etcosmetics.mn Open in urlscan Pro
54.209.91.188 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.etcosmetics.mn/
Effective URL:
https://etcosmetics.mn/
Submission: On March 10 via api (March 10th 2024, 8:43:58 am UTC) from US — Scanned from US

Summary HTTP 24 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 7 IPs in 2 countries across 7 domains to perform 24 HTTP transactions. The main IP is 54.209.91.188, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is etcosmetics.mn.
TLS certificate: Issued by R3 on March 2nd 2024. Valid for: 3 months.

This is the only time etcosmetics.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	54.209.91.188 54.209.91.188	14618 (AMAZON-AES) (AMAZON-AES)
3	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2606:4700:303... 2606:4700:3037::ac43:ac88	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2607:f8b0:400... 2607:f8b0:4006:80b::200a	15169 (GOOGLE) (GOOGLE)
1	52.219.40.168 52.219.40.168	16509 (AMAZON-02) (AMAZON-02)
3	2607:f8b0:400... 2607:f8b0:4006:81d::2003	15169 (GOOGLE) (GOOGLE)
1	18.173.132.83 18.173.132.83	16509 (AMAZON-02) (AMAZON-02)
24	7

7 54.209.91.188 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-209-91-188.compute-1.amazonaws.com

www.etcosmetics.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
etcosmetics.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:3037::ac43:ac88 (United States)

ASN13335 (CLOUDFLARENET, US)

kom.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:80b::200a (United States)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.219.40.168 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: s3-ap-southeast-1-w.amazonaws.com

kom-uploads.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:81d::2003 (United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.173.132.83 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-173-132-83.jfk52.r.cloudfront.net

cdn.rollbar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
9	kom.mn kom.mn	3 MB
7	etcosmetics.mn 1 redirects www.etcosmetics.mn etcosmetics.mn	179 KB
3	gstatic.com fonts.gstatic.com	90 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	19 KB
1	rollbar.com cdn.rollbar.com — Cisco Umbrella Rank: 11021	24 KB
1	amazonaws.com kom-uploads.s3.amazonaws.com	210 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	1 KB
24	7

	Domain	Requested by
9	kom.mn	etcosmetics.mn
6	etcosmetics.mn	etcosmetics.mn kom.mn
3	fonts.gstatic.com	fonts.googleapis.com
3	cdnjs.cloudflare.com	etcosmetics.mn
1	cdn.rollbar.com	etcosmetics.mn
1	kom-uploads.s3.amazonaws.com	etcosmetics.mn
1	fonts.googleapis.com	etcosmetics.mn
1	www.etcosmetics.mn	1 redirects
24	8

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
kom.mn

Subject Issuer	Validity	Valid
etcosmetics.mn R3	`2024-03-02` - `2024-05-31`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
kom.mn GTS CA 1P5	`2024-02-14` - `2024-05-14`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.s3.amazonaws.com Amazon RSA 2048 M01	`2023-10-10` - `2024-07-03`	9 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
cdn.rollbar.com Amazon RSA 2048 M02	`2023-05-12` - `2024-06-09`	a year	crt.sh

This page contains 1 frames:

Primary Page: https://etcosmetics.mn/
Frame ID: 3A6F5B3BF25B3C17AE2404F559D20640
Requests: 24 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

𝐄𝐓𝐂𝐎𝐒𝐌𝐄𝐓𝐈𝐂𝐒.𝐌𝐍

Page URL History Show full URLs

https://www.etcosmetics.mn/ HTTP 301
https://etcosmetics.mn/ Page URL

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

24
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

3480 kB
Transfer

3696 kB
Size

1
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/usasaleshop?mibextid=LQQJ4d

Search URL Search Domain Scan URL

URL: https://www.instagram.com/etcosmetics.mn

Search URL Search Domain Scan URL

URL: https://kom.mn/
Title: kom.mn

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.etcosmetics.mn/ HTTP 301
https://etcosmetics.mn/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

24 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
etcosmetics.mn/
Redirect Chain

https://www.etcosmetics.mn/
https://etcosmetics.mn/

49 KB
50 KB

375ms
212ms

Document
text/html

54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://etcosmetics.mn/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

0ba128f7f4540ece1eb001e1256c6b02b95ebdaaf60fdda05b84913787cd65ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Connection: keep-alive
Content-Length: 49696
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Mar 2024 08:43:50 GMT
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060230&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=IYmA5QRYGLtq7tGhhqx8SjIdGQkuRAkL77jLZQ5d5%2Fc%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060230&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=IYmA5QRYGLtq7tGhhqx8SjIdGQkuRAkL77jLZQ5d5%2Fc%3D
Server: gunicorn
Strict-Transport-Security: max-age=31556926; includeSubDomains
Vary: Cookie
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

Redirect headers

Connection: keep-alive
Content-Length: 233
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Content-Type: text/html; charset=utf-8
Date: Sun, 10 Mar 2024 08:43:50 GMT
Location: https://etcosmetics.mn/
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Permissions-Policy: browsing-topics=()
Referrer-Policy: strict-origin-when-cross-origin
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060230&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=KVHRKNygp2e0laoV8IQHzKzO9S7K9LEha4ISrjcvOms%3D"}]}
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060230&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=KVHRKNygp2e0laoV8IQHzKzO9S7K9LEha4ISrjcvOms%3D
Server: gunicorn
Strict-Transport-Security: max-age=31556926; includeSubDomains
Via: 1.1 vegur
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN

GET
H/1.1 200
OK extra.css
etcosmetics.mn/static/css/ 333 B
2 KB 166ms
62ms Stylesheet
text/css 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://etcosmetics.mn/static/css/extra.css?6

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

342e771ba7208f624552167acf9d9a8238b86941b0f84ca2c9bb64f325eb44a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 08:43:51 GMT
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Disposition: inline; filename=extra.css
Connection: keep-alive
Content-Length: 333
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 05 Mar 2024 17:42:11 GMT
Server: gunicorn
Etag: "1709660531.0-333-2010515818"
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D"}]}
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache
Permissions-Policy: browsing-topics=()

GET
H2 200 aos.css
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 25 KB
2 KB 145ms
40ms Stylesheet
text/css 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.css

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 311555
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1438
last-modified: Mon, 04 May 2020 16:05:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d5d-65c5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uIefj%2B8Ho2ZDguGNSDs%2B4LZSX8V%2FTQ%2BF09dtzQSNhl56WuD8PvBjYM0fBG4WdfKc5pEq%2BqYtVXgH8agI8kBckI4MTeKeFEkATAaAPBDmG%2F8aCi4nqMiXcz6tEayyChXU4pfvWh5TGHMNI%2BlXi2UI7sWb"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862204fcda60336a-MIA
expires: Fri, 28 Feb 2025 08:43:51 GMT

GET
H2 200 content.min.css
kom.mn/static/tinymce/skins/ui/oxide/ 25 KB
7 KB 264ms
123ms Stylesheet
text/css 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kom.mn/static/tinymce/skins/ui/oxide/content.min.css

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f088454de91c4c3810c4d0f9c1a005e9fd9a6125b45b52c94e4a68a91170a6a6

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-encoding: gzip
content-disposition: inline; filename=content.min.css
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:02 GMT
server: cloudflare
etag: W/"1709124782.0-26033-3810071311"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: text/css; charset=utf-8
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
cf-ray: 862204fd0b8fdac5-MIA

GET
H2 200 css2
fonts.googleapis.com/ 21 KB
1 KB 239ms
79ms Stylesheet
text/css 2607:f8b0:4006:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:80b::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sun, 10 Mar 2024 08:43:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sun, 10 Mar 2024 08:16:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sun, 10 Mar 2024 08:43:51 GMT

GET
H/1.1 200
OK tailwind.css
etcosmetics.mn/static/css/ 107 KB
109 KB 203ms
62ms Stylesheet
text/css 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://etcosmetics.mn/static/css/tailwind.css?v=3cf9b298

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

1ef460e106c8923cd761fdcb9a69e62d83723888af205b761961230792124a67

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 08:43:51 GMT
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Disposition: inline; filename=tailwind.css
Connection: keep-alive
Content-Length: 109863
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 05 Mar 2024 17:42:11 GMT
Server: gunicorn
Etag: "1709660531.0-109863-2530806434"
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D"}]}
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache
Permissions-Policy: browsing-topics=()

GET
H2 200 phone.gif
kom.mn/static/icons/ 913 KB
914 KB 264ms
124ms Image
image/gif 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/phone.gif

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d9a6f24db49ef87281b7dc94a349ae77e2ae531d1d5df63a20f04a3425323041

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-disposition: inline; filename=phone.gif
alt-svc: h3=":443"; ma=86400
content-length: 934522
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-934522-2350647840"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: image/gif
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd0b94dac5-MIA

GET
H2 200 phone.png
kom.mn/static/icons/ 22 KB
23 KB 292ms
155ms Image
image/png 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/phone.png

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ed46edf9e783492f428cf3c336705a31588d032d60a0b148bb3ce3b4e004e2a

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-disposition: inline; filename=phone.png
alt-svc: h3=":443"; ma=86400
content-length: 22921
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-22921-2353138223"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: image/png
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd0b91dac5-MIA

GET
H2 200 shopping-cart.gif
kom.mn/static/icons/ 331 KB
332 KB 289ms
152ms Image
image/gif 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/shopping-cart.gif

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f834bf518b056d183528213f6e20086bf2f27013482281553da61b2670652cd7

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-disposition: inline; filename=shopping-cart.gif
alt-svc: h3=":443"; ma=86400
content-length: 339019
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-339019-3972664645"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: image/gif
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd0b92dac5-MIA

GET
H/1.1 200
OK hero--1709743587-w1600.jpg
kom-uploads.s3.amazonaws.com/store-1671/ 210 KB
210 KB 1079ms
314ms Image
image/jpeg 52.219.40.168
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kom-uploads.s3.amazonaws.com/store-1671/hero--1709743587-w1600.jpg
Requested by: Host: etcosmetics.mn
URL: https://etcosmetics.mn/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.219.40.168 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-ap-southeast-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 373962a6a400d3cc87c157c1bb375169638915bd10e73ab4e9506cf558bcd5a6

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 08:43:53 GMT
Last-Modified: Wed, 06 Mar 2024 16:46:31 GMT
Server: AmazonS3
x-amz-request-id: PNZYVJA3V29XEGRB
ETag: "4e6925a76d21a2a39f473c66b2818cf0"
x-amz-server-side-encryption: AES256
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 214749
x-amz-id-2: 2ufaCoAuvjNNm7QbseMblrFlofPD47qtrWHvuXFup787LIT3FESoPhk+Z6PyZM0wTVF1WHThyeU=

GET
H2 200 truck.gif
kom.mn/static/icons/ 470 KB
470 KB 232ms
155ms Image
image/gif 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/truck.gif

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1050ea02807f57d919d298e91190bdc783e7628d0bc7824b4ce452712d5b72c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-disposition: inline; filename=truck.gif
alt-svc: h3=":443"; ma=86400
content-length: 480840
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-480840-2358643247"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: image/gif
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd0b97dac5-MIA

GET
H2 200 payment.gif
kom.mn/static/icons/ 553 KB
555 KB 226ms
149ms Image
image/gif 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/payment.gif

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e88da95b864ca1c8e99f8c7a019c60da0c31dab929ab60476578680bccb6c967

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-disposition: inline; filename=payment.gif
alt-svc: h3=":443"; ma=86400
content-length: 566511
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-566511-2725776132"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: image/gif
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd0b95dac5-MIA

GET
H2 200 box.gif
kom.mn/static/icons/ 320 KB
321 KB 39ms
38ms Image
image/gif 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/box.gif

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77f1272c88eee8d2a4ee16ead38d1addc9f678d912573e3fffb5f3e3d673d819

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
age: 2010
content-disposition: inline; filename=box.gif
alt-svc: h3=":443"; ma=86400
content-length: 327485
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1709867763&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=XkahIw4I7LSiXihgggr1H7cJT02IZlF1QS8yqJGsJms%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-327485-2008156495"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1709867763&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=XkahIw4I7LSiXihgggr1H7cJT02IZlF1QS8yqJGsJms%3D"}]}
content-type: image/gif
vary: Cookie, Accept-Encoding
cache-control: max-age=14400
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd1b9adac5-MIA

GET
H2 200 shopping-bag.gif
kom.mn/static/icons/ 305 KB
306 KB 151ms
150ms Image
image/gif 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://kom.mn/static/icons/shopping-bag.gif

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c3687454946c5eebff90658ef940ea4f421a588c2770440543a34bb67596458

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-disposition: inline; filename=shopping-bag.gif
alt-svc: h3=":443"; ma=86400
content-length: 312281
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: "1709124781.0-312281-3738897605"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: image/gif
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
accept-ranges: bytes
cf-ray: 862204fd2ba2dac5-MIA

GET
H2 200 jquery-3.7.0.min.js Show response
kom.mn/static/js/ 85 KB
30 KB 173ms
148ms Script
text/javascript 2606:4700:3037::ac43:ac88
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kom.mn/static/js/jquery-3.7.0.min.js

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::ac43:ac88 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-security-policy: script-src 'self' 'unsafe-eval' 'unsafe-inline' cdn.rollbar.com connect.facebook.net www.google.com www.gstatic.com; style-src 'self' 'unsafe-inline' fonts.googleapis.com www.gstatic.com
x-content-type-options: nosniff
cf-cache-status: BYPASS
nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
via: 1.1 vegur
content-encoding: gzip
content-disposition: inline; filename=jquery-3.7.0.min.js
alt-svc: h3=":443"; ma=86400
reporting-endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 28 Feb 2024 12:53:01 GMT
server: cloudflare
etag: W/"1709124781.0-87462-3525839779"
x-frame-options: SAMEORIGIN
report-to: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=6JyTQLp1vlzy%2FXBtjW50m5uiniW8tYPhjbVsjIHe2Fs%3D"}]}
content-type: text/javascript; charset=utf-8
vary: Cookie, Accept-Encoding
cache-control: no-cache
permissions-policy: browsing-topics=()
cf-ray: 862204fd0b90dac5-MIA

GET
H2 200 aos.js Show response
cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/ 14 KB
4 KB 46ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/aos/2.3.4/aos.js

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 116472
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4109
last-modified: Mon, 04 May 2020 16:05:49 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03d5d-3962"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sjkjq3Ow5T5iff4zWRdZKUhIgTQMBVruj9v7Riviz2Bb%2BfcCN9WEYn5lqJdYkKEevrA75KpbJonMwGyysH3yltVMmzip7IiC%2BeAuTgPTXGS9uTyadpEh4Dt8X3DCuTp4i5X72rsJh0HJPIRPzl3BBhHb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862204fcfa73336a-MIA
expires: Fri, 28 Feb 2025 08:43:51 GMT

GET
H2 200 flowbite.min.js Show response
cdnjs.cloudflare.com/ajax/libs/flowbite/1.8.1/ 63 KB
12 KB 50ms
43ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/flowbite/1.8.1/flowbite.min.js

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f872ac788245e37f42ac620e27c57ad6c24709509ceb37435c48c35c119e6506

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Sun, 10 Mar 2024 08:43:51 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 829484
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 12376
last-modified: Wed, 02 Aug 2023 03:36:34 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "64c9cf42-3058"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GepJorqS1KSUgtOAA1haVaVDik8RhSWBjML0g4E8hEDC0UdzdeQQ5yPc10LNo998a8BlbJggnQcrwdFdtpWtY%2B1koBxwUS6hEhB0LJmStTrPALam1mrBeeqZiEhWj%2F4evpJkCXkv%2FutF55OtS3FvU8HK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 862204fcfa74336a-MIA
expires: Fri, 28 Feb 2025 08:43:51 GMT

GET
H/1.1 200
OK jquery.guillotine.css
etcosmetics.mn/static/css/ 897 B
2 KB 84ms
60ms Stylesheet
text/css 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://etcosmetics.mn/static/css/jquery.guillotine.css

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

49a290e3aebd74b97abdd24d10ccbbfeead02e7ff7063c48d39ca291933386a8

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 08:43:51 GMT
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Disposition: inline; filename=jquery.guillotine.css
Connection: keep-alive
Content-Length: 897
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 05 Mar 2024 17:42:11 GMT
Server: gunicorn
Etag: "1709660531.0-897-167775824"
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D"}]}
Content-Type: text/css; charset=utf-8
Cache-Control: no-cache
Permissions-Policy: browsing-topics=()

GET
H/1.1 200
OK jquery.guillotine.js Show response
etcosmetics.mn/static/js/ 13 KB
14 KB 109ms
60ms Script
text/javascript 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://etcosmetics.mn/static/js/jquery.guillotine.js

Requested by

Host: etcosmetics.mn
URL: https://etcosmetics.mn/

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

4c08bb83452d856bdaa57cf85892b93d0f951a6d1ddb26ee25f6a01716dce670

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: en-US,en;q=0.9
Referer: https://etcosmetics.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sun, 10 Mar 2024 08:43:51 GMT
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Content-Disposition: inline; filename=jquery.guillotine.js
Connection: keep-alive
Content-Length: 13006
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D
Referrer-Policy: strict-origin-when-cross-origin
Last-Modified: Tue, 05 Mar 2024 17:42:11 GMT
Server: gunicorn
Etag: "1709660531.0-13006-3980463480"
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D"}]}
Content-Type: text/javascript; charset=utf-8
Cache-Control: no-cache
Permissions-Policy: browsing-topics=()

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2
fonts.gstatic.com/s/inter/v13/ 46 KB
46 KB 484ms
83ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://etcosmetics.mn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Fri, 08 Mar 2024 22:20:43 GMT
x-content-type-options: nosniff
age: 123788
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46704
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:49:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Mar 2025 22:20:43 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 17 KB
18 KB 464ms
64ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa0ZL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://etcosmetics.mn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 09:13:31 GMT
x-content-type-options: nosniff
age: 343820
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17600
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:48:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 09:13:31 GMT

GET
H2 200 UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2
fonts.gstatic.com/s/inter/v13/ 27 KB
27 KB 516ms
157ms Font
font/woff2 2607:f8b0:4006:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v13/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa2JL7SUc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81d::2003 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c3007b80d1197de7a0014c537d9d6fc4a5b77ed6e2797a10e180600647c4e0c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://etcosmetics.mn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 08:57:52 GMT
x-content-type-options: nosniff
age: 344759
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27284
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 23:47:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Mar 2025 08:57:52 GMT

GET
H/1.1 200
OK rollbar.min.js Show response
cdn.rollbar.com/rollbarjs/refs/tags/v2.26.0/ 78 KB
24 KB 363ms
65ms Script
application/javascript 18.173.132.83
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.rollbar.com/rollbarjs/refs/tags/v2.26.0/rollbar.min.js
Requested by: Host: etcosmetics.mn
URL: https://etcosmetics.mn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.173.132.83 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-173-132-83.jfk52.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e06acb8a209f942bc7a320e57d4f9da1870dcc0715c1a3645dfffe05d00e8cf0

Request headers

Referer: https://etcosmetics.mn/
Origin: https://etcosmetics.mn
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Sat, 02 Mar 2024 16:21:30 GMT
Content-Encoding: gzip
Via: 1.1 6da26d1d98186e04c83824717d4976ec.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: JFK52-P2
Age: 663742
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Wed, 30 Nov 2022 17:58:13 GMT
Server: AmazonS3
ETag: W/"fbf5519549381f625bda929e529d92f8"
Vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=30672000,public
X-Amz-Cf-Id: VWFw32l66LFrXGe3sKzPaseh58Xre74TL2aJG9_Vv4IQv2-qlmxuvg==

POST
H/1.1 200
OK / Show response
etcosmetics.mn/ 26 B
1 KB 112ms
112ms XHR
application/json 54.209.91.188
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://etcosmetics.mn/

Requested by

Host: kom.mn
URL: https://kom.mn/static/js/jquery-3.7.0.min.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.209.91.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-209-91-188.compute-1.amazonaws.com

Software

gunicorn /

Resource Hash

b8c1117496600de0e069cb6e56f7946c0600c56c7e430a398eaf8ac04b58d9c9

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Referer: https://etcosmetics.mn/
X-Requested-With: XMLHttpRequest
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date: Sun, 10 Mar 2024 08:43:51 GMT
Content-Security-Policy: script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31556926; includeSubDomains
Nel: {"report_to":"heroku-nel","max_age":3600,"success_fraction":0.005,"failure_fraction":0.05,"response_headers":["Via"]}
Via: 1.1 vegur
Connection: keep-alive
Content-Length: 26
Reporting-Endpoints: heroku-nel=https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D
Referrer-Policy: strict-origin-when-cross-origin
Server: gunicorn
X-Frame-Options: SAMEORIGIN
Report-To: {"group":"heroku-nel","max_age":3600,"endpoints":[{"url":"https://nel.heroku.com/reports?ts=1710060231&sid=929419e7-33ea-4e2f-85f0-7d8b7cd5cbd6&s=88sUzQqZsLl%2Fa3uqCAQbQYnkY3FNSL1vIXxmPjrPvuI%3D"}]}
Content-Type: application/json
Vary: Cookie
Permissions-Policy: browsing-topics=()

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			etcosmetics.mn/	1969-12-31 23:59:59	Name: session Value: eyJvcmRlcl9pZCI6ODc3NzF9.Ze1yxw.dnD1_OKO18Y5Ydqs_qSdp-Jrkg0

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'browsing-topics'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	script-src 'self' 'unsafe-inline' cdn.rollbar.com js-eu1.hs-scripts.com js-eu1.hs-banner.com js-eu1.hsleadflows.net js-eu1.hscollectedforms.net js-eu1.hs-analytics.net connect.facebook.net 'unsafe-eval' cdn.tailwindcss.com cdnjs.cloudflare.com kom.mn; style-src 'self' 'unsafe-inline' fonts.googleapis.com cdnjs.cloudflare.com kom.mn
Strict-Transport-Security	max-age=31556926; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.rollbar.com
cdnjs.cloudflare.com
etcosmetics.mn
fonts.googleapis.com
fonts.gstatic.com
kom-uploads.s3.amazonaws.com
kom.mn
www.etcosmetics.mn
18.173.132.83
2606:4700:3037::ac43:ac88
2606:4700::6811:180e
2607:f8b0:4006:80b::200a
2607:f8b0:4006:81d::2003
52.219.40.168
54.209.91.188
0ba128f7f4540ece1eb001e1256c6b02b95ebdaaf60fdda05b84913787cd65ea
1050ea02807f57d919d298e91190bdc783e7628d0bc7824b4ce452712d5b72c4
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
1c3007b80d1197de7a0014c537d9d6fc4a5b77ed6e2797a10e180600647c4e0c
1ef460e106c8923cd761fdcb9a69e62d83723888af205b761961230792124a67
2ed46edf9e783492f428cf3c336705a31588d032d60a0b148bb3ce3b4e004e2a
342e771ba7208f624552167acf9d9a8238b86941b0f84ca2c9bb64f325eb44a6
373962a6a400d3cc87c157c1bb375169638915bd10e73ab4e9506cf558bcd5a6
3c3687454946c5eebff90658ef940ea4f421a588c2770440543a34bb67596458
49a290e3aebd74b97abdd24d10ccbbfeead02e7ff7063c48d39ca291933386a8
4c08bb83452d856bdaa57cf85892b93d0f951a6d1ddb26ee25f6a01716dce670
77f1272c88eee8d2a4ee16ead38d1addc9f678d912573e3fffb5f3e3d673d819
88df0b5a7bc397dbc13a26bb8b3742cc62cd1c9b0dded57da7832416d6f52f42
90c4f0951056e5a82b2150c8b3fe6d011a08ea2abc957453d080b8179504e2d7
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
b8c1117496600de0e069cb6e56f7946c0600c56c7e430a398eaf8ac04b58d9c9
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
d9a6f24db49ef87281b7dc94a349ae77e2ae531d1d5df63a20f04a3425323041
e06acb8a209f942bc7a320e57d4f9da1870dcc0715c1a3645dfffe05d00e8cf0
e88da95b864ca1c8e99f8c7a019c60da0c31dab929ab60476578680bccb6c967
eba9487840439a0fa53c9be0541c524bb84b590a7af8c86573ceb1fe19c4bda9
f088454de91c4c3810c4d0f9c1a005e9fd9a6125b45b52c94e4a68a91170a6a6
f834bf518b056d183528213f6e20086bf2f27013482281553da61b2670652cd7
f872ac788245e37f42ac620e27c57ad6c24709509ceb37435c48c35c119e6506

etcosmetics.mn Open in urlscan Pro 54.209.91.188 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

24 Requests

100 %HTTPS

57 %IPv6

7 Domains

8 Subdomains

7 IPs

2 Countries

3480 kBTransfer

3696 kBSize

1 Cookies

3 Outgoing links

Page URL History

Redirected requests

24 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Verdicts & Comments Add Verdict or Comment

41 JavaScript Global Variables

1 Cookies

1 Console Messages

Security Headers

Indicators

etcosmetics.mn Open in urlscan Pro
54.209.91.188 Public Scan

Screenshot
Live screenshot

Full Image

24
Requests

100 %
HTTPS

57 %
IPv6

7
Domains

8
Subdomains

7
IPs

2
Countries

3480 kB
Transfer

3696 kB
Size

1
Cookies

24 HTTP transactions
0 data transactions