exchange.mercuryo.io Open in urlscan Pro
52.57.147.244 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchange.mercuryo.io/
Submission Tags: @phish_report
Submission: On October 07 via api (October 7th 2023, 9:26:01 pm UTC) from FI — Scanned from FI

Summary HTTP 92 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 12 domains to perform 92 HTTP transactions. The main IP is 52.57.147.244, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is exchange.mercuryo.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 29th 2023. Valid for: a year.

This is the only time exchange.mercuryo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
16	52.57.147.244 52.57.147.244	16509 (AMAZON-02) (AMAZON-02)
14	52.222.214.39 52.222.214.39	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
12	18.198.86.41 18.198.86.41	16509 (AMAZON-02) (AMAZON-02)
1	18.66.112.110 18.66.112.110	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0b::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	99.83.255.25 99.83.255.25	16509 (AMAZON-02) (AMAZON-02)
1	143.204.98.110 143.204.98.110	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2600:1f18:f8a... 2600:1f18:f8a:b702:81dd:ed55:c71b:5a84	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:400c:c03::5c	15169 (GOOGLE) (GOOGLE)
2	18.66.147.5 18.66.147.5	16509 (AMAZON-02) (AMAZON-02)
5	34.231.103.166 34.231.103.166	14618 (AMAZON-AES) (AMAZON-AES)
1	3.217.29.31 3.217.29.31	() ()
4	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80e::200e	() ()
92	20

16 52.57.147.244 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

exchange.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 52.222.214.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-39.fra56.r.cloudfront.net

widget.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 18.198.86.41 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-110.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0b::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.no	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.83.255.25 (United States)

ASN16509 (AMAZON-02, US)
PTR: afdd1a7789e84bffc.awsglobalaccelerator.com

eu.api.fpjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.98.110 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-110.fra50.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b702:81dd:ed55:c71b:5a84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c03::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.147.5 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-5.fra60.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 34.231.103.166 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-103-166.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.217.29.31 (None, )

ASN- ()

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80e::200e (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	mercuryo.io exchange.mercuryo.io widget.mercuryo.io api.mercuryo.io	803 KB
12	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2714 www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 3064 play.google.com	416 KB
7	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 42	22 KB
6	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 8364 img.riskified.com — Cisco Umbrella Rank: 7400 c.riskified.com Failed	15 KB
4	gstatic.com www.gstatic.com	100 KB
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2939	355 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 2179 api-iam.intercom.io	6 KB
2	google.no www.google.no — Cisco Umbrella Rank: 25443	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 98	407 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 56	151 KB
1	fpjs.io eu.api.fpjs.io — Cisco Umbrella Rank: 316807	464 B
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 24807	45 KB
92	12

	Domain	Requested by
23	api.mercuryo.io	widget.mercuryo.io
14	widget.mercuryo.io	exchange.mercuryo.io widget.mercuryo.io
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com widget.mercuryo.io
6	play.google.com	www.gstatic.com
5	img.riskified.com
5	exchange.mercuryo.io	exchange.mercuryo.io
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	widget.mercuryo.io pay.google.com exchange.mercuryo.io www.gstatic.com
2	js.intercomcdn.com	widget.intercom.io
2	www.google.no	widget.mercuryo.io
2	stats.g.doubleclick.net	www.googletagmanager.com widget.mercuryo.io
2	www.googletagmanager.com	widget.mercuryo.io www.googletagmanager.com
1	api-iam.intercom.io	js.intercomcdn.com
1	beacon.riskified.com	widget.mercuryo.io
1	www.google.com
1	widget.intercom.io	widget.mercuryo.io
1	eu.api.fpjs.io	widget.mercuryo.io
1	region1.analytics.google.com	www.googletagmanager.com
1	fpnpmcdn.net	widget.mercuryo.io
0	c.riskified.com Failed	widget.mercuryo.io
92	20

This site contains no links.

Subject Issuer	Validity	Valid
*.mercuryo.io Go Daddy Secure Certificate Authority - G2	`2023-05-29` - `2024-05-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M01	`2022-11-09` - `2023-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.google.no GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
eu.api.fpjs.io Amazon RSA 2048 M01	`2023-02-14` - `2024-01-24`	a year	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.riskified.com Amazon RSA 2048 M02	`2023-03-21` - `2024-04-17`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-09-18` - `2023-12-11`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://exchange.mercuryo.io/
Frame ID: 039178F7972F897FDFE77E543E087B3A
Requests: 5 HTTP requests in this frame

Frame: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
Frame ID: F9CEA3619593CE54A06980037084CE80
Requests: 52 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame.d56afb4c.js
Frame ID: ED0EDA4E6CC2953C8E96F0C56D48E3D5
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=
Frame ID: D37FEC799970A0DC0517741F95BFDED4
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercuryo | Cryptocurrency Exchange Service Available 24/7

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

92
Requests

90 %
HTTPS

53 %
IPv6

12
Domains

20
Subdomains

20
IPs

3
Countries

1913 kB
Transfer

6116 kB
Size

13
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

92 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exchange.mercuryo.io/ 3 KB
2 KB 280ms
90ms Document
text/html 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e1770f492f3f1d941ea0e5333dbe81401f293ab731b0b7252ed6636ec7383df9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html
date: Sat, 07 Oct 2023 21:25:56 GMT
etag: W/"651e9b68-b95"
expires: Sat, 07 Oct 2023 21:25:56 GMT
last-modified: Thu, 05 Oct 2023 11:18:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 embed.2.1.js Show response
exchange.mercuryo.io/ 219 KB
63 KB 182ms
181ms Script
application/javascript 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/embed.2.1.js?7ebae3f61ad531b5019f

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2265f71b70ac098a4585add6deb8b24f7bc84d8ae5d3bcd822f39a85c50dd953

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 05 Oct 2023 11:18:00 GMT
etag: W/"651e9b68-36a68"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 4494cc2991a3c4a0fb0a5fca373465d3
expires: Thu, 12 Oct 2023 21:25:56 GMT

GET
H2 200 4712.c7fbdf92328e617f6de8.js Show response
exchange.mercuryo.io/ 40 KB
13 KB 179ms
178ms Script
application/javascript 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/4712.c7fbdf92328e617f6de8.js?7ebae3f61ad531b5019f

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1587714bd7f0e6fc21eda24e1657786188b55be36ed6af0da57f641b09540801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-9f8e"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 7e9849e2236293f7cfc035bf90518100
expires: Thu, 12 Oct 2023 21:25:56 GMT

GET
H2 200 7170.21468c69d691cc085350.js Show response
exchange.mercuryo.io/ 11 KB
5 KB 201ms
201ms Script
application/javascript 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/7170.21468c69d691cc085350.js?7ebae3f61ad531b5019f

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

233240ad5db9a1522870fc9ab1068c0900c5eab7dd1b4ca4b6e368c31431fe2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-2d83"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 6d4e3895e57221223f65ba979b7fb687
expires: Thu, 12 Oct 2023 21:25:56 GMT

GET
H2 200 exchange.9418ed65e16da65cd1cb.js Show response
exchange.mercuryo.io/ 4 KB
2 KB 200ms
199ms Script
application/javascript 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/exchange.9418ed65e16da65cd1cb.js?7ebae3f61ad531b5019f

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

594be61129e223df23ae8760b09160c241efd1fee77b35f4d9550d7caedef9c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-1037"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 3563f45b1a30ca2626fe0afec5870783
expires: Thu, 12 Oct 2023 21:25:56 GMT

GET
H2 200 / Show response
widget.mercuryo.io/ Frame F9CE 3 KB
2 KB 311ms
136ms Document
text/html 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/embed.2.1.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

e40c1df7ca17373358a92e4de4cadcea74422bbc450ea00f1eeb5c38bc872b80

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://exchange.mercuryo.io
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://exchange.mercuryo.io
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors https://exchange.mercuryo.io
content-type: text/html
date: Sat, 07 Oct 2023 21:25:57 GMT
etag: W/"651e9b68-abc"
expires: Sat, 07 Oct 2023 21:25:57 GMT
last-modified: Thu, 05 Oct 2023 11:18:00 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-id: f8SgJAPlwKIeUqgVRSXA5bt7_LjvVnXoPvXzfsNj93l_VrJCNzKhBQ==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: allow-from https://exchange.mercuryo.io
x-request-id: 6ac0bbba592afbbf7b46c18b0ed83986
x-xss-protection: 1; mode=block

GET
H2 200 1969.600a4ff726c1b8f10de4.css
widget.mercuryo.io/ Frame F9CE 46 KB
8 KB 86ms
84ms Stylesheet
text/css 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

0c6d542dd20648aa1cfe89208b47a61ad68d03ad7039eb968f59f85bf7dea4d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: d407c93b2c2fbf349927b0add47175fb
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-b97e"
content-type: text/css
cache-control: max-age=432000
x-amz-cf-id: Y79esMGK-RiqTdjIOejaGSJCfb8y7yTpl8QWgW7oiYlx28ODkn1H6w==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 main.c8d5641ac5474682cb68.css
widget.mercuryo.io/ Frame F9CE 45 KB
9 KB 92ms
91ms Stylesheet
text/css 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.c8d5641ac5474682cb68.css?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

b5cb945a740e92b32f59c787cfc067510fe02d9d4d021f86cdb8a53912e46184

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 78687cec84ab86274bc4e15a4011678a
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-b5b5"
content-type: text/css
cache-control: max-age=432000
x-amz-cf-id: Q2NO_UwfwNwi07AizmRSdF3u4iQuSUEgRXbUhOPoOqo99HFyZmm_WA==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 4712.c7fbdf92328e617f6de8.js Show response
widget.mercuryo.io/ Frame F9CE 40 KB
14 KB 91ms
89ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/4712.c7fbdf92328e617f6de8.js?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

1587714bd7f0e6fc21eda24e1657786188b55be36ed6af0da57f641b09540801

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: fa2992e714959decf5470d76756adb4a
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-9f8e"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: DTQMkjbPnaLRVtZIXdNvTceqH7EoiyeUTpPU_-YbcgBop4OWIoBCBg==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 9947.5d2976b22de9fe96ff09.js Show response
widget.mercuryo.io/ Frame F9CE 645 KB
209 KB 115ms
113ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/9947.5d2976b22de9fe96ff09.js?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

d77dd84b234f5276daf4d096a0c63af0cd0580bfc0aeb3272e8d89dc8cd45db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 26bf2087f1e06f7c4c7c9601bff1304a
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-a12ec"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: FIfXAp_GoCpZkk12u8vSMYtw4Opre1vkzgqMFcXuNKNuBoQfi_iS5A==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 9548.bae04f21d52561bc04bb.js Show response
widget.mercuryo.io/ Frame F9CE 314 KB
97 KB 169ms
168ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

088141943df3929eb78be8619193d5bcadd27d355c0f40877df9eb242bcf5e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 8346cc5e62e321c3e0ea75d80e08f55f
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-4e7fc"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: utqJV5kO55QSB0fc0I7E-m9AODdVQbca9L2BUmT-68uTZ_yapl8k3w==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 7170.21468c69d691cc085350.js Show response
widget.mercuryo.io/ Frame F9CE 11 KB
6 KB 118ms
116ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/7170.21468c69d691cc085350.js?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

233240ad5db9a1522870fc9ab1068c0900c5eab7dd1b4ca4b6e368c31431fe2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 2fc8a092dcae1f7e34d12211aeef04e2
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-2d83"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: Zlojug2xdP6wsijMV1K4RbgzjcpfLd2lYtubHZFfKIl3E5gkLnNNww==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 1969.0b8bdf14d0043e4871e6.js Show response
widget.mercuryo.io/ Frame F9CE 396 KB
63 KB 158ms
157ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/1969.0b8bdf14d0043e4871e6.js?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

cb57b380343a44e3bf7371abaff9b0ed7412d178b674a57f4247f613eeafafb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: f49923f45980c920b03be99a11f54ca4
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-63101"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: oraWXhbeorvMdJibrfS28seo1lhpHgYy0qPNitbdvxC0tdwNFLTeug==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 main.86de509e13b4ce36fc26.js Show response
widget.mercuryo.io/ Frame F9CE 341 KB
98 KB 337ms
336ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.86de509e13b4ce36fc26.js?7ebae3f61ad531b5019f

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

71cfb6d01ab9d9f933c0984373c57ce6df57589ddbdef035095650e34d502055

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 2dbce2ad5a5b5c51061a6b32bcf4f047
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-553e4"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: 11N3_wPOzC4BcdCjNqjFs36ld0N7ITRtIvZDwV7JyXy7-zDwqos8GA==
expires: Tue, 10 Oct 2023 11:18:05 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F9CE 185 KB
68 KB 276ms
98ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f293d4ddc5d2d72a45f4fd2a9e56bc846ea49b52451891739284dc47b2e1e1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 69000
x-xss-protection: 0
last-modified: Sat, 07 Oct 2023 21:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sat, 07 Oct 2023 21:25:57 GMT

GET
H2 200 8637.b5599b12e45067212340.js Show response
widget.mercuryo.io/ Frame F9CE 29 KB
10 KB 80ms
80ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/8637.b5599b12e45067212340.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.86de509e13b4ce36fc26.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

ed4775956ad4be0df7223861fe21d8eb41fbbc108e770f3c69d4f77d832bc7db

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 11:18:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 209272
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 10180e5fdb62140f22d9c070ca769cfe
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: W/"651e8b1b-75d8"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: GDfTI7u1GDDk1eVAJ1_s9HNGURol5dRDLYoWNymdh7cM6hGut0SNMQ==
expires: Tue, 10 Oct 2023 11:18:05 GMT

OPTIONS
H2 204 keep-alive
api.mercuryo.io/v1.6/user22/ Frame 0
0 270ms
86ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 start
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 269ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 401 keep-alive Show response
api.mercuryo.io/v1.6/user22/ Frame F9CE 112 B
434 B 142ms
141ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 5352504e5bf5583

GET
H2 200 start Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame F9CE 68 B
457 B 180ms
180ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bcf712d3a99a20873a2c36f7e25ef444e2a18318c25175466d32d487c2f6942d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 3c3ec0d29f3a9a0b

GET
H2 200 loader_v3.8.5.js Show response
fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/ Frame F9CE 125 KB
45 KB 276ms
95ms Script
text/javascript 18.66.112.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.5.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.110 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-110.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

c0cfd7d688bded390c0233a5a51c224ba0d562626849fb27f530f99a59c2fa98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 06 Oct 2023 21:07:12 GMT
via: 1.1 08d7dbeb0736051b46014fbaac0a421e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 158554
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"XOBI/EvUtM0L0HBZHgayHlJIvlw"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3610, s-maxage=632093
timing-allow-origin: *
x-amz-cf-id: 7XyZNKQLWNv9k9XGQOKqLk8LjGHMeogslgjLIl9YNP43rYbhR2aMQg==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame F9CE 250 KB
83 KB 104ms
103ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-BG98E5BXM3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

23447e736f0fd9abdadeb7c83c5d98f929e8d6f26f4cafdde47e4f4b75647041

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85150
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 07 Oct 2023 21:25:57 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame F9CE 52 KB
21 KB 262ms
84ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Sat, 07 Oct 2023 19:51:33 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 5665
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Sat, 07 Oct 2023 21:51:33 GMT

GET
H2 200 BrutalType-Regular.woff2
widget.mercuryo.io/fonts/ Frame F9CE 27 KB
28 KB 80ms
79ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Regular.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f
Origin: https://widget.mercuryo.io
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Thu, 05 Oct 2023 13:38:01 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 200877
x-cache: Hit from cloudfront
content-length: 27668
x-request-id: 74f564b1878401791b3d13072032291f
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: "651e8b1b-6c14"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: BmUbHr1CAfN2fbeBRBGj7gbPNNYiLuq0E6g39aXpyw93U0EZihLpIQ==
expires: Tue, 10 Oct 2023 13:38:01 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ Frame F9CE 0
247 B 196ms
66ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-BG98E5BXM3&gtm=45je3a40&_p=1190644512&_gaz=1&cid=820131510.1696713958&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1696713958&sct=1&seg=0&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&dt=&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BG98E5BXM3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ Frame F9CE 0
256 B 252ms
83ms Ping
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BG98E5BXM3&cid=820131510.1696713958&gtm=45je3a40&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BG98E5BXM3&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:58 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ Frame F9CE 42 B
408 B 293ms
96ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BG98E5BXM3&cid=820131510.1696713958&gtm=45je3a40&aip=1&z=442330840

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame F9CE 1 KB
962 B 85ms
84ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:07:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1114
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 630
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 07 Oct 2023 22:07:24 GMT

GET
H2 200 JQgt Show response
eu.api.fpjs.io/uLkHTU/ Frame F9CE 96 B
464 B 238ms
83ms XHR
text/plain 99.83.255.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.api.fpjs.io/uLkHTU/JQgt

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.255.25 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

nginx/1.22.1 /

Resource Hash

e10b2a498bbe393bbfe3e21cd9fcf312555268e31b79a2a82f604d4f4cdff49e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
server: nginx/1.22.1
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31534000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame F9CE 2 B
209 B 92ms
91ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1190644512&t=pageview&_s=1&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aCDAAUIRAAAAACAAI~&jid=1598844459&gjid=1548949203&cid=820131510.1696713958&tid=UA-130553073-7&_gid=1394447544.1696713958&_r=1&gtm=457e3a40&jsscut=1&did=i5iSjo&z=1099832951

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 data
api.mercuryo.io/v1.6/widget/ Frame 0
0 107ms
106ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 currencies
api.mercuryo.io/v1.6/lib/ Frame 0
0 102ms
102ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 countries
api.mercuryo.io/v1.6/lib/ Frame 0
0 87ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 data Show response
api.mercuryo.io/v1.6/widget/ Frame F9CE 359 B
829 B 150ms
149ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

cd2bba78d8dde996e03c1b857ee3d0549ed255e7c367facf626800fa31554949

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 6d9875b73b33dcb5

GET
H2 200 currencies Show response
api.mercuryo.io/v1.6/lib/ Frame F9CE 36 KB
5 KB 160ms
158ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0995e3a06744873285a0c7b50a69a7e0240f81f763d0b9c18f57089b5b907a9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 5181af4069cc5be9

GET
H2 200 countries Show response
api.mercuryo.io/v1.6/lib/ Frame F9CE 19 KB
4 KB 176ms
175ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c0b0b3b6f770e0d6df41a3c130e5b31d7bd5218603e43596d9509a26895baa1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 594cdb7a6af7b6f0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame F9CE 4 B
151 B 83ms
82ms XHR
text/plain 2a00:1450:400c:c0b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-130553073-7&cid=820131510.1696713958&jid=1598844459&gjid=1548949203&_gid=1394447544.1696713958&_u=aCDAAUIQAAAAACAAI~&z=250338332

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0b::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sat, 07 Oct 2023 21:25:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t3xaiuum Show response
widget.intercom.io/widget/ Frame F9CE 7 KB
3 KB 275ms
87ms Script
application/javascript 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/t3xaiuum
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1fc02601dcc22fc8c6f0d24e79d7f5bda25570eacc795d8aabde02b1817bdb2

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: hIGTPXPbz0nies090y1duhRnWxAvcNBi
content-encoding: gzip
via: 1.1 b44e2902bb3501d47514e51618f1bda4.cloudfront.net (CloudFront)
date: Sat, 07 Oct 2023 21:15:33 GMT
x-amz-cf-pop: FRA50-C1
age: 636
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2705
last-modified: Fri, 06 Oct 2023 09:48:47 GMT
server: AmazonS3
etag: "85a10b880721d1cf8a21aa1517191151"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: 5DkJgg3ytPYEZzytDTI_lu5VtqaNx5vcxlUiqLFyWnYRcc9P4487XA==

GET
H2 200 ga-audiences
www.google.com/ads/ Frame F9CE 42 B
408 B 273ms
95ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-130553073-7&cid=820131510.1696713958&jid=1598844459&_u=aCDAAUIQAAAAACAAI~&z=529281946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.no/ads/ Frame F9CE 42 B
107 B 96ms
95ms Image
image/gif 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-130553073-7&cid=820131510.1696713958&jid=1598844459&_u=aCDAAUIQAAAAACAAI~&z=529281946

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
beacon.riskified.com/ Frame F9CE 48 KB
15 KB 609ms
292ms Script
application/javascript 2600:1f18:f8a:b702:81dd:ed55:c71b:5a84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=www.mercuryo.io&sid=bb9982be-de7d-4fe3-a963-3f38fd13cc25

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/1969.0b8bdf14d0043e4871e6.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b702:81dd:ed55:c71b:5a84 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

08ad2dcd9fa428c63efe5d3cb041dd366abe827aac39be287545191150b5f95d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:59 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/d3d3Lm1lcmN1cnlvLmlv/YmI5OTgyYmUtZGU3ZC00ZmUzLWE5NjMtM2YzOGZkMTNjYzI1
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
trace-id: f0bf50c35d39080119cc6a0e5f881f80
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 88ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fast-mobile-pay-options
api.mercuryo.io/v1.6/widget/ Frame 0
0 87ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rates
api.mercuryo.io/v1.6/widget/ Frame 0
0 89ms
89ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 87ms
86ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 data-by-ip
api.mercuryo.io/v1.6/public/ Frame 0
0 87ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 first-open
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 88ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-calc-id,x-widget-id
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame F9CE 13 B
436 B 93ms
93ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 055bc931b93caa0df5af60129e17ad10
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-trace-id: 7a13792e9fc9c6c2269aa20d7c9f2776
date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 13
x-xss-protection: 1; mode=block
x-request-id: 2d2396fdd28fa654163b059337a927ab

GET
H2 200 fast-mobile-pay-options Show response
api.mercuryo.io/v1.6/widget/ Frame F9CE 714 B
794 B 185ms
184ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 055bc931b93caa0df5af60129e17ad10
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 7b1b557a0b20a197

GET
H2 200 Karloff-Neutral-Regular-Web.woff2
widget.mercuryo.io/fonts/ Frame F9CE 106 KB
107 KB 93ms
92ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/Karloff-Neutral-Regular-Web.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f
Origin: https://widget.mercuryo.io
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 108584
x-request-id: 5e2e44dd8367e97bbf11e36d9995360a
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: "651e8b1b-1a828"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: v0siIOVEE-i07EDYgORAx_t5cnzHzfs8MLplg7TbCvgSten5rTmprg==
expires: Thu, 12 Oct 2023 21:25:58 GMT

GET
H2 200 BrutalType-Bold.woff2
widget.mercuryo.io/fonts/ Frame F9CE 27 KB
27 KB 104ms
104ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Bold.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f
Origin: https://widget.mercuryo.io
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 27176
x-request-id: 07f4f93d634484de9ad0fe99c9522d9e
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: "651e8b1b-6a28"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: zlAdPReJZWYsJ8Ff64FrVNlIi-yO5bBIHZIWUn0jvvWzE7it7a_aWw==
expires: Thu, 12 Oct 2023 21:25:58 GMT

GET
H2 200 BrutalType-Medium.woff2
widget.mercuryo.io/fonts/ Frame F9CE 26 KB
27 KB 103ms
103ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Medium.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/1969.600a4ff726c1b8f10de4.css?7ebae3f61ad531b5019f
Origin: https://widget.mercuryo.io
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:58 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 a23fc047c59f0902384fa94644607c00.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 26940
x-request-id: db02e8af18e7df6b6361dfcf193a70e2
last-modified: Thu, 05 Oct 2023 10:08:27 GMT
etag: "651e8b1b-693c"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: BlRBzTfo6LBY2kD6XTceVCFzpZBFgvB9dDu7lmcBIHY1TgX2xBHitA==
expires: Thu, 12 Oct 2023 21:25:58 GMT

GET rates
api.mercuryo.io/v1.6/widget/ Frame F9CE 0
0

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame F9CE 766 B
894 B 264ms
264ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

05a5836dbc4d561defccb8a78cd1b9d34bf918fe03e2942ee46c81bf16df9fb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 055bc931b93caa0df5af60129e17ad10
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 7963ec8ee2e34405

GET
H2 200 data-by-ip Show response
api.mercuryo.io/v1.6/public/ Frame F9CE 81 B
545 B 90ms
89ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

50f5b55cee801772f19369e2b92e2574164b823ce501dd3118b370c342a0b3fc

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 055bc931b93caa0df5af60129e17ad10
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 21:25:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 81
x-xss-protection: 1; mode=block
x-request-id: 16bd4623d6edb9f96d9584aa6e22c15c
expires: Thu, 01 Jan 1970 00:00:00 UTC

POST
H2 200 first-open Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame F9CE 24 B
415 B 151ms
151ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 055bc931b93caa0df5af60129e17ad10
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/json; charset=UTF-8

Response headers

date: Sat, 07 Oct 2023 21:25:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 49c2cb929151f241

GET
H3 200 collect
www.google-analytics.com/ Frame F9CE 35 B
55 B 84ms
84ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1190644512&t=event&_s=2&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_from-currency-clicked&ea=%7B%22value%22%3A%22USD%22%2C%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22055bc931b93caa0df5af60129e17ad10%22%2C%22test_group%22%3A%22%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aCDAAUIRAAAAACAAI~&jid=&gjid=&cid=820131510.1696713958&tid=UA-130553073-7&_gid=1394447544.1696713958&gtm=457e3a40&jsscut=1&did=i5iSjo&z=941868795

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 08:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47199
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F9CE 35 B
55 B 85ms
85ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1190644512&t=event&_s=3&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_from-currency-clicked&ea=%7B%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22055bc931b93caa0df5af60129e17ad10%22%2C%22test_group%22%3A%22%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aCDAAUIRAAAAACAAI~&jid=&gjid=&cid=820131510.1696713958&tid=UA-130553073-7&_gid=1394447544.1696713958&gtm=457e3a40&jsscut=1&did=i5iSjo&z=1182334582

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 08:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47199
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F9CE 35 B
55 B 84ms
84ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1190644512&t=event&_s=4&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=measure&ea=%7B%22performance%22%3A%5B%7B%22name%22%3A%22user%2FkeepAlive%2Frejected%22%2C%22duration%22%3A428.89999771118164%2C%22time%22%3A891%7D%2C%7B%22name%22%3A%22global%2FgetCalcStart%2Ffulfilled%22%2C%22duration%22%3A495.9000015258789%2C%22time%22%3A899.6999969482422%7D%2C%7B%22name%22%3A%22global%2FgetWidgetData%2Ffulfilled%22%2C%22duration%22%3A264.10000228881836%2C%22time%22%3A1383.1999969482422%7D%2C%7B%22name%22%3A%22lib%2FgetCurrencies%2Ffulfilled%22%2C%22duration%22%3A268.5999984741211%2C%22time%22%3A1388%7D%2C%7B%22name%22%3A%22lib%2FgetCountries%2Ffulfilled%22%2C%22duration%22%3A273.20000076293945%2C%22time%22%3A1391.599998474121%7D%2C%7B%22name%22%3A%22complete%22%2C%22duration%22%3A1877.1999969482422%7D%5D%2C%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22055bc931b93caa0df5af60129e17ad10%22%2C%22test_group%22%3A%22%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aCDAAUIRAAAAACAAI~&jid=&gjid=&cid=820131510.1696713958&tid=UA-130553073-7&_gid=1394447544.1696713958&gtm=457e3a40&jsscut=1&did=i5iSjo&z=924395727

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 08:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47199
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame F9CE 35 B
55 B 85ms
84ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=1190644512&t=event&_s=5&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26widget_id%3D67710925-8b40-4767-846e-3b88db69f04d&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_shown&ea=%7B%22widget_id%22%3A%2267710925-8b40-4767-846e-3b88db69f04d%22%2C%22merchant_transaction_id%22%3A%22%22%2C%22calc_id%22%3A%22055bc931b93caa0df5af60129e17ad10%22%2C%22test_group%22%3A%22%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aCDAAUIRAAAAACAAI~&jid=&gjid=&cid=820131510.1696713958&tid=UA-130553073-7&_gid=1394447544.1696713958&gtm=457e3a40&jsscut=1&did=i5iSjo&z=2144319727

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

pragma: no-cache
date: Sat, 07 Oct 2023 08:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 47199
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame F9CE 117 KB
36 KB 322ms
132ms Script
application/javascript 2a00:1450:400c:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/1969.0b8bdf14d0043e4871e6.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b592a47b01085d035dc9376086a400ac4ca9d46acbaaf75d7acefc5a6b6e6297

Security Headers

Name	Value
Content-Security-Policy	script-src 'nonce-xethAQrpgkyvPl0D8FR7Ng' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:59 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'nonce-xethAQrpgkyvPl0D8FR7Ng' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 07 Oct 2023 21:25:59 GMT

GET
H2 200 frame.d56afb4c.js Show response
js.intercomcdn.com/ Frame ED0E 857 KB
182 KB 258ms
89ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame.d56afb4c.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/t3xaiuum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3bd9e6cf7842dc33236c20ee9cf86e713d27e5e201b6ec9982579f6dd11740ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: G5HX_uzvmNXe9QBiRWTyYjAUmT.tg9Pd
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
date: Sat, 07 Oct 2023 19:48:52 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 5828
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 185622
last-modified: Fri, 06 Oct 2023 09:44:34 GMT
server: AmazonS3
etag: "89aa26e6340689396544f269b402c874"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: JaUp6uzCsVFNm5lIULBS8IwXXxIwInzULF08PR4QgQRZa-UusD8m8A==

GET
H2 200 vendor.36bf5bd9.js Show response
js.intercomcdn.com/ Frame ED0E 556 KB
173 KB 462ms
293ms Script
application/javascript 18.66.147.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor.36bf5bd9.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/t3xaiuum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.147.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-147-5.fra60.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

13017020815f548a3d90fc7039b61a4240d4a8d8d1bf0802a10c395824a1b4d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: fi-FI,fi;q=0.9
Referer
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

x-amz-version-id: pwK.WqkyUb7sYg_7QST57_3mQ14rXx8D
content-encoding: gzip
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
date: Sat, 07 Oct 2023 19:53:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: FRA60-P4
age: 5547
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 176287
last-modified: Fri, 06 Oct 2023 09:44:34 GMT
server: AmazonS3
etag: "ae1bf8fb0d2920fc3c413cf594d5af7e"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 9xx8GB22v5YLSeSuZPY3I4V3GM1XHMwk9Rt7guZ-pN-1_zwHMXyTvg==

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 87ms
87ms Preflight 18.198.86.41
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true&token=d076e438a95750abf2a3ce3c3de6eca7859adeee99ce76728df2a558708be983eyJ0IjoiMTY5NjcxMzk1OSIsInR0Ijp0cnVlLCJjIjoiQlRDIiwiYSI6IjAuMDEwMDI4MjQiLCJmYyI6IlVTRCIsImZhIjoiMzAwLjAwIiwiZiI6IjExLjQwIiwidGYiOiIwIiwic2YiOiIxMS40MDAwMDAwMDAwIiwiciI6IjI4Nzc4LjcxIiwiY2lkIjoiZmM4MWEzNDk0ZGI4NWNkNjUyMmMwMzcwNTljNjhkYmEiLCJ3IjoiNjc3MTA5MjUtOGI0MC00NzY3LTg0NmUtM2I4OGRiNjlmMDRkIiwib3AiOiJidXkiLCJwYSI6ImNhcmQiLCJwdCI6bnVsbCwicHMiOm51bGwsIm4iOiJCSVRDT0lOIiwiZmkiOjgzNX0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.198.86.41 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-198-86-41.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Sat, 07 Oct 2023 21:25:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame F9CE 766 B
893 B 720ms
720ms XHR
application/json 52.57.147.244
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9548.bae04f21d52561bc04bb.js?7ebae3f61ad531b5019f

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.57.147.244 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-57-147-244.eu-central-1.compute.amazonaws.com

Software

Resource Hash

05a5836dbc4d561defccb8a78cd1b9d34bf918fe03e2942ee46c81bf16df9fb7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 055bc931b93caa0df5af60129e17ad10
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 272ae8cdc3113e92

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F9CE 35 B
160 B 479ms
151ms Image
image/gif 34.231.103.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16967139593880.1944181774078897&c=9vybvh7r0j975gtv5lvryblngjolw2&p=bq6gpa&a=bb9982be-de7d-4fe3-a963-3f38fd13cc25&o=www.mercuryo.io&rt=1696713959023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.103.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-103-166.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:59 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame D37F 18 KB
8 KB 293ms
286ms Document
text/html 2a00:1450:400c:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c03::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cf5be579536a248bd29999773c2a11da4746d12a7e3ab91c581c122fb54cc4bd

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'nonce-zrpSoEFoPVDg276n43ZHAg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
accept-language: fi-FI,fi;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'nonce-zrpSoEFoPVDg276n43ZHAg' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-resource-policy: same-site
date: Sat, 07 Oct 2023 21:25:59 GMT
expires: Sat, 07 Oct 2023 21:25:59 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame ED0E 4 KB
2 KB 729ms
420ms XHR
application/json 3.217.29.31

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame.d56afb4c.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.217.29.31 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

a228d86a2f427d9de6d407f2eed01f159d39137ef6b8000e64293a5e0af4523f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/x-www-form-urlencoded

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-0d11974bf3bf8f13c
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 002v8n6tijinedccq500
x-runtime: 0.246748
server: nginx
etag: W/"a228d86a2f427d9de6d407f2eed01f15"
x-request-queueing: 0
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.mercuryo.io
x-intercom-version: eab093f26892903311b311eca26ee5b742727f5f
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F9CE 35 B
159 B 151ms
151ms Image
image/gif 34.231.103.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16967139599210.8376278931917178&c=9vybvh7r0j975gtv5lvryblngjolw2&p=bq6gpa&a=bb9982be-de7d-4fe3-a963-3f38fd13cc25&o=www.mercuryo.io&rt=1696713959023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.103.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-103-166.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:25:59 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame D37F 2 KB
2 KB 182ms
181ms Other
text/html 2a00:1450:400c:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c03::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: fi-FI,fi;q=0.9
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1
Content-Type: application/csp-report

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame D37F 156 KB
56 KB 252ms
82ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgEygSbd_CQCZnL8uSFIyrM5kvCwQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b513fc02e666223ad6b5c1703925146e2be20bbde21f3935a55cc4318c2b26a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 06 Oct 2023 19:50:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92127
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56306
x-xss-protection: 0
last-modified: Fri, 06 Oct 2023 04:30:13 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 19:50:33 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F9CE 35 B
159 B 151ms
151ms Image
image/gif 34.231.103.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16967139600840.013937423113181913&c=9vybvh7r0j975gtv5lvryblngjolw2&p=bq6gpa&a=bb9982be-de7d-4fe3-a963-3f38fd13cc25&o=www.mercuryo.io&rt=1696713959023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.103.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-103-166.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F9CE 35 B
159 B 151ms
151ms Image
image/gif 34.231.103.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16967139602480.9516441672144953&c=9vybvh7r0j975gtv5lvryblngjolw2&p=bq6gpa&a=bb9982be-de7d-4fe3-a963-3f38fd13cc25&o=www.mercuryo.io&rt=1696713959023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.103.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-103-166.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vIZqnP... Frame D37F 72 KB
26 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vIZqnPWmgJA.L.W1.O/am=BMMY/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfridDcOrEtGGyLFOI1H9VlaLmLvTCg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/am=BMMY/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgEygSbd_CQCZnL8uSFIyrM5kvCwQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2466325949d89e3bcccea69ec91d27bcca6d98290e33cda16a8bdfce11d9b943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Fri, 06 Oct 2023 20:03:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91372
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26868
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:26:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 05 Oct 2024 20:03:08 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame F9CE 35 B
159 B 151ms
151ms Image
image/gif 34.231.103.166
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16967139604110.6327424781477333&c=9vybvh7r0j975gtv5lvryblngjolw2&p=bq6gpa&a=bb9982be-de7d-4fe3-a963-3f38fd13cc25&o=www.mercuryo.io&rt=1696713959023
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.231.103.166 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-231-103-166.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame D37F 1 MB
369 KB 149ms
149ms XHR
text/html 2a00:1450:400c:c03::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c03::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4be0ec5baa120f9fd5082c0861e17330ca7a0f06cf39f0125f136573dacafc0f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'nonce-bnyQpijaTM2RGkD-LQEjCw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'nonce-bnyQpijaTM2RGkD-LQEjCw' 'unsafe-inline';object-src 'self';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Sat, 07 Oct 2023 21:26:00 GMT

GET
H2 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vIZqnP... Frame D37F 9 KB
4 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vIZqnPWmgJA.L.W1.O/am=BMMY/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfridDcOrEtGGyLFOI1H9VlaLmLvTCg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1dbcd136053c6917655c7ae621846556692f4c4016240598f1c95ffc10363341

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3925
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:26:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 21:26:00 GMT

GET
H2 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vIZqnP... Frame D37F 36 KB
14 KB 101ms
101ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fi.YLG87obiYoQ.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.vIZqnPWmgJA.L.W1.O/am=BMMY/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfridDcOrEtGGyLFOI1H9VlaLmLvTCg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72b4d396af0ed90d5f62808cbef2c37ff42f430156ce93419688a738c729f692

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: fi-FI,fi;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

date: Sat, 07 Oct 2023 21:26:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13844
x-xss-protection: 0
last-modified: Wed, 27 Sep 2023 20:26:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sun, 06 Oct 2024 21:26:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 450ms
88ms Preflight
text/plain 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 07 Oct 2023 21:26:00 GMT
expires: Sat, 07 Oct 2023 21:26:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame D37F 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 447ms
89ms Preflight
text/plain 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 07 Oct 2023 21:26:00 GMT
expires: Sat, 07 Oct 2023 21:26:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 446ms
89ms Preflight
text/plain 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 07 Oct 2023 21:26:00 GMT
expires: Sat, 07 Oct 2023 21:26:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame D37F 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 445ms
90ms Preflight
text/plain 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 07 Oct 2023 21:26:00 GMT
expires: Sat, 07 Oct 2023 21:26:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame D37F 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 444ms
91ms Preflight
text/plain 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 07 Oct 2023 21:26:00 GMT
expires: Sat, 07 Oct 2023 21:26:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST log
play.google.com/ Frame D37F 0
0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 453ms
101ms Preflight
text/plain 2a00:1450:4001:80e::200e

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 16_5_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Mobile/15E148 Safari/604.1

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Sat, 07 Oct 2023 21:26:00 GMT
expires: Sat, 07 Oct 2023 21:26:00 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST client_infos
c.riskified.com/v2/ Frame F9CE 0
0

OPTIONS client_infos
c.riskified.com/v2/ Frame 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.mercuryo.io
URL: https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: play.google.com
URL: https://play.google.com/log?format=json&hasfast=true&authuser=0

Domain: c.riskified.com
URL: https://c.riskified.com/v2/client_infos

Domain: c.riskified.com
URL: https://c.riskified.com/v2/client_infos

Verdicts & Comments Add Verdict or Comment

5 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mercuryo.io/	1970-01-21 00:54:33	Name: _system_cookie Value:
.mercuryo.io/	1970-01-21 00:54:33	Name: _ga Value: GA1.2.820131510.1696713958
.mercuryo.io/	1970-01-20 15:20:00	Name: _gid Value: GA1.2.1394447544.1696713958
.mercuryo.io/	1970-01-20 15:18:34	Name: _gat_gtag_UA_130553073_7 Value: 1
api.mercuryo.io/	1970-01-20 15:20:00	Name: session_id Value: 18823bb868659e36f021863b78084fc63507fab806579dcc7a46eba3698c23a4a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22session_id%22%3Bi%3A1%3Bs%3A36%3A%22bb9982be-de7d-4fe3-a963-3f38fd13cc25%22%3B%7D
.mercuryo.io/	1970-01-21 00:54:33	Name: _ga_BG98E5BXM3 Value: GS1.1.1696713958.1.0.1696713958.60.0.0
.mercuryo.io/	1970-01-21 00:54:33	Name: lastRskxRun Value: 1696713959376
.mercuryo.io/	1970-01-21 00:54:33	Name: rskxRunCookie Value: 0
.mercuryo.io/	1970-01-21 00:54:33	Name: rCookie Value: 9vybvh7r0j975gtv5lvryblngjolw2
.google.com/	1970-01-20 19:42:05	Name: NID Value: 511=CUs2QcaNesKskgjaqDgcR5_1rZ3wQirRP4uD5HSjan1efFm0nIiuMB_v1njd6VUOIkoKpnsBODEm4h04qKb45qtkg1YSL0QLsG5E3ryWmyTinWuS5ejWQhnsclond4x3b7nil58zObnnG-u-RkjXLqxRXbnGH6HuVLLGBGd2tAk
.mercuryo.io/	1970-01-20 21:47:23	Name: intercom-id-t3xaiuum Value: 6ab2f26a-314d-48ac-97eb-4584329eeb78
.mercuryo.io/	1970-01-20 15:28:38	Name: intercom-session-t3xaiuum Value:
.mercuryo.io/	1970-01-20 21:47:23	Name: intercom-device-id-t3xaiuum Value: 8a5da3e6-808a-4df3-a49d-3b58997bb523

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.mercuryo.io/v1.6/user22/keep-alive Message: Failed to load resource: the server responded with a status of 401 ()
rendering	warning	URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d Message: [.WebGL-0x1b1c01976900]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.mercuryo.io
beacon.riskified.com
c.riskified.com
eu.api.fpjs.io
exchange.mercuryo.io
fpnpmcdn.net
img.riskified.com
js.intercomcdn.com
pay.google.com
play.google.com
region1.analytics.google.com
stats.g.doubleclick.net
widget.intercom.io
widget.mercuryo.io
www.google-analytics.com
www.google.com
www.google.no
www.googletagmanager.com
www.gstatic.com
api.mercuryo.io
c.riskified.com
play.google.com
143.204.98.110
18.198.86.41
18.66.112.110
18.66.147.5
2001:4860:4802:34::36
2600:1f18:f8a:b702:81dd:ed55:c71b:5a84
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2008
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:811::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c03::5c
2a00:1450:400c:c0b::9d
3.217.29.31
34.231.103.166
52.222.214.39
52.57.147.244
99.83.255.25
05a5836dbc4d561defccb8a78cd1b9d34bf918fe03e2942ee46c81bf16df9fb7
088141943df3929eb78be8619193d5bcadd27d355c0f40877df9eb242bcf5e59
08ad2dcd9fa428c63efe5d3cb041dd366abe827aac39be287545191150b5f95d
0995e3a06744873285a0c7b50a69a7e0240f81f763d0b9c18f57089b5b907a9b
0c6d542dd20648aa1cfe89208b47a61ad68d03ad7039eb968f59f85bf7dea4d7
13017020815f548a3d90fc7039b61a4240d4a8d8d1bf0802a10c395824a1b4d3
1587714bd7f0e6fc21eda24e1657786188b55be36ed6af0da57f641b09540801
1dbcd136053c6917655c7ae621846556692f4c4016240598f1c95ffc10363341
2265f71b70ac098a4585add6deb8b24f7bc84d8ae5d3bcd822f39a85c50dd953
233240ad5db9a1522870fc9ab1068c0900c5eab7dd1b4ca4b6e368c31431fe2e
23447e736f0fd9abdadeb7c83c5d98f929e8d6f26f4cafdde47e4f4b75647041
2466325949d89e3bcccea69ec91d27bcca6d98290e33cda16a8bdfce11d9b943
3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba
3b513fc02e666223ad6b5c1703925146e2be20bbde21f3935a55cc4318c2b26a
3bd9e6cf7842dc33236c20ee9cf86e713d27e5e201b6ec9982579f6dd11740ed
4be0ec5baa120f9fd5082c0861e17330ca7a0f06cf39f0125f136573dacafc0f
50f5b55cee801772f19369e2b92e2574164b823ce501dd3118b370c342a0b3fc
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
594be61129e223df23ae8760b09160c241efd1fee77b35f4d9550d7caedef9c6
71cfb6d01ab9d9f933c0984373c57ce6df57589ddbdef035095650e34d502055
72b4d396af0ed90d5f62808cbef2c37ff42f430156ce93419688a738c729f692
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2
a1fc02601dcc22fc8c6f0d24e79d7f5bda25570eacc795d8aabde02b1817bdb2
a228d86a2f427d9de6d407f2eed01f159d39137ef6b8000e64293a5e0af4523f
a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc
a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b592a47b01085d035dc9376086a400ac4ca9d46acbaaf75d7acefc5a6b6e6297
b5cb945a740e92b32f59c787cfc067510fe02d9d4d021f86cdb8a53912e46184
bcf712d3a99a20873a2c36f7e25ef444e2a18318c25175466d32d487c2f6942d
bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35
c0b0b3b6f770e0d6df41a3c130e5b31d7bd5218603e43596d9509a26895baa1e
c0cfd7d688bded390c0233a5a51c224ba0d562626849fb27f530f99a59c2fa98
c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f
cb57b380343a44e3bf7371abaff9b0ed7412d178b674a57f4247f613eeafafb6
cd2bba78d8dde996e03c1b857ee3d0549ed255e7c367facf626800fa31554949
cf5be579536a248bd29999773c2a11da4746d12a7e3ab91c581c122fb54cc4bd
d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
d77dd84b234f5276daf4d096a0c63af0cd0580bfc0aeb3272e8d89dc8cd45db7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e10b2a498bbe393bbfe3e21cd9fcf312555268e31b79a2a82f604d4f4cdff49e
e1770f492f3f1d941ea0e5333dbe81401f293ab731b0b7252ed6636ec7383df9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40c1df7ca17373358a92e4de4cadcea74422bbc450ea00f1eeb5c38bc872b80
ed4775956ad4be0df7223861fe21d8eb41fbbc108e770f3c69d4f77d832bc7db
eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f293d4ddc5d2d72a45f4fd2a9e56bc846ea49b52451891739284dc47b2e1e1e1

exchange.mercuryo.io Open in urlscan Pro 52.57.147.244 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

92 Requests

90 %HTTPS

53 %IPv6

12 Domains

20 Subdomains

20 IPs

3 Countries

1913 kBTransfer

6116 kBSize

13 Cookies

0 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exchange.mercuryo.io Open in urlscan Pro
52.57.147.244 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

90 %
HTTPS

53 %
IPv6

12
Domains

20
Subdomains

20
IPs

3
Countries

1913 kB
Transfer

6116 kB
Size

13
Cookies

92 HTTP transactions
0 data transactions