exchange.mercuryo.io Open in urlscan Pro
54.93.184.193 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-...
Submission: On May 29 via api (May 29th 2023, 8:57:31 pm UTC) from CZ — Scanned from DE

Summary HTTP 111 Redirects Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 13 domains to perform 111 HTTP transactions. The main IP is 54.93.184.193, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is exchange.mercuryo.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 27th 2022. Valid for: a year.

This is the only time exchange.mercuryo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	54.93.184.193 54.93.184.193	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
16	3.126.178.250 3.126.178.250	16509 (AMAZON-02) (AMAZON-02)
1	99.84.88.46 99.84.88.46	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	13.248.141.108 13.248.141.108	16509 (AMAZON-02) (AMAZON-02)
1	13.224.189.18 13.224.189.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:f8a... 2600:1f18:f8a:b701:fa6e:7f67:83df:ca4	14618 (AMAZON-AES) (AMAZON-AES)
2	99.84.88.96 99.84.88.96	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:400c:c0c::5c	15169 (GOOGLE) (GOOGLE)
2	34.225.68.145 34.225.68.145	14618 (AMAZON-AES) (AMAZON-AES)
2	18.213.89.113 18.213.89.113	14618 (AMAZON-AES) (AMAZON-AES)
1	18.214.14.231 18.214.14.231	14618 (AMAZON-AES) (AMAZON-AES)
5	3.210.153.240 3.210.153.240	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:f8a... 2600:1f18:f8a:b700:5e4c:82dd:2001:2761	14618 (AMAZON-AES) (AMAZON-AES)
111	20

37 54.93.184.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

exchange.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 3.126.178.250 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-46.muc50.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.141.108 (United States)

ASN16509 (AMAZON-02, US)
PTR: a885e4cd4ba7f987e.awsglobalaccelerator.com

eun1.fptls.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.189.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-18.fra2.r.cloudfront.net

widget.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b701:fa6e:7f67:83df:ca4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.84.88.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-96.muc50.r.cloudfront.net

js.intercomcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c0c::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.68.145 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-68-145.compute-1.amazonaws.com

mainnet.infura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.213.89.113 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-213-89-113.compute-1.amazonaws.com

polygon-mainnet.infura.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.214.14.231 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-14-231.compute-1.amazonaws.com

api-iam.intercom.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.210.153.240 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-210-153-240.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b700:5e4c:82dd:2001:2761 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
53	mercuryo.io exchange.mercuryo.io widget.mercuryo.io api.mercuryo.io	840 KB
22	google.com www.google.com — Cisco Umbrella Rank: 2 pay.google.com — Cisco Umbrella Rank: 2475 play.google.com — Cisco Umbrella Rank: 21	426 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30	22 KB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 6124 img.riskified.com — Cisco Umbrella Rank: 5441 c.riskified.com — Cisco Umbrella Rank: 4536	16 KB
4	gstatic.com www.gstatic.com	104 KB
4	infura.io mainnet.infura.io — Cisco Umbrella Rank: 21110 polygon-mainnet.infura.io — Cisco Umbrella Rank: 267924	490 B
2	intercomcdn.com js.intercomcdn.com — Cisco Umbrella Rank: 2460	208 KB
2	intercom.io widget.intercom.io — Cisco Umbrella Rank: 1933 api-iam.intercom.io — Cisco Umbrella Rank: 2135	6 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6080	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	421 B
1	fptls.com eun1.fptls.com — Cisco Umbrella Rank: 245631	335 B
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 10445	42 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	46 KB
111	13

	Domain	Requested by
32	api.mercuryo.io	widget.mercuryo.io
17	widget.mercuryo.io	exchange.mercuryo.io widget.mercuryo.io
16	play.google.com	www.gstatic.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com widget.mercuryo.io
5	img.riskified.com
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	widget.mercuryo.io pay.google.com exchange.mercuryo.io www.gstatic.com
4	exchange.mercuryo.io	exchange.mercuryo.io
2	c.riskified.com	widget.mercuryo.io
2	polygon-mainnet.infura.io	widget.mercuryo.io
2	mainnet.infura.io	widget.mercuryo.io
2	js.intercomcdn.com	widget.intercom.io
2	www.google.de	widget.mercuryo.io
2	www.google.com	widget.mercuryo.io
2	stats.g.doubleclick.net	widget.mercuryo.io
1	api-iam.intercom.io	js.intercomcdn.com
1	beacon.riskified.com	widget.mercuryo.io
1	widget.intercom.io	widget.mercuryo.io
1	eun1.fptls.com	widget.mercuryo.io
1	fpnpmcdn.net	widget.mercuryo.io
1	www.googletagmanager.com	widget.mercuryo.io
111	21

This site contains no links.

Subject Issuer	Validity	Valid
*.mercuryo.io Go Daddy Secure Certificate Authority - G2	`2022-05-27` - `2023-06-28`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
fpcdn.io Amazon RSA 2048 M01	`2022-11-09` - `2023-12-08`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
eun1.fptls.com R3	`2023-04-27` - `2023-07-26`	3 months	crt.sh
*.intercom.com Amazon RSA 2048 M02	`2023-02-14` - `2024-03-14`	a year	crt.sh
*.riskified.com Amazon RSA 2048 M02	`2023-03-21` - `2024-04-17`	a year	crt.sh
*.intercomcdn.com Amazon RSA 2048 M01	`2023-02-21` - `2024-01-29`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh
*.infura.io Amazon RSA 2048 M01	`2023-02-28` - `2024-01-27`	a year	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-05-08` - `2023-07-31`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A
Frame ID: A4F8FCDBD0E8A41704ED1BC4C7D9D734
Requests: 4 HTTP requests in this frame

Frame: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
Frame ID: 773413E2329364C5368DAB56702D6C75
Requests: 62 HTTP requests in this frame

Frame: https://js.intercomcdn.com/frame-modern.c5748a76.js
Frame ID: F10A151332BDF6FBCDD4A49AFA0317D5
Requests: 3 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=
Frame ID: 3D04FEFBB3D32F8C7DC46AB46A232387
Requests: 15 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercuryo | Cryptocurrency Exchange Service Available 24/7

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

111
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

1712 kB
Transfer

5191 kB
Size

14
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

111 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exchange.mercuryo.io/ 3 KB
2 KB 99ms
14ms Document
text/html 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8c7a9cae7ebc38768972f8d64ac89b42b598a5f3da1d8772771df4ca90b37262

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html
date: Mon, 29 May 2023 20:57:26 GMT
etag: W/"646f20cb-b2f"
expires: Mon, 29 May 2023 20:57:26 GMT
last-modified: Thu, 25 May 2023 08:48:11 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 embed.2.1.js Show response
exchange.mercuryo.io/ 208 KB
63 KB 22ms
22ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/embed.2.1.js?b5c0484827b37dc435e3

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c2678b3a686c20b1c41721e5a821005d20eb569a3c769ad96dc1f3bda12a7f44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 25 May 2023 08:48:14 GMT
etag: W/"646f20ce-33f6a"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 15081f2ca42a2b2517dc5410a3a794c4
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 a6a36b2a3829ac0af2dd.js Show response
exchange.mercuryo.io/ 37 KB
13 KB 15ms
15ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/a6a36b2a3829ac0af2dd.js?b5c0484827b37dc435e3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f4e012cf207288ff42a1db64b5c6db560fc5d97a5698e3860000e45cf8ca2dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 25 May 2023 07:56:15 GMT
etag: W/"646f149f-9569"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: cdd2b440bf7233adaeeb04e5b1704a65
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 e30bd5653eb8d23a8d69.js Show response
exchange.mercuryo.io/ 14 KB
6 KB 15ms
14ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/e30bd5653eb8d23a8d69.js?b5c0484827b37dc435e3

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0b1f94722e9be260eab74f0910ddd1e4a79bd52b7e35df2fad98a82388e35929

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-36da"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 70fe3692dafe79d8f769050e41895eec
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 / Show response
widget.mercuryo.io/ Frame 7734 3 KB
2 KB 64ms
41ms Document
text/html 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/embed.2.1.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

9db61cf873557c3497a91d7daee58086bd5bb72846458a2ff4be06ae529f9168

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://exchange.mercuryo.io
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://exchange.mercuryo.io
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors https://exchange.mercuryo.io
content-type: text/html
date: Mon, 29 May 2023 20:57:26 GMT
etag: W/"646f20ce-a4b"
expires: Mon, 29 May 2023 20:57:26 GMT
last-modified: Thu, 25 May 2023 08:48:14 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: allow-from https://exchange.mercuryo.io
x-xss-protection: 1; mode=block

GET
H2 200 8113.842826ffae1a7eba1568.css
widget.mercuryo.io/ Frame 7734 48 KB
8 KB 15ms
15ms Stylesheet
text/css 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

41be98c43c7cb4941de15d5ceb37da163526b9711a6161fd59204ae0fe9b3973

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-be94"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: b1a181bb770f8944a4fc9a60c7efdaec
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 main.040af0b638c788a2ea4b.css
widget.mercuryo.io/ Frame 7734 22 KB
5 KB 14ms
14ms Stylesheet
text/css 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.040af0b638c788a2ea4b.css?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2c957e332b3b9f6b4f554165220c23ea6205cc9ce3be4b8718307cfd441e0d3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-59cb"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 47843a5d217730764389b63688c2d065
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 a6a36b2a3829ac0af2dd.js Show response
widget.mercuryo.io/ Frame 7734 37 KB
13 KB 15ms
12ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/a6a36b2a3829ac0af2dd.js?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f4e012cf207288ff42a1db64b5c6db560fc5d97a5698e3860000e45cf8ca2dad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-9569"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 239f03d5f8e696111fd64fc491a45ac5
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 fa0922b53e1f06c31a15.js Show response
widget.mercuryo.io/ Frame 7734 618 KB
200 KB 17ms
14ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fa0922b53e1f06c31a15.js?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f7da66bfad44b7fb1a9816b1c5d14e9c7fcba211596bb48754775ace8053a037

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-9a94b"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: d0b1e84246216f343a00bd94766acec0
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 d239df7798696494b623.js Show response
widget.mercuryo.io/ Frame 7734 268 KB
83 KB 34ms
31ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1094c2c9da7ba74812e689e77ff84fda1874d69e9b99ef7f06acb56e40cb3d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-430ae"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: c08fdaf45d12d9378da6ea22c8badbc9
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 31b257d0e7d8e8cb3eb4.js Show response
widget.mercuryo.io/ Frame 7734 233 KB
52 KB 16ms
14ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/31b257d0e7d8e8cb3eb4.js?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

fe6a305f8cc23a2666a41b55a88d9126b66dbd4ca591406518fab6944cf3e7ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-3a3f8"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 747281ffc721d79f6295c95b94b63c94
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 afc8fa4981ca44b0a83c.js Show response
widget.mercuryo.io/ Frame 7734 215 KB
64 KB 29ms
28ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/afc8fa4981ca44b0a83c.js?b5c0484827b37dc435e3

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6c81887a5ebed92878a17614460699f6a63bd0b2fc901f3a7e7fce9e3c54fff0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-35a12"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 164e24415f417b25c3ab71b4c6bb67ad
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 7734 118 KB
46 KB 64ms
25ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6e2ff8d7e0ea37fdef514f7125cc9db955c82e8aaf0439eba40af79e92451695

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46891
x-xss-protection: 0
last-modified: Mon, 29 May 2023 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 29 May 2023 20:57:26 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 7734 51 KB
21 KB 49ms
14ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-130553073-7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 29 May 2023 20:35:34 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1312
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 29 May 2023 22:35:34 GMT

GET
H2 200 254c80bcf085181f26a8.js Show response
widget.mercuryo.io/ Frame 7734 30 KB
9 KB 13ms
13ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/254c80bcf085181f26a8.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/afc8fa4981ca44b0a83c.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b7d22396f569bcca0b2bec8834151b3813331f4280750f8b1bd22f52d8adbbe2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-797f"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 97a8a490010bf418cd479c1f1dbe24bb
expires: Sat, 03 Jun 2023 20:57:26 GMT

OPTIONS
H2 204 keep-alive
api.mercuryo.io/v1.6/user22/ Frame 0
0 54ms
10ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 start
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 53ms
11ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 401 keep-alive Show response
api.mercuryo.io/v1.6/user22/ Frame 7734 112 B
435 B 63ms
62ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 5b12f4b33255ffd1

GET
H2 200 start Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 7734 68 B
458 B 70ms
69ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

defb11c3a4c6b62fc7424bcb5004bc8a7f0ba87a3a5fb851ecf7a707a609fec3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 50a2e010cdc237ea

GET
H2 200 loader_v3.8.3.js Show response
fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/ Frame 7734 121 KB
42 KB 67ms
16ms Script
text/javascript 99.84.88.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.3.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.46 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-46.muc50.r.cloudfront.net

Software

CloudFront /

Resource Hash

60a469b45148acb1c93acb25770a7f609a8e4ed1a84551034b135ff399c1fc1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Wed, 24 May 2023 02:48:06 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
via: 1.1 af3abf09293a5c762de5e451f8d6a912.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 497360
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"Ge59Z+FSbXxRk5DMhGfel2W9gdo"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3560, s-maxage=614157
x-amz-cf-id: -saRNBxs1jvsaIjM6MoC4byQkXTqlcQOp6GUADgITn30BKCUr0GIfA==

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ Frame 7734 1 KB
1 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:19:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2296
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 29 May 2023 21:19:10 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 7734 2 B
209 B 22ms
22ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1523711054&t=pageview&_s=1&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26utm_medium%3Dreferral%26utm_source%3DTrustWallet%26widget_id%3Dd13d7a03-f965-4688-b35a-9d208819ff4b&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUIRAAAAACAAI~&jid=1296288581&gjid=403220511&cid=1190194719.1685393846&tid=UA-130553073-7&_gid=989867154.1685393846&_r=1&gtm=457e35o0&jsscut=1&did=i5iSjo&z=1291069962

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 7734 4 B
351 B 56ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-130553073-7&cid=1190194719.1685393846&jid=1296288581&gjid=403220511&_gid=989867154.1685393846&_u=YEBAAUIQAAAAACAAI~&z=350302083

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 May 2023 20:57:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 BrutalType-Regular.woff2
widget.mercuryo.io/fonts/ Frame 7734 27 KB
27 KB 13ms
13ms Font
font/woff2 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Regular.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: "646e5880-6c14"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27668
x-request-id: 02b86d6c4f7c69c117a46a0a92cf2c94
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame 7734 42 B
408 B 72ms
38ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-130553073-7&cid=1190194719.1685393846&jid=1296288581&_u=YEBAAUIQAAAAACAAI~&z=1799630287

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 7734 42 B
408 B 90ms
39ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-130553073-7&cid=1190194719.1685393846&jid=1296288581&_u=YEBAAUIQAAAAACAAI~&z=1799630287

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 data
api.mercuryo.io/v1.6/widget/ Frame 0
0 12ms
12ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 currencies
api.mercuryo.io/v1.6/lib/ Frame 0
0 10ms
10ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 countries
api.mercuryo.io/v1.6/lib/ Frame 0
0 9ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 data Show response
api.mercuryo.io/v1.6/widget/ Frame 7734 343 B
826 B 78ms
78ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

334f17b4d9ad80f305b49810e0358e7b6c4a11cbbff36d8a99e726706f2bc0a4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 6bbfa91f893690ab

GET
H2 200 currencies Show response
api.mercuryo.io/v1.6/lib/ Frame 7734 34 KB
5 KB 94ms
93ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0b3395ee35cbb2abcd6f4ead2bcbbf161b554df8bbfc3f1dfb3fcd47a32a73ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 1915f6a8c99d9acd

GET
H2 200 countries Show response
api.mercuryo.io/v1.6/lib/ Frame 7734 19 KB
4 KB 61ms
61ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

0032fc659757e2be8537e21bd3eac29b879bbb75f6d5dbdfc6dd4d5f5b34dba8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 3ea6ce97e97ebb2

GET
H2 200 / Show response
eun1.fptls.com/ Frame 7734 208 B
335 B 99ms
27ms XHR
text/plain 13.248.141.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eun1.fptls.com/

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.248.141.108 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

a885e4cd4ba7f987e.awsglobalaccelerator.com

Software

Resource Hash

699e84e0f7f1b438e37df74f97cead7c95cfa8de221a07eea8f30ad8c5955748

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubDomains
cache-control: max-age=2592000, immutable, private
date: Mon, 29 May 2023 20:57:26 GMT
content-length: 208
content-type: text/plain; charset=utf-8

GET
H2 200 t3xaiuum Show response
widget.intercom.io/widget/ Frame 7734 7 KB
3 KB 57ms
9ms Script
application/javascript 13.224.189.18
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://widget.intercom.io/widget/t3xaiuum
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.189.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-189-18.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b41129b3f9ffed9a079853b8f5cd8283464cd93e5f01e8eb3597b7bc57ae7373

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: WRqQB2zuSLG70VZLpfIdFwl3H7VYFi6w
content-encoding: gzip
via: 1.1 96ab38d99b79d57e5c7e9b8a07c0fad2.cloudfront.net (CloudFront)
date: Mon, 29 May 2023 20:50:36 GMT
x-amz-cf-pop: FRA2-C1
age: 429
x-amz-server-side-encryption: AES256
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2677
last-modified: Mon, 29 May 2023 16:13:50 GMT
server: AmazonS3
etag: "60acf8b7d1b918e572fc37c4a9708bb8"
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=900, s-maxage=900, public
accept-ranges: bytes
x-amz-cf-id: bBdPtJVy-Q04YTCTuIY-UamrjKjdBPExZLame5dwlHFktaXPuCFlSQ==

GET
H2 200 / Show response
beacon.riskified.com/ Frame 7734 48 KB
15 KB 332ms
100ms Script
application/javascript 2600:1f18:f8a:b701:fa6e:7f67:83df:ca4
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=www.mercuryo.io&sid=39873fbb-c28d-4157-bad9-7b2d12a269ec

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/31b257d0e7d8e8cb3eb4.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b701:fa6e:7f67:83df:ca4 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

37f5a8c6a05642f0e048d8f0bf667cc0aab94e6f1dce5caf05018f2234d9c8ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:27 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/d3d3Lm1lcmN1cnlvLmlv/Mzk4NzNmYmItYzI4ZC00MTU3LWJhZDktN2IyZDEyYTI2OWVj
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600,no-store
trace-id: e0c81cc96509fef2f6d58527ddeb48a9
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 9ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=EUR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 9ms
8ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=EUR

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fast-mobile-pay-options
api.mercuryo.io/v1.6/widget/ Frame 0
0 9ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=EUR&fiat_amount=0&payment_system=google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 9ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=EUR&to=ETH&amount=120.00&network=ETHEREUM&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&is_total=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 data-by-ip
api.mercuryo.io/v1.6/public/ Frame 0
0 10ms
10ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame 7734 1 KB
2 KB 16ms
16ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=EUR

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3510455119db42a1862f8309fcdd0b8681106732f656018d37a604c830781f00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-trace-id: 6c9a1e06ca941f162761cb6a37153e57
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 1287
x-xss-protection: 1; mode=block
x-request-id: b59c9d69d39e32fb2674576dc754b8b8

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame 7734 1 KB
2 KB 15ms
15ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=EUR

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3510455119db42a1862f8309fcdd0b8681106732f656018d37a604c830781f00

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-trace-id: 75008eeba5da69344a22b7fb49831542
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 1287
x-xss-protection: 1; mode=block
x-request-id: 4a46a51c48ae889b96a0ccca66867693

GET
H2 200 fast-mobile-pay-options Show response
api.mercuryo.io/v1.6/widget/ Frame 7734 631 B
757 B 75ms
75ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=EUR&fiat_amount=0&payment_system=google

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

381053b73d9887da7228b6b9edeb5b0ef2881ee6c7435104b028e0a9d4645bc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: f6b33343e70dc9c

GET
H2 200 5ce20967a6e6923e8703.js Show response
widget.mercuryo.io/ Frame 7734 413 KB
107 KB 16ms
15ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/5ce20967a6e6923e8703.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/afc8fa4981ca44b0a83c.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1af3847d1c89d67682b37458629cab7d1c10d735632be1f65398adc5bf929125

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-6735f"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: c066ac608e0aa45ed111da40e18c4edf
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 c74b1c0182dfb4c70f6b.js Show response
widget.mercuryo.io/ Frame 7734 147 B
472 B 11ms
11ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/c74b1c0182dfb4c70f6b.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/afc8fa4981ca44b0a83c.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3df2117f7aba8f39aa023f2ffa8fefbb99793120038ad070eae110730ae967f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: "646e5880-93"
content-type: application/javascript
cache-control: max-age=432000
accept-ranges: bytes
content-length: 147
x-xss-protection: 1; mode=block
x-request-id: 41017501d4f34b22ab456a6cebb2055f
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 7734 832 B
917 B 164ms
164ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=EUR&to=ETH&amount=120.00&network=ETHEREUM&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&is_total=true

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6c96f0106f528e4315d536eaaa5f3f7400044066056773de409b82157b567fd1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: ea3474ac8461364

GET
H2 200 Karloff-Neutral-Regular-Web.woff2
widget.mercuryo.io/fonts/ Frame 7734 106 KB
107 KB 14ms
13ms Font
font/woff2 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/Karloff-Neutral-Regular-Web.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: "646e5880-1a828"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 108584
x-request-id: eaa724101d34ff31d5b5c1bb40303483
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 BrutalType-Bold.woff2
widget.mercuryo.io/fonts/ Frame 7734 27 KB
27 KB 12ms
12ms Font
font/woff2 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Bold.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: "646e5880-6a28"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27176
x-request-id: 8a4c93a48f9706fb3fcbfa0a3e432116
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 BrutalType-Medium.woff2
widget.mercuryo.io/fonts/ Frame 7734 26 KB
27 KB 13ms
13ms Font
font/woff2 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Medium.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/8113.842826ffae1a7eba1568.css?b5c0484827b37dc435e3
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: "646e5880-693c"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 26940
x-request-id: 92d7fb80d6d4690c093477ec2c56a31a
expires: Sat, 03 Jun 2023 20:57:26 GMT

GET
H2 200 data-by-ip Show response
api.mercuryo.io/v1.6/public/ Frame 7734 80 B
544 B 18ms
17ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3ddb71bdb936a7399db748eb4b6b7be996ab6b8d13beca61cdd4287601388bc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:26 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 80
x-xss-protection: 1; mode=block
x-request-id: 1dbb2f509b836e627406b50dc24519ee
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H3 200 collect
www.google-analytics.com/ Frame 7734 35 B
55 B 14ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1523711054&t=event&_s=2&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26utm_medium%3Dreferral%26utm_source%3DTrustWallet%26widget_id%3Dd13d7a03-f965-4688-b35a-9d208819ff4b&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_from-currency-clicked&ea=%7B%22value%22%3A%22EUR%22%2C%22widget_id%22%3A%22d13d7a03-f965-4688-b35a-9d208819ff4b%22%2C%22merchant_transaction_id%22%3A%229b6e470c-78cc-7922-140e-1a9df97a48e8%22%2C%22calc_id%22%3A%22cf5e3e5db6c1a370a00534493b5b017d%22%2C%22test_group%22%3A%22B%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=1190194719.1685393846&tid=UA-130553073-7&_gid=989867154.1685393846&gtm=457e35o0&jsscut=1&did=i5iSjo&z=588380104

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 01:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69822
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ Frame 7734 35 B
55 B 14ms
14ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1523711054&t=event&_s=3&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26utm_medium%3Dreferral%26utm_source%3DTrustWallet%26widget_id%3Dd13d7a03-f965-4688-b35a-9d208819ff4b&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_first-screen_from-currency-clicked&ea=%7B%22widget_id%22%3A%22d13d7a03-f965-4688-b35a-9d208819ff4b%22%2C%22merchant_transaction_id%22%3A%229b6e470c-78cc-7922-140e-1a9df97a48e8%22%2C%22calc_id%22%3A%22cf5e3e5db6c1a370a00534493b5b017d%22%2C%22test_group%22%3A%22B%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=1190194719.1685393846&tid=UA-130553073-7&_gid=989867154.1685393846&gtm=457e35o0&jsscut=1&did=i5iSjo&z=829895720

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 01:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69822
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 frame-modern.c5748a76.js Show response
js.intercomcdn.com/ Frame F10A 482 KB
135 KB 68ms
15ms Script
application/javascript 99.84.88.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/frame-modern.c5748a76.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/t3xaiuum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-96.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

10777a039645302e58fbdefe4cc2e7d1d5dfc3fec60d0f462da480a7fe0b0257

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: jxINM8Mfx5WMwvCsLbov3TgJ2H8PjelG
content-encoding: gzip
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
date: Mon, 29 May 2023 20:13:55 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 2613
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 137718
last-modified: Mon, 29 May 2023 16:12:06 GMT
server: AmazonS3
etag: "6c2148495f62c4dbfd70e2dbfd7d545c"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: SMLsGDbuQrnCtzOcuX4p5o_mZOjIBTQqJJku5JxYS1wI9yz02GVp6A==

GET
H2 200 vendor-modern.a297a11f.js Show response
js.intercomcdn.com/ Frame F10A 236 KB
73 KB 97ms
43ms Script
application/javascript 99.84.88.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.intercomcdn.com/vendor-modern.a297a11f.js

Requested by

Host: widget.intercom.io
URL: https://widget.intercom.io/widget/t3xaiuum

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.96 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-96.muc50.r.cloudfront.net

Software

AmazonS3 /

Resource Hash

3bcf26d7f282b70409974c900b6a67d72e083571badd618040d80e9a6f9cc84b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

x-amz-version-id: MSkZ12OsahAlwdeXXxKeKSY6cG9rSJob
content-encoding: gzip
via: 1.1 5f3006c64f23c42b9bf4b3b63c77aedc.cloudfront.net (CloudFront)
date: Mon, 29 May 2023 19:15:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-amz-cf-pop: MUC50-C1
age: 6139
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 74317
last-modified: Mon, 29 May 2023 09:13:23 GMT
server: AmazonS3
etag: "6234526d9eac18e8eb836f70dd9dcea4"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=31536000, s-maxage=7200, public
accept-ranges: bytes
x-amz-cf-id: 71x6g1iLy3DwFiFDARNxD8njRycvtbdp5sFo9IL_oil6nfgBAYUM4A==

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 7734 116 KB
36 KB 186ms
126ms Script
application/javascript 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/31b257d0e7d8e8cb3eb4.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

248a1075a0c6bd06c4f88ba216bb1e53ea9313b8cc4034a2781768d140ad0bc5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aaDrEMYCiGvPajtIWJjCvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-aaDrEMYCiGvPajtIWJjCvQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 29 May 2023 20:57:27 GMT

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 10ms
10ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=EUR&to=ETH&amount=120.00&network=ETHEREUM&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&is_total=true&token=823f04da34e38e2687a2a24c4bd1d6399a99270f22ccca832030f471d0a3d7cceyJ0IjoiMTY4NTM5Mzg0NiIsInR0Ijp0cnVlLCJjIjoiRVRIIiwiYSI6IjAuMDY1ODEzMDI5MjkwNDUwNTc4IiwiZmMiOiJFVVIiLCJmYSI6IjEyMC4wMCIsImYiOiIzLjY3IiwidGYiOiIwLjAxIiwic2YiOiIzLjAwMDAwMDAwMDAwMDAwMDAwMDAwIiwiciI6IjE3NjcuNTgiLCJjaWQiOiI2MzYxY2FkNDE4NmZiOWRjNGNmMTY5ZDFjODllNzAzNiIsInciOiJkMTNkN2EwMy1mOTY1LTQ2ODgtYjM1YS05ZDIwODgxOWZmNGIiLCJvcCI6ImJ1eSIsInBhIjoiY2FyZCIsInB0IjpudWxsLCJwcyI6bnVsbCwibiI6IkVUSEVSRVVNIiwiZmkiOjIyMTR9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 first-open
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 9ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-calc-id,x-widget-id
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 7734 832 B
920 B 157ms
156ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a241a097062e2bef33fba3a637697dcbd4ec72ad095cd51fd5fedca51bad0074

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 34aafe5e5f93739a

POST
H2 200 first-open Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 7734 24 B
415 B 69ms
68ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 4ae65e7dcba26132

OPTIONS
H2 200 c4bb906ed6904c42b19c95825fe55f39
mainnet.infura.io/v3/ Frame 0
0 342ms
106ms Preflight 34.225.68.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnet.infura.io/v3/c4bb906ed6904c42b19c95825fe55f39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.68.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-68-145.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 86400
content-length: 0
date: Mon, 29 May 2023 20:57:27 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

OPTIONS
H2 200 c4bb906ed6904c42b19c95825fe55f39
polygon-mainnet.infura.io/v3/ Frame 0
0 316ms
101ms Preflight 18.213.89.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://polygon-mainnet.infura.io/v3/c4bb906ed6904c42b19c95825fe55f39
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.89.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-89-113.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: POST
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 86400
content-length: 0
date: Mon, 29 May 2023 20:57:27 GMT
vary: Origin Access-Control-Request-Method Access-Control-Request-Headers

POST
H2 200 c4bb906ed6904c42b19c95825fe55f39 Show response
mainnet.infura.io/v3/ Frame 7734 104 B
245 B 110ms
109ms XHR
application/json 34.225.68.145
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://mainnet.infura.io/v3/c4bb906ed6904c42b19c95825fe55f39
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.68.145 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-225-68-145.compute-1.amazonaws.com
Software: /
Resource Hash: 9561ec03d96b03d4b916c59c6cd389b33c8fbc1d046b0ab861daee448aa8b1c6

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://widget.mercuryo.io
date: Mon, 29 May 2023 20:57:27 GMT
content-length: 104
vary: Origin, Accept-Encoding
content-type: application/json

POST
H2 200 c4bb906ed6904c42b19c95825fe55f39 Show response
polygon-mainnet.infura.io/v3/ Frame 7734 104 B
245 B 109ms
108ms XHR
application/json 18.213.89.113
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://polygon-mainnet.infura.io/v3/c4bb906ed6904c42b19c95825fe55f39
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.213.89.113 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-213-89-113.compute-1.amazonaws.com
Software: /
Resource Hash: 9561ec03d96b03d4b916c59c6cd389b33c8fbc1d046b0ab861daee448aa8b1c6

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
content-type: application/json

Response headers

access-control-allow-origin: https://widget.mercuryo.io
date: Mon, 29 May 2023 20:57:27 GMT
content-length: 104
vary: Origin, Accept-Encoding
content-type: application/json

POST
H2 200 ping Show response
api-iam.intercom.io/messenger/web/ Frame F10A 4 KB
2 KB 655ms
433ms XHR
application/json 18.214.14.231
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api-iam.intercom.io/messenger/web/ping

Requested by

Host: js.intercomcdn.com
URL: https://js.intercomcdn.com/frame-modern.c5748a76.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.214.14.231 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-18-214-14-231.compute-1.amazonaws.com

Software

nginx /

Resource Hash

4be3db8d7116849959f6b38aa05ce6e990b4af21c740d147c1c77b6c04883606

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556952; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
strict-transport-security: max-age=31556952; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
x-ami-version: ami-03cfe899041603efb
status: 200 OK
x-xss-protection: 1; mode=block
x-request-id: 00427e3aonku9i53c9kg
x-runtime: 0.299016
server: nginx
etag: W/"4be3db8d7116849959f6b38aa05ce6e9"
vary: Accept,Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://widget.mercuryo.io
x-intercom-version: 496905b81afb569da778b415264baf21716d0a73
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-frame-options: SAMEORIGIN
access-control-allow-headers: Content-Type, Idempotency-Key, X-INTERCOM-APP, X-INTERCOM-PAGE-TITLE, X-INTERCOM-USER-DATA

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 7734 35 B
160 B 332ms
100ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16853938472890.4231218064856026&c=w1wg5opzrfm7jca7by0au8li9bzbhl&p=5a1rid&a=39873fbb-c28d-4157-bad9-7b2d12a269ec&o=www.mercuryo.io&rt=1685393847068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 3D04 18 KB
8 KB 207ms
207ms Document
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

724ecd6ee03a8866bea2b4d697cc9fefbf78e90d633beeaee2a462776a71acd2

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-9v3wrz95r4B6_UeV5afpXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport script-src 'report-sample' 'nonce-9v3wrz95r4B6_UeV5afpXQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 m=_b,_tp,_r Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/am=0LEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/r... Frame 3D04 157 KB
56 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/am=0LEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri36OTR02Ce-4DmIAoIeYBAF4L2DA/m=_b,_tp,_r

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b1ded3cd04b060f560d122d51409c4686c9155b0c5af1392c101021e795cee3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:02:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 273311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56698
x-xss-protection: 0
last-modified: Fri, 26 May 2023 03:27:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 17:02:16 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame 3D04 2 KB
2 KB 119ms
119ms Other
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/?currency=ETH&fiat_amount=120&fiat_currency=EUR&merchant_transaction_id=9b6e470c-78cc-7922-140e-1a9df97a48e8&network=ETHEREUM&signature=4b9a75da6f7a9c4cdf11f878487497e548bad1458a01d9f62dd38382efb107cd21d9f2a016ac5b2ec7a8f872d47b9ab639567e111bc66e47c0a671baf732bbfb&theme=trustwallet&utm_medium=referral&utm_source=TrustWallet&widget_id=d13d7a03-f965-4688-b35a-9d208819ff4b&address=0xe954028f28D457EBDCCF103b725D79504D138E3A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.54-... Frame 3D04 70 KB
26 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.54-vaOJGoL4.L.B1.O/am=0LEBQA/d=1/exm=_b,_r,_tp/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjzqbeAWitLAL5iRJom2m3UAE7JTg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=IZT63,ZyYHPb,ws9Tlc,vfuNJf,PrPYRd,hc6Ubd,Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/am=0LEBQA/d=1/excm=_b,_r,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfri36OTR02Ce-4DmIAoIeYBAF4L2DA/m=_b,_tp,_r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6c40cae5828fc35ced48562be0508a40b8f66044f866ed65ca613604f4a51b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:17:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272419
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26125
x-xss-protection: 0
last-modified: Thu, 25 May 2023 00:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 17:17:08 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 3D04 1 MB
379 KB 68ms
67ms XHR
text/html 2a00:1450:400c:c0c::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ffc842109a181883e75e84c60a5709151b795747a0485fc8514fa864a73b8bd6

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-K3Lzao2Crq5r5gXvZyv6WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-K3Lzao2Crq5r5gXvZyv6WA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Mon, 29 May 2023 20:57:27 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 7734 35 B
159 B 100ms
100ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16853938476410.6134877662153599&c=w1wg5opzrfm7jca7by0au8li9bzbhl&p=5a1rid&a=39873fbb-c28d-4157-bad9-7b2d12a269ec&o=www.mercuryo.io&rt=1685393847068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.54-... Frame 3D04 23 KB
9 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.54-vaOJGoL4.L.B1.O/am=0LEBQA/d=1/exm=Das5Le,IZT63,PrPYRd,ZyYHPb,_b,_r,_tp,hc6Ubd,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjzqbeAWitLAL5iRJom2m3UAE7JTg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d48f1ca0d90a63b0e197a650f6900ba3082139912627be265b3a42f17bdb8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9389
x-xss-protection: 0
last-modified: Thu, 25 May 2023 00:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 17:17:09 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.54-... Frame 3D04 35 KB
13 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.xLfCvYzrtG8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.54-vaOJGoL4.L.B1.O/am=0LEBQA/d=1/exm=Das5Le,FCpbqb,IZT63,PrPYRd,WhJNk,Wt6vjf,ZyYHPb,_b,_r,_tp,hc6Ubd,hhhU8,vfuNJf,ws9Tlc/excm=_b,_r,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjzqbeAWitLAL5iRJom2m3UAE7JTg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

550a52cdbe783f6f086800f77ce4494ab598c861a432bbdb287e9198eda395ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 26 May 2023 17:17:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 272418
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13546
x-xss-protection: 0
last-modified: Thu, 25 May 2023 00:24:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 May 2024 17:17:09 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 85ms
46ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 78ms
51ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:27 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 78ms
50ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 83ms
46ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 75ms
49ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 83ms
47ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 76ms
49ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 83ms
47ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 77ms
50ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 82ms
47ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 78ms
51ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:27 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 81ms
47ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:27 GMT
expires: Mon, 29 May 2023 20:57:27 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 204 address
api.mercuryo.io/v1.6/validate/ Frame 0
0 10ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/validate/address?address=0xe954028f28D457EBDCCF103b725D79504D138E3A&currency=ETH&network=ETHEREUM

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:27 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 address Show response
api.mercuryo.io/v1.6/validate/ Frame 7734 38 B
502 B 619ms
618ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/validate/address?address=0xe954028f28D457EBDCCF103b725D79504D138E3A&currency=ETH&network=ETHEREUM

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

210045edd2c901c04271ec60b88b3675330071f2f5cf599ca66bb1a982762605

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 38
x-xss-protection: 1; mode=block
x-request-id: 387d2357b9eae92c63ad27c9b93957f1
expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 7734 35 B
159 B 100ms
100ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16853938477530.6378470431527106&c=w1wg5opzrfm7jca7by0au8li9bzbhl&p=5a1rid&a=39873fbb-c28d-4157-bad9-7b2d12a269ec&o=www.mercuryo.io&rt=1685393847068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 7734 35 B
159 B 100ms
100ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16853938478650.37885240429637523&c=w1wg5opzrfm7jca7by0au8li9bzbhl&p=5a1rid&a=39873fbb-c28d-4157-bad9-7b2d12a269ec&o=www.mercuryo.io&rt=1685393847068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:27 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 7734 35 B
159 B 100ms
100ms Image
image/gif 3.210.153.240
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=16853938479780.5855297753285111&c=w1wg5opzrfm7jca7by0au8li9bzbhl&p=5a1rid&a=39873fbb-c28d-4157-bad9-7b2d12a269ec&o=www.mercuryo.io&rt=1685393847068
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.210.153.240 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-210-153-240.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 307ms
103ms Preflight
text/plain 2600:1f18:f8a:b700:5e4c:82dd:2001:2761
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b700:5e4c:82dd:2001:2761 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
cache-control: no-store
content-length: 2
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:28 GMT
pragma: no-cache
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: f359e53c8f731807d55e1d536696117e

POST
H2 201 client_infos Show response
c.riskified.com/v2/ Frame 7734 0
370 B 107ms
105ms XHR
text/plain 2600:1f18:f8a:b700:5e4c:82dd:2001:2761
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b700:5e4c:82dd:2001:2761 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Access-Control-Allow-Origin: *
Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:28 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
cache-control: no-store
trace-id: 4e27545e7daf922ef25b168a867dcfa3
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

OPTIONS
H2 204 fast-mobile-pay-options
api.mercuryo.io/v1.6/widget/ Frame 0
0 10ms
10ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=EUR&fiat_amount=0&payment_system=google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 first-token
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 9ms
9ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-token

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-calc-id,x-widget-id
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H3 200 collect
www.google-analytics.com/ Frame 7734 35 B
55 B 16ms
16ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1523711054&t=event&_s=4&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26utm_medium%3Dreferral%26utm_source%3DTrustWallet%26widget_id%3Dd13d7a03-f965-4688-b35a-9d208819ff4b&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_enter_wallet_validate&ea=%7B%22is_valid%22%3Atrue%2C%22address%22%3A%220xe954028f28D457EBDCCF103b725D79504D138E3A%22%2C%22network%22%3A%22ETHEREUM%22%2C%22currency%22%3A%22ETH%22%2C%22widget_id%22%3A%22d13d7a03-f965-4688-b35a-9d208819ff4b%22%2C%22merchant_transaction_id%22%3A%229b6e470c-78cc-7922-140e-1a9df97a48e8%22%2C%22calc_id%22%3A%22cf5e3e5db6c1a370a00534493b5b017d%22%2C%22test_group%22%3A%22B%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACAAI~&jid=&gjid=&cid=1190194719.1685393846&tid=UA-130553073-7&_gid=989867154.1685393846&gtm=457e35o0&jsscut=1&did=i5iSjo&z=331386887

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 01:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69823
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fast-mobile-pay-options Show response
api.mercuryo.io/v1.6/widget/ Frame 7734 631 B
758 B 80ms
80ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=EUR&fiat_amount=0&payment_system=google

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

381053b73d9887da7228b6b9edeb5b0ef2881ee6c7435104b028e0a9d4645bc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 74e5757e07ff9cbc

POST
H2 200 first-token Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 7734 24 B
415 B 65ms
65ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-token

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 1a4dfa1d012564fc

GET
H2 200 7214.1d2e4938589472db7001.css
widget.mercuryo.io/ Frame 7734 1 KB
835 B 15ms
15ms Stylesheet
text/css 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/7214.1d2e4938589472db7001.css

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/afc8fa4981ca44b0a83c.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

cde4d01076da11e61b5a8bdbfd8c6cb2b1b72943e1421648247eddf7d7ad87e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-456"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 451d3b52b807dd2c22be038dca73e162
expires: Sat, 03 Jun 2023 20:57:28 GMT

GET
H2 200 a5cf5c6081037f863679.js Show response
widget.mercuryo.io/ Frame 7734 9 KB
4 KB 12ms
12ms Script
application/javascript 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/a5cf5c6081037f863679.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/afc8fa4981ca44b0a83c.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

7b0cdb70e4cb8fd2621e5308a461df87499cd1f7621ef8fecdc6fdc6460406f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 24 May 2023 18:33:36 GMT
etag: W/"646e5880-2376"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 911b6ae3b2b0d1b4fc6e5ee2ba83345e
expires: Sat, 03 Jun 2023 20:57:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ Frame 7734 2 B
22 B 20ms
20ms XHR
text/plain 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1523711054&t=pageview&_s=1&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26utm_medium%3Dreferral%26utm_source%3DTrustWallet%26widget_id%3Dd13d7a03-f965-4688-b35a-9d208819ff4b&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&dp=%2Femail&ul=en-us&de=UTF-8&dt=&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAAUIRAAAAACACI~&jid=1764579921&gjid=1399575408&cid=1190194719.1685393846&tid=UA-130553073-7&_gid=989867154.1685393846&_r=1&did=i5iSjo&_av=2.4.1&_au=100&z=1882115808

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect
www.google-analytics.com/ Frame 7734 35 B
55 B 21ms
21ms Ping
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/collect

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 7734 4 B
70 B 19ms
18ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-130553073-7&cid=1190194719.1685393846&jid=1764579921&gjid=1399575408&_gid=989867154.1685393846&_u=aGDAAUIRAAAAACACI~&z=1366022358

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 29 May 2023 20:57:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 10ms
10ms Preflight 3.126.178.250
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.126.178.250 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-178-250.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Connection,Content-Type,DNT,Host,If-Modified-Since,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Mon, 29 May 2023 20:57:28 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 7734 832 B
919 B 161ms
160ms XHR
application/json 54.93.184.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/d239df7798696494b623.js?b5c0484827b37dc435e3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.93.184.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-93-184-193.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f9b15d98388ef5a42f94207f03a44d838dc8484f98316156b1287f2f185daea1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: cf5e3e5db6c1a370a00534493b5b017d
Referer: https://widget.mercuryo.io/
X-Widget-Id: d13d7a03-f965-4688-b35a-9d208819ff4b
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 2a46be65010e4c0b

GET
H3 200 collect
www.google-analytics.com/ Frame 7734 35 B
55 B 13ms
13ms Image
image/gif 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j100&a=1523711054&t=event&_s=6&dl=https%3A%2F%2Fwidget.mercuryo.io%2F%3Forigin%3Dhttps%3A%2F%2Fexchange.mercuryo.io%26utm_medium%3Dreferral%26utm_source%3DTrustWallet%26widget_id%3Dd13d7a03-f965-4688-b35a-9d208819ff4b&dr=https%3A%2F%2Fexchange.mercuryo.io%2F&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=wid_signin_email_email-shown&ea=%7B%22widget_id%22%3A%22d13d7a03-f965-4688-b35a-9d208819ff4b%22%2C%22merchant_transaction_id%22%3A%229b6e470c-78cc-7922-140e-1a9df97a48e8%22%2C%22calc_id%22%3A%22cf5e3e5db6c1a370a00534493b5b017d%22%2C%22test_group%22%3A%22B%22%2C%22experimentId%22%3A%22check-EUR-USD-default%22%2C%22default_fiat_currency%22%3A%22USD%22%7D&_u=aGDAAUIRAAAAACACIAC~&jid=&gjid=&cid=1190194719.1685393846&tid=UA-130553073-7&_gid=989867154.1685393846&gtm=457e35o0&jsscut=1&did=i5iSjo&z=1424224797

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 01:33:45 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69823
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame 7734 42 B
107 B 44ms
43ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-130553073-7&cid=1190194719.1685393846&jid=1764579921&_u=aGDAAUIRAAAAACACI~&z=242776601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 7734 42 B
107 B 39ms
38ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-130553073-7&cid=1190194719.1685393846&jid=1764579921&_u=aGDAAUIRAAAAACACI~&z=242776601

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 29 May 2023 20:57:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 47ms
47ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:28 GMT
expires: Mon, 29 May 2023 20:57:28 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 48ms
47ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:28 GMT

POST
H3 200 log Show response
play.google.com/ Frame 3D04 131 B
155 B 48ms
48ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Mon, 29 May 2023 20:57:28 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 29 May 2023 20:57:28 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 46ms
46ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/plain; charset=UTF-8
date: Mon, 29 May 2023 20:57:28 GMT
expires: Mon, 29 May 2023 20:57:28 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

Verdicts & Comments Add Verdict or Comment

7 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

14 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mercuryo.io/	1970-01-20 21:45:53	Name: _system_cookie Value:
widget.mercuryo.io/	1970-01-20 21:45:53	Name: test_group Value: B
.mercuryo.io/	1970-01-20 21:45:53	Name: _ga Value: GA1.2.1190194719.1685393846
.mercuryo.io/	1970-01-20 12:11:20	Name: _gid Value: GA1.2.989867154.1685393846
.mercuryo.io/	1970-01-20 12:09:53	Name: _gat_gtag_UA_130553073_7 Value: 1
api.mercuryo.io/	1970-01-20 12:11:20	Name: session_id Value: 2ef1736b50419c0fc172712b4963b201d8faca76abfc52d36c895febfd3eddb4a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22session_id%22%3Bi%3A1%3Bs%3A36%3A%2239873fbb-c28d-4157-bad9-7b2d12a269ec%22%3B%7D
.google.com/	1970-01-20 16:33:25	Name: NID Value: 511=bYZ7Ou_We4XDmY3gWv69jyhJ3pK_YMtJov27cq_6yRd2VUqd3bUuAj3us3NsKeMGRYY3UWOuPFmE_PYpj0k1ZrohgttuQAFfLk1HtUMHJFg2CioHW2HUi5yVPFx40VBF-yrfVqlzUurkMDgV0rosUHfG441ShfYztZr-d-6Qx94
.mercuryo.io/	1970-01-20 21:45:53	Name: lastRskxRun Value: 1685393847271
.mercuryo.io/	1970-01-20 21:45:53	Name: rskxRunCookie Value: 0
.mercuryo.io/	1970-01-20 21:45:53	Name: rCookie Value: w1wg5opzrfm7jca7by0au8li9bzbhl
.mercuryo.io/	1970-01-20 18:38:43	Name: intercom-id-t3xaiuum Value: 90d3ddbd-c677-41e1-9484-31fcb28a32b0
.mercuryo.io/	1970-01-20 12:19:58	Name: intercom-session-t3xaiuum Value:
.mercuryo.io/	1970-01-20 18:38:43	Name: intercom-device-id-t3xaiuum Value: 8d7f6639-5a90-46ab-b1e3-5e3221aa30b3
.mercuryo.io/	1970-01-20 12:09:53	Name: _gat Value: 1

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.mercuryo.io/v1.6/user22/keep-alive Message: Failed to load resource: the server responded with a status of 401 ()
javascript	warning	URL: https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.3.js(Line 7) Message: Encrypted Media access has been blocked because of a Feature Policy applied to the current document. See https://goo.gl/EuHzyv for more details.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ch-ua-form-factor'.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api-iam.intercom.io
api.mercuryo.io
beacon.riskified.com
c.riskified.com
eun1.fptls.com
exchange.mercuryo.io
fpnpmcdn.net
img.riskified.com
js.intercomcdn.com
mainnet.infura.io
pay.google.com
play.google.com
polygon-mainnet.infura.io
stats.g.doubleclick.net
widget.intercom.io
widget.mercuryo.io
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
13.224.189.18
13.248.141.108
18.213.89.113
18.214.14.231
2600:1f18:f8a:b700:5e4c:82dd:2001:2761
2600:1f18:f8a:b701:fa6e:7f67:83df:ca4
2a00:1450:4001:806::200e
2a00:1450:4001:811::200e
2a00:1450:4001:813::2003
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:831::2004
2a00:1450:400c:c00::9a
2a00:1450:400c:c0c::5c
3.126.178.250
3.210.153.240
34.225.68.145
54.93.184.193
99.84.88.46
99.84.88.96
0032fc659757e2be8537e21bd3eac29b879bbb75f6d5dbdfc6dd4d5f5b34dba8
0b1f94722e9be260eab74f0910ddd1e4a79bd52b7e35df2fad98a82388e35929
0b3395ee35cbb2abcd6f4ead2bcbbf161b554df8bbfc3f1dfb3fcd47a32a73ba
10777a039645302e58fbdefe4cc2e7d1d5dfc3fec60d0f462da480a7fe0b0257
1094c2c9da7ba74812e689e77ff84fda1874d69e9b99ef7f06acb56e40cb3d3a
1af3847d1c89d67682b37458629cab7d1c10d735632be1f65398adc5bf929125
210045edd2c901c04271ec60b88b3675330071f2f5cf599ca66bb1a982762605
248a1075a0c6bd06c4f88ba216bb1e53ea9313b8cc4034a2781768d140ad0bc5
2c957e332b3b9f6b4f554165220c23ea6205cc9ce3be4b8718307cfd441e0d3f
334f17b4d9ad80f305b49810e0358e7b6c4a11cbbff36d8a99e726706f2bc0a4
3510455119db42a1862f8309fcdd0b8681106732f656018d37a604c830781f00
3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba
37f5a8c6a05642f0e048d8f0bf667cc0aab94e6f1dce5caf05018f2234d9c8ce
381053b73d9887da7228b6b9edeb5b0ef2881ee6c7435104b028e0a9d4645bc3
3bcf26d7f282b70409974c900b6a67d72e083571badd618040d80e9a6f9cc84b
3ddb71bdb936a7399db748eb4b6b7be996ab6b8d13beca61cdd4287601388bc2
3df2117f7aba8f39aa023f2ffa8fefbb99793120038ad070eae110730ae967f7
41be98c43c7cb4941de15d5ceb37da163526b9711a6161fd59204ae0fe9b3973
4be3db8d7116849959f6b38aa05ce6e990b4af21c740d147c1c77b6c04883606
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
550a52cdbe783f6f086800f77ce4494ab598c861a432bbdb287e9198eda395ee
60a469b45148acb1c93acb25770a7f609a8e4ed1a84551034b135ff399c1fc1b
699e84e0f7f1b438e37df74f97cead7c95cfa8de221a07eea8f30ad8c5955748
6c40cae5828fc35ced48562be0508a40b8f66044f866ed65ca613604f4a51b46
6c81887a5ebed92878a17614460699f6a63bd0b2fc901f3a7e7fce9e3c54fff0
6c96f0106f528e4315d536eaaa5f3f7400044066056773de409b82157b567fd1
6d48f1ca0d90a63b0e197a650f6900ba3082139912627be265b3a42f17bdb8ad
6e2ff8d7e0ea37fdef514f7125cc9db955c82e8aaf0439eba40af79e92451695
724ecd6ee03a8866bea2b4d697cc9fefbf78e90d633beeaee2a462776a71acd2
7b0cdb70e4cb8fd2621e5308a461df87499cd1f7621ef8fecdc6fdc6460406f4
7b1ded3cd04b060f560d122d51409c4686c9155b0c5af1392c101021e795cee3
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c7a9cae7ebc38768972f8d64ac89b42b598a5f3da1d8772771df4ca90b37262
8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7
90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2
9561ec03d96b03d4b916c59c6cd389b33c8fbc1d046b0ab861daee448aa8b1c6
9db61cf873557c3497a91d7daee58086bd5bb72846458a2ff4be06ae529f9168
a241a097062e2bef33fba3a637697dcbd4ec72ad095cd51fd5fedca51bad0074
a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc
a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b41129b3f9ffed9a079853b8f5cd8283464cd93e5f01e8eb3597b7bc57ae7373
b7d22396f569bcca0b2bec8834151b3813331f4280750f8b1bd22f52d8adbbe2
bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35
c2678b3a686c20b1c41721e5a821005d20eb569a3c769ad96dc1f3bda12a7f44
cde4d01076da11e61b5a8bdbfd8c6cb2b1b72943e1421648247eddf7d7ad87e1
d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
defb11c3a4c6b62fc7424bcb5004bc8a7f0ba87a3a5fb851ecf7a707a609fec3
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e012cf207288ff42a1db64b5c6db560fc5d97a5698e3860000e45cf8ca2dad
f7da66bfad44b7fb1a9816b1c5d14e9c7fcba211596bb48754775ace8053a037
f9b15d98388ef5a42f94207f03a44d838dc8484f98316156b1287f2f185daea1
fe6a305f8cc23a2666a41b55a88d9126b66dbd4ca591406518fab6944cf3e7ea
ffc842109a181883e75e84c60a5709151b795747a0485fc8514fa864a73b8bd6

exchange.mercuryo.io Open in urlscan Pro 54.93.184.193 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

100 %HTTPS

50 %IPv6

13 Domains

21 Subdomains

20 IPs

3 Countries

1712 kBTransfer

5191 kBSize

14 Cookies

0 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exchange.mercuryo.io Open in urlscan Pro
54.93.184.193 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

100 %
HTTPS

50 %
IPv6

13
Domains

21
Subdomains

20
IPs

3
Countries

1712 kB
Transfer

5191 kB
Size

14
Cookies

111 HTTP transactions
0 data transactions