Paep2q6Mye15vW
x-cache: Hit from cloudfront

GET
H3 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/ 58 KB
11 KB 52ms
20ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.3/css/all.min.css

Requested by

Host: postclosingsurvey.candidcrm.com
URL: https://postclosingsurvey.candidcrm.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "6599bda5-28f2"
age: 51817
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Byz6KoS8JCfe4UiXBPqDRJNxPrVFb%2BohI8Wk4R5tnDfD4UB6nXk%2B1f0E7aGj%2B46JMjInJXHkRfSRUYRroAwB3CcSyW2w4r4OLq0VahfLYn%2FNcnlpJCOVOdY%2FotKEi293jeTJESpc1GpgEnKw8DMVslVM"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Tue, 11 Nov 2025 07:27:49 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Thu, 21 Nov 2024 07:27:49 GMT
content-type: text/css; charset=utf-8
last-modified: Sat, 06 Jan 2024 21:52:53 GMT
vary: Accept-Encoding
priority: u=0,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 8e5ef59cfa0fbbe3-FRA
accept-ranges: bytes
access-control-allow-origin: *
content-length: 10482
server: cloudflare

GET
H2 200 index-2140ba47.js Show response
postclosingsurvey.candidcrm.com/assets/ 201 KB
76 KB 696ms
695ms Script
application/javascript 2600:9000:2359:7600:17:25f4:fc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postclosingsurvey.candidcrm.com/assets/index-2140ba47.js
Requested by: Host: postclosingsurvey.candidcrm.com
URL: https://postclosingsurvey.candidcrm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:7600:17:25f4:fc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e9eed17ff6788f21d924436ba14e732756c8eb4c96cb8c36114d91cd6e71db0b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://postclosingsurvey.candidcrm.com
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

access-control-expose-headers: ETag
content-encoding: br
x-amz-version-id: em0_GE3CnsN9ITSkaxBxZphbxdHWOxEU
etag: W/"4a8ad96d7e6ff57b3b5b10385ac99c13"
access-control-allow-methods: HEAD, GET, PUT, POST, DELETE
x-cache: Miss from cloudfront
x-amz-cf-id: 8F_neRouUhYxSN0GUo5l6U-xGbfr8ysIQCX9pCaixmvWzR37m0jUhA==
date: Thu, 21 Nov 2024 07:27:50 GMT
content-type: application/javascript
vary: accept-encoding
last-modified: Thu, 23 May 2024 08:01:53 GMT
via: 1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
access-control-allow-origin: *
x-amz-cf-pop: FRA60-P10
server: AmazonS3
x-amz-server-side-encryption: AES256

GET
H2 200 index-0e3d467a.css
postclosingsurvey.candidcrm.com/assets/ 58 KB
9 KB 695ms
694ms Stylesheet
text/css 2600:9000:2359:7600:17:25f4:fc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postclosingsurvey.candidcrm.com/assets/index-0e3d467a.css
Requested by: Host: postclosingsurvey.candidcrm.com
URL: https://postclosingsurvey.candidcrm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:7600:17:25f4:fc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0e3d467a32fed5bee41e6ecddae6746037819b1b8d992ff26b14adc66f53df4d

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

vary: accept-encoding
content-encoding: br
etag: W/"24992d77f64bb2c382c3b20c56f97d97"
x-amz-version-id: 9yee166AE_VFBEIdxoObULvB.m15BYNu
via: 1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: Mby513oRzeh8XNEo11fdsWProRepSmsLjw7o8O6F9iZjzWxlKyreOg==
date: Thu, 21 Nov 2024 07:27:50 GMT
content-type: text/css
last-modified: Thu, 23 May 2024 08:01:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2

200

lottie-player.js Show response
unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/
Redirect Chain

https://unpkg.com/@lottiefiles/lottie-player@latest/dist/lottie-player.js
https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

375 KB
122 KB

18ms
18ms

Script
application/javascript

2606:4700::6811:f7cb
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js

Requested by

Host: postclosingsurvey.candidcrm.com
URL: https://postclosingsurvey.candidcrm.com/

Protocol

Server

2606:4700::6811:f7cb , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

content-encoding: br
cf-cache-status: HIT
etag: "5dbed-iuWY+SuF72GOkOASnVf7lMj2w7g"
age: 884495
x-content-type-options: nosniff
date: Thu, 21 Nov 2024 07:27:49 GMT
content-type: application/javascript; charset=utf-8
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01JCCECTDJPVWZHSG4JBMY6KY1-fra
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=31536000
via: 1.1 fly.io
cf-ray: 8e5ef59d38f73673-FRA
access-control-allow-origin: *
server: cloudflare

Redirect headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, s-maxage=600, max-age=60
location: /@lottiefiles/lottie-player@2.0.12/dist/lottie-player.js
content-encoding: br
cf-cache-status: HIT
age: 550
x-content-type-options: nosniff
via: 1.1 fly.io
cf-ray: 8e5ef59d18da3673-FRA
access-control-allow-origin: *
date: Thu, 21 Nov 2024 07:27:49 GMT
content-type: text/plain; charset=utf-8
vary: Accept, Accept-Encoding
fly-request-id: 01JD6SCP864GFRQYVPDE8R2GZ9-cdg
server: cloudflare

GET
H2 200 css2
fonts.googleapis.com/ 4 KB
956 B 37ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Requested by

Host: postclosingsurvey.candidcrm.com
URL: https://postclosingsurvey.candidcrm.com/assets/index-0e3d467a.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

918a6605a30759293b94242a84a0da24dcaae3576c30d4fedbd0c854da459b8e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Thu, 21 Nov 2024 07:27:49 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 21 Nov 2024 07:27:49 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Thu, 21 Nov 2024 05:57:47 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H2 200 under-construction-illustration-70fa6bd8.svg
postclosingsurvey.candidcrm.com/assets/ 22 KB
8 KB 667ms
667ms Image
image/svg+xml 2600:9000:2359:7600:17:25f4:fc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://postclosingsurvey.candidcrm.com/assets/under-construction-illustration-70fa6bd8.svg
Requested by: Host: postclosingsurvey.candidcrm.com
URL: https://postclosingsurvey.candidcrm.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:7600:17:25f4:fc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 70fa6bd86ad26871b384079dd788be37322224676b5ef96f313a9a24721aeea3

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

vary: accept-encoding
content-encoding: br
etag: W/"c9daed140ceb07f5ab016a968246b987"
x-amz-version-id: iuMzn1p0YfAROiZXAgjiuU8DFilUEj85
via: 1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
x-cache: Miss from cloudfront
x-amz-cf-id: AOWeISaZo5YVmy5PmK5GR2d0cYof72sEWmpTr6NKXculiJaITBVMJQ==
date: Thu, 21 Nov 2024 07:27:51 GMT
content-type: image/svg+xml
last-modified: Thu, 23 May 2024 08:01:53 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H3 200 S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 26ms
10ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://postclosingsurvey.candidcrm.com
Referer: https://fonts.googleapis.com/

Response headers

age: 60498
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 14:39:32 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 14:39:32 GMT
last-modified: Tue, 02 May 2023 15:07:25 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23040
x-xss-protection: 0
server: sffe

GET
H3 200 S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 23 KB
23 KB 22ms
7ms Font
font/woff2 2a00:1450:4001:80b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@100;300;400;700;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://postclosingsurvey.candidcrm.com
Referer: https://fonts.googleapis.com/

Response headers

age: 57816
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Thu, 20 Nov 2025 15:24:14 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Wed, 20 Nov 2024 15:24:14 GMT
last-modified: Tue, 02 May 2023 15:17:22 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 23580
x-xss-protection: 0
server: sffe

GET
H2 200 favicon.ico
postclosingsurvey.candidcrm.com/ 4 KB
5 KB 618ms
618ms Other
image/vnd.microsoft.icon 2600:9000:2359:7600:17:25f4:fc00:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://postclosingsurvey.candidcrm.com/favicon.ico
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2359:7600:17:25f4:fc00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://postclosingsurvey.candidcrm.com/

Response headers

x-amz-version-id: JpXqK0NLvO.QNydvf_47SFL0.6vcQkVh
etag: "1ba2ae710d927f13d483fd5d1e548c9b"
via: 1.1 b58f4c458263fcafb0c4b2b684d9bc50.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 4286
x-amz-cf-id: Ludj9ezrS2g3Wnx58cdxEs0wvkQlUKQ77ZekKdd-sa-54d4QkPKQYw==
date: Thu, 21 Nov 2024 07:27:52 GMT
content-type: image/vnd.microsoft.icon
last-modified: Thu, 23 May 2024 08:01:52 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
postclosingsurvey.candidcrm.com
unpkg.com
2600:9000:2359:7600:17:25f4:fc00:93a1
2606:4700::6811:190e
2606:4700::6811:f7cb
2a00:1450:4001:806::200a
2a00:1450:4001:80b::2003
0e3d467a32fed5bee41e6ecddae6746037819b1b8d992ff26b14adc66f53df4d
3f153db4d1d599603c70e5acf2d982e300c63f00459cf3747d957d37f37e5bfd
70fa6bd86ad26871b384079dd788be37322224676b5ef96f313a9a24721aeea3
918a6605a30759293b94242a84a0da24dcaae3576c30d4fedbd0c854da459b8e
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
b396c6847f916f93b353dddc9245b056ad900d115cfb589e7909ba996eaf70af
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
d87ddf917b7a1449ab45e2b8e3c98354629bdd65b6659c37e6023bbea1ce1386
db74ab0b78338c1f778f8398c45f4103c99aea0e845a3118a7750b4eeafd3445
e9eed17ff6788f21d924436ba14e732756c8eb4c96cb8c36114d91cd6e71db0b

postclosingsurvey.candidcrm.com Open in urlscan Pro 2600:9000:2359:7600:17:25f4:fc00:93a1 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

10 Requests

90 %HTTPS

100 %IPv6

5 Domains

5 Subdomains

5 IPs

2 Countries

278 kBTransfer

769 kBSize

0 Cookies

0 Outgoing links

Redirected requests

10 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

0 Cookies

Indicators

postclosingsurvey.candidcrm.com Open in urlscan Pro
2600:9000:2359:7600:17:25f4:fc00:93a1 Public Scan

Screenshot
Live screenshot

Full Image

10
Requests

90 %
HTTPS

100 %
IPv6

5
Domains

5
Subdomains

5
IPs

2
Countries

278 kB
Transfer

769 kB
Size

0
Cookies

10 HTTP transactions
0 data transactions