www.ori.mn Open in urlscan Pro
2606:4700:3033::6815:4d16 Public Scan

URL:
https://www.ori.mn/
Submission: On March 18 via api (March 18th 2021, 6:08:17 pm UTC) from US

Summary HTTP 52 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 52 HTTP transactions. The main IP is 2606:4700:3033::6815:4d16, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.ori.mn.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on August 2nd 2020. Valid for: a year.

This is the only time www.ori.mn was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3033::6815:4d16	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.224.195.98 13.224.195.98	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
1	104.108.145.56 104.108.145.56	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:211... 2600:9000:211e:d600:14:fc6e:7009:aba1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
3	104.22.76.113 104.22.76.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42::729 2a04:4e42::729	54113 (FASTLY) (FASTLY)
2	2a00:1450:400... 2a00:1450:400c:c09::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
14	13.224.195.28 13.224.195.28	16509 (AMAZON-02) (AMAZON-02)
1	151.101.14.110 151.101.14.110	54113 (FASTLY) (FASTLY)
1	162.247.242.21 162.247.242.21	23467 (NEWRELIC-...) (NEWRELIC-AS-1)
52	17

2 2606:4700:3033::6815:4d16 (United States)

ASN13335 (CLOUDFLARENET, US)

www.ori.mn	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.195.98 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-98.fra2.r.cloudfront.net

cdn-web.viago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.108.145.56 (Berlin, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-56.deploy.static.akamaitechnologies.com

players.brightcove.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:d600:14:fc6e:7009:aba1 (United States)

ASN16509 (AMAZON-02, US)

cdn.one.accedo.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.22.76.113 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn-statics.cleeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cleeng.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::729 (United States)

ASN54113 (FASTLY, US)

cdn.ravenjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c09::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 13.224.195.28 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-28.fra2.r.cloudfront.net

connect-images.viago.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.14.110 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.242.21 (United States)

ASN23467 (NEWRELIC-AS-1, US)
PTR: bam-9.nr-data.net

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
16	viago.io cdn-web.viago.io connect-images.viago.io	10 MB
7	gstatic.com www.gstatic.com fonts.gstatic.com	83 KB
6	google-analytics.com www.google-analytics.com	19 KB
3	cleeng.com cdn-statics.cleeng.com cleeng.com	15 KB
2	google.de www.google.de	590 B
2	google.com www.google.com	590 B
2	doubleclick.net stats.g.doubleclick.net	506 B
2	accedo.tv cdn.one.accedo.tv	1 MB
2	ori.mn www.ori.mn	90 KB
1	nr-data.net bam.nr-data.net	268 B
1	newrelic.com js-agent.newrelic.com	9 KB
1	ravenjs.com cdn.ravenjs.com	9 KB
1	brightcove.net players.brightcove.net	295 KB
1	googleapis.com fonts.googleapis.com	739 B
52	14

	Domain	Requested by
14	connect-images.viago.io	www.ori.mn
6	fonts.gstatic.com	fonts.googleapis.com
6	www.google-analytics.com	www.ori.mn
2	cleeng.com	cdn-statics.cleeng.com
2	www.google.de	www.ori.mn
2	www.google.com	www.ori.mn
2	stats.g.doubleclick.net	www.ori.mn
2	cdn.one.accedo.tv	www.ori.mn
2	cdn-web.viago.io	www.ori.mn
2	www.ori.mn	cdn-web.viago.io
1	bam.nr-data.net	js-agent.newrelic.com
1	js-agent.newrelic.com	www.ori.mn
1	cdn.ravenjs.com	www.ori.mn
1	cdn-statics.cleeng.com	www.ori.mn
1	www.gstatic.com	www.ori.mn
1	players.brightcove.net	www.ori.mn
1	fonts.googleapis.com	www.ori.mn
52	17

This site contains no links.

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-02` - `2021-08-02`	a year	crt.sh
*.viago.io Amazon	`2021-03-08` - `2022-04-06`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
players.brightcove.net DigiCert SHA2 Secure Server CA	`2020-09-03` - `2021-10-03`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
one.accedo.tv Amazon	`2021-02-12` - `2022-03-12`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.cleeng.com Go Daddy Secure Certificate Authority - G2	`2020-04-25` - `2021-06-24`	a year	crt.sh
cdn.ravenjs.com GlobalSign Atlas R3 DV TLS CA 2020	`2021-02-22` - `2022-03-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
f4.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-11` - `2021-05-07`	2 months	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh

This page contains 1 frames:

Primary Page: https://www.ori.mn/
Frame ID: 8AD15B75ED6A69E0ED820052494F4F5B
Requests: 53 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Amazon Web Services (PaaS) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

Amazon Cloudfront (CDN) Expand

Overall confidence: 100%
Detected patterns

headers via /$CloudFront$$/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

52
Requests

90 %
HTTPS

63 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

11506 kB
Transfer

13896 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

52 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.ori.mn/ 538 KB
90 KB 667ms
618ms Document
text/html 2606:4700:3033::6815:4d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3033::6815:4d16 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e7eb25f63a2b5a61942e8f78ef649ceaa596cf81519b4d2ca2f3be08046eba0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Request headers

:method: GET
:authority: www.ori.mn
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:07:50 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=d8fde4bc1c683195f26f2f7a8845ae3321616090870; expires=Sat, 17-Apr-21 18:07:50 GMT; path=/; domain=.ori.mn; HttpOnly; SameSite=Lax user=j%3A%7B%22clientIp%22%3A%222a01%3A4f8%3A192%3A5414%3A%3A2%22%2C%22uuid%22%3A%221e4ea46d-64e5-4141-9247-06e6b3f327a3%22%7D; Max-Age=31536000; Path=/; Expires=Fri, 18 Mar 2022 18:07:50 GMT; HttpOnly; Secure
x-frame-options: DENY
content-security-policy: frame-ancestors 'none'
vary: Accept-Encoding
x-cache: Miss from cloudfront
via: 1.1 f7a79e15a22014280e8c7ec641b68a52.cloudfront.net (CloudFront)
x-amz-cf-pop: MXP64-C1
x-amz-cf-id: EN9HzTZ78z6V3jmR4gDX58bx4W6WMFH1gJF8lU_6VbH4NL8lfTu78w==
cf-cache-status: DYNAMIC
cf-request-id: 08e81ec9b100004e79f10f0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=VV%2BrFQXMweYqzhGZhDVukl%2FsBgoBJcv9qAxrpt6IyNXIRlrrp7dup7%2BJVa7TeiOUys4r9GDqdeLR3APEBKhscpmeCiyWrSsio%2BQf%2Ff14k%2F2tGzFBsLIF"}],"max_age":604800}
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
cf-ray: 63206722be2e4e79-FRA
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1 200
OK bundle.css
cdn-web.viago.io/1.28.0/ 298 KB
115 KB 118ms
30ms Stylesheet
text/css 13.224.195.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-web.viago.io/1.28.0/bundle.css
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-98.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d9949802947b612e35e70e36098d7d83594313ca0b679b87dd148355604b064c

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: qi0bSA2rMKXYmMxxS8D7dyjeF6KSv1vx
Content-Encoding: gzip
ETag: W/"2eec2f7e91da1c203a705df479a87cd5"
Age: 2641
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 26 Nov 2020 08:55:07 GMT
Server: AmazonS3
Date: Thu, 18 Mar 2021 17:24:10 GMT
Vary: Accept-Encoding
Content-Type: text/css
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: dEWg6TIZD769yjFxVMXni7dbS6J1CRusFNF30cdkaV1hO08aVHlEMw==

GET
H2 200 css
fonts.googleapis.com/ 4 KB
739 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ad4b2a0df454bb48a7e42b1150a98fbe446dd315c41970fa538e267ea2c9a9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 18 Mar 2021 17:18:42 GMT
server: ESF
date: Thu, 18 Mar 2021 18:07:50 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 18 Mar 2021 18:07:50 GMT

GET
H/1.1 200
OK index.min.js Show response
players.brightcove.net/5637308467001/H1rAD8dJM_default/ 1 MB
295 KB 138ms
65ms Script
application/javascript 104.108.145.56
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://players.brightcove.net/5637308467001/H1rAD8dJM_default/index.min.js
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.108.145.56 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: a841a3c30092e8b1e9a5730715048f6e46bbfbb6661f961470ee49d8dea83cc5

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: 7pq.pfnoNOj0_LtvtDm7aBiFc0BhRnWW
Content-Encoding: gzip
ETag: "c8a8059f8a1b708619e9789df229a481"
x-amz-request-id: 5E90CVR5APR2P1RW
x-amz-replication-status: COMPLETED
Connection: keep-alive
Content-Length: 301611
x-amz-id-2: qxucf0FvmFwn0XkfttPEo03z5YEpUX6jBwTzW19DftrFPRm+9D58g7Bv493eh1NUiOhQNj22cZI=
X-BCOV-Response-Mode: 1
X-Served-By: cache-dca17780-DCA
Last-Modified: Thu, 04 Mar 2021 20:37:49 GMT
Server: AmazonS3
X-Timer: S1614891863.962061,VS0,VE68
Date: Thu, 18 Mar 2021 18:07:50 GMT
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=135
Accept-Ranges: bytes
X-Cache-Hits: 0

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ 4 KB
2 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:07:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
expires: Thu, 18 Mar 2021 18:07:50 GMT

GET
H2 200 5a24f665a0e845001155d8b9
cdn.one.accedo.tv/files/ 514 KB
515 KB 34ms
11ms Image
image/png 2600:9000:211e:d600:14:fc6e:7009:aba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.one.accedo.tv/files/5a24f665a0e845001155d8b9?sessionKey=01F12KYP66V3EAA9E4GV6SNDST12FB99C0D2
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d600:14:fc6e:7009:aba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6723ae54d7c75fed10aa5d469ea198363cd6d50ebf1538138b8fd1d6215e272

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 03 Feb 2021 09:39:16 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
age: 3745716
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-imagewidth: 3039
content-length: 525999
x-amz-meta-filetype: asset
x-amz-meta-isimage: true
last-modified: Wed, 24 Jul 2019 14:59:21 GMT
server: AmazonS3
cache-control: max-age=31449600
x-amz-meta-accountid: 5a02c3f91de1c4000dbe085b
etag: "946e5a33f544f4a869fbbb8d25ce169e"
access-control-allow-methods: GET
x-amz-version-id: 7L.rOYyQdkIb.XQy._utdODptBwtutHS
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date
x-amz-meta-filename: ori_logo.png
x-amz-meta-imageheight: 1200
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: zbfUkKV1BrHq94dDjK0xNKS5bPOf8TQkcXrqVfVZeVXwmI2kyLVl-Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 316
date: Thu, 18 Mar 2021 18:02:35 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Thu, 18 Mar 2021 20:02:35 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFWJ0bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFWJ0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

33f963a7ce37cbcce434f8d997eadd75d42f9d6953a0cdbdbb82866475bed6f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ori.mn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 21:33:29 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:29 GMT
server: sffe
age: 74062
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16688
x-xss-protection: 0
expires: Thu, 17 Mar 2022 21:33:29 GMT

GET
H2 200 mem8YaGs126MiZpBA-UFUZ0bbck.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0bbck.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ori.mn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 11:21:25 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:24 GMT
server: sffe
age: 542786
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9400
x-xss-protection: 0
expires: Sat, 12 Mar 2022 11:21:25 GMT

GET
DATA 200
OK truncated
/ 83 KB
83 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: befb6e8c95af344259ff30d2c45968234172d08e2e8bed2bab2284f76432e7cc

Request headers

Origin: https://www.ori.mn
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOVuhpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ori.mn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 19:41:30 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:33 GMT
server: sffe
age: 599181
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9604
x-xss-protection: 0
expires: Fri, 11 Mar 2022 19:41:30 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ori.mn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 00:24:16 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 63815
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Fri, 18 Mar 2022 00:24:16 GMT

GET
H2 200 5a24f64d1de1c4000b7001c2
cdn.one.accedo.tv/files/ 514 KB
515 KB 10ms
10ms Image
image/png 2600:9000:211e:d600:14:fc6e:7009:aba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.one.accedo.tv/files/5a24f64d1de1c4000b7001c2?sessionKey=01F12KYP66V3EAA9E4GV6SNDST12FB99C0D2
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:d600:14:fc6e:7009:aba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d6723ae54d7c75fed10aa5d469ea198363cd6d50ebf1538138b8fd1d6215e272

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 30 Jan 2021 09:07:30 GMT
via: 1.1 747e99d9d8c5e29fdc713cf866bc3f83.cloudfront.net (CloudFront)
age: 4093221
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
x-amz-meta-imagewidth: 3039
content-length: 525999
x-amz-meta-filetype: asset
x-amz-meta-isimage: true
last-modified: Wed, 24 Jul 2019 14:59:21 GMT
server: AmazonS3
cache-control: max-age=31449600
x-amz-meta-accountid: 5a02c3f91de1c4000dbe085b
etag: "946e5a33f544f4a869fbbb8d25ce169e"
access-control-allow-methods: GET
x-amz-version-id: l.zrcn19A1CGZfYzuYU9AZCX_9WHK74R
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Date
x-amz-meta-filename: ori_logo.png
x-amz-meta-imageheight: 1200
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: image/png
x-amz-cf-id: C8kdt2GEeuvgi3g_6htQ9my49LZyRmDkhTkHwm-HOzNpaDxlJDUv3w==

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ori.mn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:04:09 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 57822
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Fri, 18 Mar 2022 02:04:09 GMT

GET
H3-Q050 200 mem5YaGs126MiZpBA-UNirkOX-hpOqc.woff2
fonts.gstatic.com/s/opensans/v18/ 17 KB
17 KB 35ms
21ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOX-hpOqc.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,600&display=swap

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43019016016eaa3c87ac75b7065503330f0210e8b31da7304da36cf3ea4e6037

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.ori.mn
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 03:54:54 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:39 GMT
server: sffe
age: 569577
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17420
x-xss-protection: 0
expires: Sat, 12 Mar 2022 03:54:54 GMT

GET
BLOB 206
Partial Content 69d84f1c-0b0a-45f1-b7ac-7e0afa9a7782
https://www.ori.mn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ori.mn/69d84f1c-0b0a-45f1-b7ac-7e0afa9a7782
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content f5f97857-35dc-41aa-9b77-8b298e06d9e4
https://www.ori.mn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ori.mn/f5f97857-35dc-41aa-9b77-8b298e06d9e4
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content f0eae922-f721-4472-991c-4f8aaf1aea17
https://www.ori.mn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ori.mn/f0eae922-f721-4472-991c-4f8aaf1aea17
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 206
Partial Content 313d21e9-a8a0-4127-9787-cc9b381f4f40
https://www.ori.mn/ 1 KB
0 Media
video/mp4

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ori.mn/313d21e9-a8a0-4127-9787-cc9b381f4f40
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Content-Range: bytes 0-1492/1493
Content-Length: 1493
Content-Type: video/mp4

GET
BLOB 200
OK 88818776-a6f3-4c64-833c-ed4d9ad9ac1a
https://www.ori.mn/ 31 B
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.ori.mn/88818776-a6f3-4c64-833c-ed4d9ad9ac1a
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 31
Content-Type: application/javascript

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
63 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=537612259&t=timing&_s=1&dl=https%3A%2F%2Fwww.ori.mn%2F&ul=en-us&de=UTF-8&dt=%D0%AD%D1%85%D0%BB%D1%8D%D0%BB%20%7C%20ORI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=App%20Load%20time&utv=load&utt=1003&an=ORI&_u=YGDACEABBAAAAC~&jid=293740135&gjid=848252166&cid=1603849656.1616090871&tid=UA-73846626-18&_gid=237342220.1616090871&_r=1&_slc=1&z=2050569231

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ori.mn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
29 B 13ms
13ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=537612259&t=timing&_s=1&dl=https%3A%2F%2Fwww.ori.mn%2F&ul=en-us&de=UTF-8&dt=%D0%AD%D1%85%D0%BB%D1%8D%D0%BB%20%7C%20ORI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&utc=App%20Load%20time&utv=load&utt=1003&_u=YGDACEABBAAAAC~&jid=1774909385&gjid=1599932374&cid=1603849656.1616090871&tid=UA-145825482-1&_gid=237342220.1616090871&_r=1&_slc=1&z=958038939

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:51 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ori.mn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 api.js Show response
cdn-statics.cleeng.com/js-api/3.0/ 80 KB
14 KB 127ms
44ms Script
application/javascript 104.22.76.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-statics.cleeng.com/js-api/3.0/api.js

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.76.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0c28758471f2e6505c3e54ebf0c6276ba483894cb80220f13f81f7046790fd1

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:07:51 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 18 Mar 2021 13:51:36 GMT
server: cloudflare
age: 2108
etag: W/"60535ae8-141a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=14400
strict-transport-security: max-age=2592000
cf-ray: 6320672a5ef74e20-FRA
cf-request-id: 08e81ece7b00004e201835a000000001

GET
H2 200 raven.min.js Show response
cdn.ravenjs.com/3.14.0/ 24 KB
9 KB 43ms
12ms Script
application/javascript 2a04:4e42::729
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.ravenjs.com/3.14.0/raven.min.js
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Fastly /
Resource Hash: 400bcf692072f25df22bff74fca31dfd30eeba76d89d54761d5cff058eab9769

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:07:51 GMT
content-encoding: gzip
last-modified: Fri, 31 Mar 2017 17:26:39 GMT
server: Fastly
age: 46769
etag: "2a78572fa63031f5e410771635580e63"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
content-length: 9425

GET
H/1.1 200
OK bundle.js Show response
cdn-web.viago.io/1.28.0/ 1 MB
354 KB 36ms
33ms Script
application/javascript 13.224.195.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn-web.viago.io/1.28.0/bundle.js
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.98 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-98.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c1886f477099bdb18b151ec3cb043515cfa113463a1d18a699b6766bb064200f

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: fMQ.gJlewbz5tIYV6yR4H4yaShNlazO0
Content-Encoding: gzip
ETag: W/"18030ac8de818b7b2298929cecddbefd"
Age: 477652
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Last-Modified: Thu, 26 Nov 2020 08:55:07 GMT
Server: AmazonS3
Date: Sat, 13 Mar 2021 05:27:00 GMT
Vary: Accept-Encoding
Content-Type: application/javascript
Via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad3.cloudfront.net (CloudFront)
Cache-Control: max-age=604800
X-Amz-Cf-Pop: FRA2-C1
X-Amz-Cf-Id: TAisSmk-H8KeiLWXyp5Sq1xLFk5MlfkPZG74veT2UbVOod_ehAB4Eg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
85 B 14ms
13ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-145825482-1&cid=1603849656.1616090871&jid=1774909385&gjid=1599932374&_gid=237342220.1616090871&_u=YGDACEABBAAAAC~&z=1442244550

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Mar 2021 18:07:51 GMT
content-type: text/plain
access-control-allow-origin: https://www.ori.mn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 29ms
28ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-145825482-1&cid=1603849656.1616090871&jid=1774909385&_u=YGDACEABBAAAAC~&z=1065672554

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
29ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-145825482-1&cid=1603849656.1616090871&jid=1774909385&_u=YGDACEABBAAAAC~&z=1065672554

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 start
www.ori.mn/proxy/event/ 0
0 363ms
362ms Fetch
application/octet-stream 2606:4700:3033::6815:4d16
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.ori.mn/proxy/event/start?appId=5a02c48c1de1c4000dcdb604&uuid=1e4ea46d-64e5-4141-9247-06e6b3f327a3
Requested by: Host: cdn-web.viago.io
URL: https://cdn-web.viago.io/1.28.0/bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3033::6815:4d16 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept: application/json
Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:07:52 GMT
via: 1.1 5c82476b8faa6db5077c339ee3b64cf0.cloudfront.net (CloudFront)
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
x-amz-cf-pop: MXP64-C1
x-cache: Miss from cloudfront
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
cf-request-id: 08e81ecff100004e79b532a000000001
x-newrelic-app-data: PxQGUFZSDgQGR1BXBwkEVlcDFB9AMQYAZBBZDEtZV0ZaClc9HjJDEA1YUCIJDUxBXwgNB0VtGAMSVFhHPkkQFlEQTEIQf3FmGkcVUR9RH1JKBgdQV1ABBQdWTVIbEwdTVwFUVVdWUlRTUQlSDgEWHlUEVRJUPA==
server: cloudflare
etag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DQUq9kB0e4MPfQhatxAXZOI3LIepu7J14VlzVx5u6LnSagBKpikbJLjBd5p5djGgIcrwxkOqkrg4odNvJZpQVYHUOQj5H%2BcTJAAD%2FtQaS3MEaznUZqy3"}],"max_age":604800}
content-type: application/octet-stream
cf-ray: 6320672cbb754e79-FRA
x-amz-cf-id: EVqW8etiAtl4rjZoI0o8vAWJy19EbVqd1opX9HZ6Q-lV5uDGMfSUIg==

GET
H2 200 autologin.js Show response
cleeng.com/autologin/ 65 B
397 B 157ms
150ms Script
text/html 104.22.76.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cleeng.com/autologin/autologin.js?callback=__cleeng_autologin_callback&r=0.17081449878140664

Requested by

Host: cdn-statics.cleeng.com
URL: https://cdn-statics.cleeng.com/js-api/3.0/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.76.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

335cb6452bc864615cbb6d3b33c0e52cb0f01c6d7d0fcc988298e6f4701c1ea0

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:51 GMT
content-encoding: br
cf-cache-status: BYPASS
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=2592000
cf-ray: 6320672cdc084e20-FRA
cf-request-id: 08e81ed00900004e20dca33000000001
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 3187da30c90dd8e5d7aebf5569694a7cc3a3c2a3d12224106c533c00f50bf7d3
connect-images.viago.io/w_771,c_scale,e_sharpen:70,q_95/ 203 KB
203 KB 111ms
34ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_771,c_scale,e_sharpen:70,q_95/3187da30c90dd8e5d7aebf5569694a7cc3a3c2a3d12224106c533c00f50bf7d3
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c6c464cca832d864bf1ffa3efa55d104d8a1b093ecc25d9e8e85e93444adfc98

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 17 Mar 2021 04:58:01 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Wed, 17 Mar 2021 04:37:06 GMT
server: AmazonS3
age: 133792
etag: "def62daf30aaf66680ed5d93415e49b4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 207611
x-amz-cf-id: Z20aLVZ9Sn5LTxgCfMNUHZVUst2xO5W_8ZIwNP3ZM0dGHGZgQGn0hg==

GET
H2 200 efddab378b0f297326f24777ba0bbcf29911d11b4e189539aea58443fa248373
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 93 KB
93 KB 166ms
89ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/efddab378b0f297326f24777ba0bbcf29911d11b4e189539aea58443fa248373
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 376adfceeda74433382160ebf592cd076ac78bf1df2727b3ebad179e4eda4dec

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 04:21:08 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Tue, 16 Mar 2021 02:07:49 GMT
server: AmazonS3
age: 222405
etag: "5209daa850b11baa3165af5713a51ba5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 95072
x-amz-cf-id: YK5v0zYPY8Q4z3lQWaQ19H1TCFGAGpdVpq4jIxXc6SnFiK6A844TVg==

GET
H2 200 599982e625e7c21a28bb34f429e57a87a393836be98037db8eb6235487a4935c
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 88 KB
88 KB 276ms
199ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/599982e625e7c21a28bb34f429e57a87a393836be98037db8eb6235487a4935c
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: abaa97ea0c02c1e1097a83b920106bafe30a324b5814115621be0f7fbb1b8af8

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 12 Mar 2021 01:41:47 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Fri, 12 Mar 2021 01:15:03 GMT
server: AmazonS3
age: 577566
etag: "36d7de555aa54d8ec27c85ffa32236bf"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 89629
x-amz-cf-id: HBZhTfSODO9JyBjIIvRi38jSRUE_9TAkItta4jCbU6yXnC1Y15LmUg==

GET
H2 200 7b44f52372fe72793cadbff91589d7bcb9cc235e1e7cc5950767134e5c7d942b
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 55 KB
56 KB 135ms
59ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/7b44f52372fe72793cadbff91589d7bcb9cc235e1e7cc5950767134e5c7d942b
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c4693ce41e1041fbda37c19ca82462103971daf95c044c54f16b7b60e2b8a007

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:24:31 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Fri, 05 Mar 2021 01:33:33 GMT
server: AmazonS3
age: 377002
etag: "d3ca99201892a984960a689379545d8c"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 56654
x-amz-cf-id: W2MNj4yTH45kCDyvWKRUVLaBqJXBeingD1fqxuFQpFDjQBVR2Nb3BA==

GET
H2 200 45e91c10a5c6f30bafdaafe55f3f6a5e420a4b06f1c653867ca7d3910af054f7
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 60 KB
61 KB 110ms
34ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/45e91c10a5c6f30bafdaafe55f3f6a5e420a4b06f1c653867ca7d3910af054f7
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 34b7cc1d08e0ea15d0fa370dd64c3ebd87959fadc6978c3738be00f30c528836

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 09:09:51 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Tue, 02 Mar 2021 01:12:19 GMT
server: AmazonS3
age: 637082
etag: "4101f6dc545af13cff10f97ad11c04b0"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 61593
x-amz-cf-id: wU7QLYeuIWat7XNVLyIHnwHC2bu-h-tUhoBBv7aVzvKTHq5fKQ3PBw==

GET
H2 200 3600173cbe89a11699a7156fbd7be8e19a152dc6d12d23984030d07819a0aac2
connect-images.viago.io/w_1920,c_scale,e_sharpen:70,q_91/ 636 KB
637 KB 161ms
86ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_1920,c_scale,e_sharpen:70,q_91/3600173cbe89a11699a7156fbd7be8e19a152dc6d12d23984030d07819a0aac2
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e76d38ac19febf859c79f0991800cffc987b5aff9a4034853c2f20c6d05a8339

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 10:06:57 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Sun, 26 Apr 2020 17:07:05 GMT
server: AmazonS3
age: 374456
etag: "f6d5c6fecbf7941bb081e2e1990dc7a4"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 651209
x-amz-cf-id: BWhIImbjclXf24CtpsC-pgElWbGn6qQLs3I6_Dhe4fvGi9NgatyR9A==

GET
H2 200 85030466ac087f2ca5b3265ac5f0ffbd58b8a37078770d5af00e3ff8b96724b8
connect-images.viago.io/w_1920,c_scale,e_sharpen:70,q_91/ 4 MB
4 MB 95ms
94ms Image
image/png 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_1920,c_scale,e_sharpen:70,q_91/85030466ac087f2ca5b3265ac5f0ffbd58b8a37078770d5af00e3ff8b96724b8
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 33c3ef967e21f7b6f0f811e2524b0ed6df482f01674ad1ccc3c6ac600470229e

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 11:36:41 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Sun, 14 Mar 2021 11:30:17 GMT
server: AmazonS3
age: 369072
etag: "5e250d4bd2bb09f7f6fd06522969117c"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 4605079
x-amz-cf-id: nDrT16AYrEjBBHr136KrDf8GTKFNf-4ycnd0plT-9gw_g8SA2mvqcw==

GET
H2 200 0c2695e963e6f8a4f60d03885e0654fcecaa08030335003d1cef5be34e0baade
connect-images.viago.io/w_1920,c_scale,e_sharpen:70,q_91/ 3 MB
3 MB 195ms
195ms Image
image/png 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_1920,c_scale,e_sharpen:70,q_91/0c2695e963e6f8a4f60d03885e0654fcecaa08030335003d1cef5be34e0baade
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 309c7c779c09d6cdbb5eebe033b0b926a1b1baf062a48b0c2a4dbf50e3e8a0cc

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 11 Mar 2021 06:10:48 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Mon, 14 Dec 2020 03:08:21 GMT
server: AmazonS3
age: 647825
etag: "daa12ca3e38f13f60e33ea45941b16ee"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 2991821
x-amz-cf-id: Z5VBHOzcVe5atdIYkmo47yZyr2YfjBr6GuRZ73Qta5xgGBTXb_59dw==

GET
H2 200 8528916a857bdc519f027a1c1dc4fe332d0a503b86d1614297942af3dc556fe8
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 177 KB
177 KB 196ms
195ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/8528916a857bdc519f027a1c1dc4fe332d0a503b86d1614297942af3dc556fe8
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a50b79d1711ed1a79a242f3161f046c4103ea641fc6c944833c032ced648c8e4

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:24:40 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Tue, 02 Mar 2021 01:12:20 GMT
server: AmazonS3
age: 376993
etag: "d4738c61e5ed6dc2da8f268e27f998b8"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 180765
x-amz-cf-id: EYH5WSFPDgfS3FYoyHlthAFCRhgBFt7lvvaRQa5g5kstjxVuIuDHEQ==

GET
H2 200 3acccafca653248c513e960fdf85b69e39f360adbbf6308849882dd79b69a467
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 168 KB
168 KB 195ms
194ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/3acccafca653248c513e960fdf85b69e39f360adbbf6308849882dd79b69a467
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 44b574a3d949e4439a0ae653d42a1e566a74310fcd16fb247f03747330f205ce

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:24:40 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Tue, 02 Feb 2021 01:43:51 GMT
server: AmazonS3
age: 376993
etag: "8d083c4803a2824e29cba9cc2e66931d"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 171797
x-amz-cf-id: mVx_jQD0Y2Qe4qlDtPWdKraD1n0GQWGKRiRkA0UjzYWymLL_s9NpRw==

GET
H2 200 56674c780ae8f0cb79a9803ba5eaac35d434503dec13d50fdc0a92de5990dce0
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 120 KB
121 KB 195ms
194ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/56674c780ae8f0cb79a9803ba5eaac35d434503dec13d50fdc0a92de5990dce0
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 157619a1ee68ac7dee3b2baf9c29707f2dd1e23e80f4267a3102dd4be1b2ddc2

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 14 Mar 2021 09:24:40 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Wed, 13 Jan 2021 10:04:14 GMT
server: AmazonS3
age: 376993
etag: "b1367460577b4bb07ff97d08828fb1b5"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 123391
x-amz-cf-id: AVl-TQb0-4AqLLNGcvyxBEXrz9t9NAb0_sARavAN2gZfkOdh3KC2vw==

GET
H2 200 6a9748b1d83175123fb9c6917f858be9edcdbf6797587cf0258a75dc5fb3958c
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 181 KB
182 KB 195ms
195ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/6a9748b1d83175123fb9c6917f858be9edcdbf6797587cf0258a75dc5fb3958c
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d29e6fb6540b7b6758516dbad9ef92f213115cd0a963d1840c9bbd233667da37

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 02:49:36 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Wed, 16 Dec 2020 04:58:15 GMT
server: AmazonS3
age: 55097
etag: "0d616605813a4da0b1bdebfbf43fd5d2"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 185601
x-amz-cf-id: RMlO1vPwBIO0DFlUASvIOpBKAYtD6vTEfHxnDqFgbLvWplIBmsoHpA==

GET
H2 200 2338e1ed389fed7bbe3df19f43fcdf732bc79c4eca7c7091824aa5ea168e9ef5
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 98 KB
98 KB 196ms
195ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/2338e1ed389fed7bbe3df19f43fcdf732bc79c4eca7c7091824aa5ea168e9ef5
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5b88325ebdf14c37c416b784db08bbe208ef8607e031cc3a96cc459942085b42

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 06:22:09 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Tue, 01 Dec 2020 02:22:17 GMT
server: AmazonS3
age: 301544
etag: "8b7571f9eb921f2188c54d5494f7694f"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 100072
x-amz-cf-id: t9pT6MsRpxEgWM8fLxlZ3LoBadc3vh6l3gRNADiHDolgQyvHcSyxyw==

GET
H2 200 jsonp Show response
cleeng.com/api/3.0/ 85 B
240 B 78ms
77ms Script
text/javascript 104.22.76.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cleeng.com/api/3.0/jsonp?callback=__cleeng_cb_894444&method=getCustomer&r=0.6578232530287265&params={%22customerToken%22:%22%22}

Requested by

Host: cdn-statics.cleeng.com
URL: https://cdn-statics.cleeng.com/js-api/3.0/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.22.76.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34b774e37ac307d506628c0bccd558a72bd39e84d131a8cdd22046c048137af

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 18 Mar 2021 18:07:52 GMT
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=utf8
strict-transport-security: max-age=2592000
cf-ray: 6320672dede94e20-FRA
cf-request-id: 08e81ed0ae00004e20ea2d8000000001
cf-railgun: e793cf6b67 99.99 0.014342 0030 57da

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
50 B 13ms
12ms XHR
text/plain 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&aip=1&a=537612259&t=pageview&_s=1&dl=https%3A%2F%2Fwww.ori.mn%2F&dp=StartPage&ul=en-us&de=UTF-8&dt=%D0%AD%D1%85%D0%BB%D1%8D%D0%BB%20%7C%20ORI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDACEABBAAAAC~&jid=1202389699&gjid=1514825107&cid=1603849656.1616090871&tid=UA-73846626-34&_gid=237342220.1616090871&_r=1&_slc=1&cd2=5a02c4741de1c4000dcdb5fb&cd3=Default%20Profile&z=1105653944

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:52 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.ori.mn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
63 B 6ms
5ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=537612259&t=pageview&_s=2&dl=https%3A%2F%2Fwww.ori.mn%2F&dp=StartPage&ul=en-us&de=UTF-8&dt=%D0%AD%D1%85%D0%BB%D1%8D%D0%BB%20%7C%20ORI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&an=ORI&_u=6HDACEABBAAAAC~&jid=&gjid=&cid=1603849656.1616090871&tid=UA-73846626-18&_gid=237342220.1616090871&cd2=5a02c4741de1c4000dcdb5fb&cd3=Default%20Profile&z=1568249855

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 12:41:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19559
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 6ms
6ms Image
image/gif 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&aip=1&a=537612259&t=pageview&_s=2&dl=https%3A%2F%2Fwww.ori.mn%2F&dp=StartPage&ul=en-us&de=UTF-8&dt=%D0%AD%D1%85%D0%BB%D1%8D%D0%BB%20%7C%20ORI&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6HDACEABBAAAAC~&jid=&gjid=&cid=1603849656.1616090871&tid=UA-145825482-1&_gid=237342220.1616090871&cd2=5a02c4741de1c4000dcdb5fb&cd3=Default%20Profile&z=609708093

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 12:41:53 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 19559
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
421 B 41ms
13ms XHR
text/plain 2a00:1450:400c:c09::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-73846626-34&cid=1603849656.1616090871&jid=1202389699&gjid=1514825107&_gid=237342220.1616090871&_u=6HDACEABBAAAAC~&z=1259624365

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Thu, 18 Mar 2021 18:07:52 GMT
content-type: text/plain
access-control-allow-origin: https://www.ori.mn
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
483 B 60ms
44ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-73846626-34&cid=1603849656.1616090871&jid=1202389699&_u=6HDACEABBAAAAC~&z=538430818

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 58ms
43ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-73846626-34&cid=1603849656.1616090871&jid=1202389699&_u=6HDACEABBAAAAC~&z=538430818

Requested by

Host: www.ori.mn
URL: https://www.ori.mn/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 18 Mar 2021 18:07:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bb7b8bb2b8b51b10edc28f2314a80c5630334f5e5b769f8d813468c15a30b9c3
connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/ 88 KB
89 KB 314ms
314ms Image
image/jpeg 13.224.195.28
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://connect-images.viago.io/w_480,c_scale,e_sharpen:80,q_95/bb7b8bb2b8b51b10edc28f2314a80c5630334f5e5b769f8d813468c15a30b9c3
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.28 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-28.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 16ba069182b9c610e17c563631fd4c712460fee59e3400cbda05c5fcbb7ab611

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 03:59:59 GMT
via: 1.1 59d92388a3a66e5f245f384a437fa025.cloudfront.net (CloudFront)
last-modified: Mon, 09 Nov 2020 04:40:05 GMT
server: AmazonS3
age: 742074
etag: "c4777def3eedd6511c054f0efe88f097"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=804600
x-amz-cf-pop: FRA2-C1
accept-ranges: bytes
content-length: 90557
x-amz-cf-id: 0gL02YcMegfZaFLmNk2ucYtLN67x6O3xqSBI5CvHIBlzX5eOJ0uFOA==

GET
H2 200 nr-974.min.js Show response
js-agent.newrelic.com/ 22 KB
9 KB 29ms
29ms Script
application/javascript 151.101.14.110
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-974.min.js
Requested by: Host: www.ori.mn
URL: https://www.ori.mn/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.14.110 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: null
content-encoding: gzip
etag: "634571f9ce8c2fed916ddca30914f48a"
x-amz-request-id: A05BF19064E392A7
x-cache: HIT
content-length: 8756
x-amz-id-2: +Rq/bF0z0CNMpkewKjalkMDTPMRWp6kE1eR+pXw4i0nQUM7BNpPEc8xLNcPzFkC5o0ZCqaA+tok=
x-served-by: cache-fra19140-FRA
last-modified: Wed, 28 Feb 2018 23:33:45 GMT
server: AmazonS3
x-timer: S1616090873.575615,VS0,VE0
date: Thu, 18 Mar 2021 18:07:52 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 72

GET
H/1.1 200
OK d47b15a698 Show response
bam.nr-data.net/1/ 57 B
268 B 130ms
129ms Script
text/javascript 162.247.242.21
NEWRELIC-AS-1

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/d47b15a698?a=18050302&sa=1&v=974.7d740e1&t=Unnamed%20Transaction&rst=2489&ref=https://www.ori.mn/&be=677&fe=1737&dc=1063&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1616090870142,%22n%22:0,%22f%22:0,%22dn%22:2,%22dne%22:34,%22c%22:34,%22s%22:39,%22ce%22:50,%22rq%22:50,%22rp%22:668,%22rpe%22:1110,%22dl%22:670,%22di%22:1740,%22ds%22:1740,%22de%22:1741,%22dc%22:2413,%22l%22:2414,%22le%22:2417%7D,%22navigation%22:%7B%7D%7D&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-974.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 162.247.242.21 , United States, ASN23467 (NEWRELIC-AS-1, US),
Reverse DNS: bam-9.nr-data.net
Software: /
Resource Hash: f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

Request headers

Referer: https://www.ori.mn/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Expires: Thu, 01 Jan 1970 00:00:00 GMT
Content-Length: 57
Content-Type: text/javascript;charset=ISO-8859-1

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ori.mn/	1970-01-19 16:54:50	Name: _gat_commonTracker Value: 1
.ori.mn/	1970-01-19 16:54:50	Name: _gat_externalTracker Value: 1
.ori.mn/	1970-01-19 16:54:50	Name: _gat Value: 1
.ori.mn/	1970-01-19 16:56:17	Name: _gid Value: GA1.2.237342220.1616090871
.ori.mn/	1970-01-20 10:26:02	Name: _ga Value: GA1.2.1603849656.1616090871
www.ori.mn/	1970-01-20 01:40:26	Name: user Value: j%3A%7B%22clientIp%22%3A%222a01%3A4f8%3A192%3A5414%3A%3A2%22%2C%22uuid%22%3A%221e4ea46d-64e5-4141-9247-06e6b3f327a3%22%7D
.ori.mn/	1970-01-19 17:38:02	Name: __cfduid Value: d8fde4bc1c683195f26f2f7a8845ae3321616090870

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://players.brightcove.net/5637308467001/H1rAD8dJM_default/index.min.js(Line 1) Message: VIDEOJS: WARN: A plugin named "eme" already exists. You may want to avoid re-registering plugins!

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bam.nr-data.net
cdn-statics.cleeng.com
cdn-web.viago.io
cdn.one.accedo.tv
cdn.ravenjs.com
cleeng.com
connect-images.viago.io
fonts.googleapis.com
fonts.gstatic.com
js-agent.newrelic.com
players.brightcove.net
stats.g.doubleclick.net
www.google-analytics.com
www.google.com
www.google.de
www.gstatic.com
www.ori.mn
104.108.145.56
104.22.76.113
13.224.195.28
13.224.195.98
151.101.14.110
162.247.242.21
2600:9000:211e:d600:14:fc6e:7009:aba1
2606:4700:3033::6815:4d16
2a00:1450:4001:800::2003
2a00:1450:4001:801::200e
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2004
2a00:1450:4001:82a::200a
2a00:1450:400c:c09::9d
2a04:4e42::729
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
157619a1ee68ac7dee3b2baf9c29707f2dd1e23e80f4267a3102dd4be1b2ddc2
16ba069182b9c610e17c563631fd4c712460fee59e3400cbda05c5fcbb7ab611
309c7c779c09d6cdbb5eebe033b0b926a1b1baf062a48b0c2a4dbf50e3e8a0cc
335cb6452bc864615cbb6d3b33c0e52cb0f01c6d7d0fcc988298e6f4701c1ea0
33c3ef967e21f7b6f0f811e2524b0ed6df482f01674ad1ccc3c6ac600470229e
33f963a7ce37cbcce434f8d997eadd75d42f9d6953a0cdbdbb82866475bed6f7
34b7cc1d08e0ea15d0fa370dd64c3ebd87959fadc6978c3738be00f30c528836
376adfceeda74433382160ebf592cd076ac78bf1df2727b3ebad179e4eda4dec
400bcf692072f25df22bff74fca31dfd30eeba76d89d54761d5cff058eab9769
43019016016eaa3c87ac75b7065503330f0210e8b31da7304da36cf3ea4e6037
44b574a3d949e4439a0ae653d42a1e566a74310fcd16fb247f03747330f205ce
460b265f6b87442ce02adfe558f1bb4bac1af371b36a1d2c4d0bbf4b6f11e265
547ded99e5139a10d4145e6e5c62ce35fa03495f625ee8d1e457011408428154
5b88325ebdf14c37c416b784db08bbe208ef8607e031cc3a96cc459942085b42
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ad4b2a0df454bb48a7e42b1150a98fbe446dd315c41970fa538e267ea2c9a9f
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a50b79d1711ed1a79a242f3161f046c4103ea641fc6c944833c032ced648c8e4
a841a3c30092e8b1e9a5730715048f6e46bbfbb6661f961470ee49d8dea83cc5
abaa97ea0c02c1e1097a83b920106bafe30a324b5814115621be0f7fbb1b8af8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
befb6e8c95af344259ff30d2c45968234172d08e2e8bed2bab2284f76432e7cc
c1886f477099bdb18b151ec3cb043515cfa113463a1d18a699b6766bb064200f
c34b774e37ac307d506628c0bccd558a72bd39e84d131a8cdd22046c048137af
c4693ce41e1041fbda37c19ca82462103971daf95c044c54f16b7b60e2b8a007
c6c464cca832d864bf1ffa3efa55d104d8a1b093ecc25d9e8e85e93444adfc98
d29e6fb6540b7b6758516dbad9ef92f213115cd0a963d1840c9bbd233667da37
d6723ae54d7c75fed10aa5d469ea198363cd6d50ebf1538138b8fd1d6215e272
d9949802947b612e35e70e36098d7d83594313ca0b679b87dd148355604b064c
de272e6c7c5237ae60a9f3e96379de2c5778af29343ff06678f767cccf7f7faa
e0c28758471f2e6505c3e54ebf0c6276ba483894cb80220f13f81f7046790fd1
e76d38ac19febf859c79f0991800cffc987b5aff9a4034853c2f20c6d05a8339
e7eb25f63a2b5a61942e8f78ef649ceaa596cf81519b4d2ca2f3be08046eba0f
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f69a13217482dc43f25e74cfcb9391d0f06d22501f10f5cb5e413d2d98a5cd23

www.ori.mn Open in urlscan Pro 2606:4700:3033::6815:4d16 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

52 Requests

90 %HTTPS

63 %IPv6

14 Domains

17 Subdomains

17 IPs

3 Countries

11506 kBTransfer

13896 kBSize

7 Cookies

0 Outgoing links

Redirected requests

52 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.ori.mn Open in urlscan Pro
2606:4700:3033::6815:4d16 Public Scan

Screenshot
Live screenshot

Full Image

52
Requests

90 %
HTTPS

63 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

11506 kB
Transfer

13896 kB
Size

7
Cookies

52 HTTP transactions
1 data transactions