Submitted URL: http://www.newmood.lv/
Effective URL: https://newmood.lv/
Submission: On October 24 via api from US — Scanned from DE

Summary

This website contacted 47 IPs in 8 countries across 43 domains to perform 93 HTTP transactions. The main IP is 2606:4700:20::681a:1f6, located in United States and belongs to CLOUDFLARENET, US. The main domain is newmood.lv.
TLS certificate: Issued by WE1 on September 10th 2024. Valid for: 3 months.
This is the only time newmood.lv was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 26 2606:4700:20:... 13335 (CLOUDFLAR...)
1 52.85.65.61 16509 (AMAZON-02)
8 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 172.64.146.59 13335 (CLOUDFLAR...)
1 2 142.250.184.196 15169 (GOOGLE)
2 142.250.185.98 15169 (GOOGLE)
2 157.240.0.6 32934 (FACEBOOK)
4 2606:4700:20:... 13335 (CLOUDFLAR...)
3 172.64.151.126 13335 (CLOUDFLAR...)
1 172.64.155.219 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.67 15169 (GOOGLE)
2 2a03:2880:f17... 32934 (FACEBOOK)
1 172.64.153.206 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 2 2a02:2638:3::c 44788 (ASN-CRITE...)
2 178.250.1.9 44788 (ASN-CRITE...)
1 142.250.185.66 15169 (GOOGLE)
1 35.214.136.108 15169 (GOOGLE)
2 3 37.252.171.52 29990 (ASN-APPNEX)
1 81.17.55.173 60781 (LEASEWEB-...)
1 141.226.228.48 200478 (TABOOLA-AS)
1 185.255.84.153 200271 (IGUANE-)
1 2 172.64.151.101 13335 (CLOUDFLAR...)
1 2 54.73.19.51 16509 (AMAZON-02)
1 141.95.98.65 16276 (OVH)
1 63.33.127.155 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 184.30.20.22 16625 (AKAMAI-AS)
1 3.125.168.177 16509 (AMAZON-02)
1 34.212.244.198 16509 (AMAZON-02)
1 64.202.112.95 23352 (SERVERCEN...)
1 185.64.191.210 62713 (AS-PUBMATIC)
1 69.173.144.165 26667 (RUBICONPR...)
1 23.32.185.35 16625 (AKAMAI-AS)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 13.248.245.213 16509 (AMAZON-02)
1 85.215.5.31 6786 (CRONON-BE...)
1 23.218.209.78 16625 (AKAMAI-AS)
1 18.200.179.187 16509 (AMAZON-02)
1 54.93.152.190 16509 (AMAZON-02)
2 3 46.228.174.117 56396 (AMOBEE)
93 47
Apex Domain
Subdomains
Transfer
26 newmood.lv
www.newmood.lv
newmood.lv
591 KB
8 newmood.lt
newmood.lt
262 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 42
td.doubleclick.net — Cisco Umbrella Rank: 192
stats.g.doubleclick.net — Cisco Umbrella Rank: 136
cm.g.doubleclick.net — Cisco Umbrella Rank: 283
3 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 461
sslwidget.criteo.com — Cisco Umbrella Rank: 2477
dis.criteo.com — Cisco Umbrella Rank: 650
5 KB
4 one.store
cdn.one.store — Cisco Umbrella Rank: 71959
widget-api.one.store — Cisco Umbrella Rank: 77907
interactions.one.store — Cisco Umbrella Rank: 63796
99 KB
4 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 39
317 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 267
3 KB
3 omnisnippet1.com
omnisnippet1.com — Cisco Umbrella Rank: 20124
53 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 3
region1.analytics.google.com — Cisco Umbrella Rank: 4401
88 B
2 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 503
739 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 243
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1988
1 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 113
3 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 11271
127 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 180
72 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 34
22 KB
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1136
378 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2090
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3351
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 6600
235 B
1 twiago.com
a.twiago.com — Cisco Umbrella Rank: 64667
153 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 415
140 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2920
397 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 3027
163 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 413
239 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 905
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 881
218 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 969
423 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1695
885 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 658
816 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 14280
265 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 734
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 522
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 806
342 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1888
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 739
114 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 399
183 B
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 776
16 KB
1 soundestlink.com
forms.soundestlink.com — Cisco Umbrella Rank: 22627
515 B
1 omnisendlink.com
wt.omnisendlink.com — Cisco Umbrella Rank: 20971
532 B
1 omnisrc.com
omnisrc.com — Cisco Umbrella Rank: 190206
15 KB
1 searchnode.io
inte.searchnode.io — Cisco Umbrella Rank: 594428
93 KB
0 sharethrough.com Failed
match.sharethrough.com Failed
93 43
Domain Requested by
25 newmood.lv newmood.lv
8 newmood.lt newmood.lv
4 www.googletagmanager.com newmood.lv
www.googletagmanager.com
3 ib.adnxs.com 2 redirects
3 omnisnippet1.com omnisrc.com
2 sync.1rx.io 2 redirects
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 gum.criteo.com 1 redirects static.criteo.net
2 www.facebook.com newmood.lv
2 www.google.de newmood.lv
2 td.doubleclick.net www.googletagmanager.com
2 cdn.one.store www.googletagmanager.com
cdn.one.store
2 connect.facebook.net www.googletagmanager.com
connect.facebook.net
2 googleads.g.doubleclick.net newmood.lv
www.googletagmanager.com
2 www.google.com 1 redirects newmood.lv
2 www.google-analytics.com newmood.lv
www.google-analytics.com
1 sync.targeting.unrulymedia.com
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 a.twiago.com
1 eb2.3lift.com
1 criteo-partners.tremorhub.com
1 criteo-sync.teads.tv
1 pixel.rubiconproject.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 contextual.media.net
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 dis.criteo.com
1 x.bidswitch.net
1 cm.g.doubleclick.net
1 sslwidget.criteo.com static.criteo.net
1 static.criteo.net www.googletagmanager.com
1 interactions.one.store cdn.one.store
1 forms.soundestlink.com omnisnippet1.com
1 widget-api.one.store cdn.one.store
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 wt.omnisendlink.com omnisrc.com
1 omnisrc.com newmood.lv
1 inte.searchnode.io newmood.lv
1 www.newmood.lv 1 redirects
0 match.sharethrough.com Failed
93 52

This site contains links to these domains. Also see Links.

Domain
membershop.lv
www.instagram.com
www.facebook.com
itunes.apple.com
play.google.com
Subject Issuer Validity Valid
newmood.lv
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
*.searchnode.io
Amazon RSA 2048 M02
2024-02-23 -
2025-03-23
a year crt.sh
newmood.lt
WE1
2024-09-10 -
2024-12-09
3 months crt.sh
*.google-analytics.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
omnisrc.com
WE1
2024-10-14 -
2025-01-12
3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2024-08-02 -
2024-10-31
3 months crt.sh
one.store
WE1
2024-10-02 -
2025-01-01
3 months crt.sh
omnisnippet1.com
WE1
2024-10-20 -
2025-01-18
3 months crt.sh
omnisendlink.com
WE1
2024-09-07 -
2024-12-06
3 months crt.sh
*.g.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.doubleclick.net
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.de
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
*.google.com
WR2
2024-10-07 -
2024-12-30
3 months crt.sh
forms.soundestlink.com
E6
2024-09-05 -
2024-12-04
3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-21
3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.bidswitch.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-23 -
2024-12-21
3 months crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-01-17 -
2025-01-16
a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1
2024-07-30 -
2024-12-31
5 months crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA
2024-07-02 -
2025-08-01
a year crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.360yield.com
Amazon RSA 2048 M02
2024-04-28 -
2025-05-27
a year crt.sh
itm.ivitrack.com
R10
2024-10-09 -
2025-01-07
3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1
2023-12-21 -
2024-12-21
a year crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02
2024-05-06 -
2025-06-04
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M03
2024-07-31 -
2025-08-30
a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1
2024-07-31 -
2024-11-27
4 months crt.sh
*.pubmatic.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-03-19 -
2025-04-19
a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1
2024-07-30 -
2025-04-03
8 months crt.sh
teads.tv
R10
2024-09-02 -
2024-12-01
3 months crt.sh
*.tremorhub.com
Amazon RSA 2048 M03
2024-01-24 -
2025-02-21
a year crt.sh
*.3lift.com
Amazon RSA 2048 M02
2024-03-13 -
2025-04-11
a year crt.sh
*.twiago.com
Sectigo RSA Domain Validation Secure Server CA
2023-12-07 -
2025-01-06
a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1
2024-08-08 -
2025-08-10
a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M03
2024-03-04 -
2025-04-03
a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M03
2024-04-02 -
2025-05-01
a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018
2024-02-14 -
2025-03-16
a year crt.sh

This page contains 6 frames:

Primary Page: https://newmood.lv/
Frame ID: EDF3E8B258283C2342099014DB221612
Requests: 62 HTTP requests in this frame

Frame: https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnewmood.lv
Frame ID: 8E46ACAA0BB617BF5B2819B154F35B16
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/rul/765870297?random=1729796992237&cv=11&fst=1729796992237&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181630962z872649142za201zb72649142&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.lv%2F&hn=www.googleadservices.com&frm=0&tiba=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&npa=0&pscdl=noapi&auid=80336032.1729796992&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Frame ID: EAE6F1CECB71D3383F3FE66BE516BC7B
Requests: 1 HTTP requests in this frame

Frame: https://td.doubleclick.net/td/ga/rul?tid=G-4P5VHF7R7S&gacid=1991309354.1729796992&gtm=45je4al0v9138482577z872649142za200zb72649142&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101794737~101823848&z=1264125277
Frame ID: 349AC5F5EDC95F935956A86D6B1ADC1B
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=newmood.lv&origin=onetag
Frame ID: 53B026F31DA1AAD6E7FD1B23CA5FA355
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-509ETtJ6Y9-91qHeVmnFzDtsIUjdSXWUXZ_SEA&google_cm&google_hm=ay01MDlFVHRKNlk5LTkxcUhlVm1uRnpEdHNJVWpkU1hXVVhaX1NFQQ
Frame ID: 95ACD016D77A31CC3F445199A7659DA5
Requests: 27 HTTP requests in this frame

Screenshot

Page Title

 Apģērbi, apavi un aksesuāri internetā. | Newmood

Page URL History Show full URLs

  1. http://www.newmood.lv/ HTTP 307
    https://www.newmood.lv/ HTTP 301
    https://newmood.lv/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • omnisrc\.com

Overall confidence: 100%
Detected patterns

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)

Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js

Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

93
Requests

94 %
HTTPS

26 %
IPv6

43
Domains

52
Subdomains

47
IPs

8
Countries

1560 kB
Transfer

4551 kB
Size

42
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.newmood.lv/ HTTP 307
    https://www.newmood.lv/ HTTP 301
    https://newmood.lv/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 36
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823848&rnd=1306772256.1729796992&url=https%3A%2F%2Fnewmood.lv%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71WX45TLv72649142za200&auid=80336032.1729796992 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823848&rnd=1306772256.1729796992&url=https%3A%2F%2Fnewmood.lv%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71WX45TLv72649142za200&auid=80336032.1729796992
Request Chain 67
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2954666961542378480
Request Chain 71
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ky7ig9J6Y9-91qHeVmnFzDtsIUjXacN6ilB_ow HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ky7ig9J6Y9-91qHeVmnFzDtsIUjXacN6ilB_ow&C=1
Request Chain 72
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=sNgfKC9-jMTYHbHeTgwe5E4QlIytLZF3 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=sNgfKC9-jMTYHbHeTgwe5E4QlIytLZF3
Request Chain 90
  • https://sync.1rx.io/usersync/criteodsp/k-mU7lMNJ6Y9-91qHeVmnFzDtsIUig6BdTiOUbYw HTTP 302
  • https://sync.1rx.io/usersync/criteodsp/k-mU7lMNJ6Y9-91qHeVmnFzDtsIUig6BdTiOUbYw?zcc=1&cb=1729796993109 HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-4a78d356-a080-449f-93f1-621eabb4df40-003

93 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
newmood.lv/
Redirect Chain
  • http://www.newmood.lv/
  • https://www.newmood.lv/
  • https://newmood.lv/
234 KB
24 KB
Document
General
Full URL
https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
480b92833743b8780f258d3f2c7881e9ca9b2c8c1c2e21810f9819d6d8678d31

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
no-store, no-cache, must-revalidate no-cache
cf-cache-status
DYNAMIC
cf-ray
8d7c437bbd7cdbd7-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Thu, 24 Oct 2024 19:09:51 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Flf6Ti2qJyBM2BBcwispyx5%2BPB%2BVwbWCwMQ8ibJtumIAQT11EfRYYmH5dn%2FzwKjPKFRmyDK8f%2FYidBi%2BxpZJIoM0%2F%2BiHHZKopcoGQuatnlXNMQ66L9ACcNcbgbHh%2FJs7kLT7ZTzGp54%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding

Redirect headers

cf-cache-status
DYNAMIC
cf-ray
8d7c437aeb4edbd7-FRA
content-type
text/html
date
Thu, 24 Oct 2024 19:09:51 GMT
location
https://newmood.lv/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7GaRT5nHEkCKs06qkiN3pcqs%2FmazuRYigXYV8TkaEmUK059jNETgYBnbXQw1YzTtnxqHtiQsYQOqNhUv3bWZYIju0egDTyXSkckBoVLFx1YMZoy0D27zXoN0ou6jZksZ064m7QRVIAgstfWq"}],"group":"cf-nel","max_age":604800}
server
cloudflare
app.min-cb8715bad9.css
newmood.lv/build/assets/css/
485 KB
82 KB
Stylesheet
General
Full URL
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1a09bfb3ab823e17cbe5d4e840bb4dd9e18d9a0cf14482d4d6836a4b34d6bd81

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6572d24b-9795f"
age
8156586
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8zKSc9PnpyM51WVMN0TF3yqHcxzwiVkIyhmkttXWI1kZqTC2Rp7gakTUyhBn%2BCGNnF%2F1ZfFlQqtg9sgbwgxscTdzRhDHdIgz9RslX3tRKwiiKaaOQWosQQM0dSwMREDjEbXUiScEjNY%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 22 Jul 2025 09:26:45 GMT
cf-polished
origSize=620895
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
text/css
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f0f5ddbd7-FRA
server
cloudflare
searchnode.prod.js
inte.searchnode.io/newmood/
335 KB
93 KB
Script
General
Full URL
https://inte.searchnode.io/newmood/searchnode.prod.js
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.85.65.61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-85-65-61.muc50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
68f8aa81d4ac9a6171abc8377835ea77a03ff7264822921e9f6255d206ad8d11

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
max-age=86400
content-encoding
gzip
x-amz-version-id
I371EXsbaIH4MvRYXquFLatDVfwZZwy5
etag
W/"b17e6ddb7c48e1129348bb091df055c7"
age
40372
via
1.1 8e2b9bc1b41cb69d67514a54937a01e6.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-cache
Hit from cloudfront
x-amz-cf-id
aotSJSBw3aP-WVp6NR9rj2I2aMN5zfoXjS6mD8Bh3A0hXjFrRN5UZg==
date
Thu, 24 Oct 2024 07:57:00 GMT
content-type
application/javascript
last-modified
Mon, 03 Jul 2023 14:55:40 GMT
server
AmazonS3
x-amz-cf-pop
MUC50-P6
vary
Accept-Encoding
logo.png
newmood.lv/images/
2 KB
2 KB
Image
General
Full URL
https://newmood.lv/images/logo.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ef95f8ff44ba264df419900cf47cd3fefe93bc608943756f1c3ce31ed862fc9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-722"
age
3763
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4ozO%2BOQuQz8QsNaCfwwCDHCOQROlx6ot6YKFUJGF9wi8QEEbb7uD4bVaxdlhRvobYA9ASfLHaBV1OBTrN2CQDe1IEiDoaP6kMTImdAh4w9SusM189K1nXdqfDI0VczhuaznyYd1Ipq0%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Oct 2025 18:07:08 GMT
cf-polished
origFmt=png, origSize=1826
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="logo.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f0f64dbd7-FRA
accept-ranges
bytes
content-length
1618
server
cloudflare
delivery.png
newmood.lt/attachments/webimages/
542 B
936 B
Image
General
Full URL
https://newmood.lt/attachments/webimages/delivery.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6dc767e18f724d22bc90c9c2e23adaa6d3f2fc5f4b6d5c50e46152e7af85a925

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c7f-3f9"
age
87332
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=X388IT8RM0NMyqwJ0R2QE0NMZB9MSBfWsorzNJPVuI0DOFOi4d5gX62jccp6mGdt1jOaPluCLgzwHWP0weXUzXAOLQiprJ%2FP1y%2BHoQwCc97NLRGiz2fhWUz8j1xqUYLV6YewYf3ueHc%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 18:54:19 GMT
cf-polished
origFmt=png, origSize=1017
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="delivery.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:31:59 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f7961d275-FRA
accept-ranges
bytes
content-length
542
server
cloudflare
return.png
newmood.lt/attachments/webimages/
332 B
872 B
Image
General
Full URL
https://newmood.lt/attachments/webimages/return.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
11dd7cb3370ba0052b8b3d7d3d451c0398c276fdfaf81179171977d4cd472dda

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c84-292"
age
84787
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IlvZp8KjRvfF2EmZS9qloTVV9y6OvtsSSx9wAQfLrrjs2YPRdwNsYd0vsKWb9p1wjH24OE5kv3gEn6jxlFxDHaiPWu62y2idjJ9Sv5KlvMD0jsLHGJavSl4NS418kPEDxm%2FXjjCv1ME%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 19:36:44 GMT
cf-polished
origFmt=png, origSize=658
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="return.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:32:04 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f795cd275-FRA
accept-ranges
bytes
content-length
332
server
cloudflare
payment.png
newmood.lt/attachments/webimages/
720 B
1 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/payment.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ec91f4e8727384cc1a66aac67966f3a94dd8535ec0282bfa9e7a78e8bae571bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c89-41c"
age
776129
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=S01QGMr2DhwJi2AS3gvSUAALtQF4wVGDlm0LSsdpY5BzFaHSrdZmNG1DwAjOI8GhY3Lifr%2FOzQiAal2ufdUsmhMFn%2Fd5vxXAdGbj2LZYEufi2Ct2JiYR5WrWM7nU6INoIqjnXJrJOmA%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Oct 2025 19:34:22 GMT
cf-polished
origFmt=png, origSize=1052
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="payment.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:32:09 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f7964d275-FRA
accept-ranges
bytes
content-length
720
server
cloudflare
help.png
newmood.lt/attachments/webimages/
424 B
991 B
Image
General
Full URL
https://newmood.lt/attachments/webimages/help.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93dea07e833cd8156e06c71844a25384ae17939371aed37b5f913af12607cbba

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"59803c8e-339"
age
860358
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Gnmv%2B7PMZJegFRY0NhQSMKllrZ6LtZMUbWU1dzivqWB%2B4q9UsoTblLAkunXKP2zjGz69mNieFOeY7%2BRYdoSJh19%2Fyq6sfq6etsR4eb2jmtavQS2lxRlqMZoArJQoxDRvxaQOuBRHMuM%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 20:10:33 GMT
cf-polished
origFmt=png, origSize=825
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="help.webp"
vary
Accept
last-modified
Tue, 01 Aug 2017 08:32:14 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f7965d275-FRA
accept-ranges
bytes
content-length
424
server
cloudflare
app_lv.png
newmood.lv/images/app/
1 KB
2 KB
Image
General
Full URL
https://newmood.lv/images/app/app_lv.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f42a49bc8b309dbbfd8924e817bc264081fae5d7a30e89ae605cd469cf7e30d6

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-e38"
age
87300
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKUvpHyLbja8ozQ6aBwVY7gVd5BQFnPcFs%2Fl2Aoq5EmhecspMfFyN3Gs2w8GJnFHrvoiOo2%2BUSevesfDfi%2BZR1JCVdCgUR3n0wCbiQxeYa215qKHUXlzesap%2Fu6EBkzAEG6RRJ4jRA8%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 18:54:51 GMT
cf-polished
origFmt=png, origSize=3640
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="app_lv.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f585edbd7-FRA
accept-ranges
bytes
content-length
1270
server
cloudflare
google_lv.png
newmood.lv/images/app/
4 KB
4 KB
Image
General
Full URL
https://newmood.lv/images/app/google_lv.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c5facb932c92917b8bb333844222e8a9709eb9d29b0b1c76b1afdd3a6d1786e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"6572d24b-105a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iUYhFrOc2jtqBkjrglOV5G%2F8y95HZySxHhnZ6b2FoxY%2BDC0fufth7zOSBSZWNycLxBL5BqESeLnC2yT74NB9XGfJvkM97eGPCdxm8MXPcWKTd2Qvtj2ONGNVVQtCTdoMMTUzLDSt%2FnU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437f585fdbd7-FRA
expires
Fri, 24 Oct 2025 19:09:51 GMT
accept-ranges
bytes
content-length
4186
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/png
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
bankai_lv.png
newmood.lt/attachments/webimages/bankai/
10 KB
11 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/bankai/bankai_lv.png?1
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3afcd8ec23cb9a27233baf4bb93320dcd4d9e4d2af694e044805b3f9a95833a8

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"5cbec48c-401e"
age
782715
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nVuP4E9Cro746cjCv%2BMCZf%2FbfkaLT0SiMqYZfxI%2FGOANA3PzKk8uvkLUzdUHtRppCVIUqQBD2GxGC2JhPvzlaBTpU5rdM5Mn3ZULVj%2FAwJuf%2B1qVMGiSlNWwg2xQWeXqxGDuM98diAA%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Oct 2025 17:44:36 GMT
cf-polished
origFmt=png, origSize=16414
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="bankai_lv.webp"
vary
Accept
last-modified
Tue, 23 Apr 2019 07:53:48 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f7966d275-FRA
accept-ranges
bytes
content-length
10666
server
cloudflare
email-decode.min.js
newmood.lv/cdn-cgi/scripts/5c5dd728/cloudflare-static/
1 KB
1 KB
Script
General
Full URL
https://newmood.lv/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

x-frame-options
DENY
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=172800, public
content-encoding
gzip
etag
W/"6712b248-4d7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8MNy8XsS2R%2BBmDtZYXV7EcBIts3UC3SZoi8icmyaSvI8IFSVXn5VfFpYJAkU2DxLUUQQqrj35wNV%2FOiamiSonPJ0jUEapaYcQWs3zYeC3PxtJlgZ6tjryi9OYnEuK0GdTeEZ9jWRQ%2Fw%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
cf-ray
8d7c437f5857dbd7-FRA
expires
Sat, 26 Oct 2024 19:09:51 GMT
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/javascript
last-modified
Fri, 18 Oct 2024 19:08:56 GMT
server
cloudflare
vary
Accept-Encoding
app.min-d5fccbb760.js
newmood.lv/build/assets/js/
995 KB
253 KB
Script
General
Full URL
https://newmood.lv/build/assets/js/app.min-d5fccbb760.js
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4b81d22011e583ece60a62c079f45165774774e9fedbe253d0c1502d6edff8c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
cf-bgj
minify
etag
W/"6572d24b-1f6eba"
age
870855
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=cKh02NWwxOuRLQsDy8eEeySsQ3v1m0QwJqADzdh9sBGB%2B3T%2BR%2BszsQ1KEsQFyQJ7%2B5Hm68DN%2FLXBgHAGi3X7o0lzsPSOtOXPmcYf%2FG08eQdO1drv%2BiM71Ti7df5bxigO7vDk%2Fvl6hjE%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 17:15:36 GMT
cf-polished
origSize=2059962
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/javascript
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f585bdbd7-FRA
server
cloudflare
icon-close.png
newmood.lv/images/
304 B
765 B
Image
General
Full URL
https://newmood.lv/images/icon-close.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62c49570a5d4c22053ef9439b1b9c644a68a5763788ca0acbc559e8f35f3dddc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-51f"
age
782715
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=wzKv5RinQWZOFHc5lotdhU4ngq15%2Bqd1i2dbJjaNaGEE0j6FCdgfVWJH8u5muYkWbXxCfX6qkhazldhN7QvPoF%2FMzUYugD%2FdXp0QP9U9P%2BXW9QLZtUy5dYdZvGKTWmPROERZVZ%2BLYB0%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Oct 2025 17:44:36 GMT
cf-polished
origFmt=png, origSize=1311
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="icon-close.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f78b2dbd7-FRA
accept-ranges
bytes
content-length
304
server
cloudflare
foto.svg
newmood.lv/loaders/
704 B
660 B
Image
General
Full URL
https://newmood.lv/loaders/foto.svg
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ffd99fd05bf0a858096ff9e4fdc6c8e891b08b8e871a25bd74d59513f0c3f19d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"6572d24b-2c0"
age
6446
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=eiF99k2tRgtl1Dmg0Gwb%2BUKXV7wg40R%2FQgzvSHqNoJh9EpAwuZA8umQk51IOLCRpeJeiO5OO9LvgIl2y66eWQnl1Jv3nDP3cukcT268Bf0vUoUGCZTE7lnFIFT0NJWn3MkjwHR22pdU%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437f78c3dbd7-FRA
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/svg+xml
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
gzip
age
5982
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:225:0"}],}
x-content-type-options
nosniff
expires
Thu, 24 Oct 2024 19:30:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 17:30:09 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
vary
Accept-Encoding
strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:225:0
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
20994
server
Golfe2
gtm.js
www.googletagmanager.com/
365 KB
119 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e48be0dac19c8612a3547d6ab5f8084d95e0d161dfd2b8c4519107889ad3187b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:1080:0"}],}
expires
Thu, 24 Oct 2024 19:09:51 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 18:15:49 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:1080:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
121073
x-xss-protection
0
server
Google Tag Manager
shopping_bag_icon.png
newmood.lv/images/
142 B
575 B
Image
General
Full URL
https://newmood.lv/images/shopping_bag_icon.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
989ef18992af6107d85e757db607f221eec91ac347bb71bf4da1375ef8825e45

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-422"
age
782715
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aN5MTsnzGaNJGhSteR9SCWQQFFQKb999na9hpjxPhbbRwc6zMlOvIPhtttCZQexGQw9aF6eDEOisTXTtdv7VC%2BVvWq%2FBrDSBfArrqPtdsXkOCyy4EBUCRaiFe46ci%2FNO2vw5xxyFdDc%3D"}],"group":"cf-nel","max_age":604800}
expires
Wed, 15 Oct 2025 17:44:36 GMT
cf-polished
origFmt=png, origSize=1058
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="shopping_bag_icon.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f9930dbd7-FRA
accept-ranges
bytes
content-length
142
server
cloudflare
women_lv_570x500.jpg
newmood.lt/attachments/webimages/index/
50 KB
50 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/index/women_lv_570x500.jpg
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6dd2728d6692372aea66b3e4f2fdce54762ae8b65729b9f1314ad4a5d58ad86

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"609920b6-c690"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=jHN5zUdO6HEd5BNUPpVDOYx%2FN%2FH1EedGgA3L0UFVBtFNhOCkurAWCrhjSuSyEBoIMDYUkhQR%2BfO1dvQgr62iHVk%2BNX9YXRr0Brrle7OTYz3SIc%2F5am0yKHOwpHFqztVmpjoHgeMVSgI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437f7972d275-FRA
expires
Fri, 24 Oct 2025 19:09:51 GMT
accept-ranges
bytes
content-length
50832
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 12:01:58 GMT
vary
Accept-Encoding
server
cloudflare
men_lv_570x500.jpg
newmood.lt/attachments/webimages/index/
54 KB
55 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/index/men_lv_570x500.jpg
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5eab53695389fd941315f0eac05e6b594b91ba9800f71a9507160b8a7301c9d1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-bgj
imgq:100,h2pri
etag
"60992230-e63e"
age
860358
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LvM9CDnqBVXRMBW%2FESnMb3AyroHcDddFpd0lIZCkoXP5AW5DUzJUxSAUPTxBvV49l85R5FBbQOa82DJD4pq62zksW%2FVY4ACYAhh7WMlFc%2FLRPCjulOd3pekJDHSVbLcJb8W5%2F0tNYiM%3D"}],"group":"cf-nel","max_age":604800}
expires
Tue, 14 Oct 2025 20:10:33 GMT
cf-polished
origSize=58942
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 12:08:16 GMT
vary
Accept-Encoding
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f7974d275-FRA
accept-ranges
bytes
content-length
55719
server
cloudflare
kids_lv_1140x500.jpg
newmood.lt/attachments/webimages/index/
142 KB
142 KB
Image
General
Full URL
https://newmood.lt/attachments/webimages/index/kids_lv_1140x500.jpg?1598617742
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a11 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ee467ce207819bbb1eb1053c0ffbeac916818c74b73a9cc52f4cd29bd43f31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
MISS
etag
"60991fde-237b7"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uM5V8L11Q9AECjheF13%2BN%2F2AVkRjJzd0o48BECnIsthqauQJySuxnWwrGB6Heq09oTOo5a2CiWCjMhsEUUdK1%2BFJSkIbRJ9gewchQP6IAk6RwPZGWstlabfbY3Cxfq%2Fe8Xtn5DPKplc%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437f7978d275-FRA
expires
Fri, 24 Oct 2025 19:09:51 GMT
accept-ranges
bytes
content-length
145335
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/jpeg
last-modified
Mon, 10 May 2021 11:58:22 GMT
vary
Accept-Encoding
server
cloudflare
instagram.png
newmood.lv/images/
2 KB
2 KB
Image
General
Full URL
https://newmood.lv/images/instagram.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c6bab0a9a4cc327ad105edf9fd0d4ea45ad89a9baa30e18aeaf8c5081adc1df2

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-804"
age
79202
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ucsh6GjO9SJ7G92QI3IURfA0bhvn9X432peWu4pKkcdZ8MrDIsACpPJW58oXIOfnNhfKBsglAbduj3O7oMm9BZ1jPswRa3%2BSH7qt0kph4Ths%2FFP%2BJttkLJR8pog%2FIHhKNBj8MmUPCxY%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 21:09:49 GMT
cf-polished
origFmt=png, origSize=2052
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="instagram.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f994cdbd7-FRA
accept-ranges
bytes
content-length
1722
server
cloudflare
facebook.png
newmood.lv/images/
462 B
837 B
Image
General
Full URL
https://newmood.lv/images/facebook.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5667f1598f8a0831d6abc6d7f58b7e185857e6c47876015eddd4129901fdb297

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-3d8"
age
7139
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NSPmQn9mxdf9cR%2B8HgK0cd6jGwF7UJaNVGLmGWgSg37gyZSku723DPM1PDqm0n5mtZUHFFyhuDENWb%2FO8%2BLECwHGBA%2B7IzW5LMSoZZTZdRX7k4m2et0%2B1CWoyDPQ2kBLsX45qSKv3WQ%3D"}],"group":"cf-nel","max_age":604800}
expires
Fri, 24 Oct 2025 17:10:52 GMT
cf-polished
origFmt=png, origSize=984
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
image/webp
content-disposition
inline; filename="facebook.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c437f9951dbd7-FRA
accept-ranges
bytes
content-length
462
server
cloudflare
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
newmood.lv/fonts/roboto/
16 KB
16 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3e30"
age
1646
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aKphX6Ma8nUspmyApD7%2BI9TpYGZZh9qobiuBuhdUQzS5ZUsCCH6siiLHwJIWdYlbEoidnTAcUht3kiwwKm4FlQF59abgOnm9fCuh9FAhcZL11VWb%2FljkML37VTuvM9bS%2Fhzauqgt8Eg%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9acdbd7-FRA
accept-ranges
bytes
content-length
15920
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
fontawesome-webfont.woff2
newmood.lv/fonts/
75 KB
76 KB
Font
General
Full URL
https://newmood.lv/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-12d68"
age
1646
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LI8iT%2BKFwJBlycryEej0SpVErBdKNLrHffh8lKnLi4hy1lVQTj5PUclfypMJwhr%2Bd2N5o66d11qjyEMoOdet31%2BJC7HRW7mdpX52GrBIOY%2Fdj3UbELdARsMOqRAyJ6brJnRrNsGhhFo%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9b0dbd7-FRA
accept-ranges
bytes
content-length
77160
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
newmood.lv/fonts/roboto/
15 KB
16 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3dd4"
age
1646
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=P3fu4jv0AfPdJtxX8B1Jf3QaBtV0Q7UsZnZynB9KIko30xDs9P%2BSC94LwVRXL6n55fQuXwJX8mEmov%2Bugkyg%2FqXveiC0crK7IL0A2CYtTu0wD4rKVpKiXYKwCvupLfMRajHGygpsjI4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9b3dbd7-FRA
accept-ranges
bytes
content-length
15828
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOmCnqEu92Fr1Mu4mxK.woff2
newmood.lv/fonts/roboto/
15 KB
16 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3d48"
age
1646
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kObZDwU4Ge8drW8JiNAHV%2FCviNXbqGZ2NfEXI%2FOU3BJAThc1hadnP%2FDZlccnB1JYy6cVYj3N2q8vUILUEbi57iNByhoalowaFgs3G1WOhw3oA6cW2e6P42bFdVyf8eruewT0afMa4b4%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9b6dbd7-FRA
accept-ranges
bytes
content-length
15688
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOkCnqEu92Fr1Mu51xIIzI.woff2
newmood.lv/fonts/roboto/
17 KB
17 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOkCnqEu92Fr1Mu51xIIzI.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-4398"
age
1646
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XUa8gGXELT4ASMnvai6JGPCpmZPxLKFRuZ3V70FaQJFTd%2FlsakYpCRXy%2BvB2eXXwtEQCBhphBbbf853cbrNlYFKpCmaLw%2FL5FUy3oM54kfuoodGa0Yy%2FVO2fFgDOfp3YOvmeiWGkSH0%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9b8dbd7-FRA
accept-ranges
bytes
content-length
17304
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
newmood.lv/fonts/roboto/
15 KB
16 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
HIT
etag
"6572d24b-3d74"
age
1646
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=073yW%2BNwNHw9MAEBke%2F5ZQAGH0aIrzcMgem264%2BgSf%2BJKdUsinhnurjhnG20glupdrqlXo6aKZIaclU8YPyNL6ae1hXPiaGBh4eLGDU0vjF555TsZXPIf%2Flh9NCptPy4OjTfdNH2I1U%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9b9dbd7-FRA
accept-ranges
bytes
content-length
15732
date
Thu, 24 Oct 2024 19:09:51 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
newmood.lv/fonts/roboto/
11 KB
12 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOlCnqEu92Fr1MmEU9fChc4EsA.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"6572d24b-2df8"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=K%2BeUl%2BiltOC18mr2PBRHk%2FhExjBMf5c0eH3MZIjpI9C9jjf1TfFiAYCjHPFh5Gu8lHnq5ldrmHh%2FlUbLWuF7jkVRSVzgKFcQx8oQh5acMMIVcmUzfJ29jlvrbZW30l%2FtgwAqWmiEdVk%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fb9bddbd7-FRA
accept-ranges
bytes
content-length
11768
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOmCnqEu92Fr1Mu7GxKOzY.woff2
newmood.lv/fonts/roboto/
12 KB
12 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOmCnqEu92Fr1Mu7GxKOzY.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"6572d24b-2e54"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tx8UiePC330aBDAhdjOUYqS7%2BdElYm4P%2BvgzMloMLKL2B%2Fq1EUVG76K2shkgLA3LedgS2v4AxoU9c0K%2FXEI8OqX%2FjwvA7Jda5VTEgzSO%2BJTmuj3R0lBChPC4wCFo%2FaHp7I0m%2BTBwQTY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fc9c5dbd7-FRA
accept-ranges
bytes
content-length
11860
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
newmood.lv/fonts/roboto/
12 KB
12 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOlCnqEu92Fr1MmWUlfChc4EsA.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"6572d24b-2e3c"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=aQgjFDgnWWHDhN4XfaDSGuzw4gVF0ilmmwKC6CnEK9pyL0zyQVdqo7mrKpJiUhelbthcPbxAKbYA3ABYnheaxXbrGeLfHGKQoVrT3vq9Im%2Fdrpzw3v96PxK%2BTIdi9NBeT9cudEnjJcI%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fc9c8dbd7-FRA
accept-ranges
bytes
content-length
11836
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
newmood.lv/fonts/roboto/
12 KB
13 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOkCnqEu92Fr1Mu51xGIzIFKw.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a74103e38e9100725602e7787a2c49fde1be6ed403db86151329352e648300c5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"6572d24b-3194"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=kJspkIYEIWxZAtENTqTrAYTbemk7zJXEeg%2BLpxzhCQX1xBWLILFoQk%2BGeflfoAJXm5wyMk0ZKS4YJXdPgJv9V7PnLFAoMoxlg%2F9EFjZqUlJ1qPDfK2ov8crQDK8RhNuMdV6PgrwRiiY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c437fc9cbdbd7-FRA
accept-ranges
bytes
content-length
12692
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
collect
www.google-analytics.com/j/
3 B
418 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=2039913314&t=pageview&_s=1&dl=https%3A%2F%2Fnewmood.lv%2F&ul=de-de&de=UTF-8&dt=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1772052033&gjid=434870804&cid=1991309354.1729796992&tid=UA-84865466-1&_gid=1044729757.1729796992&_r=1&_slc=1&cd2=web&z=1867183295
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://newmood.lv/

Response headers

report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsgac:175:0"}],}
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:09:52 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsgac:175:0
access-control-allow-origin
https://newmood.lv
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
3
server
Golfe2
launcher-v2.js
omnisrc.com/inshop/
52 KB
15 KB
Script
General
Full URL
https://omnisrc.com/inshop/launcher-v2.js
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.146.59 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
426bc444d61f75bbb0428be6bd6dfab3a9b8c0a9ea5e9c140e593f5abb70ffa5
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67174c98-d13a"
age
621
expires
Thu, 24 Oct 2024 19:59:31 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 06:56:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=3600
x-envoy-upstream-service-time
1
via
1.1 google
cf-ray
8d7c43809c0b91f9-FRA
server
cloudflare
icon-upload.png
newmood.lv/images/
246 B
741 B
Image
General
Full URL
https://newmood.lv/images/icon-upload.png
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b81603a4323d4bb58b2698b0676baa85142dcf59c3872c8462fd2d495b74d7bc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cf-bgj
imgq:100,h2pri
etag
"6572d24b-556"
age
84588
cf-cache-status
HIT
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FnszqoUo3yc9tFnOvySn15gtso1sCLHHb9abzrEQ%2BNxHTQohpAfeAveByjCT5%2Br85eHx32EGdd5xFOamj3I5oLa9RQLiazvwDWlwH8QPiIW2X7DG%2BzEMIjNoN5UztK9PnDyb%2FWcSaQ0%3D"}],"group":"cf-nel","max_age":604800}
expires
Thu, 23 Oct 2025 19:40:04 GMT
cf-polished
origFmt=png, origSize=1366
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/webp
content-disposition
inline; filename="icon-upload.webp"
vary
Accept
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
8d7c43807c3bdbd7-FRA
accept-ranges
bytes
content-length
246
server
cloudflare
KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
newmood.lv/fonts/roboto/
12 KB
12 KB
Font
General
Full URL
https://newmood.lv/fonts/roboto/KFOlCnqEu92Fr1MmSU5fChc4EsA.woff2
Requested by
Host: newmood.lv
URL: https://newmood.lv/build/assets/css/app.min-cb8715bad9.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Origin
https://newmood.lv
Referer
https://newmood.lv/build/assets/css/app.min-cb8715bad9.css

Response headers

cache-control
max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-cache-status
REVALIDATED
etag
"6572d24b-2e24"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T3p30sAkh7YUWz%2BZhiZ0NV8Pv2p%2FBiuQp%2F9%2BrVFgNNqiHtSAe%2B9s41Xw48a1HhFUCtMUqItg0LiO70uoNeGZSaWL2D%2F%2FHMj46KLj3REEtlMFVjoIc1eFxtMi%2F73BDX0WY8mjv3CGQ58%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c43808c6ddbd7-FRA
accept-ranges
bytes
content-length
11812
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/octet-stream
last-modified
Fri, 08 Dec 2023 08:22:35 GMT
vary
Accept-Encoding
server
cloudflare
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823848&rnd=1306772256.1729796992&url=https%3A%2F%2Fnewmood.lv%2F&dma_cps=syphamo&dma=1&npa=0...
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823848&rnd=1306772256.1729796992&url=https%3A%2F%2Fnewmood.lv%2F&dma_cps=sypham...
42 B
65 B
Ping
General
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823848&rnd=1306772256.1729796992&url=https%3A%2F%2Fnewmood.lv%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71WX45TLv72649142za200&auid=80336032.1729796992
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H3
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
42
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=13v3v3v2v5l1&tag_exp=101533422~101686685~101794737~101823848&rnd=1306772256.1729796992&url=https%3A%2F%2Fnewmood.lv%2F&dma_cps=syphamo&dma=1&npa=0&gtm=45He4al0n71WX45TLv72649142za200&auid=80336032.1729796992
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
js
www.googletagmanager.com/gtag/
297 KB
102 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-4P5VHF7R7S&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
dc2235f9ad8c47e2ce51d509f50d14a36c5a34d65630c94337bf847dcaaeaf55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
expires
Thu, 24 Oct 2024 19:09:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
104025
x-xss-protection
0
server
Google Tag Manager
destination
www.googletagmanager.com/gtag/
278 KB
97 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/destination?id=AW-765870297&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
32061eb596e91b018b31fd82995580d6c756bef6c2f4f214e5c5a043fd26447b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcysghrgc:42:0"}],}
expires
Thu, 24 Oct 2024 19:09:52 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Thu, 24 Oct 2024 18:15:49 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcysghrgc:42:0
access-control-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
98483
x-xss-protection
0
server
Google Tag Manager
fbevents.js
connect.facebook.net/en_US/
229 KB
58 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
f5e35a9ad3958ca5395c3496fe29b2a933f541a33741df1e37b084d7df8bcb39
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=6, rtx=0, c=23, mss=1232, tbw=4415, tp=9, tpl=0, uplat=0, ullat=-1
pragma
public
x-fb-debug
TLeZcoYVjE/3aMyT9u98FSinSu/KvVWcnaxw85K0mp3Si/tQ7sDIgqBPn3eaCJ5BCRsehDanmOweGnEJh0qDfA==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
content-length
59697
x-xss-protection
0
origin-agent-cluster
?1
jcr-widget.js
cdn.one.store/javascript/dist/1.0/
33 KB
12 KB
Script
General
Full URL
https://cdn.one.store/javascript/dist/1.0/jcr-widget.js?account_id=F6EZvp6S9pWEV4qSAMocwVhhZcl2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7337a5e1cc81f563252d146272f6fa8753bd5388feb432275693ba052058b2b7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

x-goog-metageneration
1
x-goog-hash
crc32c=STv63w==, md5=neYTGBxHGiX2roOPPaPcDw==
cf-cache-status
HIT
etag
W/"9de613181c471a25f6ae838f3da3dc0f"
age
5648
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=A7gtDlA77wchX0nT2oLVYiS8FRt1MsmTH4gogFA7TaxzG1zcf0%2BsD5Ex8wgydYZT1yeNFVyrY%2Fl4ivPFU9lxd93WoxbJR5YXcwJssPzzclrNl3hdZxfS6%2BdX1KCmgT5QzqZ5dWi9gjqlSQ0%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 24 Oct 2024 17:38:31 GMT
x-goog-stored-content-length
33977
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 16:51:04 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY3XCyUsgkhZXCTv3q9kSdMgOdzMaJytVugxjPKmIgAZdIYYNGdG1z3-ckmyxPbXNQi2TFcy12NsbQ
cache-control
public, max-age=300
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7c43811963d2be-FRA
access-control-allow-origin
*
x-goog-generation
1725555064327814
server
cloudflare
sw_iframe.html
www.googletagmanager.com/static/service_worker/4al0/ Frame 8E46
0
0
Document
General
Full URL
https://www.googletagmanager.com/static/service_worker/4al0/sw_iframe.html?origin=https%3A%2F%2Fnewmood.lv
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
age
9963
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
br
content-length
1476
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/analytics-container-tag-serving
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="analytics-container-tag-serving"
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 16:23:49 GMT
expires
Fri, 24 Oct 2025 16:23:49 GMT
last-modified
Mon, 21 Oct 2024 16:58:00 GMT
report-to
{"group":"analytics-container-tag-serving","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/analytics-container-tag-serving"}]}
server
sffe
service-worker-allowed
/static/service_worker
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
monitoring.js
omnisnippet1.com/monitoring/
69 KB
25 KB
Script
General
Full URL
https://omnisnippet1.com/monitoring/monitoring.js?v=2024-10-24T19
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.126 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73f75abc51fe9823e99cca9b90897cf0e661433dfaf562f2ed079efe0879d351
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

strict-transport-security
max-age=15552000
cache-control
max-age=3600
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"67179da4-114f0"
x-envoy-upstream-service-time
1
via
1.1 google
cf-ray
8d7c43812d2cd286-FRA
expires
Thu, 24 Oct 2024 20:09:52 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 12:42:12 GMT
server
cloudflare
getSettings
wt.omnisendlink.com/REST/inShop/v1/
298 B
532 B
Fetch
General
Full URL
https://wt.omnisendlink.com/REST/inShop/v1/getSettings?shopHostname=newmood.lv&shopType=api&brandID=57ffa4f35e8d400240aad8aa&responseType=json
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.155.219 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0febf4cdbde17e775e849bf7226a409c45b40f4a635db7bab86ef9b890661676
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

access-control-expose-headers
X-Expose-Header
content-encoding
br
cf-cache-status
HIT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 19:09:19 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=0, s-maxage=600, public
x-envoy-upstream-service-time
10
access-control-allow-credentials
true
via
1.1 google
cf-ray
8d7c438129769118-FRA
access-control-allow-origin
https://newmood.lv
server
cloudflare
jcr-widget-app.c5bed5c3.js
cdn.one.store/javascript/dist/1.0/
402 KB
85 KB
Script
General
Full URL
https://cdn.one.store/javascript/dist/1.0/jcr-widget-app.c5bed5c3.js
Requested by
Host: cdn.one.store
URL: https://cdn.one.store/javascript/dist/1.0/jcr-widget.js?account_id=F6EZvp6S9pWEV4qSAMocwVhhZcl2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a63907fdb519bf17593238f7288dcf5016400cc8d4478e034e43a85a46d25340

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

x-goog-metageneration
1
access-control-expose-headers
Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
x-goog-hash
crc32c=XDrMfw==, md5=Y1ZLBV7rdKu0LNRSbOPpJQ==
cf-cache-status
HIT
etag
W/"63564b055eeb74abb42cd4526ce3e925"
age
5751
content-encoding
br
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lf451YPQIbQeJKj%2Fm2dStZECTzY57yG1zcYwFM6YQxEDZAk8DPelGJPhVoxFDKt0ldj2UrLFBcNXB97G8r9cE%2Bnt9iPyOz7%2Bq%2FjmQ5xvByZzXOtvP56ML8dVjSpYK3gTKF1rp3bx4NvINxY%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-encoding
identity
expires
Thu, 24 Oct 2024 17:35:43 GMT
x-goog-stored-content-length
411969
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript
last-modified
Thu, 05 Sep 2024 16:51:02 GMT
vary
Accept-Encoding
x-guploader-uploadid
AHmUCY0De_8vEDGtvuTrSUGXXbG5ZMNFVBy5b0ixOgw0HEPQafgahijXe2lDZTekeO9nRELTkkJRPi2AfQ
cache-control
public, max-age=7200
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-storage-class
MULTI_REGIONAL
cf-ray
8d7c438149fbd2be-FRA
access-control-allow-origin
*
x-goog-generation
1725555062067956
server
cloudflare
190667191339623
connect.facebook.net/signals/config/
67 KB
13 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/190667191339623?v=2.9.174&r=stable&domain=newmood.lv&hme=ead923021ccd3483ef3b9b04703d0a78b943fbdc01e8d7cec21c5059f1f4a5e9&ex_m=70%2C121%2C107%2C111%2C61%2C4%2C100%2C69%2C16%2C97%2C89%2C51%2C54%2C172%2C175%2C187%2C183%2C184%2C186%2C29%2C101%2C53%2C77%2C185%2C167%2C170%2C180%2C181%2C188%2C131%2C41%2C189%2C190%2C34%2C143%2C15%2C50%2C194%2C193%2C133%2C18%2C40%2C1%2C43%2C65%2C66%2C67%2C71%2C93%2C17%2C14%2C96%2C92%2C91%2C108%2C52%2C110%2C39%2C109%2C30%2C94%2C26%2C168%2C171%2C140%2C86%2C56%2C84%2C33%2C73%2C0%2C95%2C32%2C28%2C82%2C83%2C88%2C47%2C46%2C87%2C37%2C11%2C12%2C13%2C6%2C7%2C25%2C22%2C23%2C57%2C62%2C64%2C75%2C102%2C27%2C76%2C9%2C8%2C80%2C48%2C21%2C104%2C103%2C105%2C98%2C10%2C20%2C3%2C38%2C74%2C19%2C5%2C90%2C81%2C44%2C35%2C85%2C2%2C36%2C63%2C42%2C106%2C45%2C79%2C68%2C112%2C60%2C59%2C31%2C99%2C58%2C55%2C49%2C78%2C72%2C24%2C113
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
xx-fbcdn-shv-02-fra3.fbcdn.net
Software
/
Resource Hash
74cbbb54fa2bdca5d49fb305b9c42696d5af340285941ac6169e5d8cd5ec1f09
Security Headers
Name Value
Content-Security-Policy default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
gzip
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
priority
u=3,i
x-frame-options
DENY
strict-transport-security
max-age=31536000; preload; includeSubDomains
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src 'unsafe-inline' *.fbcdn.net *.facebook.net blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
cache-control
public, max-age=1200
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=7, rtx=0, c=75, mss=1232, tbw=68439, tp=66, tpl=0, uplat=132, ullat=1
pragma
public
x-fb-debug
hUha3Cm6uvsfJwdF3MaRQnYaEZjFWkqVYxAnBSnJw/FOpIAztHojFvZ58+3VDpsRZhcJAFG1Uwz3abihLb8R7Q==
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?1
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/765870297/
6 KB
2 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/765870297/?random=1729796992237&cv=11&fst=1729796992237&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181630962z872649142za201zb72649142&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.lv%2F&hn=www.googleadservices.com&frm=0&tiba=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&npa=0&pscdl=noapi&auid=80336032.1729796992&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-765870297&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f2.1e100.net
Software
cafe /
Resource Hash
21be42d5f9b624063b2f8b01bdeb613b8f2ebb46604286761bfb4c58e1cef314
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
no-cache, must-revalidate
timing-allow-origin
*
content-encoding
br
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-length
2417
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
text/javascript; charset=UTF-8
content-disposition
attachment; filename="f.txt"
server
cafe
765870297
td.doubleclick.net/td/rul/ Frame EAE6
0
0
Document
General
Full URL
https://td.doubleclick.net/td/rul/765870297?random=1729796992237&cv=11&fst=1729796992237&fmt=3&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181630962z872649142za201zb72649142&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.lv%2F&hn=www.googleadservices.com&frm=0&tiba=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&npa=0&pscdl=noapi&auid=80336032.1729796992&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=AW-765870297&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newmood.lv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 19:09:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-4P5VHF7R7S&gtm=45je4al0v9138482577z872649142za200zb72649142&_p=1729796991889&_gaz=1&gcs=G111&gcd=13v3vPv2v5l1&npa=0&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823848&cid=1991309354.1729796992&ul=de-de&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&pae=1&frm=0&pscdl=noapi&_eu=EA&_s=1&sid=1729796992&sct=1&seg=0&dl=https%3A%2F%2Fnewmood.lv%2F&dt=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&en=page_view&_fv=1&_ss=1&tfd=1199
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P5VHF7R7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:136:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:136:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newmood.lv
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
551 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-4P5VHF7R7S&cid=1991309354.1729796992&gtm=45je4al0v9138482577z872649142za200zb72649142&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&frm=0&tag_exp=101533421~101686685~101794737~101823848
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P5VHF7R7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
content-security-policy-report-only
script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascnsrsggc:111:0
report-to
{"group":"coop_reporting","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascnsrsggc:111:0"}],}
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://newmood.lv
cross-origin-opener-policy-report-only
same-origin; report-to=coop_reporting
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
text/plain
server
Golfe2
rul
td.doubleclick.net/td/ga/ Frame 349A
0
0
Document
General
Full URL
https://td.doubleclick.net/td/ga/rul?tid=G-4P5VHF7R7S&gacid=1991309354.1729796992&gtm=45je4al0v9138482577z872649142za200zb72649142&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&pscdl=noapi&aip=1&fledge=1&frm=0&tag_exp=101533421~101686685~101794737~101823848&z=1264125277
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-4P5VHF7R7S&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://newmood.lv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
16
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 19:09:52 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-4P5VHF7R7S&cid=1991309354.1729796992&gtm=45je4al0v9138482577z872649142za200zb72649142&aip=1&dma=1&dma_cps=syphamo&gcs=G111&gcd=13v3vPv2v5l1&npa=0&frm=0&tag_exp=101533421~101686685~101794737~101823848&tag_exp=101533421~101686685~101794737~101823848&z=1674148129
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
config
widget-api.one.store/v1/notifications/
137 B
1 KB
XHR
General
Full URL
https://widget-api.one.store/v1/notifications/config?account_id=F6EZvp6S9pWEV4qSAMocwVhhZcl2&page=https%3A%2F%2Fnewmood.lv%2F&user_agent=desktop&local_time_zone=europe_berlin
Requested by
Host: cdn.one.store
URL: https://cdn.one.store/javascript/dist/1.0/jcr-widget-app.c5bed5c3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bbc031674ecf30e669f3cd7655ad5af8b6e2829f2d9b5d95d3dff3ae1ac72ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

access-control-max-age
7200
x-request-id
9d91e0d8-3826-463f-b2c4-5238b4ed5dfb
access-control-expose-headers
*
content-encoding
br
cf-cache-status
DYNAMIC
etag
W/"8bbc031674ecf30e669f3cd7655ad5af"
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=B1%2FVXwZvnyV7R0h9Q42Nc6pY6jVNxP7FH6KlDI%2BRl1Xxmpz3W9yIPgF1RiVRtv0zkYkfV0FZq15ywKBMI6b2MFAvfT6MobPo%2F6DNg60UD8dy7MUV0WT7%2FSRoDMgwM2TX3fMqQmZOZzOOIB4IKQjFd1OX"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
prooffactor-cache
MISS
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/json; charset=utf-8
vary
Origin
x-runtime
0.029652
x-frame-options
SAMEORIGIN
cache-control
max-age=0, private, must-revalidate
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proof-factor-user-country-code
DE
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8d7c4382dbb3d3b9-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
/
www.google.com/pagead/1p-user-list/765870297/
42 B
64 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/765870297/?random=1729796992237&cv=11&fst=1729796400000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181630962z872649142za201zb72649142&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.lv%2F&hn=www.googleadservices.com&frm=0&tiba=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&npa=0&pscdl=noapi&auid=80336032.1729796992&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfF7_bC0JpxICneQlOewPrsgzJ6xgm1QHTYVa-yjR6VyM-_Yjg&random=676870819&rmt_tld=0&ipr=y
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s11-in-f4.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
/
www.google.de/pagead/1p-user-list/765870297/
42 B
64 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/765870297/?random=1729796992237&cv=11&fst=1729796400000&bg=ffffff&guid=ON&async=1&gtm=45be4al0v9181630962z872649142za201zb72649142&gcd=13v3vPv2v5l1&dma_cps=syphamo&dma=1&tag_exp=101533421~101686685~101794737~101823848&u_w=1600&u_h=1200&url=https%3A%2F%2Fnewmood.lv%2F&hn=www.googleadservices.com&frm=0&tiba=%C2%A0Ap%C4%A3%C4%93rbi%2C%20apavi%20un%20aksesu%C4%81ri%20internet%C4%81.%20%7C%20Newmood&npa=0&pscdl=noapi&auid=80336032.1729796992&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&fledge=1&data=ads_data_redaction%3Dfalse&rfmt=3&fmt=3&is_vtc=1&cid=CAQSKQDpaXnfF7_bC0JpxICneQlOewPrsgzJ6xgm1QHTYVa-yjR6VyM-_Yjg&random=676870819&rmt_tld=1&ipr=y
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.67 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-security-policy
script-src 'none'; object-src 'none'
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
push-notifications.js
omnisnippet1.com/inShop/
23 KB
7 KB
Script
General
Full URL
https://omnisnippet1.com/inShop/push-notifications.js?v=2024-10-24T19
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.126 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34183ec5342031565e78a9cebc1a96540a9b8673cb11f9fe606f3201333f578f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67174c98-5bbb"
age
2963
expires
Thu, 24 Oct 2024 19:20:29 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 06:56:24 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=3600
x-envoy-upstream-service-time
1
via
1.1 google
cf-ray
8d7c438278e2d286-FRA
server
cloudflare
main.js
omnisnippet1.com/forms/
85 KB
21 KB
Script
General
Full URL
https://omnisnippet1.com/forms/main.js?v=2024-10-24T19
Requested by
Host: omnisrc.com
URL: https://omnisrc.com/inshop/launcher-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.126 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d83a34cff368e91e387afdeab8bd446d267bcaf117c9a6909a6e7326b8e2dc79
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
br
cf-cache-status
HIT
etag
W/"67179d90-15357"
age
202
expires
Thu, 24 Oct 2024 19:16:15 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/javascript
last-modified
Tue, 22 Oct 2024 12:41:52 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=3600
x-envoy-upstream-service-time
3
via
1.1 google
cf-ray
8d7c438278e3d286-FRA
server
cloudflare
/
www.facebook.com/tr/
0
274 B
Image
General
Full URL
https://www.facebook.com/tr/?id=190667191339623&ev=PageView&dl=https%3A%2F%2Fnewmood.lv%2F&rl=&if=false&ts=1729796992396&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1729796992395.331211767464522637&ler=empty&cdl=API_unavailable&it=1729796992218&coo=false&eid=1729796992115.706574.1&tm=1&rqm=GET
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=10, rtx=0, c=10, mss=1297, tbw=2945, tp=-1, tpl=-1, uplat=0, ullat=0
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
alt-svc
h3=":443"; ma=86400
content-length
0
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
text/plain
server
proxygen-bolt
/
www.facebook.com/privacy_sandbox/pixel/register/trigger/
67 B
3 KB
Image
General
Full URL
https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=190667191339623&ev=PageView&dl=https%3A%2F%2Fnewmood.lv%2F&rl=&if=false&ts=1729796992396&sw=1600&sh=1200&v=2.9.174&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=12318&fbp=fb.1.1729796992395.331211767464522637&ler=empty&cdl=API_unavailable&it=1729796992218&coo=false&eid=1729796992115.706574.1&tm=1&rqm=FGET
Requested by
Host: newmood.lv
URL: https://newmood.lv/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
Security Headers
Name Value
Content-Security-Policy default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

content-encoding
zstd
report-to
{"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown&brsid=7429421509609926717"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
x-content-type-options
nosniff
expires
Sat, 01 Jan 2000 00:00:00 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/png
vary
Accept-Encoding
x-fb-debug
hcCVnI1yNwgYGlOLWiJ14YrqKfwABRybfyGnBPQUGKTXXH7c/Vx+WWYy6TuwOCMX5+e1CYgaEGxAGd/dw0OcAw==
x-frame-options
DENY
strict-transport-security
max-age=15552000; preload
reporting-endpoints
coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown&brsid=7429421509609926717", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
content-security-policy
default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com https://paywithmybank.com/ https://*.paywithmybank.com/;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net https://paywithmybank.com/ https://*.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
cache-control
private, no-store, no-cache, must-revalidate
x-fb-connection-quality
EXCELLENT; q=0.9, rtt=14, rtx=0, c=14, mss=1297, tbw=3263, tp=-1, tpl=-1, uplat=144, ullat=0
cross-origin-opener-policy
same-origin-allow-popups
pragma
no-cache
cross-origin-resource-policy
cross-origin
permissions-policy
accelerometer=(), attribution-reporting=(self), autoplay=(), bluetooth=(), browsing-topics=(self), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(self), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
document-policy
force-load-at-top
x-xss-protection
0
origin-agent-cluster
?0
renderedForms
forms.soundestlink.com/REST/forms/v1/
2 B
515 B
Fetch
General
Full URL
https://forms.soundestlink.com/REST/forms/v1/renderedForms?v=2024-10-24T19&brandID=57ffa4f35e8d400240aad8aa&displayType=popup,embedded,flyout
Requested by
Host: omnisnippet1.com
URL: https://omnisnippet1.com/monitoring/monitoring.js?v=2024-10-24T19
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.153.206 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cf-cache-status
HIT
age
32
access-control-allow-methods
GET,OPTIONS
expires
Thu, 24 Oct 2024 19:19:20 GMT
alt-svc
h3=":443"; ma=86400
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/json
last-modified
Thu, 24 Oct 2024 19:09:20 GMT
vary
Accept-Encoding
strict-transport-security
max-age=15552000
cache-control
max-age=0, s-maxage=600, public
x-envoy-upstream-service-time
3
via
1.1 google
cf-ray
8d7c43833e95d279-FRA
accept-ranges
bytes
access-control-allow-origin
*
content-length
2
server
cloudflare
visits
interactions.one.store/v1/analytics/
0
1 KB
Ping
General
Full URL
https://interactions.one.store/v1/analytics/visits
Requested by
Host: cdn.one.store
URL: https://cdn.one.store/javascript/dist/1.0/jcr-widget-app.c5bed5c3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:7d3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://newmood.lv/

Response headers

access-control-max-age
7200
x-request-id
bbfd638c-6bd2-4879-9890-44d709db7c83
access-control-expose-headers
*
cf-cache-status
DYNAMIC
x-permitted-cross-domain-policies
none
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=HCamiUYC5pUxVXvRtjxmGjf0m%2BET3FzgaUySnV0aZY1UxOHWpJR36zBuyTwH3V1zXlLxImNCeYbgmdyKPfW4tSS%2BR73wG5hh7eJKkf5cYu4HY6h1GV9CuZRDMe4ULYTAbNnb%2BZHcMR7ZOj6%2B%2BpKNjdnYpOA%3D"}],"group":"cf-nel","max_age":604800}
x-content-type-options
nosniff
access-control-allow-methods
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS
date
Thu, 24 Oct 2024 19:09:52 GMT
vary
Origin
x-runtime
0.006559
x-frame-options
SAMEORIGIN
cache-control
no-cache
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
proof-factor-user-country-code
DE
referrer-policy
strict-origin-when-cross-origin
x-download-options
noopen
cf-ray
8d7c4383ca38d2be-FRA
access-control-allow-origin
*
x-xss-protection
1; mode=block
server
cloudflare
ld.js
static.criteo.net/js/ld/
50 KB
16 KB
Script
General
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WX45TL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
max-age=86400, public
timing-allow-origin
*
content-encoding
gzip
etag
W/"6706b6f2-c61f"
cross-origin-resource-policy
cross-origin
expires
Fri, 25 Oct 2024 19:09:52 GMT
access-control-allow-origin
*
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
text/javascript
last-modified
Wed, 09 Oct 2024 17:01:38 GMT
server
nginx
favicon.ico
newmood.lv/
318 B
459 B
Other
General
Full URL
https://newmood.lv/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:1f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56a466569eef0b33661de32f1f851e0d30bc4b35a0a2ff28d55f1e92b69b4907

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

cache-control
max-age=31536000
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-encoding
br
cf-cache-status
HIT
etag
W/"58382b05-13e"
age
865096
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=qjjTmpMF5%2FABcR5CMloaP0nB708mXeXq49pA5JS5YSZqeakXkMW4QCatRrq7GWVajXle2oy5Gv7PnP9%2Fwn87gKW7hDXjEYabatULF4LNyQCynLrBaJ2TNjLD86eBPRiK1%2FfqXsuKGfY%3D"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c4383df29dbd7-FRA
expires
Tue, 14 Oct 2025 18:51:36 GMT
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/x-icon
last-modified
Fri, 25 Nov 2016 12:13:57 GMT
vary
Accept-Encoding
server
cloudflare
syncframe
gum.criteo.com/ Frame 53B0
0
0
Document
General
Full URL
https://gum.criteo.com/syncframe?topUrl=newmood.lv&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://newmood.lv/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 24 Oct 2024 19:09:52 GMT
server
Kestrel
server-processing-duration-in-ticks
272301
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
event
sslwidget.criteo.com/
10 KB
4 KB
Script
General
Full URL
https://sslwidget.criteo.com/event?a=68086&v=5.29.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=EYd4FF9PRGszZ0FBVHZPM1drQUclMkZpUyUyRnlHRWIwJTJGZkw0VU5hZFBEaFdDN0xNSmxVVnlLR3JoOHI0JTJCJTJGN3RSd3NPNUJYYW53R3BqQVdlSWszM2cwa2t1dURQVkxtZG9CJTJCREtYNGJrMTc2SVlYQ1drMk1WYWpyRjJEJTJGcFl5ZTJuaDRwWWR2SjB2JTJGVnVHdm83cURzMTRWVnBuY3ZBJTNEJTNE&sc=%7B%22fbp%22%3A%22fb.1.1729796992395.331211767464522637%22%7D&tld=newmood.lv&fu=https%253A%252F%252Fnewmood.lv%252F&ceid=355da078-2e81-4727-848b-ff176589c6ac
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
80d4d181c2db5bf415406cfb5f1c7c34c26fd21ee0d212855039f3ffaff3a769
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer
https://newmood.lv/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
content-encoding
gzip
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
15146558
expires
0
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
application/x-javascript
server
Kestrel
pixel
cm.g.doubleclick.net/ Frame 95AC
170 B
409 B
Image
General
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-509ETtJ6Y9-91qHeVmnFzDtsIUjdSXWUXZ_SEA&google_cm&google_hm=ay01MDlFVHRKNlk5LTkxcUhlVm1uRnpEdHNJVWpkU1hXVVhaX1NFQQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/png
server
HTTP server (unknown)
sync
x.bidswitch.net/ Frame 95AC
43 B
183 B
Image
General
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-rSdjpdJ6Y9-91qHeVmnFzDtsIUiPBYH6G3sIJg&expires=30
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.214.136.108 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
108.136.214.35.bc.googleusercontent.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

via
1.1 google
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 95AC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2954666961542378480
43 B
370 B
Image
General
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2954666961542378480
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1770385
expires
Mon, 26 Jul 1997 05:00:00 GMT
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif
server
Kestrel

Redirect headers

cache-control
no-store, no-cache, private
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2954666961542378480
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
x-proxy-origin
81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
access-control-allow-origin
*
an-x-request-uuid
afdf019b-67d0-4be7-9554-6e69db4200b2
content-length
0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
text/html; charset=utf-8
server
nginx/1.23.4
/
rtb-csync.smartadserver.com/redir/ Frame 95AC
43 B
114 B
Image
General
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-wNyGnNJ6Y9-91qHeVmnFzDtsIUh45CAA9CAssg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.173 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 95AC
0
99 B
Image
General
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-6u7kHNJ6Y9-91qHeVmnFzDtsIUhdzEdyHgNJog
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

x-fastly-to-nlb-rtt
12224
date
Thu, 24 Oct 2024 19:09:52 GMT
server
nginx
access-control-allow-credentials
true
sync
visitor.omnitagjs.com/visitor/ Frame 95AC
49 B
342 B
Image
General
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-1Ljaw9J6Y9-91qHeVmnFzDtsIUjeTV6ph9xaJQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
x-envoy-upstream-service-time
1
x-content-type-options
nosniff
expires
0
p3p
CP="CAO PSA OUR"
content-length
49
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif
vary
Accept-Encoding
server
ayl-lb-fra02
rum
r.casalemedia.com/ Frame 95AC
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ky7ig9J6Y9-91qHeVmnFzDtsIUjXacN6ilB_ow
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ky7ig9J6Y9-91qHeVmnFzDtsIUjXacN6ilB_ow&C=1
43 B
333 B
Image
General
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-ky7ig9J6Y9-91qHeVmnFzDtsIUjXacN6ilB_ow&C=1
Protocol
H2
Server
172.64.151.101 San Francisco, United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cf-cache-status
DYNAMIC
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nS2oyj8m7Uq1f7vscVKKSBPVwRm%2B%2F6nPhX0CJAkt5sZmpGO8JcIn3o1%2BJNutdOOo3fvlSNt7h1qTrhRqzWuOAeqGRYI%2FdK%2F6MfdhernJq%2FJcA%2BAM%2BPkw%2Fv8CXDzLZMNBhXN7"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c4385d935bc04-FRA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
43
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif
vary
Accept-Encoding
server
cloudflare

Redirect headers

cache-control
no-cache
location
/rum?cm_dsp_id=20&external_user_id=k-ky7ig9J6Y9-91qHeVmnFzDtsIUjXacN6ilB_ow&C=1
cf-cache-status
DYNAMIC
pragma
no-cache
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AlNhLb%2FYyqcWUr2hlBhmv%2BllGGixce%2B4dfjQSWhJjBFrwe9w6rka7Ni5CYQVZjuSSu0WJCP17a4avY%2FlzZT4ToJPGN1Ju5A%2BOMo9O70N4oY07eRneh7wezf2SvkwedqOfYIk"}],"group":"cf-nel","max_age":604800}
cf-ray
8d7c438588d3bc04-FRA
expires
0
alt-svc
h3=":443"; ma=86400
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
date
Thu, 24 Oct 2024 19:09:52 GMT
vary
Accept-Encoding
server
cloudflare
demconf.jpg
dpm.demdex.net/ Frame 95AC
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=sNgfKC9-jMTYHbHeTgwe5E4QlIytLZF3
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=sNgfKC9-jMTYHbHeTgwe5E4QlIytLZF3
42 B
714 B
Image
General
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=sNgfKC9-jMTYHbHeTgwe5E4QlIytLZF3
Protocol
H2
Server
54.73.19.51 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-73-19-51.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
dcs
dcs-prod-irl1-1-v067-0955a6c5b.edge-irl1.demdex.com 2 ms
content-encoding
gzip
pragma
no-cache
x-content-type-options
nosniff
x-tid
tp16PKReSao=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
59
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=sNgfKC9-jMTYHbHeTgwe5E4QlIytLZF3
dcs
dcs-prod-irl1-1-v067-023e1c5ba.edge-irl1.demdex.com 2 ms
pragma
no-cache
x-tid
tnxvFEJISuQ=
expires
Thu, 01 Jan 1970 00:00:00 UTC
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
date
Thu, 24 Oct 2024 19:09:52 GMT
9.gif
id5-sync.com/s/966/ Frame 95AC
43 B
1 KB
Image
General
Full URL
https://id5-sync.com/s/966/9.gif?puid=k--S9RAtJ6Y9-91qHeVmnFzDtsIUix8aadxYgdLA
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.65 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216659.ip-141-95-98.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
p3p
CP="CAO PSA OUR"
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
match
ad.360yield.com/ Frame 95AC
43 B
199 B
Image
General
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-pzMED9J6Y9-91qHeVmnFzDtsIUg3BWtv-3xxXw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
63.33.127.155 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-33-127-155.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif
sync
matching.ivitrack.com/ Frame 95AC
42 B
265 B
Image
General
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-CS5L_dJ6Y9-91qHeVmnFzDtsIUjBq3uF2qCLFg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
image/gif
server
istio-envoy
cksync.php
contextual.media.net/ Frame 95AC
61 B
816 B
Image
General
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-iQ3L4NJ6Y9-91qHeVmnFzDtsIUiDS9fdW91hLA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000
cache-control
max-age=0, no-cache, no-store
pragma
no-cache
expires
Thu, 24 Oct 2024 19:09:53 GMT
x-mnet-hl2
E
alt-svc
h3=":443"; ma=93600
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-length
61
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
server
Apache
push
exchange.mediavine.com/usersync/ Frame 95AC
0
885 B
Image
General
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-mBposNJ6Y9-91qHeVmnFzDtsIUj8UkjLuAXfFw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.125.168.177 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-125-168-177.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
private, no-cache
content-encoding
gzip
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
text/html; charset=utf-8
vary
Origin, Accept-Encoding
access-control-allow-credentials
true
1017
jadserve.postrelease.com/suid/ Frame 95AC
43 B
423 B
Image
General
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-Ql3ittJ6Y9-91qHeVmnFzDtsIUid563gW4_vMA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.212.244.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-212-244-198.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
43
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
server
nginx
cookie-sync
sync.outbrain.com/ Frame 95AC
0
218 B
Image
General
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-3YbhO9J6Y9-91qHeVmnFzDtsIUj6yYB2B1Sqkw&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
64.202.112.95 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
no-cache
content-length
0
date
Thu, 24 Oct 2024 19:09:53 GMT
x-traceid
d62af25e57d0d0e647674bd321e7061b
Pug
simage2.pubmatic.com/AdServer/ Frame 95AC
0
225 B
Image
General
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-ZadQKdJ6Y9-91qHeVmnFzDtsIUhWnibEl7FOHQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-encoding
gzip
date
Thu, 24 Oct 2024 19:09:52 GMT
content-type
text/html; charset=utf-8
server
nginx
tap.php
pixel.rubiconproject.com/ Frame 95AC
0
239 B
Image
General
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-FXC-wNJ6Y9-91qHeVmnFzDtsIUhg-yWjwJEbKg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
1f4afaf10c6b5898421df1cdca3fc7f5
Pragma
no-cache
Content-Type
image/gif
v1
match.sharethrough.com/sync/ Frame 95AC
0
0

um
criteo-sync.teads.tv/ Frame 95AC
23 B
163 B
Image
General
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-RsBxNdJ6Y9-91qHeVmnFzDtsIUi3HRcKa3q1kw
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.32.185.35 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-185-35.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.1 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

expires
Thu, 24 Oct 2024 19:09:53 GMT
cache-control
max-age=0, no-cache, no-store
content-length
23
pragma
no-cache
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
server
pekko-http/1.0.1
sync
criteo-partners.tremorhub.com/ Frame 95AC
43 B
397 B
Image
General
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-u_Vc29J6Y9-91qHeVmnFzDtsIUiJrdLbCwf4_g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4232:5722:8a41:240d:8931 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
server
nginx
xuid
eb2.3lift.com/ Frame 95AC
37 B
140 B
Image
General
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-rkg8-NJ6Y9-91qHeVmnFzDtsIUjKJolt9vwGqg&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
getusermatch.php
a.twiago.com/rtb/ Frame 95AC
43 B
153 B
Image
General
Full URL
https://a.twiago.com/rtb/getusermatch.php?dataid=6&external_user_id=k-jfTMPNJ6Y9-91qHeVmnFzDtsIUhNgrsFysQYhg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
85.215.5.31 , Germany, ASN6786 (CRONON-BERLIN-AS, DE),
Reverse DNS
Software
Apache / PHP/7.3.29
Resource Hash
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

access-control-allow-origin
*
content-length
43
date
Thu, 24 Oct 2024 19:09:53 GMT
content-type
image/gif
x-powered-by
PHP/7.3.29
server
Apache
m
ad.yieldlab.net/ Frame 95AC
0
235 B
Image
General
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-7HW9A9J6Y9-91qHeVmnFzDtsIUgDDhJ-c2bzJw
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.218.209.78 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-218-209-78.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

Expires
Wed, 23 Oct 2024 19:09:53 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma
no-cache
Date
Thu, 24 Oct 2024 19:09:53 GMT
Connection
keep-alive
sync
sync-criteo.ads.yieldmo.com/ Frame 95AC
0
38 B
Image
General
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-VBUct9J6Y9-91qHeVmnFzDtsIUgeQw4OMUxuXg&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.179.187 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-179-187.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Thu, 24 Oct 2024 19:09:53 GMT
content-length
0
put
e1.emxdgt.com/ Frame 95AC
0
44 B
Image
General
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-79wJJNJ6Y9-91qHeVmnFzDtsIUjtqWxfFdcUng
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.93.152.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-93-152-190.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

date
Thu, 24 Oct 2024 19:09:53 GMT
server
awselb/2.0
RX-4a78d356-a080-449f-93f1-621eabb4df40-003
sync.targeting.unrulymedia.com/csync/ Frame 95AC
Redirect Chain
  • https://sync.1rx.io/usersync/criteodsp/k-mU7lMNJ6Y9-91qHeVmnFzDtsIUig6BdTiOUbYw
  • https://sync.1rx.io/usersync/criteodsp/k-mU7lMNJ6Y9-91qHeVmnFzDtsIUig6BdTiOUbYw?zcc=1&cb=1729796993109
  • https://sync.targeting.unrulymedia.com/csync/RX-4a78d356-a080-449f-93f1-621eabb4df40-003
43 B
378 B
Image
General
Full URL
https://sync.targeting.unrulymedia.com/csync/RX-4a78d356-a080-449f-93f1-621eabb4df40-003
Protocol
H2
Server
46.228.174.117 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
date
Thu, 24 Oct 2024 19:09:53 GMT
content-length
43

Redirect headers

expires
0
cache-control
no-store, no-cache, must-revalidate
location
https://sync.targeting.unrulymedia.com/csync/RX-4a78d356-a080-449f-93f1-621eabb4df40-003
date
Thu, 24 Oct 2024 19:09:53 GMT
pragma
no-cache
content-type
text/html
setuid
ib.adnxs.com/ Frame 95AC
43 B
1 KB
Image
General
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-vG6KzNJ6Y9-91qHeVmnFzDtsIUjONqnpdrofTQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Referer

Response headers

cache-control
no-store, no-cache, private
pragma
no-cache
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
x-proxy-origin
81.95.5.42; 81.95.5.42; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
expires
Sat, 15 Nov 2008 16:00:00 GMT
an-x-request-uuid
3ef0ef33-19a0-4fd8-85ac-db4e107e2aea
content-length
43
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
date
Thu, 24 Oct 2024 19:09:52 GMT
x-xss-protection
0
content-type
image/gif
server
nginx/1.23.4

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
match.sharethrough.com
URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-L5ddptJ6Y9-91qHeVmnFzDtsIUjMIhzJYsOfXA

Verdicts & Comments Add Verdict or Comment

89 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 string| GoogleAnalyticsObject function| ga object| dataLayer function| gtag object| REGISTERED_USER string| _token object| _translations string| _searchAutocompleteRoute string| _searchRoute object| regeneratorRuntime boolean| _searchNode_loaded object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _typeof function| waitForFinalEvent object| Search object| Cookie object| Payment object| Shipping object| Menu function| logEvent function| setUserProperty object| RESPONSIVE_BREAKPOINTS function| cookieRequired function| cookieFunctional function| cookieThirdParties object| NotificationPopups object| Account object| addToCartEvent object| Cart object| Return function| fbRegister function| $ function| jQuery object| jQuery112109390048947110936 function| Slider object| toastr object| Handlebars function| SearchIndex function| Bloodhound function| Cookies object| mobile_nav function| ProductView function| ProductListFilter object| options function| lookbook function| insideLookbook object| enhancedEcomm object| google_e_commerce object| google_ga4 string| alertType function| MINICART object| cart object| cookiesArray object| omnisend object| feedback_translations object| google_tag_manager function| refreshSession string| _randomPageId function| fbq function| _fbq object| _fbq_gtm_ids boolean| OMNISEND_LAUNCHER_LOADED object| _omnisend object| soundestInShop object| SOUNDEST object| SOUNDEST_EVENTS object| soundest object| proof-factor-plugin object| core string| PROOF_FACTOR_ACCOUNT_ID object| ONE_STATUS object| GooglebQhCsO boolean| PROOF_FACTOR_WIDGET_SCRIPT_LOADED object| _sentryDebugIds string| _sentryDebugIdIdentifier object| __SENTRY__ boolean| OMNISEND_FORMS_LOADED boolean| OMNISEND_PUSH_NOTIFICATIONS_LOADED boolean| PROOF_FACTOR_FETCHED_CONFIG boolean| PROOF_FACTOR_ANALYTICS_SETUP object| criteo_q

42 Cookies

Domain/Path Name / Value
newmood.lv/ Name: PHPSESSID
Value: 9ccq8bv9mpd4e6kkr0a3rvceh7
newmood.lv/ Name: XSRF-TOKEN
Value: eyJpdiI6IkJyNXRDQW5seE5XdHpIWjUyYlhFeXc9PSIsInZhbHVlIjoiRWFlSTBQeUd2YVNQR3A4UWxub1ExZDF0YkNscHRiaWl0MllTWkd1cU1saGExVVZBd1pBTkhuU1wvb1VNVGtOcVJtSVd2V1d2QzVyQ2FFaExiYkVSU3ZRPT0iLCJtYWMiOiJkNTIyN2E5MDRiMzJmNWNkYTI3ZDcwYmI3YzYzMWY1ZDE1MTM5YWQ0MTUwMWY2YzYwZjA3ZjYyZmRiMGQ4MDM1In0%3D
newmood.lv/ Name: laravel_session
Value: eyJpdiI6Iis1blhpbXZuV094Y2E5dk1NcDdZZ2c9PSIsInZhbHVlIjoieE9ZTUZMVmZ5WUdlMFU0QVZSODUzQWt4cDl3WGNcL04yQ1RrT3JNM2lhNERSXC9hbXdjbnJPSG41OEo2ditBcTY3RHFERXpCWDllUTVpUEt2dDVTam1XZz09IiwibWFjIjoiZWU5OWI1ZDA3YTU1NmMwNzg2NmRmMjMwNTJiNWQxMTIwOWNkOWQyOGI2ZTg0OGU1OTg3NTMzNmY2NThiZDY0ZCJ9
newmood.lv/ Name: cookie_law
Value: eyJpdiI6ImlcL09ZdFM0ZFNNd09jUXpiU1hyRTR3PT0iLCJ2YWx1ZSI6IkhEK3dUQ29uT2ZINjNjWEhsVEFWbXc9PSIsIm1hYyI6ImQ2ZTFmZDU0NjEwNGU3NTcwY2FkNDZhZmZmMDdkMmEzMzY1ZGJhMTBkY2FlOGJkZGQzZWZkNWVhOTkxNDkzZDAifQ%3D%3D
.newmood.lv/ Name: _gid
Value: GA1.2.1044729757.1729796992
.newmood.lv/ Name: _gat
Value: 1
.newmood.lv/ Name: _gcl_au
Value: 1.1.80336032.1729796992
.newmood.lv/ Name: soundestID
Value: 20241024190952-GwQ1wOQ5MPvYKgv97e04Llijfo8GAQ997N93q3JNYu4ftns4u
.newmood.lv/ Name: omnisendSessionID
Value: gK93qluMKWsqER-20241024190952
.newmood.lv/ Name: _ga_4P5VHF7R7S
Value: GS1.1.1729796992.1.0.1729796992.60.0.0
.newmood.lv/ Name: _ga
Value: GA1.1.1991309354.1729796992
.newmood.lv/ Name: proof-factor-user-a8e7a56c-e1fc-4ac5-98d1-8d5d0fdb6b31-all-time-data
Value: {"referring_url":"","initial_url":"https://newmood.lv/","visitor_token":"5f352203-7f3b-4faf-a1b1-d516dba98a3c","sessions_count":1,"pages_viewed":1}
.newmood.lv/ Name: _fbp
Value: fb.1.1729796992395.331211767464522637
.doubleclick.net/ Name: IDE
Value: AHWqTUmzJFstfxDBDiE8IC2ctlRFYzq50ObzGbSnbMNdCpYrL8hp3qA9Kx_D-Vkd
.newmood.lv/ Name: pf_stc
Value: 1
.criteo.com/ Name: uid
Value: 8a2241ff-2ecc-4a36-b7d1-ad2eea060ba8
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.newmood.lv/ Name: cto_bundle
Value: EYd4FF9PRGszZ0FBVHZPM1drQUclMkZpUyUyRnlHRWIwJTJGZkw0VU5hZFBEaFdDN0xNSmxVVnlLR3JoOHI0JTJCJTJGN3RSd3NPNUJYYW53R3BqQVdlSWszM2cwa2t1dURQVkxtZG9CJTJCREtYNGJrMTc2SVlYQ1drMk1WYWpyRjJEJTJGcFl5ZTJuaDRwWWR2SjB2JTJGVnVHdm83cURzMTRWVnBuY3ZBJTNEJTNE
.adnxs.com/ Name: XANDR_PANID
Value: acdvSoBfM8LPji15-Tpe5TWMFgglIwLPeud1QVGh1iN3bqbqEagJCMS7CI88ejpNfUmMjQjCeVl3obzhwDv3o8sgtPlGiopSd8k6DfNozmM.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 2954666961542378480
.criteo.com/ Name: cto_bundle
Value: ijkUXF9jTHNDOFBTZ3B0VERMSFQwcTVWNDdPbnYlMkJtZ0RMSVZkNFpEUTNzUXZkJTJGbHR6bWpEUnBSJTJCT2tpcG94cDBNd2tCT0ZPbzNIRiUyQkslMkZ5OXhjWFZMeVR2UmU0QlZaJTJGelVQR1hRV3RmZlZzdTh3UWxkb1k0YzZHYnVVTUJmdTZmJTJGeEl0
.casalemedia.com/ Name: CMID
Value: ZxqbgLmqPCIAAEtxAPFRIAAA
.casalemedia.com/ Name: CMPS
Value: 1103
.casalemedia.com/ Name: CMPRO
Value: 1103
.omnitagjs.com/ Name: ayl_visitor
Value: 41f581b5d0669e7d3d1a14a888eb2e32
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%228c7e7c00-923b-11ef-8076-d762f91d6678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%228c7e7c00-923b-11ef-8076-d762f91d6678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%228c7e7c00-923b-11ef-8076-d762f91d6678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%228c7e7c00-923b-11ef-8076-d762f91d6678%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-mBposNJ6Y9-91qHeVmnFzDtsIUj8UkjLuAXfFw%22%2C%22version%22%3A%22criteo%22%7D
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2HbxreN%D!@wnfH1YdP.dEXlSkdoQH[^9ipDKIG[KC6QpeLiPW--n9?Kzo!Vh]!BUwkEMTg2c*1.$6xjMJNHP(hw9P-HC_#tyRV+ny'#
.demdex.net/ Name: demdex
Value: 05851086910802666740080661499617821620
.dpm.demdex.net/ Name: dpm
Value: 05851086910802666740080661499617821620
.media.net/ Name: visitor-id
Value: 3727985928173870000V10
.media.net/ Name: data-c-ts
Value: 1729796993
.media.net/ Name: data-c
Value: k-iQ3L4NJ6Y9-91qHeVmnFzDtsIUiDS9fdW91hLA~~3
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4a78d356-a080-449f-93f1-621eabb4df40-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-4a78d356-a080-449f-93f1-621eabb4df40-003%22%7D
.tremorhub.com/ Name: tvid
Value: e82306edfb3f4158b835a752062b2bae
.tremorhub.com/ Name: tv_UICR
Value: k-u_Vc29J6Y9-91qHeVmnFzDtsIUiJrdLbCwf4_g
.postrelease.com/ Name: opt_out
Value: 1

1 Console Messages

Source Level URL
Text
security warning
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.twiago.com
ad.360yield.com
ad.yieldlab.net
cdn.one.store
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
forms.soundestlink.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
id5-sync.com
inte.searchnode.io
interactions.one.store
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
newmood.lt
newmood.lv
omnisnippet1.com
omnisrc.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.1rx.io
sync.outbrain.com
sync.targeting.unrulymedia.com
td.doubleclick.net
visitor.omnitagjs.com
widget-api.one.store
wt.omnisendlink.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.newmood.lv
x.bidswitch.net
match.sharethrough.com
13.248.245.213
141.226.228.48
141.95.98.65
142.250.184.196
142.250.185.66
142.250.185.67
142.250.185.98
157.240.0.6
172.64.146.59
172.64.151.101
172.64.151.126
172.64.153.206
172.64.155.219
178.250.1.9
18.200.179.187
184.30.20.22
185.255.84.153
185.64.191.210
2001:4860:4802:34::36
23.218.209.78
23.32.185.35
2600:1f18:612b:4232:5722:8a41:240d:8931
2606:4700:20::681a:1f6
2606:4700:20::681a:7d3
2606:4700:20::ac43:4a11
2a00:1450:4001:801::200e
2a00:1450:4001:827::2008
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a02:2638:3::3
2a02:2638:3::c
2a03:2880:f176:181:face:b00c:0:25de
3.125.168.177
34.117.157.22
34.212.244.198
35.214.136.108
37.252.171.52
46.228.174.117
52.85.65.61
54.73.19.51
54.93.152.190
63.33.127.155
64.202.112.95
69.173.144.165
81.17.55.173
85.215.5.31
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
0febf4cdbde17e775e849bf7226a409c45b40f4a635db7bab86ef9b890661676
11dd7cb3370ba0052b8b3d7d3d451c0398c276fdfaf81179171977d4cd472dda
14c847e283cde4999e0d4ba2b30bc61e64217110eb8f08f24751d0fdeb3ba8e2
1a09bfb3ab823e17cbe5d4e840bb4dd9e18d9a0cf14482d4d6836a4b34d6bd81
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
21be42d5f9b624063b2f8b01bdeb613b8f2ebb46604286761bfb4c58e1cef314
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
32061eb596e91b018b31fd82995580d6c756bef6c2f4f214e5c5a043fd26447b
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
33530b007071281a97e79baab13ddf7cc4b9de942ebd3e212224857335f7cb97
336bb30461d407ee72236de87aca4fe68d611e1bee0030326778c858a4685b1c
34183ec5342031565e78a9cebc1a96540a9b8673cb11f9fe606f3201333f578f
3afcd8ec23cb9a27233baf4bb93320dcd4d9e4d2af694e044805b3f9a95833a8
3ef95f8ff44ba264df419900cf47cd3fefe93bc608943756f1c3ce31ed862fc9
426bc444d61f75bbb0428be6bd6dfab3a9b8c0a9ea5e9c140e593f5abb70ffa5
42fef7a7c13be12c7c7e48756a9d7798df382decf4d132b5e2843cec70c79636
46375ee9192c1e0f6eabe4d32b2a48b996b93037f7b4beb970df5b87359548fd
480b92833743b8780f258d3f2c7881e9ca9b2c8c1c2e21810f9819d6d8678d31
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e959d9106d846030c0a62de668ec7c5810a3a1282c4f4ca98e1ea0756c75b8e
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5667f1598f8a0831d6abc6d7f58b7e185857e6c47876015eddd4129901fdb297
56a466569eef0b33661de32f1f851e0d30bc4b35a0a2ff28d55f1e92b69b4907
5704a2e9f2f7ce43a79f9b407f1aedcfd50223cbe8bd2f71ff8c5c819e469cbc
5eab53695389fd941315f0eac05e6b594b91ba9800f71a9507160b8a7301c9d1
62c49570a5d4c22053ef9439b1b9c644a68a5763788ca0acbc559e8f35f3dddc
68f8aa81d4ac9a6171abc8377835ea77a03ff7264822921e9f6255d206ad8d11
6c5facb932c92917b8bb333844222e8a9709eb9d29b0b1c76b1afdd3a6d1786e
6dc767e18f724d22bc90c9c2e23adaa6d3f2fc5f4b6d5c50e46152e7af85a925
7337a5e1cc81f563252d146272f6fa8753bd5388feb432275693ba052058b2b7
73f75abc51fe9823e99cca9b90897cf0e661433dfaf562f2ed079efe0879d351
74cbbb54fa2bdca5d49fb305b9c42696d5af340285941ac6169e5d8cd5ec1f09
80d4d181c2db5bf415406cfb5f1c7c34c26fd21ee0d212855039f3ffaff3a769
88ee467ce207819bbb1eb1053c0ffbeac916818c74b73a9cc52f4cd29bd43f31
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8bbc031674ecf30e669f3cd7655ad5af8b6e2829f2d9b5d95d3dff3ae1ac72ab
93dea07e833cd8156e06c71844a25384ae17939371aed37b5f913af12607cbba
989ef18992af6107d85e757db607f221eec91ac347bb71bf4da1375ef8825e45
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a63907fdb519bf17593238f7288dcf5016400cc8d4478e034e43a85a46d25340
a74103e38e9100725602e7787a2c49fde1be6ed403db86151329352e648300c5
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b448446e0e9bcadc01d54b55d28469282d21d55e98fab894c289192ba62b0478
b48f2e025fc91e265f2c27ad6ee03f73527eb219036c9c68ab8de7d0fce23738
b4b81d22011e583ece60a62c079f45165774774e9fedbe253d0c1502d6edff8c
b81603a4323d4bb58b2698b0676baa85142dcf59c3872c8462fd2d495b74d7bc
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
c6bab0a9a4cc327ad105edf9fd0d4ea45ad89a9baa30e18aeaf8c5081adc1df2
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d83a34cff368e91e387afdeab8bd446d267bcaf117c9a6909a6e7326b8e2dc79
dc2235f9ad8c47e2ce51d509f50d14a36c5a34d65630c94337bf847dcaaeaf55
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e48be0dac19c8612a3547d6ab5f8084d95e0d161dfd2b8c4519107889ad3187b
ec91f4e8727384cc1a66aac67966f3a94dd8535ec0282bfa9e7a78e8bae571bc
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f42a49bc8b309dbbfd8924e817bc264081fae5d7a30e89ae605cd469cf7e30d6
f5e35a9ad3958ca5395c3496fe29b2a933f541a33741df1e37b084d7df8bcb39
f6dd2728d6692372aea66b3e4f2fdce54762ae8b65729b9f1314ad4a5d58ad86
ffd99fd05bf0a858096ff9e4fdc6c8e891b08b8e871a25bd74d59513f0c3f19d