exchange.mercuryo.io Open in urlscan Pro
3.73.186.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchange.mercuryo.io/
Submission: On June 20 via api (June 20th 2023, 10:30:26 am UTC) from CZ — Scanned from DE

Summary HTTP 88 Redirects Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 12 domains to perform 88 HTTP transactions. The main IP is 3.73.186.146, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is exchange.mercuryo.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 29th 2023. Valid for: a year.

This is the only time exchange.mercuryo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	3.73.186.146 3.73.186.146	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
13	52.58.226.79 52.58.226.79	16509 (AMAZON-02) (AMAZON-02)
1	108.156.60.96 108.156.60.96	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	76.223.16.1 76.223.16.1	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.48 52.222.139.48	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
3	2600:1f18:f8a... 2600:1f18:f8a:b701:d5f7:d400:625b:acb2	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
2	65.9.86.80 65.9.86.80	16509 (AMAZON-02) (AMAZON-02)
5	3.210.153.240 3.210.153.240	14618 (AMAZON-AES) (AMAZON-AES)
1	34.204.129.135 34.204.129.135	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
88	17

30 3.73.186.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

exchange.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.58.226.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.156.60.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-156-60-96.ams1.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.223.16.1 (United States)

ASN16509 (AMAZON-02, US)
PTR: a885e4cd4ba7f987e.awsglobalaccelerator.com

eun1.fptls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-48.ams50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1f18:f8a:b701:d5f7:d400:625b:acb2 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.86.80 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-86-80.ams1.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.210.153.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-153-240.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.204.129.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-204-129-135.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
43	mercuryo.io exchange.mercuryo.io widget.mercuryo.io api.mercuryo.io	754 KB
17	google.com www.google.com — Cisco Umbrella Rank: 3 pay.google.com — Cisco Umbrella Rank: 3299 play.google.com — Cisco Umbrella Rank: 51	429 KB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 6238 img.riskified.com — Cisco Umbrella Rank: 5578 c.riskified.com — Cisco Umbrella Rank: 4314	16 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	22 KB
4	gstatic.com www.gstatic.com	105 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 3724	209 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2661 api-iam.intercom.io — Cisco Umbrella Rank: 2160	6 KB
1	google.de www.google.de — Cisco Umbrella Rank: 4835	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 124	351 B
1	fptls.com eun1.fptls.com — Cisco Umbrella Rank: 231330	331 B
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 11982	41 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	47 KB
88	12

	Domain	Requested by
26	api.mercuryo.io	widget.mercuryo.io
13	widget.mercuryo.io	exchange.mercuryo.io widget.mercuryo.io
12	play.google.com	www.gstatic.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com widget.mercuryo.io
5	img.riskified.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	widget.mercuryo.io pay.google.com exchange.mercuryo.io www.gstatic.com
4	exchange.mercuryo.io	exchange.mercuryo.io
2	c.riskified.com	widget.mercuryo.io
2	js.intercomcdn.com	widget.intercom.io
1	api-iam.intercom.io	js.intercomcdn.com
1	www.google.de
1	www.google.com
1	beacon.riskified.com	widget.mercuryo.io
1	stats.g.doubleclick.net	widget.mercuryo.io
1	widget.intercom.io	widget.mercuryo.io
1	eun1.fptls.com	widget.mercuryo.io
1	fpnpmcdn.net	widget.mercuryo.io
1	www.googletagmanager.com	widget.mercuryo.io
88	19

This site contains no links.

Subject Issuer	Validity	Valid
*.mercuryo.io Go Daddy Secure Certificate Authority - G2	`2023-05-29` - `2024-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M01	`2022-11-09` - `2023-12-08`	a year	crt.sh
eun1.fptls.com R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.riskified.com Amazon RSA 2048 M02	`2023-03-21` - `2024-04-17`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-29` - `2023-08-21`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://exchange.mercuryo.io/
Frame ID: B20426754BE37F080B4EBDEE0151DAE8
Requests: 4 HTTP requests in this frame

Frame: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
Frame ID: F90046C45ECB25641262FEB2F1101BD6
Requests: 48 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.e5d0991e.js
Frame ID: 7D8F450432C7F36C4CFD4EFC60E344A1
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=
Frame ID: CFDD22CF8E09A44E17639A9A1AF65484
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercuryo | Cryptocurrency Exchange Service Available 24/7

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

88
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

1629 kB
Transfer

4916 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

88 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exchange.mercuryo.io/ 3 KB
2 KB 61ms
13ms Document
text/html 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

014389e0a0cfa4404d196c2b3c26d51b895cc6b9b61b0c40c0b9e8d2657be11f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html
date: Tue, 20 Jun 2023 10:30:21 GMT
etag: W/"648b1ae7-b3d"
expires: Tue, 20 Jun 2023 10:30:21 GMT
last-modified: Thu, 15 Jun 2023 14:06:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 embed.2.1.js Show response
exchange.mercuryo.io/ 208 KB
63 KB 17ms
16ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/embed.2.1.js?28b04a1e82446e5530ca

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0cdeb7d03363029610fb53b2bbabee405d52664103aeb576201c274f96625e19

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 14:06:32 GMT
etag: W/"648b1ae8-340ee"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 144c83dec83331b84d6d5864044a12da
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 9125.2be06cdfb00ebb764e1c.js Show response
exchange.mercuryo.io/ 37 KB
13 KB 13ms
12ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/9125.2be06cdfb00ebb764e1c.js?28b04a1e82446e5530ca

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9ea2266c2f1f34fb848c9091add55522407acff694525e6ebbad10009917539f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-949d"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 634c650f682607231915f473eeea0510
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 exchange.931a6eadd5165da10c7c.js Show response
exchange.mercuryo.io/ 14 KB
6 KB 13ms
13ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/exchange.931a6eadd5165da10c7c.js?28b04a1e82446e5530ca

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d7b046d49504651dffb7e05f397dad1337fa02c791d6ec6f800de83cfb557568

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-385c"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 9d6ec612167beb3b2f6dbf0e90901aef
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 / Show response
widget.mercuryo.io/ Frame F900 3 KB
2 KB 128ms
62ms Document
text/html 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/embed.2.1.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

885a36f5aa2ee8344420378072f096993ebda0edbc163c8706847968244e575e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://exchange.mercuryo.io
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://exchange.mercuryo.io
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors https://exchange.mercuryo.io
content-type: text/html
date: Tue, 20 Jun 2023 10:30:21 GMT
etag: W/"648b1ae7-a64"
expires: Tue, 20 Jun 2023 10:30:21 GMT
last-modified: Thu, 15 Jun 2023 14:06:31 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: allow-from https://exchange.mercuryo.io
x-xss-protection: 1; mode=block

GET
H2 200 6896.f8595609057082592188.css
widget.mercuryo.io/ Frame F900 50 KB
8 KB 13ms
12ms Stylesheet
text/css 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ad9b95ad37f8c05ced49fc995f7164524820cd4285d4b5d992b894b33d1fee76

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-c9ac"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 8a778a34f5187eb6a42fd57f9c748ac6
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 main.d9b4a563b87f48bde8ae.css
widget.mercuryo.io/ Frame F900 46 KB
8 KB 14ms
14ms Stylesheet
text/css 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.d9b4a563b87f48bde8ae.css?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1112f6112e093e4a732ec22cef385e7f96fbd7dd44c0b1aa95f38214d09a1c0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-b99f"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 2543440877da13026877771588dfa41a
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 9125.2be06cdfb00ebb764e1c.js Show response
widget.mercuryo.io/ Frame F900 37 KB
13 KB 13ms
12ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/9125.2be06cdfb00ebb764e1c.js?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9ea2266c2f1f34fb848c9091add55522407acff694525e6ebbad10009917539f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-949d"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 97adaaba199c41c52736d35702e4ee19
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 1186.94015441ef681375a09f.js Show response
widget.mercuryo.io/ Frame F900 620 KB
200 KB 25ms
24ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/1186.94015441ef681375a09f.js?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d43891bd5a0468dfa319640c369eb28d08619d9fd5dc688860e6db5153a697eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-9ae96"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 388500007bc85df9af95034f94e79cfd
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 7650.1229cba2f28f247ad4d5.js Show response
widget.mercuryo.io/ Frame F900 284 KB
88 KB 26ms
25ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

263924c2bc06934e719ae9ead6bf2e774ef7eb59b4bec40aa2e9768cf9edc571

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-4707d"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 4d8fa5233738911e8c9fb7b6a9347873
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 6896.f7afc74509c72328140c.js Show response
widget.mercuryo.io/ Frame F900 234 KB
53 KB 30ms
29ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/6896.f7afc74509c72328140c.js?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bc98d7346bccb224196eba9d350e3dc4c9902ff3dfd21afa1782cf0bc1de8ddf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-3a62a"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 869ddc763ddbc85945d3e4613f3fa50d
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 main.4cd1e41e07c4e702744b.js Show response
widget.mercuryo.io/ Frame F900 286 KB
79 KB 16ms
15ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.4cd1e41e07c4e702744b.js?28b04a1e82446e5530ca

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b3685d372713e1a6e39db34ff9cfcbf6e96365836d64cef7201746b335b163b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-4790a"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 9196d0485a19103d37df8644548f89e8
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F900 120 KB
47 KB 42ms
19ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1863b08290af2f7457c4838a02768a1dcadb86b3d127e3a5e503a3344cb2c90f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47706
x-xss-protection: 0
last-modified: Tue, 20 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 20 Jun 2023 10:30:21 GMT

GET
H2 200 8637.1103c54ea3e1b65ece2e.js Show response
widget.mercuryo.io/ Frame F900 32 KB
10 KB 14ms
14ms Script
application/javascript 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/8637.1103c54ea3e1b65ece2e.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.4cd1e41e07c4e702744b.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c1353756019629135be9433bfb36857cf9cdb9cfbf4236449baaff6481b99459

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: W/"648b14fa-7f5a"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: d26d0af85ecad89149737b79c294238f
expires: Sun, 25 Jun 2023 10:30:21 GMT

OPTIONS
H2 204 keep-alive
api.mercuryo.io/v1.6/user22/ Frame 0
0 54ms
19ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 start
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 49ms
15ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 401 keep-alive Show response
api.mercuryo.io/v1.6/user22/ Frame F900 112 B
435 B 75ms
75ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 54d090fd22d2955c

GET
H2 200 start Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame F900 68 B
457 B 73ms
73ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c4d23610bba8efac39b082c5a5eaac788370183d7b8ef187d7beaeadacaf8ac1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 3c4c51fba25e4d1c

GET
H2 200 loader_v3.8.3.js Show response
fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/ Frame F900 117 KB
41 KB 56ms
15ms Script
text/javascript 108.156.60.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.3.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.156.60.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-156-60-96.ams1.r.cloudfront.net

Software

CloudFront /

Resource Hash

5dc476084e7d3acfafcbe635a0faad61988c779904d5269eeaf579fd6679f95c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 13:34:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 397f210a9eb9ec34ba3f1f814bc1a7a2.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-P2
age: 75372
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"rL5y52oaCx93Wb6AIpM0cfcQB6U"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3565, s-maxage=628171
x-amz-cf-id: pksCH54vR5e9x4ONu8GJQp4Vhfe8m5w09teGJtwI3rMJDKp66cj-Kw==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F900 51 KB
21 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 20 Jun 2023 09:04:42 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 5139
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 20 Jun 2023 11:04:42 GMT

GET
H2 200 BrutalType-Regular.woff2
widget.mercuryo.io/fonts/ Frame F900 27 KB
27 KB 11ms
10ms Font
font/woff2 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Regular.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: "648b14fa-6c14"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27668
x-request-id: 36be8dfe302ccc77a0c3601fcd4a8704
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame F900 1 KB
962 B 8ms
8ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:12:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1076
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 20 Jun 2023 11:12:25 GMT

OPTIONS
H2 204 data
api.mercuryo.io/v1.6/widget/ Frame 0
0 12ms
12ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 currencies
api.mercuryo.io/v1.6/lib/ Frame 0
0 12ms
11ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 countries
api.mercuryo.io/v1.6/lib/ Frame 0
0 11ms
11ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 data Show response
api.mercuryo.io/v1.6/widget/ Frame F900 358 B
829 B 80ms
77ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

72d09887610d2f5576c4def628f3c21d5384b21678f95a3925b1a0ffae2faf0a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 575dacbfe122d6b5

GET
H2 200 currencies Show response
api.mercuryo.io/v1.6/lib/ Frame F900 34 KB
5 KB 74ms
72ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0b3395ee35cbb2abcd6f4ead2bcbbf161b554df8bbfc3f1dfb3fcd47a32a73ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 36b5505a83bb1eea

GET
H2 200 countries Show response
api.mercuryo.io/v1.6/lib/ Frame F900 19 KB
4 KB 68ms
67ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0032fc659757e2be8537e21bd3eac29b879bbb75f6d5dbdfc6dd4d5f5b34dba8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 7a7bf89563518348

GET
H2 200 / Show response
eun1.fptls.com/ Frame F900 204 B
331 B 362ms
38ms XHR
text/plain 76.223.16.1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eun1.fptls.com/

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

76.223.16.1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a885e4cd4ba7f987e.awsglobalaccelerator.com

Software

Resource Hash

ebe098390c9e246ebc53e5778cdcd72880fd672ba766a54a3d07ae8fbdb98ce7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Tue, 20 Jun 2023 10:30:21 GMT
content-length: 204
content-type: text/plain; charset=utf-8

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame F900 2 B
22 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=656758066&t=pageview&_s=1&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIRAAAAACAAI~&jid=2144838012&gjid=489807023&cid=238333823.1687257021&tid=UA-130553073-7&_gid=810694278.1687257021&_r=1&gtm=457e36e0&jsscut=1&did=i5iSjo&z=1109115305

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 10:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t3xaiuum Show response
widget.intercom.io/widget/ Frame F900 7 KB
3 KB 443ms
398ms Script
application/javascript 52.222.139.48
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/t3xaiuum
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.139.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-139-48.ams50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 25dfcab3b33c03ddd273ff0b02db959fccbae1fa00ee656906a961e45b9436f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: tFcktqGRDASgQA5iAV.k9XgVnK8PwIjI
content-encoding: gzip
via: 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
date: Tue, 20 Jun 2023 10:18:08 GMT
x-amz-cf-pop: AMS50-C1
age: 1213
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2677
last-modified: Tue, 20 Jun 2023 08:16:22 GMT
server: AmazonS3
etag: "0388e8e3728efb96502069b9e76cb300"
vary: Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: 7_tGnEHZmixbb2otPn2OeV59PHILrnS3U4FzjnP9tTHxKoj1QaN9Uw==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame F900 4 B
351 B 59ms
19ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-130553073-7&cid=238333823.1687257021&jid=2144838012&gjid=489807023&_gid=810694278.1687257021&_u=aGDAAUIQAAAAACAAI~&z=2130054455

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 20 Jun 2023 10:30:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 26ms
26ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 16ms
16ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fast-mobile-pay-options
api.mercuryo.io/v1.6/widget/ Frame 0
0 24ms
24ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rates
api.mercuryo.io/v1.6/widget/ Frame 0
0 10ms
10ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 11ms
11ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 data-by-ip
api.mercuryo.io/v1.6/public/ Frame 0
0 10ms
10ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 first-open
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 13ms
13ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-calc-id,x-widget-id
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
beacon.riskified.com/ Frame F900 48 KB
15 KB 400ms
180ms Script
application/javascript 2600:1f18:f8a:b701:d5f7:d400:625b:acb2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=www.mercuryo.io&sid=82c9356f-29af-4541-9559-6a787cd83e64

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6896.f7afc74509c72328140c.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b701:d5f7:d400:625b:acb2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

2878355698f1e1f65e7d19e7729c361f230a32d06b4f233310e88662ccff81b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 10:30:21 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/d3d3Lm1lcmN1cnlvLmlv/ODJjOTM1NmYtMjlhZi00NTQxLTk1NTktNmE3ODdjZDgzZTY0
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600,no-store
trace-id: 923c54589d8779d0f8fb3bd4cf1b4567
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame F900 13 B
436 B 15ms
15ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 5f8219b00c1f5a344d58bac79933a76c
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 13
x-xss-protection: 1; mode=block
x-request-id: 61e34516ecec3ef2c9bf7c4abd49ca7b

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame F900 13 B
436 B 19ms
19ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-trace-id: 25d2d4bf38e0be5f6e6360c42ef4a9ab
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 13
x-xss-protection: 1; mode=block
x-request-id: 5c699cf47c3828b8d8e658bae245964f

GET
H2 200 fast-mobile-pay-options Show response
api.mercuryo.io/v1.6/widget/ Frame F900 714 B
793 B 83ms
83ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 437162e69bbb238

GET
H2 200 Karloff-Neutral-Regular-Web.woff2
widget.mercuryo.io/fonts/ Frame F900 106 KB
107 KB 12ms
11ms Font
font/woff2 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/Karloff-Neutral-Regular-Web.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: "648b14fa-1a828"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 108584
x-request-id: 137a244810464561f59827332d8f19ba
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 BrutalType-Bold.woff2
widget.mercuryo.io/fonts/ Frame F900 27 KB
27 KB 11ms
11ms Font
font/woff2 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Bold.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: "648b14fa-6a28"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27176
x-request-id: 14be9e08cfafa193fac6b2b286fc0b59
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 BrutalType-Medium.woff2
widget.mercuryo.io/fonts/ Frame F900 26 KB
27 KB 12ms
12ms Font
font/woff2 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Medium.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/6896.f8595609057082592188.css?28b04a1e82446e5530ca
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 15 Jun 2023 13:41:14 GMT
etag: "648b14fa-693c"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 26940
x-request-id: 5ef6a7c3226901cb15350706ed5111e6
expires: Sun, 25 Jun 2023 10:30:21 GMT

GET
H2 200 rates Show response
api.mercuryo.io/v1.6/widget/ Frame F900 19 KB
6 KB 1770ms
1770ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c8199bcf768fa7d53701a7aba10a895e6dad424532541bada739c5ccec06589d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 710eebd9f969975

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame F900 766 B
889 B 211ms
211ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e772c1f2facc8b9fa4f5eb74de7fba1ac6a002d267ad48200a23843cf7b51843

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 478497e07737c11a

GET
H2 200 data-by-ip Show response
api.mercuryo.io/v1.6/public/ Frame F900 80 B
544 B 13ms
13ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3ddb71bdb936a7399db748eb4b6b7be996ab6b8d13beca61cdd4287601388bc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 10:30:21 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 80
x-xss-protection: 1; mode=block
x-request-id: 6c16e481fe9233da67bb9a51d8611810
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 first-open Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame F900 24 B
416 B 95ms
94ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 6b9e077458e9ca86

GET
H3 200 collect
www.google-analytics.com/ Frame F900 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=656758066&t=event&_s=2&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_from-currency-clicked&ea=%7B%22value%22%3A%22USD%22%2C%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22bc5eaf924444e715106c34f5d6e99e54%22%2C%22test_group%22%3A%22A%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=238333823.1687257021&tid=UA-130553073-7&_gid=810694278.1687257021&gtm=457e36e0&jsscut=1&did=i5iSjo&z=159926646

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 05:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16595
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F900 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=656758066&t=event&_s=3&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_from-currency-clicked&ea=%7B%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22bc5eaf924444e715106c34f5d6e99e54%22%2C%22test_group%22%3A%22A%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=238333823.1687257021&tid=UA-130553073-7&_gid=810694278.1687257021&gtm=457e36e0&jsscut=1&did=i5iSjo&z=64527025

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 05:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16595
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F900 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=656758066&t=event&_s=4&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=measure&ea=%7B%22performance%22%3A%5B%7B%22name%22%3A%22global%2FgetCalcStart%2Ffulfilled%22%2C%22duration%22%3A154.9000015258789%2C%22time%22%3A319.5%7D%2C%7B%22name%22%3A%22user%2FkeepAlive%2Frejected%22%2C%22duration%22%3A162.10000228881836%2C%22time%22%3A314%7D%2C%7B%22name%22%3A%22lib%2FgetCountries%2Ffulfilled%22%2C%22duration%22%3A101.5%2C%22time%22%3A473.4000015258789%7D%2C%7B%22name%22%3A%22lib%2FgetCurrencies%2Ffulfilled%22%2C%22duration%22%3A104.89999771118164%2C%22time%22%3A472.60000228881836%7D%2C%7B%22name%22%3A%22global%2FgetWidgetData%2Ffulfilled%22%2C%22duration%22%3A110.5999984741211%2C%22time%22%3A471.4000015258789%7D%2C%7B%22name%22%3A%22complete%22%2C%22duration%22%3A702.9000015258789%7D%5D%2C%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22bc5eaf924444e715106c34f5d6e99e54%22%2C%22test_group%22%3A%22A%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=238333823.1687257021&tid=UA-130553073-7&_gid=810694278.1687257021&gtm=457e36e0&jsscut=1&did=i5iSjo&z=1044594782

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 05:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16595
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F900 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=656758066&t=event&_s=5&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_shown&ea=%7B%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22bc5eaf924444e715106c34f5d6e99e54%22%2C%22test_group%22%3A%22A%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=238333823.1687257021&tid=UA-130553073-7&_gid=810694278.1687257021&gtm=457e36e0&jsscut=1&did=i5iSjo&z=2144682858

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 05:53:46 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16595
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame F900 42 B
408 B 56ms
32ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-130553073-7&cid=238333823.1687257021&jid=2144838012&_u=aGDAAUIQAAAAACAAI~&z=1566386556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 10:30:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame F900 42 B
408 B 56ms
33ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-130553073-7&cid=238333823.1687257021&jid=2144838012&_u=aGDAAUIQAAAAACAAI~&z=1566386556

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 10:30:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F900 116 KB
36 KB 143ms
78ms Script
application/javascript 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6896.f7afc74509c72328140c.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-58MhaambR4_RKvAZA8B2YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-58MhaambR4_RKvAZA8B2YA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 20 Jun 2023 10:30:22 GMT

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 9ms
9ms Preflight 52.58.226.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true&token=23ab34faa9e7f64fb54ca39726f060b912003e9e8702d4228956f6d1473e69b0eyJ0IjoiMTY4NzI1NzAyMSIsInR0Ijp0cnVlLCJjIjoiQlRDIiwiYSI6IjAuMDEwMzc2ODgiLCJmYyI6IlVTRCIsImZhIjoiMzAwLjAwIiwiZiI6IjExLjQwIiwidGYiOiIwIiwic2YiOiIxMS40MDAwMDAwMDAwIiwiciI6IjI3ODExLjc2IiwiY2lkIjoiMzQwMThlYTg2MDVlODA0ZDljOTc1YTI1OTE5MmQ5ZDgiLCJ3IjoiNjc3MTA5MjUtOGI0MC00NzY3LTg0NmUtM2I4OGRiNjlmMDRkIiwib3AiOiJidXkiLCJwYSI6ImNhcmQiLCJwdCI6bnVsbCwicHMiOm51bGwsIm4iOiJCSVRDT0lOIiwiZmkiOjgzNX0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.58.226.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-58-226-79.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Tue, 20 Jun 2023 10:30:22 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame F900 766 B
889 B 205ms
205ms XHR
application/json 3.73.186.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.73.186.146 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-73-186-146.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8cb06227165d167ffc4829d7ad7f78dec77b7440b93b2ea725c593c60d8ba7c6

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: bc5eaf924444e715106c34f5d6e99e54
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 7264e6d5061a3328

GET
H2 200 frame-modern.e5d0991e.js Show response
js.intercomcdn.com/ Frame 7D8F 486 KB
136 KB 64ms
15ms Script
application/javascript 65.9.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.e5d0991e.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/t3xaiuum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-80.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

d5710a19da25653d922cabccc4f188c0d4b8e854f28b4046f6df28333bd35367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: OnpkXA5mdH631.EmcSi34y67OlI06ltp
content-encoding: gzip
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
date: Tue, 20 Jun 2023 10:16:27 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS1-C1
age: 836
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 138463
last-modified: Tue, 20 Jun 2023 08:14:34 GMT
server: AmazonS3
etag: "9bf10090f7868ef0722cf9bf58d128a6"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: YjKMv1DQnqa_ikQTU0lmHozdmhtKJ9cTulpDeQdvFrF-0qAGdvxLbg==

GET
H2 200 vendor-modern.a1c39d6c.js Show response
js.intercomcdn.com/ Frame 7D8F 236 KB
73 KB 92ms
43ms Script
application/javascript 65.9.86.80
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.a1c39d6c.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/t3xaiuum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.86.80 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-86-80.ams1.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

66186629b9743680ea93d7593adf05aaa3a23d98eb2e85f495861c33bb84e639

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: kf6a9JxWk0spUpkmo75Z0MTirx9Bf0OV
content-encoding: gzip
via: 1.1 b9394c80294503e08bddf2381e55e810.cloudfront.net (CloudFront)
date: Tue, 20 Jun 2023 09:28:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: AMS1-C1
age: 3693
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74368
last-modified: Mon, 12 Jun 2023 13:25:10 GMT
server: AmazonS3
etag: "88fceae5e646ea80158b0225e0b97591"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: -fV9Ayi6qun1sn2gP-Ax4iZWKwyBJ8s7niipnLq5SLlbVz9yDnivpQ==

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F900 35 B
160 B 290ms
90ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16872570220680.33271975422047495&c=vfu6ui7u5uo36mvla8sj86lj459mcq&p=ou4bnf&a=82c9356f-29af-4541-9559-6a787cd83e64&o=www.mercuryo.io&rt=1687257021916
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame CFDD 18 KB
8 KB 208ms
208ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b9b38806634bc00c147a0a67ce0562c36ce796aa8d86fd2928b0f1642fb9b2cb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3m0e8BTAQALfV2d-G5aPZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-3m0e8BTAQALfV2d-G5aPZg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame 7D8F 4 KB
2 KB 1685ms
1493ms XHR
application/json 34.204.129.135
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.e5d0991e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.204.129.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-204-129-135.compute-1.amazonaws.com

Software

nginx /

Resource Hash

f718a4167d212b6c6e6779ffd0d7b1c06a67c9c5ddce7287cc4c517f6ece83dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 20 Jun 2023 10:30:23 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-08fafce7e0d5772f6
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 0003anmhtm5s3gjb3a8g
x-runtime: 0.689641
server: nginx
etag: W/"f718a4167d212b6c6e6779ffd0d7b1c0"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.mercuryo.io
x-intercom-version: 316127e207650ec698e6e67a35dd99d9bff3481f
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=A... Frame CFDD 159 KB
57 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrj8hXdrnW6LPaakV0KheebbIVtujQ/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae120c807bd4fb6910d35dbfeeff16d450fa57fee1475e88a9e14bae091b2ef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:24:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 324368
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57284
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 08:23:46 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 16:24:14 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame CFDD 2 KB
2 KB 119ms
119ms Other
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F900 35 B
159 B 90ms
90ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16872570223710.07557490069397033&c=vfu6ui7u5uo36mvla8sj86lj459mcq&p=ou4bnf&a=82c9356f-29af-4541-9559-6a787cd83e64&o=www.mercuryo.io&rt=1687257021916
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.8HJ... Frame CFDD 71 KB
26 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.8HJdUeEIG24.L.B1.O/am=YGw/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjaRBz3pyJDMHz_RfwszGs3NDZo3g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/am=YGw/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrj8hXdrnW6LPaakV0KheebbIVtujQ/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ebd17d2bcef08d57dbc9d47c26436f99fb031e649b30a0b639190fb8338ef613

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26458
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 03:35:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 16:31:06 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame CFDD 1 MB
382 KB 81ms
81ms XHR
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

785f3fd484617f62dc8bb60d455abc3a6e71719e5e26e4f4a4fe19b6764ceb0a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-afByjd33YiZdiKeTLtvjsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-afByjd33YiZdiKeTLtvjsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Tue, 20 Jun 2023 10:30:22 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.8HJ... Frame CFDD 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.8HJdUeEIG24.L.B1.O/am=YGw/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjaRBz3pyJDMHz_RfwszGs3NDZo3g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1c370ddd458c38ea738e4c0ea30eaf55b3400e5628dd2f8ec32a3050a7dee873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9408
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 03:35:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 16:31:06 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.8HJ... Frame CFDD 35 KB
13 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.rUmj-UaCFpk.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.8HJdUeEIG24.L.B1.O/am=YGw/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjaRBz3pyJDMHz_RfwszGs3NDZo3g/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c479da207a0d124bbe89a2d16397567b3ba0a5142807ef2eff519001628f4c39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Fri, 16 Jun 2023 16:31:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 323956
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13586
x-xss-protection: 0
last-modified: Fri, 16 Jun 2023 03:35:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 15 Jun 2024 16:31:06 GMT

POST
H3 200 log Show response
play.google.com/ Frame CFDD 131 B
155 B 66ms
46ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 10:30:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 66ms
43ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame CFDD 131 B
155 B 66ms
47ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 10:30:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
43ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 65ms
43ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame CFDD 131 B
155 B 66ms
46ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 10:30:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame CFDD 131 B
155 B 62ms
45ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 10:30:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 66ms
45ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 66ms
46ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame CFDD 131 B
155 B 61ms
45ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 10:30:22 GMT

POST
H3 200 log Show response
play.google.com/ Frame CFDD 131 B
155 B 64ms
47ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 20 Jun 2023 10:30:22 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 63ms
45ms Preflight
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:22 GMT
expires: Tue, 20 Jun 2023 10:30:22 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F900 35 B
159 B 90ms
90ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16872570224740.15997933118782082&c=vfu6ui7u5uo36mvla8sj86lj459mcq&p=ou4bnf&a=82c9356f-29af-4541-9559-6a787cd83e64&o=www.mercuryo.io&rt=1687257021916
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F900 35 B
159 B 91ms
90ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16872570225760.09158575792181645&c=vfu6ui7u5uo36mvla8sj86lj459mcq&p=ou4bnf&a=82c9356f-29af-4541-9559-6a787cd83e64&o=www.mercuryo.io&rt=1687257021916
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F900 35 B
159 B 90ms
90ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16872570226780.5714608081751646&c=vfu6ui7u5uo36mvla8sj86lj459mcq&p=ou4bnf&a=82c9356f-29af-4541-9559-6a787cd83e64&o=www.mercuryo.io&rt=1687257021916
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Tue, 20 Jun 2023 10:30:22 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 298ms
93ms Preflight
text/plain 2600:1f18:f8a:b701:d5f7:d400:625b:acb2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b701:d5f7:d400:625b:acb2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
cache-control: no-store
content-length: 2
content-type: text/plain; charset=UTF-8
date: Tue, 20 Jun 2023 10:30:23 GMT
pragma: no-cache
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: e30861e6441fc16b3573534d7523cd62

POST
H2 201 client_infos Show response
c.riskified.com/v2/ Frame F900 0
369 B 95ms
95ms XHR
text/plain 2600:1f18:f8a:b701:d5f7:d400:625b:acb2
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/7650.1229cba2f28f247ad4d5.js?28b04a1e82446e5530ca

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b701:d5f7:d400:625b:acb2 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Access-Control-Allow-Origin: *
Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 20 Jun 2023 10:30:23 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
cache-control: no-store
trace-id: b8bf0f83565111ed2ba02424e0cb01c2
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mercuryo.io/	1970-01-20 22:16:57	Name: _system_cookie Value:
widget.mercuryo.io/	1970-01-20 22:16:57	Name: test_group Value: A
.mercuryo.io/	1970-01-20 22:16:57	Name: _ga Value: GA1.2.238333823.1687257021
.mercuryo.io/	1970-01-20 12:42:23	Name: _gid Value: GA1.2.810694278.1687257021
.mercuryo.io/	1970-01-20 12:40:57	Name: _gat_gtag_UA_130553073_7 Value: 1
api.mercuryo.io/	1970-01-20 12:42:23	Name: session_id Value: 6d8fff06461487179f6bef9567631ce081c2d6d96aaf348269cb1a5c9a5c0f41a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22session_id%22%3Bi%3A1%3Bs%3A36%3A%2282c9356f-29af-4541-9559-6a787cd83e64%22%3B%7D
.mercuryo.io/	1970-01-20 22:16:57	Name: lastRskxRun Value: 1687257022056
.mercuryo.io/	1970-01-20 22:16:57	Name: rskxRunCookie Value: 0
.mercuryo.io/	1970-01-20 22:16:57	Name: rCookie Value: vfu6ui7u5uo36mvla8sj86lj459mcq
.google.com/	1970-01-20 17:04:28	Name: NID Value: 511=h3EeyvbHZHpmMGPwygnTCUeY_OYbzT17J_ygsCVBI8KqiA-yKk-tRsxeLtqXXH-qC8Aa0ylQIjN5CfA9MLQA01T1aGkt90w4bDeZZG_g5wcOAvrjp8k-RENM-I9Xzpoq4vxIRjYb0Tq9w-ThDqzmlB5YkvuCjkeKK0F-cw8SmXM
.mercuryo.io/	1970-01-20 19:09:47	Name: intercom-id-t3xaiuum Value: a3fbf925-0c77-4520-9bb6-c4d9bccf4902
.mercuryo.io/	1970-01-20 12:51:01	Name: intercom-session-t3xaiuum Value:
.mercuryo.io/	1970-01-20 19:09:47	Name: intercom-device-id-t3xaiuum Value: 80e78d4e-ac59-4a27-a6b8-da0d505c2596

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.mercuryo.io/v1.6/user22/keep-alive Message: Failed to load resource: the server responded with a status of 401 ()
javascript	warning	URL: https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.3.js(Line 7) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.mercuryo.io
beacon.riskified.com
c.riskified.com
eun1.fptls.com
exchange.mercuryo.io
fpnpmcdn.net
img.riskified.com
js.intercomcdn.com
pay.google.com
play.google.com
stats.g.doubleclick.net
widget.intercom.io
widget.mercuryo.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
108.156.60.96
2600:1f18:f8a:b701:d5f7:d400:625b:acb2
2a00:1450:4001:802::200e
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9a
2a00:1450:400c:c07::5c
3.210.153.240
3.73.186.146
34.204.129.135
52.222.139.48
52.58.226.79
65.9.86.80
76.223.16.1
0032fc659757e2be8537e21bd3eac29b879bbb75f6d5dbdfc6dd4d5f5b34dba8
014389e0a0cfa4404d196c2b3c26d51b895cc6b9b61b0c40c0b9e8d2657be11f
0b3395ee35cbb2abcd6f4ead2bcbbf161b554df8bbfc3f1dfb3fcd47a32a73ba
0cdeb7d03363029610fb53b2bbabee405d52664103aeb576201c274f96625e19
1112f6112e093e4a732ec22cef385e7f96fbd7dd44c0b1aa95f38214d09a1c0a
1863b08290af2f7457c4838a02768a1dcadb86b3d127e3a5e503a3344cb2c90f
1c370ddd458c38ea738e4c0ea30eaf55b3400e5628dd2f8ec32a3050a7dee873
25dfcab3b33c03ddd273ff0b02db959fccbae1fa00ee656906a961e45b9436f4
263924c2bc06934e719ae9ead6bf2e774ef7eb59b4bec40aa2e9768cf9edc571
2878355698f1e1f65e7d19e7729c361f230a32d06b4f233310e88662ccff81b2
3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba
3ddb71bdb936a7399db748eb4b6b7be996ab6b8d13beca61cdd4287601388bc2
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5dc476084e7d3acfafcbe635a0faad61988c779904d5269eeaf579fd6679f95c
66186629b9743680ea93d7593adf05aaa3a23d98eb2e85f495861c33bb84e639
72d09887610d2f5576c4def628f3c21d5384b21678f95a3925b1a0ffae2faf0a
785f3fd484617f62dc8bb60d455abc3a6e71719e5e26e4f4a4fe19b6764ceb0a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
885a36f5aa2ee8344420378072f096993ebda0edbc163c8706847968244e575e
8cb06227165d167ffc4829d7ad7f78dec77b7440b93b2ea725c593c60d8ba7c6
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2
9ea2266c2f1f34fb848c9091add55522407acff694525e6ebbad10009917539f
a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc
a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c
ad9b95ad37f8c05ced49fc995f7164524820cd4285d4b5d992b894b33d1fee76
ae120c807bd4fb6910d35dbfeeff16d450fa57fee1475e88a9e14bae091b2ef3
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b3685d372713e1a6e39db34ff9cfcbf6e96365836d64cef7201746b335b163b2
b9b38806634bc00c147a0a67ce0562c36ce796aa8d86fd2928b0f1642fb9b2cb
bc98d7346bccb224196eba9d350e3dc4c9902ff3dfd21afa1782cf0bc1de8ddf
bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35
c1353756019629135be9433bfb36857cf9cdb9cfbf4236449baaff6481b99459
c479da207a0d124bbe89a2d16397567b3ba0a5142807ef2eff519001628f4c39
c4d23610bba8efac39b082c5a5eaac788370183d7b8ef187d7beaeadacaf8ac1
c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f
c8199bcf768fa7d53701a7aba10a895e6dad424532541bada739c5ccec06589d
d43891bd5a0468dfa319640c369eb28d08619d9fd5dc688860e6db5153a697eb
d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c
d5710a19da25653d922cabccc4f188c0d4b8e854f28b4046f6df28333bd35367
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d7b046d49504651dffb7e05f397dad1337fa02c791d6ec6f800de83cfb557568
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e772c1f2facc8b9fa4f5eb74de7fba1ac6a002d267ad48200a23843cf7b51843
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
ebd17d2bcef08d57dbc9d47c26436f99fb031e649b30a0b639190fb8338ef613
ebe098390c9e246ebc53e5778cdcd72880fd672ba766a54a3d07ae8fbdb98ce7
eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f718a4167d212b6c6e6779ffd0d7b1c06a67c9c5ddce7287cc4c517f6ece83dd

exchange.mercuryo.io Open in urlscan Pro 3.73.186.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

88 Requests

100 %HTTPS

53 %IPv6

12 Domains

19 Subdomains

17 IPs

3 Countries

1629 kBTransfer

4916 kBSize

13 Cookies

0 Outgoing links

Redirected requests

88 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exchange.mercuryo.io Open in urlscan Pro
3.73.186.146 Public Scan

Screenshot
Live screenshot

Full Image

88
Requests

100 %
HTTPS

53 %
IPv6

12
Domains

19
Subdomains

17
IPs

3
Countries

1629 kB
Transfer

4916 kB
Size

13
Cookies

88 HTTP transactions
0 data transactions