test-auth.candidate.im Open in urlscan Pro
13.35.58.49 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://test-auth.candidate.im/
Effective URL:
https://test-auth.candidate.im/
Submission Tags: @ecarlesi possiblethreat phishing Search All
Submission: On October 30 via api (October 30th 2024, 8:55:35 am UTC) from IT — Scanned from IT

Summary HTTP 29 Redirects Links 2 Behaviour Indicators

Summary

This website contacted 7 IPs in 3 countries across 7 domains to perform 29 HTTP transactions. The main IP is 13.35.58.49, located in United States and belongs to AMAZON-02, US. The main domain is test-auth.candidate.im.
TLS certificate: Issued by Amazon RSA 2048 M03 on October 30th 2024. Valid for: a year.

This is the only time test-auth.candidate.im was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	13.35.58.49 13.35.58.49	16509 (AMAZON-02) (AMAZON-02)
4	3.39.145.173 3.39.145.173	16509 (AMAZON-02) (AMAZON-02)
3	3.39.135.79 3.39.135.79	16509 (AMAZON-02) (AMAZON-02)
1 1	211.249.220.43 211.249.220.43	7625 (DAUM-AS K...) (DAUM-AS Kakao Corp)
1	2.16.10.154 2.16.10.154	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	223.130.195.167 223.130.195.167	23576 (NHN-AS-KR...) (NHN-AS-KR NAVER Cloud Corp.)
1	184.30.208.159 184.30.208.159	16625 (AKAMAI-AS) (AKAMAI-AS)
1	142.250.153.84 142.250.153.84	15169 (GOOGLE) (GOOGLE)
29	7

17 13.35.58.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-35-58-49.fra60.r.cloudfront.net

test-auth.candidate.im	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.39.145.173 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-39-145-173.ap-northeast-2.compute.amazonaws.com

client-sdk.hackle.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.39.135.79 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-39-135-79.ap-northeast-2.compute.amazonaws.com

event.hackle.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 211.249.220.43 (Korea, Republic Of) 1 redirects

ASN7625 (DAUM-AS Kakao Corp, KR)

developers.kakao.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.16.10.154 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-10-154.deploy.static.akamaitechnologies.com

t1.kakaocdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 223.130.195.167 (Korea, Republic Of)

ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR)

static.nid.naver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.208.159 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-208-159.deploy.static.akamaitechnologies.com

appleid.cdn-apple.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.153.84 (United States)

ASN15169 (GOOGLE, US)
PTR: ea-in-f84.1e100.net

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	candidate.im test-auth.candidate.im	2 MB
7	hackle.io client-sdk.hackle.io — Cisco Umbrella Rank: 303233 event.hackle.io — Cisco Umbrella Rank: 235040	5 KB
2	naver.com static.nid.naver.com — Cisco Umbrella Rank: 76429	131 KB
1	google.com accounts.google.com — Cisco Umbrella Rank: 18	86 KB
1	cdn-apple.com appleid.cdn-apple.com — Cisco Umbrella Rank: 3904	17 KB
1	kakaocdn.net t1.kakaocdn.net — Cisco Umbrella Rank: 28309	37 KB
1	kakao.com 1 redirects developers.kakao.com — Cisco Umbrella Rank: 105063	310 B
29	7

	Domain	Requested by
17	test-auth.candidate.im	test-auth.candidate.im
4	client-sdk.hackle.io	test-auth.candidate.im
3	event.hackle.io	test-auth.candidate.im
2	static.nid.naver.com	test-auth.candidate.im
1	accounts.google.com	test-auth.candidate.im
1	appleid.cdn-apple.com	test-auth.candidate.im
1	t1.kakaocdn.net
1	developers.kakao.com	1 redirects
29	8

This site contains links to these domains. Also see Links.

Domain
www.candidate.im

Subject Issuer	Validity	Valid
test-auth.candidate.im Amazon RSA 2048 M03	`2024-10-30` - `2025-11-29`	a year	crt.sh
*.hackle.io Amazon RSA 2048 M02	`2024-04-27` - `2025-05-26`	a year	crt.sh
*.nid.naver.com Sectigo RSA Organization Validation Secure Server CA	`2023-12-12` - `2025-01-11`	a year	crt.sh
appleid.cdn-apple.com Apple Public EV Server RSA CA 2 - G1	`2024-10-28` - `2025-01-23`	3 months	crt.sh
accounts.google.com WR2	`2024-10-07` - `2024-12-30`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://test-auth.candidate.im/
Frame ID: 307A845662522A6A3427CBE499C7F1CF
Requests: 26 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

캔디데이트

Page URL History Show full URLs

http://test-auth.candidate.im/ HTTP 307
https://test-auth.candidate.im/ Page URL

Detected technologies

Apple Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

appleid\.auth\.js

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

accounts\.google\.com/gsi/client

Page Statistics

29
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

2493 kB
Transfer

2742 kB
Size

5
Cookies

2 Outgoing links

These are links going to different origins than the main page.

URL: https://www.candidate.im/teams/use
Title: 이용 약관

Search URL Search Domain Scan URL

URL: https://www.candidate.im/teams/privacy
Title: 개인정보처리방침

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://test-auth.candidate.im/ HTTP 307
https://test-auth.candidate.im/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 14

https://developers.kakao.com/sdk/js/kakao.min.js HTTP 301
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
test-auth.candidate.im/
Redirect Chain

http://test-auth.candidate.im/
https://test-auth.candidate.im/

1 KB
2 KB

1502ms
1102ms

Document
text/html

13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-auth.candidate.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6401c08ab4e225a86592332a7f11673a3ba37d1d028336f52e5ea850a2eeeda5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
content-length: 1252
content-type: text/html
date: Wed, 30 Oct 2024 08:55:16 GMT
etag: "4459804f3fce15dad1fed3303a16dc0d"
last-modified: Tue, 22 Oct 2024 05:45:25 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-cf-id: SC4S4rQnwGqAXG7-K3Q2TsVlr8Rqr1o-zGhKugEjvIX1mZdORWgujw==
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront

Redirect headers

Location: https://test-auth.candidate.im/
Non-Authoritative-Reason: HttpsUpgrades

GET
H2 200 main.94a05fa1.js Show response
test-auth.candidate.im/static/js/ 589 KB
590 KB 1181ms
1053ms Script
text/javascript 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 38d8dfee21741410cb3ce1086c30239e7ebda159e05111f7fee3ea977c84f762

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-cf-pop: FRA60-P10
etag: "0b35305153fa767763d31e4fdc752e2d"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 603259
x-amz-cf-id: ITo1CY-_DFb55n3TvQPuqZ-K9_oSKdtIhegPZFH5wJtIUX5eYiMNpA==
date: Wed, 30 Oct 2024 08:55:18 GMT
content-type: text/javascript
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 22 Oct 2024 05:45:25 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 main.ee721b1b.css
test-auth.candidate.im/static/css/ 7 KB
7 KB 1135ms
1008ms Stylesheet
text/css 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-auth.candidate.im/static/css/main.ee721b1b.css
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d931fcd4a905cb9396abe45db6f7fce46c8defcf386f91ebf98058b430466f3e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-cf-pop: FRA60-P10
etag: "47cd5f176ca34806a155e1aac15f4750"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 7178
x-amz-cf-id: N8PnXA2zuY551YEX_IbCjDkpBq8paanLTxG3YHBGv1CKrdnicNNtEw==
date: Wed, 30 Oct 2024 08:55:18 GMT
content-type: text/css
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 22 Oct 2024 05:45:25 GMT
x-amz-server-side-encryption: AES256

OPTIONS
H2 200 config
client-sdk.hackle.io/api/v2/workspaces/V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c/ 0
0 816ms
251ms Preflight 3.39.145.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-sdk.hackle.io/api/v2/workspaces/V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c/config
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.145.173 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-145-173.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hackle-sdk-key,x-hackle-sdk-name,x-hackle-sdk-time,x-hackle-sdk-version
Access-Control-Request-Method: GET
Origin: https://test-auth.candidate.im
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-hackle-sdk-key, x-hackle-sdk-name, x-hackle-sdk-time, x-hackle-sdk-version
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://test-auth.candidate.im
access-control-max-age: 1800
content-length: 0
date: Wed, 30 Oct 2024 08:55:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 cohorts
client-sdk.hackle.io/api/v1/ 0
0 815ms
250ms Preflight 3.39.145.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-sdk.hackle.io/api/v1/cohorts
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.145.173 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-145-173.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-hackle-sdk-key,x-hackle-sdk-name,x-hackle-sdk-time,x-hackle-sdk-version,x-hackle-user
Access-Control-Request-Method: GET
Origin: https://test-auth.candidate.im
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: x-hackle-sdk-key, x-hackle-sdk-name, x-hackle-sdk-time, x-hackle-sdk-version, x-hackle-user
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://test-auth.candidate.im
access-control-max-age: 1800
content-length: 0
date: Wed, 30 Oct 2024 08:55:19 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 config Show response
client-sdk.hackle.io/api/v2/workspaces/V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c/ 24 KB
4 KB 254ms
253ms XHR
application/json 3.39.145.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-sdk.hackle.io/api/v2/workspaces/V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c/config
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.145.173 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-145-173.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: dd41ae94621dd72c9c19c663c9d80a38ec9db339c423d3b2780c4a3e3b15e8c6

Request headers

X-HACKLE-SDK-NAME: react-sdk
X-HACKLE-SDK-KEY: V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c
X-HACKLE-SDK-TIME: 1730278519129
Referer: https://test-auth.candidate.im/
X-HACKLE-SDK-VERSION: 11.32.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control: max-age=60
content-encoding: gzip
access-control-allow-credentials: true
access-control-allow-origin: https://test-auth.candidate.im
content-length: 3987
date: Wed, 30 Oct 2024 08:55:20 GMT
last-modified: Wed, 30 Oct 2024 08:08:04 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 cohorts Show response
client-sdk.hackle.io/api/v1/ 14 B
222 B 252ms
250ms XHR
application/json 3.39.145.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-sdk.hackle.io/api/v1/cohorts
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.145.173 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-145-173.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: e9e94f0191c394c53dd45bddf878def772e46b616c064f31189d5782cebc40cb

Request headers

X-HACKLE-USER: eyJpZGVudGlmaWVycyI6eyIkaWQiOiJiMjUyYTQwOS1lOTEwLTQ1NGQtYTk4Ni0zZTFkYTJlZDk0NmEiLCIkZGV2aWNlSWQiOiJiMjUyYTQwOS1lOTEwLTQ1NGQtYTk4Ni0zZTFkYTJlZDk0NmEifX0
X-HACKLE-SDK-NAME: react-sdk
X-HACKLE-SDK-KEY: V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c
X-HACKLE-SDK-TIME: 1730278519130
Referer: https://test-auth.candidate.im/
X-HACKLE-SDK-VERSION: 11.32.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-origin: https://test-auth.candidate.im
content-length: 14
date: Wed, 30 Oct 2024 08:55:20 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H2 200 favicon.svg
test-auth.candidate.im/ 3 KB
4 KB 1011ms
984ms Other
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-auth.candidate.im/favicon.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f77d04759de5f9d0ed3447a84f0c3a5ac6e855c687281d63c631b3ac29c3ba95

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-cf-pop: FRA60-P10
etag: "35b69f4fb999549009e040d4a9ca3f48"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 3380
x-amz-cf-id: yucCZ5ZJMy7BeXeByYmwbLqFOoYrtMJqVn6ZEvcAZr8lHw3t0vWW_w==
date: Wed, 30 Oct 2024 08:55:21 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
x-amz-server-side-encryption: AES256

POST
H2 202 events Show response
event.hackle.io/api/v2/w/ 0
193 B 287ms
282ms XHR
application/json 3.39.135.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.hackle.io/api/v2/w/events
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.135.79 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-135-79.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-HACKLE-SDK-NAME: react-sdk
X-HACKLE-SDK-KEY: V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c
X-HACKLE-SDK-TIME: 1730278519691
Referer: https://test-auth.candidate.im/
X-HACKLE-SDK-VERSION: 11.32.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://test-auth.candidate.im
content-length: 0
date: Wed, 30 Oct 2024 08:55:20 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

OPTIONS
H2 200 events
event.hackle.io/api/v2/w/ 0
0 823ms
264ms Preflight 3.39.135.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.hackle.io/api/v2/w/events
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.135.79 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-135-79.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-hackle-sdk-key,x-hackle-sdk-name,x-hackle-sdk-time,x-hackle-sdk-version
Access-Control-Request-Method: POST
Origin: https://test-auth.candidate.im
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type, x-hackle-sdk-key, x-hackle-sdk-name, x-hackle-sdk-time, x-hackle-sdk-version
access-control-allow-methods: GET,HEAD,POST
access-control-allow-origin: https://test-auth.candidate.im
access-control-max-age: 1800
content-length: 0
date: Wed, 30 Oct 2024 08:55:20 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

GET
H2 200 lock_black.svg
test-auth.candidate.im/images/common/ 1 KB
2 KB 1028ms
1025ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/common/lock_black.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3baa648a8aaf41fcc236e3d880f5614882d8f3f4f1399ae40611deb115077861

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-cf-pop: FRA60-P10
etag: "7cd5a467994dbef97d8e93aa1c7790be"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1461
x-amz-cf-id: LFuFXRXJhUV2zCS6LiRPVSrd8ucLvda1H7oPqt1ulXjaqrtHE7nCeQ==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 lock.svg
test-auth.candidate.im/images/common/ 2 KB
2 KB 1029ms
1027ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/common/lock.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b987075d22e62ad407853106b2ea2dc2be49e646c6bdb7eb8bdabbe0dd31149

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-cf-pop: FRA60-P10
etag: "75d126c4399806447e1719c51d1533c6"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1706
x-amz-cf-id: D0L70-1sY1BMaLmREzjtqlN4-2Bw7lSrmomAN0UbvoWduZfMINMzUA==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 exit.svg
test-auth.candidate.im/images/common/ 1 KB
2 KB 1089ms
1087ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/common/exit.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8b8abd6ae226cc98b9d8a9e96f18fc7107c580887e6cd5bf7d9c40941f009a2

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-cf-pop: FRA60-P10
etag: "7da31526adaefc6a316a8ee52e6f3ee2"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1213
x-amz-cf-id: SKUfg2pEcPReyg5cQIOtDP7mez0xkV0tHQhEdycAc4Mi9h7DqUwImQ==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
vary: Accept-Encoding
server: AmazonS3
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
x-amz-server-side-encryption: AES256

GET
H2 200 trash_can.svg
test-auth.candidate.im/images/common/ 552 B
902 B 1081ms
1079ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/common/trash_can.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 42cb4a8e2e4f8fd59b6e2731c03e70623c814ec33efca10f9a2dfd9cbb4c4415

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

etag: "f2cd1b0ed15a4c925a14eb59107f3330"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 552
x-amz-cf-id: oTHgTfPVwXLHX1cUZ4uPZD-3Xz7d4wE_kHpI5urOLlD5tbWibd-fSw==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 folder.svg
test-auth.candidate.im/images/common/ 647 B
1 KB 1088ms
1086ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/common/folder.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5bb9d2b240201d87fa62194810003a61c5e00388da15ea60fdbe38d35648566

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: VcE52K9UhX8uC2AW0nmgmrPEhTgvU20koQaM7ZSj+25ZcC/L4GBPGu7a+nP7B11FMp7SqwTuObI=
etag: "6894a4b17d5dccac2283432689b7c393"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X136E1BY6DR5WGRS
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 647
x-amz-cf-id: 2PNQW9yys4dehJGq1D2jMO7rcH_QZV1YjyZo7bRVit9-CbB3lFvYgw==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2

200

kakao.min.js Show response
t1.kakaocdn.net/kakao_js_sdk/v1/
Redirect Chain

https://developers.kakao.com/sdk/js/kakao.min.js
https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js

111 KB
37 KB

1093ms
122ms

Script
application/javascript

2.16.10.154
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
Protocol: H2
Server: 2.16.10.154 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a2-16-10-154.deploy.static.akamaitechnologies.com
Software: openresty /
Resource Hash: ec5291a8b9e26d79229d9522041c0b1c4b03b3025cf470025e74a52abc7e162f

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

nel: {"report_to":"kakao-nel","max_age":86400,"include_subdomains":true}
cache-control: max-age=2189
content-encoding: gzip
x-wcss: dC1jb21tb24wMS1id2NhY2hlMzA6aGl0OjA=
report-to: {"group":"kakao-nel","max_age":86400,"endpoints":[{"url":"https://nel.onkakao.net/upload/"}],"include_subdomains":true}
expires: Wed, 30 Oct 2024 09:31:51 GMT
accept-ranges: bytes
access-control-allow-origin: *
content-length: 37052
date: Wed, 30 Oct 2024 08:55:22 GMT
last-modified: Fri, 21 Jun 2024 02:17:22 GMT
content-type: application/javascript;charset=utf-8
server: openresty
vary: Accept-Encoding

Redirect headers

strict-transport-security: max-age=15724800; includeSubDomains
location: https://t1.kakaocdn.net/kakao_js_sdk/v1/kakao.min.js
content-length: 162
date: Wed, 30 Oct 2024 08:55:21 GMT
content-type: text/html

GET
H2 200 login_3.webp
test-auth.candidate.im/images/login/ 71 KB
72 KB 1057ms
1051ms Image
image/webp 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/login/login_3.webp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: acb32bc2207b804f64516d1d26d5600d3e698987bafc32a28c1b86fecaf47a4b

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

etag: "7ec492c16a21ddd08f98f083f118be80"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 72916
x-amz-cf-id: M73OcCLE79n3gaQASKsSU1a7060TEClR1a9j6ls5jj8WAZ4oWADZjQ==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/webp
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 mail.svg
test-auth.candidate.im/images/common/ 562 B
1020 B 1045ms
1040ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/common/mail.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81a50d448c7fc276e054bbee3443c2a862646d3794a0663b588151fc45c24360

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: qw8Q//iAOfPwaqpljpzHd1O5mhgRQpcAt/bLcIvjHRcFDrC4leOUE3ukjsA6uwD1MEfAbnCB0ParhjsxkAq6Xw==
etag: "16938133afea1991b2f093ee975fe297"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X1380JHB4HMYM64F
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 562
x-amz-cf-id: NrZHyU2nGBpptsr3L2yZdyYidq5hllkAFXfzN3r4UDd6_5KJT3sE1w==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 background.png
test-auth.candidate.im/images/login/ 12 KB
12 KB 1061ms
1058ms Image
image/png 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/login/background.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8490f19ff381db75863b986f9ddf57faa3de3c5cb75fe9a06ff8f5951d8bed10

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: RCIQRb3FbOLMAGDCsQOG7vHGixoUZDrGczvgNdEk60zS2lOetnITtD9lwZx6xcNVzVtieHtkNxrVdbPmi717mA==
etag: "920b4e94c66f97960352fde2c1c52671"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X130JCSJRNQ0CRV5
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 12277
x-amz-cf-id: KkM9NuDvNmWrzgDvG0ViOzQcoNEvn7Rtc4uF4EKjD9ZnA6PRFPx1Mw==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/png
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 google.svg
test-auth.candidate.im/images/login/ 2 KB
2 KB 1040ms
1037ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/login/google.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6fa6b39cdd73f7ab0570fcabd616706cb9b3856894b8ae70ccb427ccfae72ab8

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: giTaAA7Zp4Av70xmY0UZhs0wZTVnCFznWzoAJ/6DLgNZJGI6HZLXDeg5B/0k1j+ZlZLy/OoW4bvuxD5lVzzBeQ==
etag: "67df16c42bf470e5f9d2badda74cac61"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X133FWSVTXVFP9MY
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1980
x-amz-cf-id: TyQwEB7bvvRb4XLpTVVJ9QohpUNEVl1thojTPHE9l5oqozfO2vUVzw==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 naver.svg
test-auth.candidate.im/images/login/ 461 B
940 B 1062ms
1059ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/login/naver.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 63cf0c1dc0a79aafb64e2deb7be3756d0d01ca170ded50b6f0f2de5577f902ed

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: CQO+ocnIBKRlJwzhgCKgIAILUqprSbbIk5W6GFitXDY1WJb+gGWBBf3txuXmUFjSgS0QskaVJ23uIMxtOYAmd+M3Xj7UDg1lv8NgZ5piNp8=
etag: "81780dd96feafa5be228283e813aad3a"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X1307QZT5RWAFQEJ
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 461
x-amz-cf-id: Sj9d4EvYfLXKpyC2diVJjhf8v4uV_OaXCNmG9rDZaLPJDXWmhVNliA==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 kakao.svg
test-auth.candidate.im/images/login/ 1 KB
2 KB 1051ms
1048ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/login/kakao.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 058fa7a2df906c5494be2be06f49b1b7340377ab123d2fd7d42e53c943e76d1e

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: nSwSt1xqcyiRQ2c2icbEwHTJNX2Ks+RqRarD4mCVrw6zK1Wz1CT7eTA1qEVyzrqV59qoJm2my9ZX3NNActbhOsdt4x2Xc6XoeD0ZMwMJtUo=
etag: "11d4e05f22d3b3a64a644e6dfe03d093"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X1305EG38YEEKBSX
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1370
x-amz-cf-id: pqFO_xLk5yM1m4F1so7rIPggmqGkbXKINJUdme6DGuepaBHOKRvaSA==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 apple.svg
test-auth.candidate.im/images/login/ 2 KB
2 KB 1052ms
1051ms Image
image/svg+xml 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://test-auth.candidate.im/images/login/apple.svg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3cd96b0a5a77822e41fb400f0b01501118687e2cea1ef1f109aa36d1c26cdfbd

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

x-amz-id-2: XIWvmad16HAQj912iDnITBAAD250MnYr8TmLaH8VqyrDWcH/KRvrhN0l/CO8qbMTf8/GfMPf8onkqQwgQ1OTuCPnivNC5PQPl8U+gE+TQFs=
etag: "5d8e858acd8ad943198348c8eefc2f28"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X131K96GWKHXMBAZ
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1667
x-amz-cf-id: UjzymeZ2TNu9oHrbe8p0Mx9-QbMrZq6HGDPACY_kDiZbsx9tPZyKxw==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: image/svg+xml
last-modified: Tue, 22 Oct 2024 05:45:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 Pretendard-Regular.ca2c5a97ebe998670619.otf
test-auth.candidate.im/static/media/ 1 MB
1 MB 1083ms
1081ms Font
font/otf 13.35.58.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test-auth.candidate.im/static/media/Pretendard-Regular.ca2c5a97ebe998670619.otf
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/css/main.ee721b1b.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.35.58.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-35-58-49.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d47231a75cf1e27a3cd99c3836f3bd9a20e034db7ffd978ae8727ed93f6b6375

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin: https://test-auth.candidate.im
Referer: https://test-auth.candidate.im/static/css/main.ee721b1b.css

Response headers

x-amz-id-2: CFZatvxEdCOe5EYPLigRabUVDToq7P4NdCrKMqKkezKkSmWA14avIb8qUtUu2mZLI0Xl/xeBpzTZ4jh5kZrfTw==
etag: "28dbbdcaf612c8ce415780b06454d08f"
via: 1.1 a097fc75e5eca387ecd3618341d82f1a.cloudfront.net (CloudFront)
x-amz-request-id: X131MEMYVTZ9P3RZ
accept-ranges: bytes
x-cache: Miss from cloudfront
content-length: 1547936
x-amz-cf-id: iqdRIrNsZNRNyRTM3gctLxc1BNQGs7PVUxOffO_LvcESkox2Z2l1FQ==
date: Wed, 30 Oct 2024 08:55:22 GMT
content-type: font/otf
last-modified: Tue, 22 Oct 2024 05:45:25 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P10
x-amz-server-side-encryption: AES256

GET
H2 200 naveridlogin_js_sdk_2.0.2.js Show response
static.nid.naver.com/js/ 126 KB
127 KB 1433ms
334ms Script
application/javascript 223.130.195.167
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.nid.naver.com/js/naveridlogin_js_sdk_2.0.2.js
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 223.130.195.167 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: nginx /
Resource Hash: adf2b6810eb24a120a68f956f7591d8c304f64245a02db8bab65f174b7e7bb31

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

cache-control: max-age=315360000
etag: "61812606-1f8c0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 129216
date: Wed, 30 Oct 2024 08:55:21 GMT
content-type: application/javascript
last-modified: Tue, 02 Nov 2021 11:50:30 GMT
server: nginx

GET
H/1.1 200
OK appleid.auth.js Show response
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 42 KB
17 KB 424ms
130ms Script
application/javascript 184.30.208.159
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js

Requested by

Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

184.30.208.159 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-208-159.deploy.static.akamaitechnologies.com

Software

Apple /

Resource Hash

8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Cache-Control: public, max-age=86400,stale-while-revalidate=86400
Content-Encoding: gzip
ETag: W/"43171-1729816165541"
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 17356
Date: Wed, 30 Oct 2024 08:55:20 GMT
Content-Type: application/javascript;charset=UTF-8
Last-Modified: Fri, 25 Oct 2024 00:29:25 GMT
Server: Apple
Vary: accept-encoding

GET
H2 200 client Show response
accounts.google.com/gsi/ 227 KB
86 KB 686ms
62ms Script
application/javascript 142.250.153.84
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/gsi/client

Requested by

Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.153.84 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ea-in-f84.1e100.net

Software

ESF /

Resource Hash

017e351e7ed5ad7d0a677cd7cf722f8df320947505f443e5cedd5216fd6c95fc

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fO_ayXO-vkJdjtpe-70VVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

content-security-policy: require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, script-src 'report-sample' 'nonce-fO_ayXO-vkJdjtpe-70VVA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cache-control: private, max-age=1800
content-encoding: gzip
cross-origin-resource-policy: cross-origin
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
x-content-type-options: nosniff
expires: Wed, 30 Oct 2024 08:55:21 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
date: Wed, 30 Oct 2024 08:55:21 GMT
x-xss-protection: 0
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
server: ESF
x-frame-options: SAMEORIGIN

POST
H2 202 events Show response
event.hackle.io/api/v2/w/ 0
193 B 282ms
281ms XHR
application/json 3.39.135.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://event.hackle.io/api/v2/w/events
Requested by: Host: test-auth.candidate.im
URL: https://test-auth.candidate.im/static/js/main.94a05fa1.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.39.135.79 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-39-135-79.ap-northeast-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

X-HACKLE-SDK-NAME: react-sdk
X-HACKLE-SDK-KEY: V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c
X-HACKLE-SDK-TIME: 1730278520728
Referer: https://test-auth.candidate.im/
X-HACKLE-SDK-VERSION: 11.32.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://test-auth.candidate.im
content-length: 0
date: Wed, 30 Oct 2024 08:55:20 GMT
content-type: application/json
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true

GET
H2 200 button_g.PNG
static.nid.naver.com/oauth/ 5 KB
5 KB 370ms
369ms Image
image/png 223.130.195.167
NHN-AS-KR NAVER C...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.nid.naver.com/oauth/button_g.PNG?version=js-2.0.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 223.130.195.167 , Korea, Republic Of, ASN23576 (NHN-AS-KR NAVER Cloud Corp., KR),
Reverse DNS
Software: nginx /
Resource Hash: 66dfe17006198397f124d459c13c71dcfd559fc996537875fe40c61af124774a

Request headers

User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer: https://test-auth.candidate.im/

Response headers

cache-control: max-age=315360000
etag: "61812606-131c"
expires: Thu, 31 Dec 2037 23:55:55 GMT
accept-ranges: bytes
content-length: 4892
date: Wed, 30 Oct 2024 08:55:23 GMT
content-type: image/png
last-modified: Tue, 02 Nov 2021 11:50:30 GMT
server: nginx

Verdicts & Comments Add Verdict or Comment

16 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.candidate.im/	1970-01-21 10:13:58	Name: _hackle_hid Value: b252a409-e910-454d-a986-3e1da2ed946a
.candidate.im/	1970-01-21 10:13:58	Name: _hackle_did_V9y2D4VUYS4LGRGb9SJWYeuwXyRxW11c Value: b252a409-e910-454d-a986-3e1da2ed946a
.candidate.im/	1970-01-21 10:13:58	Name: _hackle_session_id_YS4LGRGb9SJWYeuwXyRxW11c Value: 1730278519131.8be8f995
.candidate.im/	1970-01-21 10:13:58	Name: _hackle_mkt_V9y2D4VU Value: %7B%7D
.candidate.im/	1970-01-21 10:13:58	Name: _hackle_last_event_ts_YS4LGRGb9SJWYeuwXyRxW11c Value: 1730278520364

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
recommendation	verbose	URL: https://test-auth.candidate.im/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o
recommendation	verbose	URL: https://test-auth.candidate.im/ Message: [DOM] Password field is not contained in a form: (More info: https://goo.gl/9p2vKq) %o

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
appleid.cdn-apple.com
client-sdk.hackle.io
developers.kakao.com
event.hackle.io
static.nid.naver.com
t1.kakaocdn.net
test-auth.candidate.im
13.35.58.49
142.250.153.84
184.30.208.159
2.16.10.154
211.249.220.43
223.130.195.167
3.39.135.79
3.39.145.173
017e351e7ed5ad7d0a677cd7cf722f8df320947505f443e5cedd5216fd6c95fc
058fa7a2df906c5494be2be06f49b1b7340377ab123d2fd7d42e53c943e76d1e
1b987075d22e62ad407853106b2ea2dc2be49e646c6bdb7eb8bdabbe0dd31149
38d8dfee21741410cb3ce1086c30239e7ebda159e05111f7fee3ea977c84f762
3baa648a8aaf41fcc236e3d880f5614882d8f3f4f1399ae40611deb115077861
3cd96b0a5a77822e41fb400f0b01501118687e2cea1ef1f109aa36d1c26cdfbd
42cb4a8e2e4f8fd59b6e2731c03e70623c814ec33efca10f9a2dfd9cbb4c4415
63cf0c1dc0a79aafb64e2deb7be3756d0d01ca170ded50b6f0f2de5577f902ed
6401c08ab4e225a86592332a7f11673a3ba37d1d028336f52e5ea850a2eeeda5
66dfe17006198397f124d459c13c71dcfd559fc996537875fe40c61af124774a
6fa6b39cdd73f7ab0570fcabd616706cb9b3856894b8ae70ccb427ccfae72ab8
81a50d448c7fc276e054bbee3443c2a862646d3794a0663b588151fc45c24360
8356948d6f3bef342ff37a4deca7f6b64b58ca0b90ca128c1929c1bb76cc7a54
8490f19ff381db75863b986f9ddf57faa3de3c5cb75fe9a06ff8f5951d8bed10
acb32bc2207b804f64516d1d26d5600d3e698987bafc32a28c1b86fecaf47a4b
adf2b6810eb24a120a68f956f7591d8c304f64245a02db8bab65f174b7e7bb31
d47231a75cf1e27a3cd99c3836f3bd9a20e034db7ffd978ae8727ed93f6b6375
d931fcd4a905cb9396abe45db6f7fce46c8defcf386f91ebf98058b430466f3e
dd41ae94621dd72c9c19c663c9d80a38ec9db339c423d3b2780c4a3e3b15e8c6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8b8abd6ae226cc98b9d8a9e96f18fc7107c580887e6cd5bf7d9c40941f009a2
e9e94f0191c394c53dd45bddf878def772e46b616c064f31189d5782cebc40cb
ec5291a8b9e26d79229d9522041c0b1c4b03b3025cf470025e74a52abc7e162f
f5bb9d2b240201d87fa62194810003a61c5e00388da15ea60fdbe38d35648566
f77d04759de5f9d0ed3447a84f0c3a5ac6e855c687281d63c631b3ac29c3ba95

test-auth.candidate.im Open in urlscan Pro 13.35.58.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

29 Requests

97 %HTTPS

0 %IPv6

7 Domains

8 Subdomains

7 IPs

3 Countries

2493 kBTransfer

2742 kBSize

5 Cookies

2 Outgoing links

Page URL History

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

test-auth.candidate.im Open in urlscan Pro
13.35.58.49 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

97 %
HTTPS

0 %
IPv6

7
Domains

8
Subdomains

7
IPs

3
Countries

2493 kB
Transfer

2742 kB
Size

5
Cookies

29 HTTP transactions
0 data transactions