urlscan.io logo urlscan.io
SecurityTrails logo

www.candidthemes.com Open in urlscan Pro
45.77.205.153  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://candidthemes.com/
Effective URL: https://www.candidthemes.com/
Submission: On July 09 via manual from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 19 IPs in 2 countries across 15 domains to perform 60 HTTP transactions. The main IP is 45.77.205.153, located in Piscataway, United States and belongs to AS-CHOOPA, US. The main domain is www.candidthemes.com.
TLS certificate: Issued by R3 on May 8th 2021. Valid for: 3 months.
This is the only time www.candidthemes.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

32    45.77.205.153 (Piscataway, United States)

ASN20473 (AS-CHOOPA, US)
PTR: 45.77.205.153.vultr.com
candidthemes.com
www.candidthemes.com
1    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2606:4700:10::ac43:14d9 (United States)

ASN13335 (CLOUDFLARENET, US)
static.zotabox.com
stats.zotabox.com
7    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
adservice.google.de
1    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    13.225.87.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-87-6.fra2.r.cloudfront.net
static.hotjar.com
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    13.224.193.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-122.fra2.r.cloudfront.net
script.hotjar.com
1    13.224.193.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-193-116.fra2.r.cloudfront.net
vars.hotjar.com
2    2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4008:80f::2003 (United States)

ASN15169 (GOOGLE, US)
csi.gstatic.com
Domain Requested by
30 www.candidthemes.com www.candidthemes.com
6 pagead2.googlesyndication.com www.candidthemes.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 www.facebook.com www.candidthemes.com
connect.facebook.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 connect.facebook.net www.candidthemes.com
connect.facebook.net
2 candidthemes.com 2 redirects
1 csi.gstatic.com pagead2.googlesyndication.com
1 www.google.com tpc.googlesyndication.com
1 stats.zotabox.com static.zotabox.com
1 vars.hotjar.com static.hotjar.com
1 script.hotjar.com static.hotjar.com
1 www.googletagservices.com pagead2.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 static.hotjar.com www.candidthemes.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.googletagmanager.com www.candidthemes.com
1 static.zotabox.com www.candidthemes.com
1 fonts.googleapis.com www.candidthemes.com
60 22
Subject Issuer Validity Valid
*.candidthemes.com
R3		 2021-05-08 -
2021-08-06		 3 months crt.sh
upload.video.google.com
GTS CA 1O1		 2021-06-22 -
2021-09-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-02 -
2022-07-01		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-05-26 -
2021-08-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.hotjar.com
Amazon		 2020-12-25 -
2022-01-23		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-06-22 -
2021-09-14		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-06-07 -
2021-08-30		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://www.candidthemes.com/
Frame ID: 74D83CCB4B8C57AEE51A7C44CAC6D2B9
Requests: 54 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Frame ID: 4A6D747006F317727CF6E268142F4466
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2647663061562394&output=html&adk=1812271804&adf=3025194257&lmt=1625800318&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.candidthemes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625821903413&bpp=3&bdt=416&idt=74&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3819475494299&rume=1&frm=20&pv=2&ga_vid=1774986560.1625821903&ga_sid=1625821904&ga_hid=707351949&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C31060972%2C31060974%2C31061746%2C31061691%2C31061693&oid=3&pvsid=508916183357853&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Frame ID: 7E22E7031699609072521C2046882CC2
Requests: 1 HTTP requests in this frame

Frame: https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Frame ID: E0E3287DD6E9A7FFD99374B89D275B4E
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 807C66A2C6990E4A074FBE8FFB80295A
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 226CC37EC082AA8CDE29035D45EEFCA6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://candidthemes.com/ HTTP 301
    https://candidthemes.com/ HTTP 301
    https://www.candidthemes.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

60
Requests

100 %
HTTPS

74 %
IPv6

15
Domains

22
Subdomains

19
IPs

2
Countries

2809 kB
Transfer

4505 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://candidthemes.com/ HTTP 301
    https://candidthemes.com/ HTTP 301
    https://www.candidthemes.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

60 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.candidthemes.com/
Redirect Chain
  • http://candidthemes.com/
  • https://candidthemes.com/
  • https://www.candidthemes.com/
46 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
d062f54bee3cec1bd024870baf884ce1d91a2946a0c814b62dd9440767beb864

Request headers

:method
GET
:authority
www.candidthemes.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Fri, 09 Jul 2021 09:11:42 GMT
content-type
text/html; charset=utf-8
content-length
8116
cache-provider
CLOUDWAYS-CACHE-DE
last-modified
Fri, 09 Jul 2021 03:11:58 GMT
vary
Accept-Encoding
content-encoding
gzip
age
14105
x-cache
HIT
accept-ranges
bytes

Redirect headers

server
nginx
date
Fri, 09 Jul 2021 09:11:42 GMT
content-type
text/html; charset=UTF-8
content-length
0
location
https://www.candidthemes.com/
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
x-redirect-by
WordPress
age
0
x-cache
MISS
style.min.css
www.candidthemes.com/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

:path
/wp-includes/css/dist/block-library/style.min.css?ver=5.6.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 09:44:47 GMT
server
nginx
etag
W/"6034ce8f-c88a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
notificationx-public.min.css
www.candidthemes.com/wp-content/plugins/notificationx/public/assets/css/ 		163 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/plugins/notificationx/public/assets/css/notificationx-public.min.css?ver=1.9.4
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
7c7eb6a51cb56e9516fe73b694eab6fc763ca8351b3fe06bba3069dbc1df0c2f

Request headers

:path
/wp-content/plugins/notificationx/public/assets/css/notificationx-public.min.css?ver=1.9.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Fri, 11 Jun 2021 15:27:57 GMT
server
nginx
etag
W/"60c380fd-28aa8"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
nxpro-public.min.css
www.candidthemes.com/wp-content/plugins/notificationx-pro/assets/css/ 		366 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/plugins/notificationx-pro/assets/css/nxpro-public.min.css?ver=1.5.2
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
dfe8399aa38aa00e46914ffbe803212690b0856f7ab2e982ed91304df72e59b4

Request headers

:path
/wp-content/plugins/notificationx-pro/assets/css/nxpro-public.min.css?ver=1.5.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:53:18 GMT
server
nginx
etag
W/"60348a3e-5b7eb"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli|Playfair+Display|Titillium+Web
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d60fcd336f64d6541539bbe8b6bb0b0fa3ba1837c72bdf19542bc0c7dc4ea0fe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 09 Jul 2021 09:11:43 GMT
server
ESF
date
Fri, 09 Jul 2021 09:11:43 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 09 Jul 2021 09:11:43 GMT
owl.carousel.min.css
www.candidthemes.com/wp-content/themes/candidthemes/assets/css/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/css/owl.carousel.min.css?ver=5.6.4
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d

Request headers

:path
/wp-content/themes/candidthemes/assets/css/owl.carousel.min.css?ver=5.6.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:53:22 GMT
server
nginx
etag
W/"60348a42-b78"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
common.css
www.candidthemes.com/wp-content/themes/candidthemes/assets/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/css/common.css?ver=5.6.4
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
3c9cc2e74e60ec893fc79aa9e10ea6765b944fb5d576c3a2e47c20a122636566

Request headers

:path
/wp-content/themes/candidthemes/assets/css/common.css?ver=5.6.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:52:15 GMT
server
nginx
etag
W/"603489ff-4eb3"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
font-awesome.min.css
www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/css/ 		28 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/css/font-awesome.min.css?ver=4.6.2
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2

Request headers

:path
/wp-content/themes/candidthemes/assets/library/font-awesome/css/font-awesome.min.css?ver=4.6.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:53:05 GMT
server
nginx
etag
W/"60348a31-7103"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
home.css
www.candidthemes.com/wp-content/themes/candidthemes/assets/css/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/css/home.css?ver=1.0.4
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
c95d9836128ca509e78519e31533de536a8b635886e62052ca597539614d5239

Request headers

:path
/wp-content/themes/candidthemes/assets/css/home.css?ver=1.0.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:52:33 GMT
server
nginx
etag
W/"60348a11-280a"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
jquery.min.js
www.candidthemes.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path
/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:54:37 GMT
server
nginx
etag
W/"60348a8d-15d98"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
jquery-migrate.min.js
www.candidthemes.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path
/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:53:15 GMT
server
nginx
etag
W/"60348a3b-2bd8"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
widgets.js
static.zotabox.com/a/8/a85664364eae8f4c19839e354c937dc5/ 		105 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.zotabox.com/a/8/a85664364eae8f4c19839e354c937dc5/widgets.js
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a3de5c2b9123fffaab3fe05a24dff5f43275e8d5afab0231c748acfde7c94790

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
last-modified
Thu, 08 Jul 2021 08:44:24 GMT
server
cloudflare
etag
W/"60e6bae8-1a555"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=3600, public, max-age=3600
z-server
mariadb
cf-ray
66c06d316eaad725-FRA
expires
Fri, 09 Jul 2021 10:11:43 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		135 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bcdbbc54d831a1dea6da078552622ce1d88d95be9aee005bb867acbce8c5e1fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48698
x-xss-protection
0
server
cafe
etag
3314606830966248185
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 09:11:43 GMT
candid-themes-logo.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/candid-themes-logo.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
c348aa5d9e6536a2295f486d6bc08f310a961a8f37ed4980ce53387f05ee69f5

Request headers

:path
/wp-content/themes/candidthemes/assets/img/candid-themes-logo.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:57:21 GMT
server
nginx
etag
"6021fa11-e56"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3670
expires
Sun, 08 Aug 2021 09:11:43 GMT
easy-setup.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/easy-setup.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
8ccddef7e8b15793a0bc196cd2a755e63d2bc6411f82747eea5730a685a37d52

Request headers

:path
/wp-content/themes/candidthemes/assets/img/easy-setup.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:57:15 GMT
server
nginx
etag
"6021fa0b-c71"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3185
expires
Sun, 08 Aug 2021 09:11:43 GMT
quick-support.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/quick-support.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
66a04a9f6f0be479e3655147be5e93b24c0c58a3ed4b7977142f2a35f9478f26

Request headers

:path
/wp-content/themes/candidthemes/assets/img/quick-support.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:55:10 GMT
server
nginx
etag
"6021f98e-c5b"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3163
expires
Sun, 08 Aug 2021 09:11:43 GMT
regular-updates.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/regular-updates.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
b5d09a71e5aa4d05b31be9bb7000aa263e1bd5f53db05f617e8e34717316ec97

Request headers

:path
/wp-content/themes/candidthemes/assets/img/regular-updates.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:55:47 GMT
server
nginx
etag
"6021f9b3-5b1"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1457
expires
Sun, 08 Aug 2021 09:11:43 GMT
responsive-designs.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/responsive-designs.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
143cadcc44859264c7b067e350f43e9aa2d61995a713bc0b674ad7587b8d910e

Request headers

:path
/wp-content/themes/candidthemes/assets/img/responsive-designs.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:57:33 GMT
server
nginx
etag
"6021fa1d-4a8"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
1192
expires
Sun, 08 Aug 2021 09:11:43 GMT
translation-ready.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/translation-ready.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
fd5b2bee944687e62254e376e235196fa01a34164e30b149bfaa2ba2e7ca5b65

Request headers

:path
/wp-content/themes/candidthemes/assets/img/translation-ready.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:55:30 GMT
server
nginx
etag
"6021f9a2-db8"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
3512
expires
Sun, 08 Aug 2021 09:11:43 GMT
seo-friendly.png
www.candidthemes.com/wp-content/themes/candidthemes/assets/img/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/img/seo-friendly.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
fafb244f6dbb728c1a072ad16b27e3fba9e0ebbe344e52b02a6b3bce075e92b6

Request headers

:path
/wp-content/themes/candidthemes/assets/img/seo-friendly.png
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:55:08 GMT
server
nginx
etag
"6021f98c-ac6"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2758
expires
Sun, 08 Aug 2021 09:11:43 GMT
candidthemeslogo-white.png
www.candidthemes.com/wp-content/uploads/2018/02/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/2018/02/candidthemeslogo-white.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
35acc6f6094233a43aad3f887a3b967140ef5218d057b1573c4796a01a572541

Request headers

:path
/wp-content/uploads/2018/02/candidthemeslogo-white.png
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:57:40 GMT
server
nginx
etag
"6021fa24-a92"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
2706
expires
Sun, 08 Aug 2021 09:11:43 GMT
js
www.googletagmanager.com/gtag/ 		91 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-115758595-1
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
67324ab9130c557888b98de00e57674d168e7fbe12acaa893a83ae445681337f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36898
x-xss-protection
0
expires
Fri, 09 Jul 2021 09:11:43 GMT
owl.carousel.js
www.candidthemes.com/wp-content/themes/candidthemes/assets/js/ 		83 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/js/owl.carousel.js?ver=1.7.0
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
84f62a9eaeb4e885739c5c33d4b5b479880f4b11bd3bfc322194fd80af4dbd64

Request headers

:path
/wp-content/themes/candidthemes/assets/js/owl.carousel.js?ver=1.7.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:53:03 GMT
server
nginx
etag
W/"60348a2f-14d78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
common.js
www.candidthemes.com/wp-content/themes/candidthemes/assets/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/js/common.js?ver=1.0.0
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
b294c79a3cfce0634c5d1f16383ec75b0a8257f31bdcbc3f35e18a8c9d40abc9

Request headers

:path
/wp-content/themes/candidthemes/assets/js/common.js?ver=1.0.0
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:52:33 GMT
server
nginx
etag
W/"60348a11-975"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
wp-embed.min.js
www.candidthemes.com/wp-includes/js/ 		1 KB
958 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-includes/js/wp-embed.min.js?ver=5.6.4
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path
/wp-includes/js/wp-embed.min.js?ver=5.6.4
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
last-modified
Tue, 23 Feb 2021 04:52:31 GMT
server
nginx
etag
W/"60348a0f-592"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
expires
Sun, 08 Aug 2021 09:11:43 GMT
fbevents.js
connect.facebook.net/en_US/ 		95 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
24676
x-xss-protection
0
pragma
public
x-fb-debug
X2RKrru+ya0GkCKjz/s9VU8Vfjh+GWgbXTZ+hS0HdBJSMPT+Fb0jHIEUQ+jTnLaSLy8V5IRZrsQ+HC5MPxzPtg==
x-fb-trip-id
917726464
x-frame-options
DENY
date
Fri, 09 Jul 2021 09:11:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
fonts.gstatic.com/s/titilliumweb/v10/ 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/titilliumweb/v10/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli|Playfair+Display|Titillium+Web
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Origin
https://www.candidthemes.com
Referer
https://fonts.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 06 Jul 2021 02:33:07 GMT
x-content-type-options
nosniff
age
283116
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12356
x-xss-protection
0
last-modified
Wed, 30 Jun 2021 00:07:27 GMT
server
sffe
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 06 Jul 2022 02:33:07 GMT
fontawesome-webfont.woff2
www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/fonts/ 		70 KB
70 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.2
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/css/font-awesome.min.css?ver=4.6.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4

Request headers

:path
/wp-content/themes/candidthemes/assets/library/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.2
pragma
no-cache
origin
https://www.candidthemes.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/css/font-awesome.min.css?ver=4.6.2
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.candidthemes.com
Referer
https://www.candidthemes.com/wp-content/themes/candidthemes/assets/library/font-awesome/css/font-awesome.min.css?ver=4.6.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:57:22 GMT
server
nginx
age
1739
etag
"11850-5bade72052880"
x-cache
HIT
accept-ranges
bytes
content-length
71760
screenshot.jpg
www.candidthemes.com/wp-content/uploads/edd/2021/06/ 		331 KB
331 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2021/06/screenshot.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
0e0bda32a6e36396542df85ecabfe86b7f89402753646e77eb3c29f477a44c63

Request headers

:path
/wp-content/uploads/edd/2021/06/screenshot.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Thu, 24 Jun 2021 03:16:37 GMT
server
nginx
etag
"60d3f915-52a8a"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
338570
expires
Sun, 08 Aug 2021 09:11:43 GMT
screenshot.png
www.candidthemes.com/wp-content/uploads/edd/2021/03/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2021/03/screenshot.png
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
0434840dd771f4bd053907fd83b13d9fd642b40d20543f69a5b49e6b8ecd266a

Request headers

:path
/wp-content/uploads/edd/2021/03/screenshot.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 16 Mar 2021 14:38:23 GMT
server
nginx
etag
"6050c2df-298d1"
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
170193
expires
Sun, 08 Aug 2021 09:11:43 GMT
engage-dark.jpg
www.candidthemes.com/wp-content/uploads/edd/2021/02/ 		262 KB
263 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2021/02/engage-dark.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
e39510a5f10a22a2cc2a488af11cf17f1abd473a7cdc553a936754e3d1329e3e

Request headers

:path
/wp-content/uploads/edd/2021/02/engage-dark.jpg
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 23 Feb 2021 04:52:15 GMT
server
nginx
etag
"603489ff-419b3"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
268723
expires
Sun, 08 Aug 2021 09:11:43 GMT
screenshot.jpg
www.candidthemes.com/wp-content/uploads/edd/2021/02/ 		283 KB
283 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2021/02/screenshot.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
0ccac9fb7822cf4bc5ef4a43788f47a77754afb209b1557ff9acb63f887ef0e1

Request headers

:path
/wp-content/uploads/edd/2021/02/screenshot.jpg
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:54:58 GMT
server
nginx
etag
"6021f982-46ad6"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
289494
expires
Sun, 08 Aug 2021 09:11:43 GMT
screenshot.jpg
www.candidthemes.com/wp-content/uploads/edd/2020/12/ 		375 KB
375 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2020/12/screenshot.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
ebea158611ef771b57020f99d5be8d90837a0009a1fd89a1f334b251f4038dd6

Request headers

:path
/wp-content/uploads/edd/2020/12/screenshot.jpg
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:56:03 GMT
server
nginx
etag
"6021f9c3-5db27"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
383783
expires
Sun, 08 Aug 2021 09:11:43 GMT
screenshot.jpg
www.candidthemes.com/wp-content/uploads/edd/2021/01/ 		279 KB
279 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2021/01/screenshot.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
9af3c405ccec0814a395036ab611b9a145239b121a39b205f267c9ed2e9c397d

Request headers

:path
/wp-content/uploads/edd/2021/01/screenshot.jpg
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:56:02 GMT
server
nginx
etag
"6021f9c2-45acd"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
285389
expires
Sun, 08 Aug 2021 09:11:43 GMT
screenshot.jpg
www.candidthemes.com/wp-content/uploads/edd/2020/11/ 		221 KB
221 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2020/11/screenshot.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
24506f2334a7b963f4fbb845cf2a03bc5315bb807046a018330ae9fb94b9d51c

Request headers

:path
/wp-content/uploads/edd/2020/11/screenshot.jpg
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:56:09 GMT
server
nginx
etag
"6021f9c9-37289"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
225929
expires
Sun, 08 Aug 2021 09:11:43 GMT
fairy-pro.jpg
www.candidthemes.com/wp-content/uploads/edd/2020/10/ 		202 KB
202 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.candidthemes.com/wp-content/uploads/edd/2020/10/fairy-pro.jpg
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.205.153 Piscataway, United States, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.205.153.vultr.com
Software
nginx /
Resource Hash
268671bd7f7ea7824441229799f0e7c947907f7bb18245f6a3978a05405afbba

Request headers

:path
/wp-content/uploads/edd/2020/10/fairy-pro.jpg
pragma
no-cache
cookie
_ga=GA1.2.1774986560.1625821903; _gid=GA1.2.93664313.1625821903; _gat_gtag_UA_115758595_1=1; _fbp=fb.1.1625821903562.1654585359; __gads=ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.candidthemes.com
referer
https://www.candidthemes.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Tue, 09 Feb 2021 02:55:24 GMT
server
nginx
etag
"6021f99c-327a0"
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
content-length
206752
expires
Sun, 08 Aug 2021 09:11:43 GMT
175997886523632
connect.facebook.net/signals/config/ 		260 KB
74 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/175997886523632?v=2.9.43&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
d092147b42b488d59a4d41b52aca824328017fd2450526f9e8d278d217718d00
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
tyCXcGIFCV8IlexWpmr767ysL0btdyjF/k24aYYo3VLnsSwVuaAX2ny8QNVoFJKf4C2z2dGYu2kaPLwQRxXqtg==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coop_report"
date
Fri, 09 Jul 2021 09:11:43 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"group":"coop_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 		240 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
91202
x-xss-protection
0
server
cafe
etag
7944902488587866712
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 09 Jul 2021 09:11:43 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/ Frame 4A6D 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20210701/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20210701/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.candidthemes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.candidthemes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 08 Jul 2021 22:29:07 GMT
expires
Thu, 22 Jul 2021 22:29:07 GMT
content-type
text/html; charset=UTF-8
etag
15579341980913220427
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4579
x-xss-protection
0
age
38556
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-115758595-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 09 Jun 2021 17:36:57 GMT
server
Golfe2
age
6358
date
Fri, 09 Jul 2021 07:25:45 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19661
expires
Fri, 09 Jul 2021 09:25:45 GMT
hotjar-1277436.js
static.hotjar.com/c/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.hotjar.com/c/hotjar-1277436.js?sv=6
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.87.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-87-6.fra2.r.cloudfront.net
Software
/
Resource Hash
cf3b12af595e5de361fb8acdbd4236c16106437f7d6b3dfbe7337b707f9b9ead
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
br
x-content-type-options
nosniff
cache-control
max-age=60
x-amz-cf-pop
FRA2-C2
etag
W/15e7a22922b32da7ff7eda8c02cb1452
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
x-cache-hit
1
content-length
1886
via
1.1 58b222ebbb6cc6c8c8c9a46127ae3a3e.cloudfront.net (CloudFront)
x-amz-cf-id
UKghwJO7CN2oLrh-Vmci_2igCdLQGU8RqNJa58QVLa-R7S0-O4Rd7A==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j91&a=707351949&t=pageview&_s=1&dl=https%3A%2F%2Fwww.candidthemes.com%2F&ul=en-us&de=UTF-8&dt=Candid%20Themes%20-%20Clean%2C%20Minimal%2C%20Free%20and%20Premium%20WordPress%20Themes&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=397068904&gjid=674448427&cid=1774986560.1625821903&tid=UA-115758595-1&_gid=93664313.1625821903&_r=1&gtm=2ou770&z=943984649
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 09:11:43 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.candidthemes.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum_fy2019.js
pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/rum_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
965c9b9debbc300ebd225ba4f19524a2f4e43753262fd3849bcf20a5b499bbe0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 08 Jul 2021 13:46:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
69921
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20029
x-xss-protection
0
server
cafe
etag
3305385289239900164
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 22 Jul 2021 13:46:22 GMT
cookie.js
partner.googleadservices.com/gampad/ 		206 B
662 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.candidthemes.com&callback=_gfp_s_&client=ca-pub-2647663061562394
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
c86bf57e6f5f44284674b96530cacbef8f47c9b48faab579dff347c9eb71e166
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
196
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
853 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.candidthemes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.candidthemes.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7E22 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2647663061562394&output=html&adk=1812271804&adf=3025194257&lmt=1625800318&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.candidthemes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625821903413&bpp=3&bdt=416&idt=74&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3819475494299&rume=1&frm=20&pv=2&ga_vid=1774986560.1625821903&ga_sid=1625821904&ga_hid=707351949&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C31060972%2C31060974%2C31061746%2C31061691%2C31061693&oid=3&pvsid=508916183357853&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-2647663061562394&output=html&adk=1812271804&adf=3025194257&lmt=1625800318&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.candidthemes.com%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1625821903413&bpp=3&bdt=416&idt=74&shv=r20210701&ptt=9&saldr=aa&abxe=1&nras=1&correlator=3819475494299&rume=1&frm=20&pv=2&ga_vid=1774986560.1625821903&ga_sid=1625821904&ga_hid=707351949&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44739548%2C31060972%2C31060974%2C31061746%2C31061691%2C31061693&oid=3&pvsid=508916183357853&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=91
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.candidthemes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.candidthemes.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 09 Jul 2021 09:11:43 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Fri, 09-Jul-2021 09:26:43 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 09 Jul 2021 09:11:43 GMT
cache-control
private
osd.js
www.googletagservices.com/activeview/js/current/ 		72 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/osd.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
content-encoding
gzip
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server
sffe
etag
"1625657948508962"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
x-content-type-options
nosniff
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27726
x-xss-protection
0
expires
Fri, 09 Jul 2021 09:11:43 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=175997886523632&ev=PageView&dl=https%3A%2F%2Fwww.candidthemes.com%2F&rl=&if=false&ts=1625821903564&sw=1600&sh=1200&v=2.9.43&r=stable&ec=0&o=30&fbp=fb.1.1625821903562.1654585359&it=1625821903400&coo=false&rqm=GET
Requested by
Host: www.candidthemes.com
URL: https://www.candidthemes.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:43 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Fri, 09 Jul 2021 09:11:43 GMT
modules.c057a0a680ba2bae7796.js
script.hotjar.com/ 		219 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.hotjar.com/modules.c057a0a680ba2bae7796.js
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1277436.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-122.fra2.r.cloudfront.net
Software
/
Resource Hash
cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 07 Jul 2021 07:18:05 GMT
content-encoding
br
x-content-type-options
nosniff
age
179618
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
59054
access-control-allow-origin
*
last-modified
Wed, 07 Jul 2021 07:17:15 GMT
etag
"c4474e0a67f74d83e41d7cfcecc9929f"
vary
Accept-Encoding
content-type
application/javascript
via
1.1 c2a926ef1bafe1ab239d4761594a8099.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
x-robots-tag
none
x-amz-cf-id
oiwmpBBQS9d3EnNvU4seDgya2nBmwZGxHcSLo26y-6xu1njDhg4e7Q==
box-25a418976ea02a6f393fbbe77cec94bb.html
vars.hotjar.com/ Frame E0E3 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://vars.hotjar.com/box-25a418976ea02a6f393fbbe77cec94bb.html
Requested by
Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1277436.js?sv=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.193.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-193-116.fra2.r.cloudfront.net
Software
/
Resource Hash
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9

Request headers

:method
GET
:authority
vars.hotjar.com
:scheme
https
:path
/box-25a418976ea02a6f393fbbe77cec94bb.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.candidthemes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.candidthemes.com/

Response headers

content-type
text/html
content-length
1044
date
Sun, 04 Jul 2021 20:03:42 GMT
accept-ranges
bytes
cache-control
max-age=31536000
content-encoding
br
etag
"76922233be8bdb14c053af468d29404a"
last-modified
Mon, 28 Jun 2021 11:17:19 GMT
x-amz-server-side-encryption
AES256
x-robots-tag
none
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 d7e55181ad8192e74c103c6003cd4d9c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
f0shxa-vU9sQCqve7qP_TFr9qGyNBxnUYKHqKpgenCCg_-fxnEhyHw==
age
392880
/
www.facebook.com/tr/ 		0
15 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
multipart/form-data; boundary=----WebKitFormBoundary8UippJo1RuhABQWl

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
server
proxygen-bolt
date
Fri, 09 Jul 2021 09:11:44 GMT
content-type
text/plain
access-control-allow-origin
https://www.candidthemes.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
content-length
0
alt-svc
h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority
u=3,i
multi
stats.zotabox.com/api/1.0/event/ 		0
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.zotabox.com/api/1.0/event/multi
Requested by
Host: static.zotabox.com
URL: https://static.zotabox.com/a/8/a85664364eae8f4c19839e354c937dc5/widgets.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:14d9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / Express
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 09 Jul 2021 09:11:44 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
x-powered-by
Express
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
access-control-allow-methods
GET,PUT,POST,DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
cf-ray
66c06d35c970d6f1-FRA
access-control-allow-headers
Content-Type
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210701&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67a0c370d13ed80d0ecf53487a8ffe65e8ac2b86898152c70c8e422ce3c5efc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 09 Jul 2021 09:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8663
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2647663061562394&plah=www.candidthemes.com&amaexp=1&bust=exp%3D31061746
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 09:11:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
expires
Fri, 09 Jul 2021 09:11:44 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 807C 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.candidthemes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.candidthemes.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
content-length
5029
date
Fri, 09 Jul 2021 07:57:11 GMT
expires
Sat, 09 Jul 2022 07:57:11 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
4473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 226C 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5db5122f7f5d8398f46ef9e931c803acc66b062fd165420ab9fc96a60b5463d8
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-iV4TMxwCic7gzEYwm48jTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.candidthemes.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.candidthemes.com/

Response headers

expires
Fri, 09 Jul 2021 09:11:44 GMT
date
Fri, 09 Jul 2021 09:11:44 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-iV4TMxwCic7gzEYwm48jTg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
513
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Rv7nlKTa26NWRBniUpDYjCI2pQiUJx6mVfJMAqoAWAE.js
pagead2.googlesyndication.com/bg/ Frame 807C 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/Rv7nlKTa26NWRBniUpDYjCI2pQiUJx6mVfJMAqoAWAE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
46fee794a4dadba3564419e25290d88c2236a50894271ea655f24c02aa005801
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 09 Jul 2021 08:49:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
1358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13317
x-xss-protection
0
last-modified
Tue, 29 Jun 2021 16:58:00 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 09 Jul 2022 08:49:06 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20210701&jk=508916183357853&bg=!zM-lz4vNAAbV4AdB1eA7ACkAdvg8WhaTBl9LqZHdMH2FTHNUU8iiVR6zzbm096SngrbJoU_jQaTJXwIAAABlUgAAAA5oAQeZAnjC9TjK89gjmkR2SpW-9D-3Zt9Ex6NpQ7qTlnxI6-KckVFC3LZjNio_nFmRNug_viC4ZzOJKAsvi9YgHY2dOrnaRW2831jEOWNb2kYiP5HHOYfGNNIHy_tr9pKJkvZwzrzXFDuyO5bnODBykY9AvUgsZ88herD31bx23FXY35v_tgE5TL9s6cM-eTPUUXq_A2XzkhknJWuTXIIOFyRBcpCOyREX_Z56KZVdQPCCvYlZWu9V2UF5RfEJWKHrl4zU2o1JG65kgMbr-Whis1PGUfeDxqsjuJXMuDvFaju9pJ0vSXNQiGUpUvnmrbAp11TzRfYcVienhOAhupenmrM6WD0DNBbclCnHMaVuW6K9MhloM_HLgVZnh7fsN6pPoJPiOmJjEQp2pzdqMT3MOudj5XAVHIOLxbeJf2rsG-ar1qoOWejsKQudMxC40GeGvivQ6EBIQmau9sBc17Po6sFRDRhBnVuFW1Ymh9_QSgneu7tx4RwiRbQM3QelaPdyj0GhpaS3MMLrv7qU5kww2OwwaDgCFmUbqn9iMQtADQHKPdT_9S6IJ2PdUkf0jWqofhjgCCoLGHmI7AoLZJACGfWmpwaVgdsyKGjaC_jSJIwRDE4qngLjmmrwi8q8ZVkH9QLVZ6wCGv321Bcoyy3vys0a7SwMkhmRBpwZ4gIt3vFjfceu3-I7xtlumDiljy-Q4gT3tYXPTsJHIjfYq8CYrmCFxZ26pMHRHju2ODcbb5H5rLVVfHrVHRrU-02WOMSNC8d96vVSNscul7iTS4dDZKdsYQa8JmSUyXawh4T6nP_CMWZe5ZcYA-gh9sTQVU5G9HDWjnw5wu7WdnwXwQ
Protocol
H3-29
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 09:11:44 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~kqw4dti0&c=508916183357853&e=44739548%2C31060972%2C31060974%2C31061746%2C31061691%2C31061693&ctx=1&met.3=779.12n_1~164.12t_1~165.12q_3~166.12i_k~326.14u_1~216.14s_3~215.14s_3~843.14r_4~161.14v_1~868.14y~889.157~639.15c~160.15c~898.15c~189.15f~112.15h_1~298.17l~155.175_n~629.1ad~143.1aj_1~143.1dc_1~129.1eq~143.1gi_1~143.1jb_1~132.1kx~129.1lo~143.1m4_1~143.1ox_1~154.1q7~113.1q9_1~143.1rq_1~129.1sm~153.1t0~132.1tv~143.1up_1~143.1xi_1~129.1zl~143.20a~143.233_1~143.25w_1~143.28o_1~143.2bh_1~143.2ea~143.2h2_1~143.2jv_1&met.7=CBsQCMABoq7MkwY~CBsQByDYBziKAcABrJiRqwI~CBsQByDYBziWAcABuJWtugs~CBsQByDZBzi2AcABj_W-HA~CBIQBxgBINkHKNkHMIAIOCdA3AdI3gdQ3gdY8Qdg4wdo8Qdw_wd44AiAAd8EiAH6GKoBJwoETXVsaQoQUGxheWZhaXIrRGlzcGxheQoNVGl0aWxsaXVtK1dlYrABAbgBA8AB1se7yAo~CBsQByDZBzjaAcABqYvUlA0~CBsQByDaBzjeAcAB8u_RyQ8~CBsQByDaBzjxAcAB1fKQeQ~CBsQByDaBzj3AcABi9zFrAk~CBsQCiDaBzirAsAB0p6Q5wY~CBsQCiDbBzi0AsABn73oiQg~CAEQChgBINsHKNsHMMwKOPECQJQKSJQKUJQKWKgKYJoKaKkKcMEKeIGBA4ABuvwCiAGetgiwAQG4AQPAAd6Ov5sB~CBsQBiDbBzi6A8ABgZSk3gM~CBsQBiDbBzi9A8AB8_711go~CBsQBiDcBzjCA8ABj87B9AU~CBsQChgBIN0HKN0HMM8KOPICwAGM1djrBA~CBsQCiDdBzi2A8ABr--ywgs~CBsQCiDdBzi2A8AB6auz1w8~CBsQCiDdBzi2A8ABvtvo-gg~CBsQCiCSCjgXwAH0sr-_BA~CBMQAhgBIJkKKJkKMLYKOB1AmgpImwpQmwpYrgpgoAporgpwtAp4sGSAAcRgiAHEYKoBEgoMdGl0aWxsaXVtd2ViEAoYArABAbgBA8ABvv6y9QE~CAMQChgBIPMKKPMKMKkLODZQ9ApYgQtg9ApogQtwngt48MgFgAHCyAWIAd-CD7ABAbgBA8AB3qnHyQw~CAwQBRgBIP4KKP4KMJgLOBtA_wpI_wpQ_wpYkgtghQtokgtwmAt4_yeAAeMjiAHCT7ABAbgBA8AB2ovWnAQ~CBsQCiCGCzghwAHZ67DzCg~CBsQDSC2CzgbwAGAkfKHCA~CBwQChgBIL8LKL8LMMYLOAhovwtwxgt42ZwBgAG9nAGIAZSXA7ABAbgBA8AB5t63_wc~CBsQAiCaCjjCAcABmKTEug0~CC8QBxgBIMgLKMgLMOwLOCRAyQtIyQtQyQtY3Qtgzgto3Qtw7At4ugSAAWSIAWuwAQG4AQPAAZv_iccH~CC8QBxgBIMgLKMgLMO0LOCVAyQtIyQtQyQtY3Atgzgto3Qtw7At41QaAAWSIAWuwAQG4AQPAAe21srAK~CBsQCiDlCjiQAcAB1OmMgQU~CCoQChgBINALKNALMPcLOCfAAab7gJMH~CBsQBiCMDDgYwAGy5M_6Cw~CAUQBRgBIM4LKM4LMM4MOIABUNALWN0LYNALaN0LcM4MeBOwAQG4AQPAAZDHsvAI~CBsQCiCWCzjNAcAB77_BwQc~CBsQChgBIMULKMULMIQNOL8BQMULSMYLUMYLWMEMYOQLaMEMcIMNeJYFgAHEAYgBzgGwAQG4AQPAAeSq4PAC~CBsQBiDSCjjHAsABs82wnQ4~CBsQBiDSCjjhAsABp_7w-QY~CBsQBiDcBzjYBcABvJbHhAo~CBsQBiDcBzjYBcABhevP9A4~CBsQBiDcBzjZBcABoJyAmwY~CBsQBiDcBzjZBcABhcOxuQs~CBsQBiDdBzi4BsABsJfUpQk~CBsQBSCYDTizAcAB8Ou7wgk~CBsQCiDlDDjtAcABwtXztAw~CBsQBiDSCjiDBMAB0tKV9wI~CBsQBiDSCjiiBMABlJTKnwo~CBsQBiDSCjjfBMAB2NOKGQ~CBsQBiDTCjiBBcAB2oje2wY~CBsQBiDTCjiKBcAB4Yqm2QU~CBsQBiDTCjiWBcABkuSYDw~~CBsQCiDbBzjZCcAB_7Hg1g8~CBsQCDi_EcABoq7MkwY~CCcQDRgBIL8RKL8RMOEROCJQvxFYzRFgwBFozRFw4RF47kOAAddDiAGEWbABAbgBA8AB8_LLrgs~CCcQChgBIOIRKOIRMIQSOCLAAeLBm9oF~CCcQBRgBIIkSKIkSMJ8SOBbAAdT_u6UH~CBsQBRgBIIoSKIoSMLASOCbAAc_G2uIB~CBwQBhgBIK0TKK0TML4TOBForhNwvhN4FLABAbgBA8ABlITitQ4~CBsQDSC8ETjhAsABl4uM9QU&met.1=1.kqw4dscj~6.n5~7.n5~8.n5~9.n5~10.n5~12.ng~13.r0~14.r1~15.r6~16.13q~17.13q~18.13r~19.1q6~20.1q6~21.1q7~22.121~23.121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210701/r20190131/rum_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4008:80f::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.candidthemes.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 09 Jul 2021 09:11:45 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated undefined| $ function| jQuery function| fbq function| _fbq object| notificationx function| gtag object| dataLayer object| google_tag_manager object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint object| google_tag_data string| GoogleAnalyticsObject function| ga object| wp function| hj object| _hjSettings object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_rum_config object| __google_ad_urls number| google_global_correlator number| __google_ad_urls_id object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken object| google_prev_clients object| google_jobrunner object| ampInaboxIframes object| ampInaboxPendingMessages boolean| google_osd_loaded boolean| google_onload_fired object| _google_rum_ns_ function| Goog_Osd_UnloadAdBlock function| Goog_Osd_UpdateElementToMeasure function| google_osd_amcb object| hjSiteSettings function| hjBootstrap object| hjBootstrapCalled object| hjLazyModules function| Zotabox_Init object| zb_admin object| __ZOTABOX__ string| __ZBDR__ object| __ZBDU__ object| __ZBDT__ function| __ZBX_RELOAD_EMBED_WIDGET string| version object| Zotabox undefined| google_rum_values object| GoogleGcLKhOms object| google_image_requests

9 Cookies

Domain/Path Name / Value
.candidthemes.com/ Name: _hjFirstSeen
Value: 1
.candidthemes.com/ Name: _hjid
Value: 311b145f-33fe-4c5e-b670-ad36ac5fd1cb
.candidthemes.com/ Name: _hjTLDTest
Value: 1
.candidthemes.com/ Name: __gads
Value: ID=1f25e49c7ebdb491-222fa1fa77c8000e:T=1625821903:RT=1625821903:S=ALNI_MaSQc4OoBa8W85UgOIqXoJimUKVGw
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.candidthemes.com/ Name: _fbp
Value: fb.1.1625821903562.1654585359
.candidthemes.com/ Name: _gat_gtag_UA_115758595_1
Value: 1
.candidthemes.com/ Name: _gid
Value: GA1.2.93664313.1625821903
.candidthemes.com/ Name: _ga
Value: GA1.2.1774986560.1625821903

1 Console Messages

Source Level URL
Text
console-api log URL: https://www.candidthemes.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2)
Message:
JQMIGRATE: Migrate is installed, version 3.3.2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
candidthemes.com
connect.facebook.net
csi.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
script.hotjar.com
static.hotjar.com
static.zotabox.com
stats.zotabox.com
tpc.googlesyndication.com
vars.hotjar.com
www.candidthemes.com
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
13.224.193.116
13.224.193.122
13.225.87.6
142.250.181.226
2606:4700:10::ac43:14d9
2607:f8b0:4008:80f::2003
2a00:1450:4001:803::2002
2a00:1450:4001:803::2003
2a00:1450:4001:808::2004
2a00:1450:4001:808::200e
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
45.77.205.153
016ab0bd0de4839680e4a717a57db9b182a8c2c5fdeec4c24db7a8df761fca4d
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0434840dd771f4bd053907fd83b13d9fd642b40d20543f69a5b49e6b8ecd266a
0ccac9fb7822cf4bc5ef4a43788f47a77754afb209b1557ff9acb63f887ef0e1
0d17b8a38d3dce6f7357bbc8da105d92c21b6cf1c4b92351ce2b1861b065f2c5
0e0bda32a6e36396542df85ecabfe86b7f89402753646e77eb3c29f477a44c63
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
143cadcc44859264c7b067e350f43e9aa2d61995a713bc0b674ad7587b8d910e
20b3bad1427e2212dd847357841f993f025b5061c4af1d382dcc727e102cc1e4
24506f2334a7b963f4fbb845cf2a03bc5315bb807046a018330ae9fb94b9d51c
268671bd7f7ea7824441229799f0e7c947907f7bb18245f6a3978a05405afbba
2932abf996373e87fbf2e950876b1962f1b57db954a1643ea68831d9fbb74da4
35acc6f6094233a43aad3f887a3b967140ef5218d057b1573c4796a01a572541
3c9cc2e74e60ec893fc79aa9e10ea6765b944fb5d576c3a2e47c20a122636566
46fee794a4dadba3564419e25290d88c2236a50894271ea655f24c02aa005801
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5db5122f7f5d8398f46ef9e931c803acc66b062fd165420ab9fc96a60b5463d8
5fa20d91c9e94f0dcd1398f5e8909706c437748ca1800616ee76deb6cefbdf03
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
66a04a9f6f0be479e3655147be5e93b24c0c58a3ed4b7977142f2a35f9478f26
67324ab9130c557888b98de00e57674d168e7fbe12acaa893a83ae445681337f
67a0c370d13ed80d0ecf53487a8ffe65e8ac2b86898152c70c8e422ce3c5efc6
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
73d6a5ea11fb7bf6e6a6ccd44b1635d52c79b0a00623d0387c9dddd4b7c68e89
7a44e0685d8929b5d4d50476273c9957c8c76f03afc424c665a4066e5bc1beb9
7c7eb6a51cb56e9516fe73b694eab6fc763ca8351b3fe06bba3069dbc1df0c2f
84f62a9eaeb4e885739c5c33d4b5b479880f4b11bd3bfc322194fd80af4dbd64
8ccddef7e8b15793a0bc196cd2a755e63d2bc6411f82747eea5730a685a37d52
965c9b9debbc300ebd225ba4f19524a2f4e43753262fd3849bcf20a5b499bbe0
9af3c405ccec0814a395036ab611b9a145239b121a39b205f267c9ed2e9c397d
a3de5c2b9123fffaab3fe05a24dff5f43275e8d5afab0231c748acfde7c94790
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
b294c79a3cfce0634c5d1f16383ec75b0a8257f31bdcbc3f35e18a8c9d40abc9
b5675b0d1ee88db374b1e60e301fda9f0c1d3585f47173468827115fc4e529c2
b5d09a71e5aa4d05b31be9bb7000aa263e1bd5f53db05f617e8e34717316ec97
bcdbbc54d831a1dea6da078552622ce1d88d95be9aee005bb867acbce8c5e1fe
c348aa5d9e6536a2295f486d6bc08f310a961a8f37ed4980ce53387f05ee69f5
c86bf57e6f5f44284674b96530cacbef8f47c9b48faab579dff347c9eb71e166
c95d9836128ca509e78519e31533de536a8b635886e62052ca597539614d5239
cb90181b6bf15f3a6ac7cdb9fe1d93556420536f54ff831ebec5a653bf0bdcfd
cf3b12af595e5de361fb8acdbd4236c16106437f7d6b3dfbe7337b707f9b9ead
d062f54bee3cec1bd024870baf884ce1d91a2946a0c814b62dd9440767beb864
d092147b42b488d59a4d41b52aca824328017fd2450526f9e8d278d217718d00
d60fcd336f64d6541539bbe8b6bb0b0fa3ba1837c72bdf19542bc0c7dc4ea0fe
dfe8399aa38aa00e46914ffbe803212690b0856f7ab2e982ed91304df72e59b4
e39510a5f10a22a2cc2a488af11cf17f1abd473a7cdc553a936754e3d1329e3e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4119835228203de3978d98f27c2d326dd14f7d0fb412f9a05f4d1589cc83111
ea666b0953da9928fad569dd20e99bc4900935a2ba63f82246e4d0c4012e1970
ebea158611ef771b57020f99d5be8d90837a0009a1fd89a1f334b251f4038dd6
fafb244f6dbb728c1a072ad16b27e3fba9e0ebbe344e52b02a6b3bce075e92b6
fd5b2bee944687e62254e376e235196fa01a34164e30b149bfaa2ba2e7ca5b65
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40