Submitted URL: http://www.newmood.ee/
Effective URL: https://newmood.ee/
Submission: On October 24 via api from US — Scanned from DE

Summary

This website contacted 47 IPs in 8 countries across 42 domains to perform 86 HTTP transactions. The main IP is 2606:4700:20::681a:bbc, located in United States and belongs to CLOUDFLARENET, US. The main domain is newmood.ee.
TLS certificate: Issued by WE1 on September 10th 2024. Valid for: 3 months.
This is the only time newmood.ee was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 21 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.85.65.89 16509 (AMAZON-02)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 172.64.146.59 13335 (CLOUDFLAR...)
1 2 142.250.184.196 15169 (GOOGLE)
2 172.217.18.2 15169 (GOOGLE)
2 157.240.253.1 32934 (FACEBOOK)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
3 172.64.151.126 13335 (CLOUDFLAR...)
1 172.64.155.219 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.181.227 15169 (GOOGLE)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 172.64.153.206 13335 (CLOUDFLAR...)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 178.250.1.9 44788 (ASN-CRITE...)
1 142.250.185.162 15169 (GOOGLE)
1 35.214.136.108 15169 (GOOGLE)
2 3 37.252.171.52 29990 (ASN-APPNEX)
1 217.182.178.234 16276 (OVH)
1 141.226.228.48 200478 (TABOOLA-AS)
1 185.255.84.153 200271 (IGUANE-)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2 54.217.253.102 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
1 52.214.176.63 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 3.70.79.22 16509 (AMAZON-02)
1 52.3.108.197 14618 (AMAZON-AES)
1 70.42.32.63 22075 (AS-OUTBRAIN)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 69.173.144.165 26667 (RUBICONPR...)
1 18.195.234.25 16509 (AMAZON-02)
1 104.75.89.75 16625 (AKAMAI-AS)
1 13.248.245.213 16509 (AMAZON-02)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.213.165.82 16625 (AKAMAI-AS)
1 99.80.210.41 16509 (AMAZON-02)
1 18.194.16.83 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (AMOBEE)
86 47
Apex Domain
Subdomains
Transfer
21 newmood.ee
www.newmood.ee
newmood.ee
528 KB
8 newmood.lt
newmood.lt
252 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
sslwidget.criteo.com — Cisco Umbrella Rank: 2477
dis.criteo.com — Cisco Umbrella Rank: 650
5 KB
4 one.store
cdn.one.store — Cisco Umbrella Rank: 71959
widget-api.one.store — Cisco Umbrella Rank: 77907
interactions.one.store — Cisco Umbrella Rank: 63796
99 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
3 KB
3 omnisnippet1.com
omnisnippet1.com — Cisco Umbrella Rank: 20124
53 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
88 B
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
318 KB
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
739 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1988
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
127 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1136
378 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2090
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3351
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 6600
235 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 64667
153 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 415
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3027
163 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 521
58 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 905
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 881
218 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 969
422 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1695
884 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 658
815 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 14280
265 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 734
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 806
343 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1888
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739
114 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
183 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
16 KB
1 soundestlink.com
forms.soundestlink.com — Cisco Umbrella Rank: 22627
511 B
1 omnisendlink.com
wt.omnisendlink.com — Cisco Umbrella Rank: 20971
535 B
1 omnisrc.com
omnisrc.com — Cisco Umbrella Rank: 190206
15 KB
1 searchnode.io
inte.searchnode.io — Cisco Umbrella Rank: 594428
93 KB
86 42
Domain Requested by
20 newmood.ee newmood.ee
8 newmood.lt newmood.ee
3 ib.adnxs.com 2 redirects
3 omnisnippet1.com omnisrc.com
3 www.googletagmanager.com newmood.ee
www.googletagmanager.com
www.google-analytics.com
2 sync.1rx.io 2 redirects
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 www.facebook.com newmood.ee
2 www.google.de newmood.ee
2 td.doubleclick.net www.googletagmanager.com
2 cdn.one.store www.googletagmanager.com
cdn.one.store
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 googleads.g.doubleclick.net newmood.ee
www.googletagmanager.com
2 www.google.com 1 redirects newmood.ee
2 www.google-analytics.com newmood.ee
www.google-analytics.com
1 interactions.one.store cdn.one.store
1 sync.targeting.unrulymedia.com
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 contextual.media.net
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 dis.criteo.com
1 x.bidswitch.net
1 cm.g.doubleclick.net
1 sslwidget.criteo.com static.criteo.net
1 static.criteo.net www.googletagmanager.com
1 forms.soundestlink.com omnisnippet1.com
1 widget-api.one.store omnisnippet1.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 wt.omnisendlink.com omnisrc.com
1 omnisrc.com newmood.ee
1 inte.searchnode.io newmood.ee
1 www.newmood.ee 1 redirects
86 51

This site contains links to these domains. Also see Links.

Domain
membershop.ee
www.instagram.com
www.facebook.com
itunes.apple.com
play.google.com
Subject Issuer Validity Valid
newmood.ee
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
*.searchnode.io
Amazon RSA 2048 M02
2024-02-23 -
2025-03-23
a year crt.sh
newmood.lt
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
omnisrc.com
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-03 -
2024-11-01
3 months crt.sh
one.store
WE1
2024-10-02 -
2025-01-01
3 months crt.sh
omnisnippet1.com
WE1
2024-10-20 -
2025-01-18
3 months crt.sh
omnisendlink.com
WE1
2024-09-07 -
2024-12-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.de
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
forms.soundestlink.com
E6
2024-09-05 -
2024-12-04
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-21
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-23 -
2024-12-21
3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M02
2024-04-28 -
2025-05-27
a year crt.sh
itm.ivitrack.com
R10
2024-10-09 -
2025-01-07
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-21 -
2024-12-21
a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02
2024-05-06 -
2025-06-04
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02
2024-09-25 -
2025-10-23
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2024-07-31 -
2024-11-27
4 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
*.sharethrough.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-15 -
2025-08-15
a year crt.sh
teads.tv
R10
2024-09-02 -
2024-12-01
3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-07 -
2025-01-06
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-08 -
2025-08-10
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M03
2024-03-04 -
2025-04-03
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M03
2024-04-02 -
2025-05-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh

This page contains 5 frames:

Primary Page: https://newmood.ee/
Frame ID: A21F3EA7E2454E0804AA6C9DD6B01E92
Requests: 57 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/765879031?random=1729800628184&cv=11&fst=1729800628184&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0z872649232za201zb72649232&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.ee%2F&hn=www.googleadservices.com&frm=0&tiba=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&npa=0&pscdl=noapi&auid=1054538940.1729800628&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: 23A24ACE4117F996350BE873690B11D8
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-YYPGFKPRQJ&gacid=1101603994.1729800628&gtm=45je4al0v9139042477z872649232za200&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101686685~101794737~101823847&z=865949782
Frame ID: 627B14372C01C6FF7F7E54E118E0A53B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=newmood.ee&origin=onetag
Frame ID: ACBB79D6381DEB7EC25201B18C47FE4A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wF_RHwaETD6A5gavvGs6GSrpzqhkCtF1wmZeCg&google_cm&google_hm=ay13Rl9SSHdhRVRENkE1Z2F2dkdzNkdTcnB6cWhrQ3RGMXdtWmVDZw
Frame ID: 10BC3F1CC0860EA4810CD9F6E5E5475F
Requests: 26 HTTP requests in this frame

Screenshot

Page Title

Rõivad ja jalatsid meestele ning naistele | Newmood

Page URL History Show full URLs

  1. http://www.newmood.ee/ HTTP 307
    https://www.newmood.ee/ HTTP 301
    https://newmood.ee/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • omnisrc\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

86
Requests

94 %
HTTPS

26 %
IPv6

42
Domains

51
Subdomains

47
IPs

8
Countries

1487 kB
Transfer

4480 kB
Size

40
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.newmood.ee/ HTTP 307
    https://www.newmood.ee/ HTTP 301
    https://newmood.ee/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823847&rnd=320175281.1729800628&url=https%3A%2F%2Fnewmood.ee%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71P8ZMFGv72649232za200&auid=1054538940.1729800628 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823847&rnd=320175281.1729800628&url=https%3A%2F%2Fnewmood.ee%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71P8ZMFGv72649232za200&auid=1054538940.1729800628
Request Chain 60
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7619923182071115269
Request Chain 64
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0pAOOgaETD6A5gavvGs6GSrpzqiGnyjE9vpD5g HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0pAOOgaETD6A5gavvGs6GSrpzqiGnyjE9vpD5g&C=1
Request Chain 65
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=G0d6wIQGTlIUoL9GtrhnR1-GVVOUtQUL HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=G0d6wIQGTlIUoL9GtrhnR1-GVVOUtQUL
Request Chain 82
  • https://sync.1rx.io/usersync/criteodsp/k-H36_igaETD6A5gavvGs6GSrpzqh0wtINSeQglw HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-H36_igaETD6A5gavvGs6GSrpzqh0wtINSeQglw?zcc=1&cb=1729800629495 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003

86 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newmood.ee/
Redirect Chain
  • http://www.newmood.ee/
  • https://www.newmood.ee/
  • https://newmood.ee/
232 KB
23 KB
Document
General
Full URL
https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b04f7eb3b5d01eaafb43a6bc0bf5bb37ab3bcaf2bd7a8624443faaeede6c4f53

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate no-cache
cf-cache-status
DYNAMIC
cf-ray
8d7c9c3f4ac219b1-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 20:10:27 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QWcIhwZbqGTJ4FU%2BTH5ch65SHsXl686ku%2FIGu3OdZjSok6eF1GGm6Nc2m3yS7PUJTPj4WmjlG6q%2Fyt7ci52k%2Bf2R8KFdgx5kgH1dgHnazTxyQEs0GR3c%2BCBu2XItKUfbMurUCdgvd5Y%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8d7c9c3ea9de19b1-FRA
content-type
text/html
date
Thu, 24 Oct 2024 20:10:27 GMT
location
https://newmood.ee/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WuYnaSeCkaCrIO2W7YmGMuJXsfUGoqIJE6n%2BQbKSk7iGWqSS2V72SRflJe3zmnVY6Nom%2F1oCAnD0hBxVMkYfyE1xgRFdfP39kR20%2FdwC57We6LnGO0arWMaqYIai0Nx7yS%2FH1fv5VvJxfnsK"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.min-cb8715bad9.css
newmood.ee/build/assets/css/
485 KB
82 KB
Stylesheet
General
Full URL
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a09bfb3ab823e17cbe5d4e840bb4dd9e18d9a0cf14482d4d6836a4b34d6bd81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6572d24b-9795f"
age
873106
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7og7Rw%2FJa41G%2FzBvchzG%2B%2BqpiddFaht8UL2pSwouaUnPF3%2B0ESaP4WFGlHRfk9rwsEWgrq7ZpObGYM7ht8abwX3KnV0ah7qY1nqusAZB7Sbfi9kBhX90Ne7OcEkWwXEAArA41MAQ1Yc%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 17:38:41 GMT
cf-polished
origSize=620895
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
text/css
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c427e9f19b1-FRA
server
cloudflare
searchnode.prod.js
inte.searchnode.io/newmood/
335 KB
93 KB
Script
General
Full URL
https://inte.searchnode.io/newmood/searchnode.prod.js
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-89.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68f8aa81d4ac9a6171abc8377835ea77a03ff7264822921e9f6255d206ad8d11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
I371EXsbaIH4MvRYXquFLatDVfwZZwy5
etag
W/"b17e6ddb7c48e1129348bb091df055c7"
age
44008
via
1.1 72e7358c1b788ea69a1649b717511b9a.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
B6sYN94cbs3Dj9ZsXfzeNg1Dse_2CIY5ug9cj-KL3hovnvev5nWQ3w==
date
Thu, 24 Oct 2024 07:57:00 GMT
content-type
application/javascript
last-modified
Mon, 03 Jul 2023 14:55:40 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
vary
Accept-Encoding
logo.png
newmood.ee/images/
2 KB
2 KB
Image
General
Full URL
https://newmood.ee/images/logo.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef95f8ff44ba264df419900cf47cd3fefe93bc608943756f1c3ce31ed862fc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-722"
age
88835
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=htQhRmEW3xQe2u8CWWI2j%2BAnr0kk6Q3qe2WqBOmD%2BELy8qQQPpKuBSzjzAi%2FQ3P5zHJ6Uq42yDasYes1P4AuK6y2F3neOniHIbRWzuqCQOzOopvju%2BBvKI0R6dAVUOp0hZMRHdWVV%2BI%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 19:29:52 GMT
cf-polished
origFmt=png, origSize=1826
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="logo.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c427ea019b1-FRA
accept-ranges
bytes
content-length
1618
server
cloudflare
delivery.png
newmood.lt/attachments/webimages/
542 B
1 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/delivery.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc767e18f724d22bc90c9c2e23adaa6d3f2fc5f4b6d5c50e46152e7af85a925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c7f-3f9"
age
90968
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GS0uE6ZVsupWruiRRd2bENGrYuMXQ5FTqxTIDHJI2x8qylkR7wAWbZ7WytZtM9cPf3tmp%2BM6FRr%2F1a4%2BVVXP1%2Bn%2Bm1OSOKYkZTJ9xjaah%2FE%2BMADz7qHJhuMsrO2yO4KvCRPFL%2B%2FkEOY%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 18:54:19 GMT
cf-polished
origFmt=png, origSize=1017
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="delivery.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:31:59 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42d899dbb7-FRA
accept-ranges
bytes
content-length
542
server
cloudflare
return.png
newmood.lt/attachments/webimages/
658 B
1020 B
Image
General
Full URL
https://newmood.lt/attachments/webimages/return.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
925f41a6f97fe3ba71210ccaea864477cec3bcd2ff6fd589b3cc414ff3ed4497

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"59803c84-292"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tRWWty3imQTo8KzaVnjAUTOaoXamjCyCb8lvULFlIExgvEk8EivZ7cwgYfvIFqAIncL9LIIK9i61010l%2FvdtD07zQ61bRQoxdC%2BqVYcOB6kfq7IEJvVTf6rpotBLxY34Kcaw9nUyAJg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c42d89fdbb7-FRA
expires
Fri, 24 Oct 2025 20:10:27 GMT
accept-ranges
bytes
content-length
658
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/png
last-modified
Tue, 01 Aug 2017 08:32:04 GMT
vary
Accept-Encoding
server
cloudflare
payment.png
newmood.lt/attachments/webimages/
720 B
1 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/payment.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91f4e8727384cc1a66aac67966f3a94dd8535ec0282bfa9e7a78e8bae571bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c89-41c"
age
779765
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=DspoCvDsKNgJtEI33V0Z3ksTo%2BOzQw4N0Wq4wDxLW4PV1qoCwlzyRDVhx9jgk6f0qwSD1bkNFqRu59es7sq3UmE5n%2Fadh1KZTlbAASsP1u0Tqdg8uKCZ3pVChbMOMHsFXfjtZ42ESqk%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Oct 2025 19:34:22 GMT
cf-polished
origFmt=png, origSize=1052
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="payment.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:32:09 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42e8fedbb7-FRA
accept-ranges
bytes
content-length
720
server
cloudflare
help.png
newmood.lt/attachments/webimages/
424 B
816 B
Image
General
Full URL
https://newmood.lt/attachments/webimages/help.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dea07e833cd8156e06c71844a25384ae17939371aed37b5f913af12607cbba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c8e-339"
age
863994
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=f6T9KgFoa%2BumKbPc3%2F4qFEnkMslHcRCd60FHTiGWtEK4%2FzWFAROsn2eQJHnckzpH9mdhredRJvMHF8YYfl8I3snjGK7%2BOHCRcPS8LADDg9bchduok44oh4lir4AEdvuofu0Plp9TJKo%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 20:10:33 GMT
cf-polished
origFmt=png, origSize=825
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="help.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:32:14 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42f900dbb7-FRA
accept-ranges
bytes
content-length
424
server
cloudflare
app_ee.png
newmood.ee/images/app/
1 KB
2 KB
Image
General
Full URL
https://newmood.ee/images/app/app_ee.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d7c6aca3c8723bbecaab1a623d230ac9ad930bea0499ea6fa798b9128c0e937c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-d61"
age
86840
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nQUEjJUuNfILmQYASKr4BV9duPZXhayGjipQjx9tAy%2FA5Uq%2B2xtxF%2FJjY0Qa5ifE%2FeurVIh9XGaxZvGJ6UgaLQKsqnuJz6E%2FtY8V81dBQNVBcCfnJQknbrDJ8qpucDSaNUnfOOr5N80%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 20:03:07 GMT
cf-polished
origFmt=png, origSize=3425
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="app_ee.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42ff2919b1-FRA
accept-ranges
bytes
content-length
1182
server
cloudflare
google_ee.png
newmood.ee/images/app/
2 KB
2 KB
Image
General
Full URL
https://newmood.ee/images/app/google_ee.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64a81912c7bf6b6c0a301111626659c98d1060c6989ef11a71bbb9ad8e760001

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-1071"
age
870749
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BWW2CieLX%2Fu7aLtbb00GaFJcTxQR6M5n%2BmZK6ISU1a%2BCPt1M4SLyIMuRMx6alKlGeWapV8Q%2BtQsYpMN69ZCTbCjO8gm1gVHoVus2Ww0lzJ1o4cJ9wWTa80XUoclWFg6g1W0M1Jevr84%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 18:17:58 GMT
cf-polished
origFmt=png, origSize=4209
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="google_ee.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42ff2c19b1-FRA
accept-ranges
bytes
content-length
1992
server
cloudflare
bankai_ee.png
newmood.lt/attachments/webimages/bankai/
9 KB
9 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/bankai/bankai_ee.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1f78a02b3a937670b54811b52fa039a6b3fc4e549ec47065f6807f4a099252f7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"5cbec58e-3b5c"
age
873104
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=MRzUUZBA2hBl3j0cxtYCAv03Rq2nmtQZP%2FhuSANkupjsQ9MhOxHuOr%2FqfMXekSHw2esp6OogGAG72lnLHK6Xcoo7oO0Mq76k4F5wWwEzWX5M%2FIUNbzElfVkbzhPvxuSrhM47XOz%2BD80%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 17:38:42 GMT
cf-polished
origFmt=png, origSize=15196
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="bankai_ee.webp"
vary
Accept
last-modified
Tue, 23 Apr 2019 07:58:06 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42f902dbb7-FRA
accept-ranges
bytes
content-length
9128
server
cloudflare
email-decode.min.js
newmood.ee/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://newmood.ee/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6712b248-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lAwH%2B314%2FtzqR3%2BVpt0YyVTE4mRzXskVN2SH8NIyYnaTbhx3ez%2FPQOlEVyqaJ%2FZ1DHnznRnBfwMynz%2F%2BPo24MlR52n28yL0M7nwr2DpRN3vDE4SjvCz%2FIoKBfosMNcAilvy3%2B8BuMR0%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d7c9c42ff2019b1-FRA
expires
Sat, 26 Oct 2024 20:10:27 GMT
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 19:08:56 GMT
server
cloudflare
vary
Accept-Encoding
app.min-d5fccbb760.js
newmood.ee/build/assets/js/
995 KB
253 KB
Script
General
Full URL
https://newmood.ee/build/assets/js/app.min-d5fccbb760.js
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b81d22011e583ece60a62c079f45165774774e9fedbe253d0c1502d6edff8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6572d24b-1f6eba"
age
873707
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=m3uJuNU1Ia6SZz3p7rqx%2BNXJg8ywWiN8qQn1a9ceWZqtoeh2y64SyWeFKsbeP0YbGqOCcIO8pPNwzQ5I2G2Ni0es7ZMPWNUnM9KX1nM6IyE0rAA5X3AOF7OKmh9y1QMTXnEKZuFNfqw%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 17:28:40 GMT
cf-polished
origSize=2059962
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/javascript
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42ff2619b1-FRA
server
cloudflare
icon-close.png
newmood.ee/images/
304 B
682 B
Image
General
Full URL
https://newmood.ee/images/icon-close.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c49570a5d4c22053ef9439b1b9c644a68a5763788ca0acbc559e8f35f3dddc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-51f"
age
782724
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WMfqECMOUnVIvSWczv%2Fi890OaKvSDuVFLy%2BHrDmEytDbe8iu5ROl4zhDcUt3QkrGdl1EoO1%2Frt7kHKomJ%2BEM2vg0eFUo4RDKKzJo9UH2T%2BDqbfdGgRQ4%2FdfJOSy2rG6Zaw7ge%2FDrlUs%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Oct 2025 18:45:03 GMT
cf-polished
origFmt=png, origSize=1311
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="icon-close.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c42ff2f19b1-FRA
accept-ranges
bytes
content-length
304
server
cloudflare
foto.svg
newmood.ee/loaders/
704 B
650 B
Image
General
Full URL
https://newmood.ee/loaders/foto.svg
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffd99fd05bf0a858096ff9e4fdc6c8e891b08b8e871a25bd74d59513f0c3f19d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"6572d24b-2c0"
age
4887
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aLTv3Ac3KZsGHCxCGmMejUbq%2Fk0fvWnrndqgJXfI8mvPtHgkonvkJL8lotqgbj6uk2VXqxiexvhsXk2a4QdmRnim8voUIQPtPC3rw02NfTQQbG9ANrSEkElIXMjuOOXvaf6IQ31ZC9k%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c42ff3219b1-FRA
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
gzip
age
2418
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 21:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
gtm.js
www.googletagmanager.com/
366 KB
119 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P8ZMFG
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5d6e10ab81c89a7f4994628f285ca24bf1bfe2e3570ae35c0e0dc1d31c9ea9bb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 24 Oct 2024 20:10:27 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 19:36:31 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
121067
x-xss-protection
0
server
Google Tag Manager
shopping_bag_icon.png
newmood.ee/images/
142 B
520 B
Image
General
Full URL
https://newmood.ee/images/shopping_bag_icon.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989ef18992af6107d85e757db607f221eec91ac347bb71bf4da1375ef8825e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-422"
age
667329
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gyU3Xm4Y36Pa30tedJQH45JQvPJ85YaTzU73k52nVP%2Bgh8WFRVmHVPGqm3thVYCIln59vzNCA%2FZRXy5zKGeVCjaKRYKgufW0hyqCzeG2yeigWn7tO0uXT1VPzmofNhB%2Bj6obAPL%2FVgc%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 17 Oct 2025 02:48:18 GMT
cf-polished
origFmt=png, origSize=1058
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="shopping_bag_icon.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c43b81619b1-FRA
accept-ranges
bytes
content-length
142
server
cloudflare
women_ee_570x500.jpg
newmood.lt/attachments/webimages/index/
47 KB
48 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/index/women_ee_570x500.jpg
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffe107dae0407915fd44accf3eb299778e64f274a13cbb72d6f23fa4a78afce0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6099211a-c5ae"
age
674977
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EwADIbWejAA%2FFDhzE3ngtTt5cfoxKw5NFKu87O3y7zMyPiMehL29NzPRDz8kE6a8%2FOHW0lBjgPRj4bVFUCQjWMzBCHTwIUxwF1bkWKHkLn7lf3qFxDEav8iZeMsv2iDyjVukT8ljbGI%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 17 Oct 2025 00:40:50 GMT
cf-polished
origSize=50606
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 12:03:38 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c43cb87dbb7-FRA
accept-ranges
bytes
content-length
48551
server
cloudflare
men_ee_570x500.jpg
newmood.lt/attachments/webimages/index/
54 KB
55 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/index/men_ee_570x500.jpg
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
84ee5a77fa810f2ec48d77123b91b7f4911de6e872383b9e7716df7247590cd5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6099220b-e5b4"
age
674977
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8lWLbOKHzp%2Fvje%2BeXyYrSFbXDxHZs4%2Fmkl9kGWiMlAKUIGwTO8H%2BLZcaAqM2%2BjK4fKgqiJcNuN8twsaVyY4ZD%2FDL4MJL6K7%2F2bVga2MqConcxIpCmhm5p5WkPxqBDoj%2FKBYqn%2FFGtv4%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 17 Oct 2025 00:40:50 GMT
cf-polished
origSize=58804
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 12:07:39 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c43cb8adbb7-FRA
accept-ranges
bytes
content-length
55607
server
cloudflare
kids_ee_1140x500.jpg
newmood.lt/attachments/webimages/index/
135 KB
136 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/index/kids_ee_1140x500.jpg?1598617742
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:719 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e487884f82441d3df75092e44700ea200f699c1fbeb940b51f7306284d80fe8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-bgj
imgq:100,h2pri
etag
"60992003-2383f"
age
674977
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SJBvaP0PbVniosEEINdm5WIrNR5eEXs3jgNQuJ0UQn%2Bb2E4E19N52tqjKFhi0N8uyJxEXggYn1hILusYZULNWIiLr6jI2ihU9uXJXE6d%2FHrgDoLvPM3EPVKUIQ69tdv0QeWKIkpxuqw%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 17 Oct 2025 00:40:50 GMT
cf-polished
origSize=145471
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 11:58:59 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c43cb8bdbb7-FRA
accept-ranges
bytes
content-length
138472
server
cloudflare
instagram.png
newmood.ee/images/
2 KB
2 KB
Image
General
Full URL
https://newmood.ee/images/instagram.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6bab0a9a4cc327ad105edf9fd0d4ea45ad89a9baa30e18aeaf8c5081adc1df2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-804"
age
4886
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NJfLs1yZ4s0kNMWJmuoWLYxEzSLKfN7OC7xPdS7F%2F0dEqU1rdhb%2Bv%2BETGg14qTRNhRV27TGshXHnXVLPhZICAQaP5Ki9%2BS4Dv5qMAnqJdagOf3HhaE1bNEgPslkOplE0n3y9YAdhvQU%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Oct 2025 18:49:01 GMT
cf-polished
origFmt=png, origSize=2052
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="instagram.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c43c82a19b1-FRA
accept-ranges
bytes
content-length
1722
server
cloudflare
facebook.png
newmood.ee/images/
462 B
920 B
Image
General
Full URL
https://newmood.ee/images/facebook.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5667f1598f8a0831d6abc6d7f58b7e185857e6c47876015eddd4129901fdb297

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-3d8"
age
224145
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fc180eFXnbiiMMj4KfzismeSEqfOk%2FM7ALssv4x0K3nlSdx8aeeYXgyPm97AqAw8k%2B3VD3QfqumVdZ7H3kaeXx6voagFd%2BJPq2AFf%2FRHE31U4MlxwnhHhJk7RAGW%2BQJ3geIrFNwK7Lo%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 22 Oct 2025 05:54:42 GMT
cf-polished
origFmt=png, origSize=984
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="facebook.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c43c82d19b1-FRA
accept-ranges
bytes
content-length
462
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
newmood.ee/fonts/roboto/
16 KB
16 KB
Font
General
Full URL
https://newmood.ee/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.ee
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"6572d24b-3e30"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W13DVZVbx%2FORvTXoIi8pLIBhg4gV%2BBvAZriGByI6%2B9Udl0ddOLbWhHJBRTI2v6Cz835Bt57OrclzCU5viQ3jLThEMaV7SECQIpsSffgd%2F3FZSVyV75FDs8FEsemqHWPvpSDxGIsRgyg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c43f85d19b1-FRA
accept-ranges
bytes
content-length
15920
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
fontawesome-webfont.woff2
newmood.ee/fonts/
75 KB
76 KB
Font
General
Full URL
https://newmood.ee/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.ee
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-12d68"
age
4886
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=1AMsUaI0llIqBkOZEoIk1VnYNcC3A7s%2BSi7QxBntwk0cnPMw22X5HmoJ6Tc5BhP3E2yWyuy05fULXqHhyJ3bdZ8qghhQ1y6m6Qm2EhZ8d2F%2BkZU5EJqdl21DLcecbv6IPbLr%2FmDI4sU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c43f85f19b1-FRA
accept-ranges
bytes
content-length
77160
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
newmood.ee/fonts/roboto/
15 KB
16 KB
Font
General
Full URL
https://newmood.ee/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.ee
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3dd4"
age
4886
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WsuA495OIOYQJkuvpP3JajfgZZt12rR8LSG%2Frgxgww5CMv9c0vnu5iob76SQEa1EzwgN6mCAJCkEFRuKqjNkCH%2Bq9GkpOK%2BfEc%2BFXe08kndUpX02QkN4mQpOmcj%2FOIImLU30N5PMbJ4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c43f86119b1-FRA
accept-ranges
bytes
content-length
15828
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
newmood.ee/fonts/roboto/
15 KB
16 KB
Font
General
Full URL
https://newmood.ee/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.ee
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3d48"
age
4886
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4z90yN7NoRueY6VgEuKXe7BMJU68Qre2%2Fw%2BgMfDOJNnAMriBhaq1Jf1aTX2PavFLSPR76dIEstGPDWpjX08Y9%2Fe0M3AP%2B%2BhKx5Dlwn3mMgwLxtHQp7ubGAmhvpsJhm8CnsDLBrFgtkc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c43f86419b1-FRA
accept-ranges
bytes
content-length
15688
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOkCnqEu92Fr1Mu51xIIzI.woff2
newmood.ee/fonts/roboto/
17 KB
17 KB
Font
General
Full URL
https://newmood.ee/fonts/roboto/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.ee
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-4398"
age
4886
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zuEuDQch4E05HZNAHT9lqMwvTzXHKeTA%2Fk7pX7r%2BYQGKEQOaGYsW1V3xUUQaRJ9foQVuHtLo32SM6KYkiapgzo0nkOOWcPNLjtPht%2Fh%2B7D6%2Fu8UMyis5UUBnH1KBoAr8drN2fKTd%2B%2Bc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c43f86519b1-FRA
accept-ranges
bytes
content-length
17304
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
newmood.ee/fonts/roboto/
15 KB
16 KB
Font
General
Full URL
https://newmood.ee/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.ee
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3d74"
age
4886
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tSDi0EA4EhAZoUlTQaNnbp%2FDFs4n4Gzx%2B%2BOXbO8rVO0X%2FUYoAIhn%2Flwf2RYgkvQinRh7eHc%2Bu7N0ECZoyPgOWE7Vvu1MrhYrsnwxIvvuBNReMuYcD%2BZuP8A0Dzf%2BvJ1kPH%2F8ZOciRys%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c43f86619b1-FRA
accept-ranges
bytes
content-length
15732
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
collect
www.google-analytics.com/j/
15 B
430 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=1810808966&t=pageview&_s=1&dl=https%3A%2F%2Fnewmood.ee%2F&ul=de-de&de=UTF-8&dt=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=234842656&gjid=2061803065&cid=1101603994.1729800628&tid=UA-84842780-1&_gid=1769425417.1729800628&_r=1&_slc=1&cd2=web&z=1205087512
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
3758cbbc7a845604e66798198f3129815bdbcf16dd9de3110c626747f47a17a0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://newmood.ee/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 20:10:27 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://newmood.ee
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
15
server
Golfe2
launcher-v2.js
omnisrc.com/inshop/
52 KB
15 KB
Script
General
Full URL
https://omnisrc.com/inshop/launcher-v2.js
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.59 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426bc444d61f75bbb0428be6bd6dfab3a9b8c0a9ea5e9c140e593f5abb70ffa5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67174c98-d13a"
age
655
expires
Thu, 24 Oct 2024 20:59:32 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 06:56:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=3600
x-envoy-upstream-service-time
1
via
1.1 google
cf-ray
8d7c9c44cc0a9268-FRA
server
cloudflare
icon-upload.png
newmood.ee/images/
246 B
707 B
Image
General
Full URL
https://newmood.ee/images/icon-upload.png
Requested by
Host: newmood.ee
URL: https://newmood.ee/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81603a4323d4bb58b2698b0676baa85142dcf59c3872c8462fd2d495b74d7bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-556"
age
12699
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LwXY03qBrY3QD9tnG9XXG3JtwTxPs7LRyVMC3fUIBnS0Fpl1dxmmK6LFo%2BmFSeBwa3clZLGrFBLmyCjYM78BYYk8tDN3h6fnutfH0xED3o6K8%2B%2B5WkZ6E6kn5OkKgfrtQuUo0ymwgX8%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Oct 2025 16:38:47 GMT
cf-polished
origFmt=png, origSize=1366
date
Thu, 24 Oct 2024 20:10:27 GMT
content-type
image/webp
content-disposition
inline; filename="icon-upload.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c9c44890c19b1-FRA
accept-ranges
bytes
content-length
246
server
cloudflare
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823847&rnd=320175281.1729800628&url=https%3A%2F%2Fnewmood.ee%2F&dma_cps=syphamo&dma=1&npa=0&...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823847&rnd=320175281.1729800628&url=https%3A%2F%2Fnewmood.ee%2F&dma_cps=syphamo...
42 B
65 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823847&rnd=320175281.1729800628&url=https%3A%2F%2Fnewmood.ee%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71P8ZMFGv72649232za200&auid=1054538940.1729800628
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H3
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 20:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823847&rnd=320175281.1729800628&url=https%3A%2F%2Fnewmood.ee%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71P8ZMFGv72649232za200&auid=1054538940.1729800628
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 20:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
destination
www.googletagmanager.com/gtag/
276 KB
96 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-765879031&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8ZMFG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
2ba4f35023babf03e06c9733cbf4ca43ec562aa2cd3887965dbfb005e3931f35
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Thu, 24 Oct 2024 20:10:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 19:36:31 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
97738
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
229 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8ZMFG
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
f5e35a9ad3958ca5395c3496fe29b2a933f541a33741df1e37b084d7df8bcb39
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=12, rtx=0, c=23, mss=1232, tbw=4512, tp=11, tpl=0, uplat=1, ullat=-1
pragma
public
x-fb-debug
lyoV20zSQoR8fJqpjeBw06bPpVgeyWnHRKk9+zYawA1Ttkvw/qt2HDLUYcSS7Cplw6L+83OILemNOJa77pt7jQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59697
x-xss-protection
0
origin-agent-cluster
?1
jcr-widget.js
cdn.one.store/javascript/dist/1.0/
33 KB
12 KB
Script
General
Full URL
https://cdn.one.store/javascript/dist/1.0/jcr-widget.js?account_id=F6EZvp6S9pWEV4qSAMocwVhhZcl2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8ZMFG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7337a5e1cc81f563252d146272f6fa8753bd5388feb432275693ba052058b2b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=STv63w==, md5=neYTGBxHGiX2roOPPaPcDw==
cf-cache-status
HIT
etag
W/"9de613181c471a25f6ae838f3da3dc0f"
age
2078
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kvD3sz3sgOHMLIMKjdNqL88YZabuitmpl1rWQ9dShzOXeehbytI27EHxaoco%2FYf%2BnMtJQTI7ipOAFyizZCXBANm9VissGsjG%2F0gYtEbJE2fpQ9CEKbne2AwBeD7ikv5VQMSEzj2u%2FyrSIYE%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 24 Oct 2024 19:39:05 GMT
x-goog-stored-content-length
33977
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 16:51:04 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3XCyUsgkhZXCTv3q9kSdMgOdzMaJytVugxjPKmIgAZdIYYNGdG1z3-ckmyxPbXNQi2TFcy12NsbQ
cache-control
public, max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7c9c45eabfbb50-FRA
access-control-allow-origin
*
x-goog-generation
1725555064327814
server
cloudflare
js
www.googletagmanager.com/gtag/
301 KB
104 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-YYPGFKPRQJ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5f9846bc308f84eb4014a01cc6f66d95260c8d542c41cc4ca405dbbb908d783a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 20:10:28 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
105862
x-xss-protection
0
server
Google Tag Manager
monitoring.js
omnisnippet1.com/monitoring/
69 KB
25 KB
Script
General
Full URL
https://omnisnippet1.com/monitoring/monitoring.js?v=2024-10-24T20
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.126 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73f75abc51fe9823e99cca9b90897cf0e661433dfaf562f2ed079efe0879d351
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

strict-transport-security
max-age=15552000
cache-control
max-age=3600
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"67179da4-114f0"
x-envoy-upstream-service-time
2
via
1.1 google
cf-ray
8d7c9c461be7d2e7-FRA
expires
Thu, 24 Oct 2024 21:10:28 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 12:42:12 GMT
server
cloudflare
getSettings
wt.omnisendlink.com/REST/inShop/v1/
298 B
535 B
Fetch
General
Full URL
https://wt.omnisendlink.com/REST/inShop/v1/getSettings?shopHostname=newmood.ee&shopType=api&brandID=57ffa5a35e8d400240aad8ac&responseType=json
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9eedb6cbd7c8fc8d0c30b6f5db934b47a620153d75521223c178d1df530994e4
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

access-control-expose-headers
X-Expose-Header
content-encoding
br
cf-cache-status
EXPIRED
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 20:10:28 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=0, s-maxage=600, public
x-envoy-upstream-service-time
7
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d7c9c45eb1abb9b-FRA
access-control-allow-origin
https://newmood.ee
server
cloudflare
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/765879031/
5 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765879031/?random=1729800628184&cv=11&fst=1729800628184&bg=ffffff&guid=ON&async=1&gtm=45be4al0z872649232za201zb72649232&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.ee%2F&hn=www.googleadservices.com&frm=0&tiba=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&npa=0&pscdl=noapi&auid=1054538940.1729800628&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-765879031&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra02s19-in-f2.1e100.net
Software
cafe /
Resource Hash
e396c6a100e6d1de0941e37af02fc82fa0d8d78173fc03c4524540a6fabee430
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2375
date
Thu, 24 Oct 2024 20:10:28 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
765879031
td.doubleclick.net/td/rul/ Frame 23A2
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/765879031?random=1729800628184&cv=11&fst=1729800628184&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0z872649232za201zb72649232&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.ee%2F&hn=www.googleadservices.com&frm=0&tiba=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&npa=0&pscdl=noapi&auid=1054538940.1729800628&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-765879031&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newmood.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 20:10:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-YYPGFKPRQJ&gtm=45je4al0v9139042477z872649232za200&_p=1729800627660&_gaz=1&gcs=G111&gcd=13v3vPv2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533422~101686685~101794737~101823847&cid=1101603994.1729800628&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EAAI&_s=1&sid=1729800628&sct=1&seg=0&dl=https%3A%2F%2Fnewmood.ee%2F&dt=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&en=page_view&_fv=1&_ss=1&tfd=1428
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YYPGFKPRQJ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newmood.ee
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
541 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YYPGFKPRQJ&cid=1101603994.1729800628&gtm=45je4al0v9139042477z872649232za200&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&frm=0&tag_exp=101533422~101686685~101794737~101823847
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YYPGFKPRQJ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0b::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newmood.ee
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 627B
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-YYPGFKPRQJ&gacid=1101603994.1729800628&gtm=45je4al0v9139042477z872649232za200&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533422~101686685~101794737~101823847&z=865949782
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YYPGFKPRQJ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newmood.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 20:10:28 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YYPGFKPRQJ&cid=1101603994.1729800628&gtm=45je4al0v9139042477z872649232za200&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&frm=0&tag_exp=101533422~101686685~101794737~101823847&tag_exp=101533422~101686685~101794737~101823847&z=1321327047
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 20:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
jcr-widget-app.c5bed5c3.js
cdn.one.store/javascript/dist/1.0/
402 KB
85 KB
Script
General
Full URL
https://cdn.one.store/javascript/dist/1.0/jcr-widget-app.c5bed5c3.js
Requested by
Host: cdn.one.store
URL: https://cdn.one.store/javascript/dist/1.0/jcr-widget.js?account_id=F6EZvp6S9pWEV4qSAMocwVhhZcl2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63907fdb519bf17593238f7288dcf5016400cc8d4478e034e43a85a46d25340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=XDrMfw==, md5=Y1ZLBV7rdKu0LNRSbOPpJQ==
cf-cache-status
HIT
etag
W/"63564b055eeb74abb42cd4526ce3e925"
age
2186
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=72SiFqqvPC3qItOpbm%2F2Ws0HgIMY%2Fd32ZPjF%2Ba6pQy7Z8EP9wiWrzIJ%2FhBoOG8DLry8Ofi5Y285ir2%2FrPG8g6%2BSdQkWaluU3cH0P%2FqHItAcLyThl6vbMGgIdx6Vre5lHq5qMxRkbQOuuLVI%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 24 Oct 2024 19:34:54 GMT
x-goog-stored-content-length
411969
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 16:51:02 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0De_8vEDGtvuTrSUGXXbG5ZMNFVBy5b0ixOgw0HEPQafgahijXe2lDZTekeO9nRELTkkJRPi2AfQ
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7c9c477c29bb50-FRA
access-control-allow-origin
*
x-goog-generation
1725555062067956
server
cloudflare
122111051598311
connect.facebook.net/signals/config/
67 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/122111051598311?v=2.9.174&r=stable&domain=newmood.ee&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.253.1 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra5.fbcdn.net
Software
/
Resource Hash
71bf1a589e1d7fbfdb889e3f57b8af47e99d3668d68bcd510d37c7168cd016a5
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=13, rtx=0, c=48, mss=1232, tbw=67904, tp=65, tpl=0, uplat=152, ullat=1
pragma
public
x-fb-debug
EZABhCRc4iUFYCWVHXfl9VxzuVS0NkW1JkBHBDX6tkjMvbUOJY5aTnuMouwWSjFSsoBq+r2S6O3ljKPW3PAKDQ==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
cross-origin-opener-policy-report-only
restrict-properties;report-to="coop_report"
x-xss-protection
0
origin-agent-cluster
?1
/
www.google.com/pagead/1p-user-list/765879031/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/765879031/?random=1729800628184&cv=11&fst=1729800000000&bg=ffffff&guid=ON&async=1&gtm=45be4al0z872649232za201zb72649232&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.ee%2F&hn=www.googleadservices.com&frm=0&tiba=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&npa=0&pscdl=noapi&auid=1054538940.1729800628&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dmzPRXCA0qXaiAZSMcRqPn44-p0kWWA&random=2540564144&rmt_tld=0&ipr=y
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 20:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.de/pagead/1p-user-list/765879031/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/765879031/?random=1729800628184&cv=11&fst=1729800000000&bg=ffffff&guid=ON&async=1&gtm=45be4al0z872649232za201zb72649232&gcd=13v3v3v2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823847&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.ee%2F&hn=www.googleadservices.com&frm=0&tiba=R%C3%B5ivad%20ja%20jalatsid%20meestele%20ning%20naistele%20%7C%20Newmood&npa=0&pscdl=noapi&auid=1054538940.1729800628&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSGwCa7L7dmzPRXCA0qXaiAZSMcRqPn44-p0kWWA&random=2540564144&rmt_tld=1&ipr=y
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.181.227 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 20:10:28 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
push-notifications.js
omnisnippet1.com/inShop/
23 KB
7 KB
Script
General
Full URL
https://omnisnippet1.com/inShop/push-notifications.js?v=2024-10-24T20
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.126 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34183ec5342031565e78a9cebc1a96540a9b8673cb11f9fe606f3201333f578f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67174c98-5bbb"
age
830
expires
Thu, 24 Oct 2024 20:56:38 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 06:56:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=3600
x-envoy-upstream-service-time
1
via
1.1 google
cf-ray
8d7c9c47c85ad2e7-FRA
server
cloudflare
main.js
omnisnippet1.com/forms/
85 KB
21 KB
Script
General
Full URL
https://omnisnippet1.com/forms/main.js?v=2024-10-24T20
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.126 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83a34cff368e91e387afdeab8bd446d267bcaf117c9a6909a6e7326b8e2dc79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67179d90-15357"
age
2850
expires
Thu, 24 Oct 2024 20:22:58 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 12:41:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=3600
x-envoy-upstream-service-time
6
via
1.1 google
cf-ray
8d7c9c47c85cd2e7-FRA
server
cloudflare
config
widget-api.one.store/v1/notifications/
137 B
1 KB
XHR
General
Full URL
https://widget-api.one.store/v1/notifications/config?account_id=F6EZvp6S9pWEV4qSAMocwVhhZcl2&page=https%3A%2F%2Fnewmood.ee%2F&user_agent=desktop&local_time_zone=europe_berlin
Requested by
Host: omnisnippet1.com
URL: https://omnisnippet1.com/monitoring/monitoring.js?v=2024-10-24T20
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4937 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbc031674ecf30e669f3cd7655ad5af8b6e2829f2d9b5d95d3dff3ae1ac72ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

access-control-max-age
7200
x-request-id
e60bf86b-54f9-4d02-a52e-a63103100bd2
access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"8bbc031674ecf30e669f3cd7655ad5af"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VGyk3dB8HeE%2BI3%2BNoJCErzqlTLv2r08PAaiXYligwu2lJ0Gm9%2BvudYHJoDZ9k23t30%2B99CtTy5OMhrCUvwgIJJpDeZyKIFv9OpI3gwKzLmH2cLr3X3C8pCLbpMcIMYN0KAoJG8E3KLboBUY4nSAMF1%2B6"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
prooffactor-cache
MISS
date
Thu, 24 Oct 2024 20:10:30 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.036395
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proof-factor-user-country-code
DE
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8d7c9c4c4cc84ba4-SIN
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
renderedForms
forms.soundestlink.com/REST/forms/v1/
2 B
511 B
Fetch
General
Full URL
https://forms.soundestlink.com/REST/forms/v1/renderedForms?v=2024-10-24T20&brandID=57ffa5a35e8d400240aad8ac&displayType=popup,embedded,flyout
Requested by
Host: omnisnippet1.com
URL: https://omnisnippet1.com/monitoring/monitoring.js?v=2024-10-24T20
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cf-cache-status
HIT
access-control-allow-methods
GET,OPTIONS
expires
Thu, 24 Oct 2024 20:18:56 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 20:08:56 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=0, s-maxage=600, public
x-envoy-upstream-service-time
3
via
1.1 google
cf-ray
8d7c9c486db990e6-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2
server
cloudflare
/
www.facebook.com/tr/
0
273 B
Image
General
Full URL
https://www.facebook.com/tr/?id=122111051598311&ev=PageView&dl=https%3A%2F%2Fnewmood.ee%2F&rl=&if=false&ts=1729800628577&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1729800628572.81553223705409154&ler=empty&cdl=API_unavailable&it=1729800628400&coo=false&eid=1729800628039.243554.1&tm=1&rqm=GET
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=2900, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=122111051598311&ev=PageView&dl=https%3A%2F%2Fnewmood.ee%2F&rl=&if=false&ts=1729800628577&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1729800628572.81553223705409154&ler=empty&cdl=API_unavailable&it=1729800628400&coo=false&eid=1729800628039.243554.1&tm=1&rqm=FGET
Requested by
Host: newmood.ee
URL: https://newmood.ee/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429437126111498495"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
1PsJnFvbEqE4FU0XIZI3YOQuJfu8cC1O1/cCYOBy2EwsfQ6XJvFW03BwofG4W8Y320e2rkiRMDvpgqKy7yYhWw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429437126111498495", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=10, mss=1297, tbw=3217, tp=-1, tpl=-1, uplat=146, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
ld.js
static.criteo.net/js/ld/
50 KB
16 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P8ZMFG
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"6706b6f2-c61f"
cross-origin-resource-policy
cross-origin
expires
Fri, 25 Oct 2024 20:10:28 GMT
access-control-allow-origin
*
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 17:01:38 GMT
server
nginx
favicon.ico
newmood.ee/
318 B
484 B
Other
General
Full URL
https://newmood.ee/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bbc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a466569eef0b33661de32f1f851e0d30bc4b35a0a2ff28d55f1e92b69b4907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"58382b05-13e"
age
767577
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yurh9OGel34HaPWQfBmSTxOtFMyTjv%2BhAQrfPNYvOI5U2c7jz%2BbGDToyoNypmtJSyQe0AcCBhfHo6fIdo1QzI%2F1Ey1Rea%2BNn380W6KT4KPW0mDmE2wGK3gqwKmXD9g0BT%2Fbc2Y4UAPk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c49fed519b1-FRA
expires
Wed, 15 Oct 2025 22:57:31 GMT
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
image/x-icon
last-modified
Fri, 25 Nov 2016 12:13:57 GMT
vary
Accept-Encoding
server
cloudflare
syncframe
gum.criteo.com/ Frame ACBB
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=newmood.ee&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newmood.ee/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 20:10:27 GMT
server
Kestrel
server-processing-duration-in-ticks
402388
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
event
sslwidget.criteo.com/
9 KB
4 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=68085&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=mCedPF96WnBVRlJwR2ZxMGRhTEU5Zndhd0NZTEJhRDAyVmNGemNWbHkwSzNKYXZhcVRBWUVtMzFTWUNqSXFEc2VqSEY0WExFZzR0M3ZkJTJGZ0x1eW9zQjFSTm9VZmJQeTJlVUlqOUdyYk15SHExRWVHZUpFZ2lzZHpYbzgwTkNOcjBXY05QQ3RwMFNUTkVDOTNnb1dFOWhzTEZYdyUzRCUzRA&sc=%7B%22fbp%22%3A%22fb.1.1729800628572.81553223705409154%22%7D&tld=newmood.ee&fu=https%253A%252F%252Fnewmood.ee%252F&ceid=f763cdb5-6463-447e-91a3-0c7998ab1915
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2babe7af13f72f724aaa55373897b2b03c43ee5a4458c5e06a825f46ec1ea2f2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.ee/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
6854371
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
application/x-javascript
server
Kestrel
pixel
cm.g.doubleclick.net/ Frame 10BC
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-wF_RHwaETD6A5gavvGs6GSrpzqhkCtF1wmZeCg&google_cm&google_hm=ay13Rl9SSHdhRVRENkE1Z2F2dkdzNkdTcnB6cWhrQ3RGMXdtWmVDZw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Thu, 24 Oct 2024 20:10:29 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
sync
x.bidswitch.net/ Frame 10BC
43 B
183 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-wOvHmwaETD6A5gavvGs6GSrpzqjQo1haLDiLEA&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 10BC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7619923182071115269
43 B
369 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7619923182071115269
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
953061
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=7619923182071115269
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
80.255.10.203; 80.255.10.203; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
f81bbae0-dfbf-4e7f-aa31-c2f0f2f7581e
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 24 Oct 2024 20:10:29 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
rtb-csync.smartadserver.com/redir/ Frame 10BC
43 B
114 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-FIVzaQaETD6A5gavvGs6GSrpzqiY3_QvgYZ59g
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
217.182.178.234 , France, ASN16276 (OVH, FR),
Reverse DNS
ip234.ip-217-182-178.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 10BC
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-yH4zGAaETD6A5gavvGs6GSrpzqieMBq332IB7w
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
20866
date
Thu, 24 Oct 2024 20:10:29 GMT
server
nginx
access-control-allow-credentials
true
sync
visitor.omnitagjs.com/visitor/ Frame 10BC
49 B
343 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-0xu8MQaETD6A5gavvGs6GSrpzqggtLNUoy3wKA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
11
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
content-length
49
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
vary
Accept-Encoding
server
ayl-lb-fra02
rum
r.casalemedia.com/ Frame 10BC
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0pAOOgaETD6A5gavvGs6GSrpzqiGnyjE9vpD5g
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0pAOOgaETD6A5gavvGs6GSrpzqiGnyjE9vpD5g&C=1
43 B
321 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-0pAOOgaETD6A5gavvGs6GSrpzqiGnyjE9vpD5g&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TqyA7OyADDoiyOYnGDRz7uOCrYwhSAoTRs3imHzrELWB5UmVU7sKFJNzpsewHbyo5sb5qrCd2a7Ep2kRd05%2Fr4fuK8TlEsIgDG8amEYPTJ6Ibcm5nwB10l81VIGf%2B0jGrrJE"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c4d7bda5d91-FRA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=20&external_user_id=k-0pAOOgaETD6A5gavvGs6GSrpzqiGnyjE9vpD5g&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFJVl%2BqApJRis26Q2Zdh0AH4JKMpdHD1FW5RRxMPV2r%2B%2FvXtex7aofAmPkHi32bb1pcRqafTnARpGXhIyDrd4g%2BhJGP0F6S8Qtsr0b7ouiXXxO9kY93FplnltxDHtflRbbm%2B"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c9c4d1b835d91-FRA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Thu, 24 Oct 2024 20:10:29 GMT
vary
Accept-Encoding
server
cloudflare
demconf.jpg
dpm.demdex.net/ Frame 10BC
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=G0d6wIQGTlIUoL9GtrhnR1-GVVOUtQUL
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=G0d6wIQGTlIUoL9GtrhnR1-GVVOUtQUL
42 B
715 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=G0d6wIQGTlIUoL9GtrhnR1-GVVOUtQUL
Protocol
H2
Server
54.217.253.102 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-217-253-102.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-0c6074d7b.edge-irl1.demdex.com 3 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
Y2Okl0B4SP4=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=G0d6wIQGTlIUoL9GtrhnR1-GVVOUtQUL
dcs
dcs-prod-irl1-2-v067-0479ca514.edge-irl1.demdex.com 0 ms
pragma
no-cache
x-tid
zTtQFrk8RSc=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 20:10:29 GMT
9.gif
id5-sync.com/s/966/ Frame 10BC
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-fxBSJQaETD6A5gavvGs6GSrpzqhlsgXv1F3DEA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 20:10:28 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 10BC
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-25s2qgaETD6A5gavvGs6GSrpzqjii73SJfDWMA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.214.176.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-176-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
sync
matching.ivitrack.com/ Frame 10BC
42 B
265 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-eORO4QaETD6A5gavvGs6GSrpzqgFOkaH-GEo2Q
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
server
istio-envoy
cksync.php
contextual.media.net/ Frame 10BC
61 B
815 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-clya7QaETD6A5gavvGs6GSrpzqjxbrVDvFaNqg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Thu, 24 Oct 2024 20:10:29 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length
61
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 10BC
0
884 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-vEHpLAaETD6A5gavvGs6GSrpzqgtg1f7qTHZVw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.70.79.22 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-70-79-22.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 10BC
43 B
422 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Q0-vFAaETD6A5gavvGs6GSrpzqhcnvznmF3D4A
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.3.108.197 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-3-108-197.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 10BC
0
218 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-blm4MAaETD6A5gavvGs6GSrpzqjN2CJs2gS-dw&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Thu, 24 Oct 2024 20:10:29 GMT
x-traceid
a5d5b9e7e81bf7a8328deda62a1c0aed
Pug
simage2.pubmatic.com/AdServer/ Frame 10BC
0
225 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-8JrNCQaETD6A5gavvGs6GSrpzqhsUoLIdWXxEQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
text/html; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 10BC
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-IocXmQaETD6A5gavvGs6GSrpzqgCS25L3kdWcQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
bcdac959321a8cf7d38f9eb638bfa14f
Pragma
no-cache
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame 10BC
0
58 B
Image
General
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-Bld33QaETD6A5gavvGs6GSrpzqigPGmakWnbmA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.195.234.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-234-25.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=16000000; includeSubDomains; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=16000000; includeSubDomains; preload;
um
criteo-sync.teads.tv/ Frame 10BC
23 B
163 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-7pMi_AaETD6A5gavvGs6GSrpzqh1pudRn1GOOQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

expires
Thu, 24 Oct 2024 20:10:29 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
server
pekko-http/1.0.1
xuid
eb2.3lift.com/ Frame 10BC
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-PYW0kQaETD6A5gavvGs6GSrpzqjicXh9bER5lg&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 10BC
43 B
153 B
Image
General
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-Mwv0uQaETD6A5gavvGs6GSrpzqjQQK6WzpwI3w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
date
Thu, 24 Oct 2024 20:10:29 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame 10BC
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-OZmL0QaETD6A5gavvGs6GSrpzqivaHC_EilR_Q
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.165.82 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-165-82.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Expires
Wed, 23 Oct 2024 20:10:29 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Thu, 24 Oct 2024 20:10:29 GMT
Connection
keep-alive
sync
sync-criteo.ads.yieldmo.com/ Frame 10BC
0
38 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-tjY3OwaETD6A5gavvGs6GSrpzqjO9e-JhAgIdQ&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.80.210.41 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-80-210-41.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Thu, 24 Oct 2024 20:10:29 GMT
content-length
0
put
e1.emxdgt.com/ Frame 10BC
0
44 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-HlHDPAaETD6A5gavvGs6GSrpzqjmq7tSRlU1SA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.194.16.83 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-194-16-83.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Thu, 24 Oct 2024 20:10:29 GMT
server
awselb/2.0
RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003
sync.targeting.unrulymedia.com/csync/ Frame 10BC
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-H36_igaETD6A5gavvGs6GSrpzqh0wtINSeQglw
  • https://sync.1rx.io/usersync/criteodsp/k-H36_igaETD6A5gavvGs6GSrpzqh0wtINSeQglw?zcc=1&cb=1729800629495
  • https://sync.targeting.unrulymedia.com/csync/RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003
43 B
378 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Thu, 24 Oct 2024 20:10:29 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003
date
Thu, 24 Oct 2024 20:10:29 GMT
pragma
no-cache
content-type
text/html
setuid
ib.adnxs.com/ Frame 10BC
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-hfd2mAaETD6A5gavvGs6GSrpzqiblZyoyC8mYg
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
80.255.10.203; 80.255.10.203; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
61b34354-6061-460d-a0f3-fecfe092bfe4
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 24 Oct 2024 20:10:29 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4
visits
interactions.one.store/v1/analytics/
0
1 KB
Ping
General
Full URL
https://interactions.one.store/v1/analytics/visits
Requested by
Host: cdn.one.store
URL: https://cdn.one.store/javascript/dist/1.0/jcr-widget-app.c5bed5c3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:6d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://newmood.ee/

Response headers

access-control-max-age
7200
x-request-id
a355d544-1336-4070-a433-927a73799414
access-control-expose-headers
*
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=J8Pna0C%2B3Ahj3ey9KYQZSeb6oGtd7KfYJYRdEagoyvMbSRbzzfg8xtC4ucGUK4oReCeV550%2Bi5uVpfJHxgtwNl0GbIZk6KJ8EIpKHpvige1BDLkMOdSuuJcxptB1MYpzTnyc6jqvv8exiVn27KkElLf2mUA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
date
Thu, 24 Oct 2024 20:10:30 GMT
vary
Origin
x-runtime
0.006433
x-frame-options
SAMEORIGIN
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proof-factor-user-country-code
DE
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8d7c9c53ae19bb50-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 string| GoogleAnalyticsObject function| ga object| dataLayer function| gtag object| REGISTERED_USER object| regeneratorRuntime boolean| _searchNode_loaded string| _token object| _translations string| _searchAutocompleteRoute string| _searchRoute function| _typeof function| waitForFinalEvent object| Search object| Cookie object| Payment object| Shipping object| Menu function| logEvent function| setUserProperty object| RESPONSIVE_BREAKPOINTS function| cookieRequired function| cookieFunctional function| cookieThirdParties object| NotificationPopups object| Account object| addToCartEvent object| Cart object| Return function| fbRegister function| $ function| jQuery object| jQuery112102538656167785778 function| Slider object| toastr object| Handlebars function| SearchIndex function| Bloodhound function| Cookies object| mobile_nav function| ProductView function| ProductListFilter object| options function| lookbook function| insideLookbook object| enhancedEcomm object| google_e_commerce object| google_ga4 string| alertType function| MINICART object| cart object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| cookiesArray object| omnisend object| feedback_translations function| refreshSession object| google_tag_manager string| _randomPageId function| fbq function| _fbq object| _fbq_gtm_ids boolean| OMNISEND_LAUNCHER_LOADED object| _omnisend object| soundestInShop object| SOUNDEST object| SOUNDEST_EVENTS object| soundest object| GooglebQhCsO object| proof-factor-plugin object| core string| PROOF_FACTOR_ACCOUNT_ID object| ONE_STATUS object| _sentryDebugIds string| _sentryDebugIdIdentifier object| __SENTRY__ boolean| PROOF_FACTOR_WIDGET_SCRIPT_LOADED boolean| OMNISEND_FORMS_LOADED boolean| OMNISEND_PUSH_NOTIFICATIONS_LOADED object| criteo_q boolean| PROOF_FACTOR_FETCHED_CONFIG boolean| PROOF_FACTOR_ANALYTICS_SETUP

40 Cookies

Domain/Path Name / Value
newmood.ee/ Name: PHPSESSID
Value: cqarc53vpcu5dsclbbi4somro7
newmood.ee/ Name: XSRF-TOKEN
Value: eyJpdiI6IjBMZWNrbVM2alpHWHA1dEtlK3Mrc1E9PSIsInZhbHVlIjoiRnIwMGN2MWtqRUIrRVF1OU4zNWhTUnlmaGFwVXJad1Nrb1wvaEh5VlBKXC9vWjdzYzlUcmxPV0sxRFpJZXhFdHZRaTl3MXM0ejFCcVFWZ2RxUDMzbitPQT09IiwibWFjIjoiYjgwYWRmNzQyZTZhMzhiYjFkZTI0N2QyZTViZjgzMzI1ZjZhOGE3M2ZjNjhiOGU4NmRmZTUxYzliYWVlMDYyZiJ9
newmood.ee/ Name: laravel_session
Value: eyJpdiI6IlYwNnowNDZXOGNDelNxcFB3NlRUdUE9PSIsInZhbHVlIjoiSmM2cnNzQVI1VkRJeHp1VktESXB3ZndleXZCeHZMN09zRVVJVzNuMExJRkFTUFl0VmVPT3JGZHdwMkdFS1o0MVdKaEpRYmJQNExVcWttcU1NZThIMFE9PSIsIm1hYyI6ImI1MTgzMjcyNGMxYmQ5YjNkZmExMTIxM2Q2MDY2MzdkZGU2ZTZkZDU1OTZkM2ExNTlkN2NhN2NhNmZjOGJiMTAifQ%3D%3D
newmood.ee/ Name: cookie_law
Value: eyJpdiI6Im9FZ0dVWVpPZDBBV3dHU3p6dXNQRGc9PSIsInZhbHVlIjoiMEFZTWFHRTBTMUR2Q3MyREo1S0VBUT09IiwibWFjIjoiMjI3MmYxY2M1NDIwZjY3OGRhN2IwMTdkNmYxNzhiMmYxZGUxY2NhNjM3ODI1MmM4MTFlZmVkMjMwZDAxMGEyMiJ9
.newmood.ee/ Name: _gid
Value: GA1.2.1769425417.1729800628
.newmood.ee/ Name: _gat
Value: 1
.newmood.ee/ Name: _gcl_au
Value: 1.1.1054538940.1729800628
.newmood.ee/ Name: soundestID
Value: 20241024201028-fLjrdskC5AlQ3TcVXKUG2hQIFpZlkA0md1GTbJze1ntk3H34u
.newmood.ee/ Name: omnisendSessionID
Value: pIr5BcJsCvr89f-20241024201028
.newmood.ee/ Name: _ga_YYPGFKPRQJ
Value: GS1.1.1729800628.1.0.1729800628.60.0.0
.newmood.ee/ Name: _ga
Value: GA1.1.1101603994.1729800628
.doubleclick.net/ Name: IDE
Value: AHWqTUmhCKruohHINsXlFdNKb9YrAmncTODuMxUQ5j7zVazP58WYSFccF5GTeFpE
.newmood.ee/ Name: proof-factor-user-8f73c94f-298c-41ec-b8a4-e5d545a9af2e-all-time-data
Value: {"referring_url":"","initial_url":"https://newmood.ee/","visitor_token":"059e1394-1f9a-4c4f-8850-4ddf24b32644","sessions_count":1,"pages_viewed":1}
.newmood.ee/ Name: _fbp
Value: fb.1.1729800628572.81553223705409154
.criteo.com/ Name: uid
Value: db49bed0-cecc-4263-a627-9b181217a898
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.newmood.ee/ Name: cto_bundle
Value: mCedPF96WnBVRlJwR2ZxMGRhTEU5Zndhd0NZTEJhRDAyVmNGemNWbHkwSzNKYXZhcVRBWUVtMzFTWUNqSXFEc2VqSEY0WExFZzR0M3ZkJTJGZ0x1eW9zQjFSTm9VZmJQeTJlVUlqOUdyYk15SHExRWVHZUpFZ2lzZHpYbzgwTkNOcjBXY05QQ3RwMFNUTkVDOTNnb1dFOWhzTEZYdyUzRCUzRA
.criteo.com/ Name: cto_bundle
Value: EUi0rV9HJTJGaGV0dGU0aiUyRkE1UzBsSzB4U1FCa0V6ekNoSERhN1poaWFtU0hidUszZkFxUDBJTEF5eUxxaVhSeE1SVVVXNHFaM2R6TXdYRjhsS2phRWQ1T1J3ViUyQndXamowRzBqMDNmYVFMQ3lvbkVvTWxaMnJVYzJMJTJCQ25vck83d0ZCTWRw
.adnxs.com/ Name: XANDR_PANID
Value: pA2Ztbp84M1W812JkUDbetH-JStnVUsud-344SH-CB3UrWedmu1JBllcfM-qOyxt8W4DbGTyeQFIvVrwBsOflIn1trqKXbUQbHrX23Qt9sA.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 7619923182071115269
.casalemedia.com/ Name: CMID
Value: ZxqptVVbLTsAADaKAPdzNAAA
.casalemedia.com/ Name: CMPS
Value: 5145
.casalemedia.com/ Name: CMPRO
Value: 5145
.omnitagjs.com/ Name: ayl_visitor
Value: 79a94f91fad72b318f0a7c557ddc57d6
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2Ilgl!z0K!]tbPl@/D!9hy6]/Cr+S2bF0n4!vpxeU_ci7lH-7c#GSqaB_*$3Ng1-[aZC?khnD4C#!!`A%/'`*bpRz*qF1`*be'C-4Lu1
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%2203fc42f0-9244-11ef-a73d-63176f037c5f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2203fc42f0-9244-11ef-a73d-63176f037c5f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%2203fc42f0-9244-11ef-a73d-63176f037c5f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%2203fc42f0-9244-11ef-a73d-63176f037c5f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-vEHpLAaETD6A5gavvGs6GSrpzqgtg1f7qTHZVw%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/ Name: demdex
Value: 25734340211639124231008501019085926898
.dpm.demdex.net/ Name: dpm
Value: 25734340211639124231008501019085926898
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-7ba46ca6-11a4-46be-b7a2-36bc713ad783-003%22%7D
.media.net/ Name: visitor-id
Value: 3728022299172375000V10
.media.net/ Name: data-c-ts
Value: 1729800629
.media.net/ Name: data-c
Value: k-clya7QaETD6A5gavvGs6GSrpzqjxbrVDvFaNqg~~3
.postrelease.com/ Name: opt_out
Value: 1
.newmood.ee/ Name: pf_stc
Value: 1

1 Console Messages

Source Level URL
Text
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
cdn.one.store
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
forms.soundestlink.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
inte.searchnode.io
interactions.one.store
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
newmood.ee
newmood.lt
omnisnippet1.com
omnisrc.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
td.doubleclick.net
visitor.omnitagjs.com
widget-api.one.store
wt.omnisendlink.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newmood.ee
x.bidswitch.net
104.18.36.155
104.75.89.75
13.248.245.213
141.226.228.48
141.95.98.65
142.250.181.227
142.250.184.196
142.250.185.162
157.240.253.1
172.217.18.2
172.64.146.59
172.64.151.126
172.64.153.206
172.64.155.219
178.250.1.9
18.194.16.83
18.195.234.25
184.30.20.22
185.255.84.153
185.64.191.210
2001:4860:4802:32::36
217.182.178.234
23.213.165.82
2606:4700:20::681a:6d3
2606:4700:20::681a:719
2606:4700:20::681a:bbc
2606:4700:20::ac43:4937
2a00:1450:4001:800::200e
2a00:1450:4001:806::2002
2a00:1450:4001:827::2008
2a00:1450:400c:c0b::9b
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f176:181:face:b00c:0:25de
3.70.79.22
34.117.157.22
35.214.136.108
37.252.171.52
46.228.174.117
52.214.176.63
52.3.108.197
52.85.65.89
54.217.253.102
69.173.144.165
70.42.32.63
85.215.5.31
99.80.210.41
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
1a09bfb3ab823e17cbe5d4e840bb4dd9e18d9a0cf14482d4d6836a4b34d6bd81
1f78a02b3a937670b54811b52fa039a6b3fc4e549ec47065f6807f4a099252f7
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2ba4f35023babf03e06c9733cbf4ca43ec562aa2cd3887965dbfb005e3931f35
2babe7af13f72f724aaa55373897b2b03c43ee5a4458c5e06a825f46ec1ea2f2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
34183ec5342031565e78a9cebc1a96540a9b8673cb11f9fe606f3201333f578f
3758cbbc7a845604e66798198f3129815bdbcf16dd9de3110c626747f47a17a0
3ef95f8ff44ba264df419900cf47cd3fefe93bc608943756f1c3ce31ed862fc9
426bc444d61f75bbb0428be6bd6dfab3a9b8c0a9ea5e9c140e593f5abb70ffa5
42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5667f1598f8a0831d6abc6d7f58b7e185857e6c47876015eddd4129901fdb297
56a466569eef0b33661de32f1f851e0d30bc4b35a0a2ff28d55f1e92b69b4907
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5d6e10ab81c89a7f4994628f285ca24bf1bfe2e3570ae35c0e0dc1d31c9ea9bb
5e487884f82441d3df75092e44700ea200f699c1fbeb940b51f7306284d80fe8
5f9846bc308f84eb4014a01cc6f66d95260c8d542c41cc4ca405dbbb908d783a
62c49570a5d4c22053ef9439b1b9c644a68a5763788ca0acbc559e8f35f3dddc
64a81912c7bf6b6c0a301111626659c98d1060c6989ef11a71bbb9ad8e760001
68f8aa81d4ac9a6171abc8377835ea77a03ff7264822921e9f6255d206ad8d11
6dc767e18f724d22bc90c9c2e23adaa6d3f2fc5f4b6d5c50e46152e7af85a925
71bf1a589e1d7fbfdb889e3f57b8af47e99d3668d68bcd510d37c7168cd016a5
7337a5e1cc81f563252d146272f6fa8753bd5388feb432275693ba052058b2b7
73f75abc51fe9823e99cca9b90897cf0e661433dfaf562f2ed079efe0879d351
84ee5a77fa810f2ec48d77123b91b7f4911de6e872383b9e7716df7247590cd5
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bbc031674ecf30e669f3cd7655ad5af8b6e2829f2d9b5d95d3dff3ae1ac72ab
925f41a6f97fe3ba71210ccaea864477cec3bcd2ff6fd589b3cc414ff3ed4497
93dea07e833cd8156e06c71844a25384ae17939371aed37b5f913af12607cbba
989ef18992af6107d85e757db607f221eec91ac347bb71bf4da1375ef8825e45
9eedb6cbd7c8fc8d0c30b6f5db934b47a620153d75521223c178d1df530994e4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a63907fdb519bf17593238f7288dcf5016400cc8d4478e034e43a85a46d25340
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b04f7eb3b5d01eaafb43a6bc0bf5bb37ab3bcaf2bd7a8624443faaeede6c4f53
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b4b81d22011e583ece60a62c079f45165774774e9fedbe253d0c1502d6edff8c
b81603a4323d4bb58b2698b0676baa85142dcf59c3872c8462fd2d495b74d7bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c6bab0a9a4cc327ad105edf9fd0d4ea45ad89a9baa30e18aeaf8c5081adc1df2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d7c6aca3c8723bbecaab1a623d230ac9ad930bea0499ea6fa798b9128c0e937c
d83a34cff368e91e387afdeab8bd446d267bcaf117c9a6909a6e7326b8e2dc79
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e396c6a100e6d1de0941e37af02fc82fa0d8d78173fc03c4524540a6fabee430
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec91f4e8727384cc1a66aac67966f3a94dd8535ec0282bfa9e7a78e8bae571bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e35a9ad3958ca5395c3496fe29b2a933f541a33741df1e37b084d7df8bcb39
ffd99fd05bf0a858096ff9e4fdc6c8e891b08b8e871a25bd74d59513f0c3f19d
ffe107dae0407915fd44accf3eb299778e64f274a13cbb72d6f23fa4a78afce0