monitoring.candidco.com
Open in
urlscan Pro
3.95.12.127
Public Scan
Effective URL: https://monitoring.candidco.com/login?post_login_redirect_url=https%3A%2F%2Fmonitoring.candidco.com%2F
Submission Tags: phishingrod
Submission: On March 01 via api from DE — Scanned from DE
Summary
TLS certificate: Issued by Amazon on December 4th 2022. Valid for: a year.
This is the only time monitoring.candidco.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
IP Address | AS Autonomous System | ||
---|---|---|---|
1 2 | 3.95.12.127 3.95.12.127 | 14618 (AMAZON-AES) (AMAZON-AES) | |
9 | 13.225.78.92 13.225.78.92 | 16509 (AMAZON-02) (AMAZON-02) | |
10 | 2 |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-95-12-127.compute-1.amazonaws.com
monitoring.candidco.com |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-92.fra2.r.cloudfront.net
us-east-1-cand-common-externals.monitoring.candidco.com |
Apex Domain Subdomains |
Transfer | |
---|---|---|
11 |
candidco.com
1 redirects
monitoring.candidco.com us-east-1-cand-common-externals.monitoring.candidco.com |
1 MB |
10 | 1 |
Domain | Requested by | |
---|---|---|
9 | us-east-1-cand-common-externals.monitoring.candidco.com |
monitoring.candidco.com
us-east-1-cand-common-externals.monitoring.candidco.com |
2 | monitoring.candidco.com | 1 redirects |
10 | 2 |
This site contains links to these domains. Also see Links.
Domain |
---|
www.candidco.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
monitoring.candidco.com Amazon |
2022-12-04 - 2024-01-02 |
a year | crt.sh |
This page contains 1 frames:
Primary Page:
https://monitoring.candidco.com/login?post_login_redirect_url=https%3A%2F%2Fmonitoring.candidco.com%2F
Frame ID: 43F88CAB042C61C5CB2C224979342264
Requests: 10 HTTP requests in this frame
Screenshot
Page Title
Login - Candid MonitoringPage URL History Show full URLs
-
https://monitoring.candidco.com/
HTTP 302
https://monitoring.candidco.com/login?post_login_redirect_url=https%3A%2F%2Fmonitoring.candidco.com%2F Page URL
Detected technologies
jQuery (JavaScript Libraries) ExpandDetected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
2 Outgoing links
These are links going to different origins than the main page.
Title: Datenschutzerklärung
Search URL Search Domain Scan URL
Title: Rechtliche Hinweise
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
https://monitoring.candidco.com/
HTTP 302
https://monitoring.candidco.com/login?post_login_redirect_url=https%3A%2F%2Fmonitoring.candidco.com%2F Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
10 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
login
monitoring.candidco.com/ Redirect Chain
|
13 KB 4 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
main.css
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/css/ |
355 KB 356 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.js
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/js/min/ |
388 KB 389 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
libs.js
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/js/min/ |
187 KB 187 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ui.js
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/js/min/ |
82 KB 83 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
datepicker-de.js
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/js/lib/jquery/i18n/ |
1 KB 2 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-header.png
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-footer.png
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/images/ |
4 KB 4 KB |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-regular.woff
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/fonts/ |
79 KB 80 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
proxima-nova-semibold.woff
us-east-1-cand-common-externals.monitoring.candidco.com/build/cand/production-1677600046914/fonts/ |
79 KB 80 KB |
Font
application/font-woff |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
Verdicts & Comments Add Verdict or Comment
49 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
boolean| credentialless function| $ function| jQuery function| Croppic object| libphonenumber function| progressJs function| sprintf_named function| vsprintf_named function| AudioMeter function| DrawOnCanvas function| escapeHtml function| unescapeHtml function| JsForm function| debounce function| debounceFirst function| debounceLast function| throw_exception function| StripeModale function| StripePayment function| MediaRecorderWrapper function| PhotoCropper function| ActivityChartBuilder function| DatePickerChartBuilder function| priorityQueue function| dataset function| datasetUI function| matchingUI function| linkedSlider function| ToothChartsBuilder function| ActionModalesRouter function| Avatar function| set_file_upload function| set_fake_fields function| set_input_focus function| ajaxWrapper function| ajaxWrapperNoProcess function| ajaxUI number| UID object| modale function| ShoppingPage object| translator object| xd function| tooth_measure_format boolean| mouse_is_down object| ajax_headers function| getUID object| prioQueue string| ajaxUrl object| jQuery1111029811168007526480 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Strict-Transport-Security | max-age=15768000 |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
monitoring.candidco.com
us-east-1-cand-common-externals.monitoring.candidco.com
13.225.78.92
3.95.12.127
22ce5aff32ecbe0a07cb9fbdc2b62c45e64e108cf811e074e0ef999fd953dca0
32524a23548b4b5a502c290556782ace07938ae7008b95e3e666edb7a5e2a80f
344282dc36f595380fca3c9850575cfad6108761ae38ef6d5e6bf867cd164ee3
5763b51d656a9c76798f58909ac299ced13d3bbcc763ed16f6ebe65f592a8315
65b587f15f8e875c29b33c7e41ab895a926e918b424c9c067c0806fc5e5785b3
9018d51fe9944f587e1b68e5122e1c43970455816311642ee1118985e5dbbbd8
b43b80c39f46d4edbb4f1b540d5ab45694b7dad1cdf21e8d08a94ce84d315065
d3f026ee02224a82e1459cf59ca11e8dc3abf779bd07293ccc507c8e3c28a79d
f7830084c9253b607812901168e5ba6fe2d0790427df5fbd3215a71ab502fbf1