exchange.mercuryo.io Open in urlscan Pro
52.59.133.25 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://exchange.mercuryo.io/
Effective URL:
https://exchange.mercuryo.io/
Submission: On February 14 via api (February 14th 2024, 7:37:14 pm UTC) from US — Scanned from DE

Summary HTTP 96 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 10 domains to perform 96 HTTP transactions. The main IP is 52.59.133.25, located in Frankfurt am Main, Germany and belongs to . The main domain is exchange.mercuryo.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 29th 2023. Valid for: a year.

This is the only time exchange.mercuryo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	35.158.186.212 35.158.186.212	() ()
28	52.59.133.25 52.59.133.25	() ()
13	52.222.214.39 52.222.214.39	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700:303... 2606:4700:3037::6815:6a4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a04:4e42:8d:... 2a04:4e42:8d::516	54113 (FASTLY) (FASTLY)
1	18.245.31.115 18.245.31.115	16509 (AMAZON-02) (AMAZON-02)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	75.2.52.67 75.2.52.67	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:f8a... 2600:1f18:f8a:b705:3328:15d3:26ef:af80	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700:440... 2606:4700:4400::ac40:96b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE)
3	104.16.51.111 104.16.51.111	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	54.92.193.158 54.92.193.158	14618 (AMAZON-AES) (AMAZON-AES)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:f8a... 2600:1f18:f8a:b704:8052:9743:fe27:1ab3	14618 (AMAZON-AES) (AMAZON-AES)
2	104.198.23.205 104.198.23.205	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
96	18

1 35.158.186.212 (Frankfurt am Main, Germany) 1 redirects

ASN- ()
PTR: ec2-35-158-186-212.eu-central-1.compute.amazonaws.com

exchange.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 52.59.133.25 (Frankfurt am Main, Germany)

ASN- ()
PTR: ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

exchange.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 52.222.214.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-39.fra56.r.cloudfront.net

widget.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:6a4 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.72.113 (None, )

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a04:4e42:8d::516 (United States)

ASN54113 (FASTLY, US)

risk.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.245.31.115 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-245-31-115.fra56.r.cloudfront.net

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 75.2.52.67 (United States)

ASN16509 (AMAZON-02, US)
PTR: afdd1a7789e84bffc.awsglobalaccelerator.com

fpjs.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu.api.fpjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:f8a:b705:3328:15d3:26ef:af80 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::ac40:96b1 (United States)

ASN13335 (CLOUDFLARENET, US)

fpjsworker.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c09::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.51.111 (None, )

ASN13335 (CLOUDFLARENET, US)

mercuryo.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.92.193.158 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-92-193-158.compute-1.amazonaws.com

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:f8a:b704:8052:9743:fe27:1ab3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 205.23.198.104.bc.googleusercontent.com

r.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
42	mercuryo.io 1 redirects exchange.mercuryo.io widget.mercuryo.io api.mercuryo.io — Cisco Umbrella Rank: 765856	831 KB
16	google.com pay.google.com — Cisco Umbrella Rank: 2908 play.google.com — Cisco Umbrella Rank: 44	423 KB
10	checkout.com risk.checkout.com — Cisco Umbrella Rank: 180944 fpjs.checkout.com — Cisco Umbrella Rank: 202109 fpjsworker.checkout.com — Cisco Umbrella Rank: 218258	95 KB
8	riskified.com beacon.riskified.com — Cisco Umbrella Rank: 8314 img.riskified.com — Cisco Umbrella Rank: 7300 c.riskified.com — Cisco Umbrella Rank: 5297	16 KB
8	zdassets.com static.zdassets.com — Cisco Umbrella Rank: 2491 ekr.zdassets.com — Cisco Umbrella Rank: 2789	214 KB
4	gstatic.com www.gstatic.com	102 KB
3	zendesk.com mercuryo.zendesk.com	1 KB
3	lr-intake.com cdn.lr-intake.com — Cisco Umbrella Rank: 46233 r.lr-intake.com — Cisco Umbrella Rank: 40192	165 KB
1	fpjs.io eu.api.fpjs.io — Cisco Umbrella Rank: 214925	447 B
1	fpnpmcdn.net fpnpmcdn.net — Cisco Umbrella Rank: 27935	45 KB
96	10

	Domain	Requested by
24	api.mercuryo.io	widget.mercuryo.io
13	widget.mercuryo.io	exchange.mercuryo.io widget.mercuryo.io
12	play.google.com	www.gstatic.com
7	static.zdassets.com	widget.mercuryo.io static.zdassets.com
5	img.riskified.com
5	risk.checkout.com	widget.mercuryo.io
5	exchange.mercuryo.io	1 redirects exchange.mercuryo.io
4	www.gstatic.com	pay.google.com www.gstatic.com
4	pay.google.com	widget.mercuryo.io pay.google.com exchange.mercuryo.io www.gstatic.com
4	fpjs.checkout.com	widget.mercuryo.io
3	mercuryo.zendesk.com	static.zdassets.com
2	r.lr-intake.com	widget.mercuryo.io
2	c.riskified.com	widget.mercuryo.io
1	fpjsworker.checkout.com	risk.checkout.com
1	beacon.riskified.com	widget.mercuryo.io
1	eu.api.fpjs.io	widget.mercuryo.io
1	ekr.zdassets.com	widget.mercuryo.io
1	fpnpmcdn.net	widget.mercuryo.io
1	cdn.lr-intake.com	widget.mercuryo.io
96	19

This site contains no links.

Subject Issuer	Validity	Valid
*.mercuryo.io Go Daddy Secure Certificate Authority - G2	`2023-05-29` - `2024-05-28`	a year	crt.sh
lr-intake.com E1	`2024-01-21` - `2024-04-20`	3 months	crt.sh
zdassets.com E1	`2024-01-04` - `2024-04-03`	3 months	crt.sh
risk.checkout.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-06` - `2024-10-07`	a year	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
fpjs.checkout.com Amazon RSA 2048 M01	`2023-08-23` - `2024-09-19`	a year	crt.sh
eu.api.fpjs.io Amazon RSA 2048 M03	`2023-11-26` - `2024-12-25`	a year	crt.sh
*.riskified.com Amazon RSA 2048 M02	`2023-03-21` - `2024-04-17`	a year	crt.sh
checkout.com E1	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
mercuryo.zendesk.com Cloudflare Inc ECC CA-3	`2023-09-26` - `2024-09-24`	a year	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-05-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
api.logrocket.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://exchange.mercuryo.io/
Frame ID: CC959BF6A5F4D7A6C358D01844C24C90
Requests: 4 HTTP requests in this frame

Frame: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
Frame ID: 5B4E71341C9B53402F15F42F615EEED2
Requests: 48 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Frame ID: C90B85EF82752F60D291D54740AB34E8
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=
Frame ID: C899F82D07E2C1DA476956C154684E45
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercuryo | Cryptocurrency Exchange Service Available 24/7

Page URL History Show full URLs

http://exchange.mercuryo.io/ HTTP 301
https://exchange.mercuryo.io/ Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

96
Requests

99 %
HTTPS

44 %
IPv6

10
Domains

19
Subdomains

18
IPs

4
Countries

1891 kB
Transfer

6504 kB
Size

11
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://exchange.mercuryo.io/ HTTP 301
https://exchange.mercuryo.io/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
exchange.mercuryo.io/
Redirect Chain

http://exchange.mercuryo.io/
https://exchange.mercuryo.io/

3 KB
2 KB

39ms
9ms

Document
text/html

52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e500083f3a417d437f4cb4ad3bc1a4e90052593f82ad6e1f56f84f11ed31e293

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html
date: Wed, 14 Feb 2024 19:37:09 GMT
etag: W/"65c4b259-c0c"
expires: Wed, 14 Feb 2024 19:37:09 GMT
last-modified: Thu, 08 Feb 2024 10:52:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

Redirect headers

Connection: keep-alive
Content-Length: 134
Content-Type: text/html
Date: Wed, 14 Feb 2024 19:37:09 GMT
Location: https://exchange.mercuryo.io:443/
Server: awselb/2.0

GET
H2 200 embed.2.1.js Show response
exchange.mercuryo.io/ 238 KB
72 KB 21ms
20ms Script
application/javascript 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/embed.2.1.js?20348ec4423752f3c1b2

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

7b8bc7ca4981c3ab2ab2f5e1e06a7ef51ca2c50b8b978944605a7f849a3be160

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Thu, 08 Feb 2024 10:52:09 GMT
etag: W/"65c4b259-3b61c"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 9652df34c579f575c920279118aab751
expires: Mon, 19 Feb 2024 19:37:09 GMT

GET
H2 200 3122.1deedbe3c366ddd63e0e.js Show response
exchange.mercuryo.io/ 37 KB
12 KB 13ms
12ms Script
application/javascript 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/3122.1deedbe3c366ddd63e0e.js?20348ec4423752f3c1b2

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8a0b747e58c0894e5cf81a4fe7a5f958f963e8f7e0829493d2d08980400c48a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-94a2"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 17773d1470a6802f20c7a92989af3822
expires: Mon, 19 Feb 2024 19:37:09 GMT

GET
H2 200 exchange.cb57c4ec65165aa37a30.js Show response
exchange.mercuryo.io/ 14 KB
7 KB 21ms
21ms Script
application/javascript 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/exchange.cb57c4ec65165aa37a30.js?20348ec4423752f3c1b2

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

cf37560ccd51b31de7eed4705b45e6ff515b83c84e9c40e83f1e8d7914b46047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-3760"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 6bd11fce7f13ef1ab029feec895c1ba8
expires: Mon, 19 Feb 2024 19:37:09 GMT

GET
H2 200 / Show response
widget.mercuryo.io/ Frame 5B4E 2 KB
2 KB 108ms
82ms Document
text/html 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/embed.2.1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

5046edd0bdab7e6c5c2212eb21fdde23a2ad9d9ff3a8ff42c83b1f8e0435c5df

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://exchange.mercuryo.io
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://exchange.mercuryo.io
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors https://exchange.mercuryo.io
content-type: text/html
date: Wed, 14 Feb 2024 19:37:09 GMT
etag: W/"65c4b259-945"
expires: Wed, 14 Feb 2024 19:37:09 GMT
last-modified: Thu, 08 Feb 2024 10:52:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-id: XkUDhXg3Ul9GstJsKP7hbsKtCXaHaYUY3TysVYSPQg40Z_7DIsmJBg==
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: allow-from https://exchange.mercuryo.io
x-request-id: 81de3fd5695b3686da0a1f6d8cf54134
x-xss-protection: 1; mode=block

GET
H2 200 9883.c6ea12bbe70fbbf45178.css
widget.mercuryo.io/ Frame 5B4E 49 KB
9 KB 24ms
21ms Stylesheet
text/css 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

233ddc047e5cbbaec9d69626dd35acea426546e8467dbc2e0c196a21fb2e46c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 63c3037de96df5eea085ae4d1779d63e
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-c553"
content-type: text/css
cache-control: max-age=432000
x-amz-cf-id: fdIka750aERytlnHJZPmrzIdMWvrAkGhlCoLZjjDy1oiAn0QuRkqzA==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 main.4ee903cdca711f92c2d0.css
widget.mercuryo.io/ Frame 5B4E 48 KB
9 KB 25ms
22ms Stylesheet
text/css 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.4ee903cdca711f92c2d0.css?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

896b712bf7ac523cb09d7f2079a3c1b1ee8c9a5db648e49d1703ec22a6202fc6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: b67d00cd3a605403d3903ca3624631b4
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-bf43"
content-type: text/css
cache-control: max-age=432000
x-amz-cf-id: k3oQcFnl8NJNe24gLQpofMZ9vdgB7rDAQNtT7AdAZVY51FHWijQ3tA==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 3122.1deedbe3c366ddd63e0e.js Show response
widget.mercuryo.io/ Frame 5B4E 37 KB
13 KB 18ms
18ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/3122.1deedbe3c366ddd63e0e.js?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

8a0b747e58c0894e5cf81a4fe7a5f958f963e8f7e0829493d2d08980400c48a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 3efd553555358e0bafcfbe796a7b0081
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-94a2"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: k81TxdLU2mny3xBlUL6T2CYj_bvGv7ggIGry5WdN6QPihXgMkK-1RQ==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 5393.17d1a7dfb074b03eee7e.js Show response
widget.mercuryo.io/ Frame 5B4E 786 KB
241 KB 19ms
18ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/5393.17d1a7dfb074b03eee7e.js?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

b98ae143e223df37f2208c44abd301c51f478a24d72c5024f65215003e8feb53

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: cbe17fde6eaa100b551c762fa76b971c
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-c4766"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: 0Rqq8HMwc55kimC5-sLbIkGbCHxzj01uNskdKhUg4QnmKdQjhn1CqQ==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 772.c7200f4b9d49dde19ed1.js Show response
widget.mercuryo.io/ Frame 5B4E 295 KB
97 KB 42ms
42ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

702c739a81a2d7b52fd3d3415e28f31c4b4de1bbdcdeff0e194d3a67a249788a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: da83a33ce17dc8a864c9f0373b5df843
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-49bdd"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: Xt0XxBCLjO-b_dTjZZfql1lFea-nJANxhrVJHe3EpgjPbUyEbfVvlQ==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 9883.07716f90cb4341cf7f8f.js Show response
widget.mercuryo.io/ Frame 5B4E 233 KB
54 KB 53ms
53ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/9883.07716f90cb4341cf7f8f.js?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

2ec1ffab9b6ae5dc915d1ba8e5c46bc23860b45c718254dd535f64df72645d51

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 69a577ef815079503a6fac72d5ab623a
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-3a273"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: t48Nm3MWtrUqEeeUcu2VEHqeJ9iZ__-xivoZd_1twirjpiiWOcWWcQ==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 main.197b93e22eec52d7d9ca.js Show response
widget.mercuryo.io/ Frame 5B4E 312 KB
90 KB 51ms
51ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.197b93e22eec52d7d9ca.js?20348ec4423752f3c1b2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

6bdee82228728d94657bd5be86bba821ada1187c06f7ec6c598b328378fb409c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108588
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 8faaefc9d9b70034b70261d6d43384c9
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-4dfff"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: J4g4env3nFVd_NhDd217ZHMDepyRrW5XSsp3rXGjoHR9QNx6tFDRjw==
expires: Sun, 18 Feb 2024 13:27:21 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-intake.com/ Frame 5B4E 830 KB
165 KB 68ms
32ms Script
text/javascript 2606:4700:3037::6815:6a4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-intake.com/logger-1.min.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/5393.17d1a7dfb074b03eee7e.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:6a4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9d69063edd3b8f5051ee92f3c528ee2b610283d6645b1c3b4f32b3b03922df38

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 58
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230103-FRA
last-modified: Wed, 14 Feb 2024 18:50:38 GMT
server: cloudflare
x-timer: S1707936911.658696,VS0,VE23
etag: W/"7af6dc07d1db839cd0cc70e2387f3de53143f30771aa94b2fa05d80109273c21"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lyBLjczM%2B6LyxxpSncm2UnvtKoXlaoBvWLFAxbPnAP%2FenW3O2xUOr0rp6CveU3ho0GehQbHr%2FVNgP%2BWuGPx52ZZhcYC15texTMcOTrK%2F%2BlNgpqmpwiEB7VIA60IdvzUfQoWEmKyAeBKGeEs6oXI8Lg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 8557c399fc593664-FRA
x-cache-hits: 1

GET
H2 200 8637.5f1867d639174aa2e7ed.js Show response
widget.mercuryo.io/ Frame 5B4E 34 KB
11 KB 10ms
9ms Script
application/javascript 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/8637.5f1867d639174aa2e7ed.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.197b93e22eec52d7d9ca.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

83da0efac1aacaf7e34a70240731690f6de5472618c5ba4a4a69def8898d72ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 13:27:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
age: 108583
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: 6e1ce4f62a8da60c1c1ba5c903c5d31a
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: W/"65c3917d-8981"
content-type: application/javascript
cache-control: max-age=432000
x-amz-cf-id: jVjQbuGNYH7tLIIUQutVaDQzuJYEL_ZzguFOqbOl1KMtOxYFO4LLGw==
expires: Sun, 18 Feb 2024 13:27:26 GMT

OPTIONS
H2 204 keep-alive
api.mercuryo.io/v1.6/user22/ Frame 0
0 38ms
12ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 start
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 37ms
11ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ Frame 5B4E 10 KB
5 KB 62ms
39ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=2ba8c6cf-6eb8-408b-9a98-192838e14f59

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.197b93e22eec52d7d9ca.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 9X4B0G1GWNB25PJG
age: 18
x-amz-server-side-encryption: AES256
x-amz-replication-status: PENDING
x-amz-id-2: 4OYei3DkpSYkS6dKBDFbZjtSdVexoHjQ1eS9Mf3MCmEOCurZC/+Isbd1AVVpsiKAmJ7FWWviPJSrjy0q3mZxeg==
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UMz9%2FeHun%2BSPEg%2FltUDs1gCMMF1QGphnYuVVUk%2FXEdaa90sdrZtPy%2Fv3hbe5SPWZbSRyjLPt1k%2FVyR%2F%2Fvd4vVuQFsHOZUOOhET0x%2FlzpJxzqG4mz0L9l3PdK8o3zoIpmfbF7RH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8557c39a68f3380d-FRA
access-control-allow-headers: *

GET
H2 401 keep-alive Show response
api.mercuryo.io/v1.6/user22/ Frame 5B4E 112 B
434 B 51ms
51ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 4d9d12c1fc4c0ea1

GET
H2 200 start Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 5B4E 68 B
458 B 66ms
64ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

73fdb6464e956e692f4d5ecd646278d8fa73a378d2b2ab4fa4821045cf8635b5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 795af7c7389fd20d

GET
H2 200 risk.js Show response
risk.checkout.com/cdn/risk/1/ Frame 5B4E 223 KB
45 KB 44ms
17ms Script
application/javascript 2a04:4e42:8d::516
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/cdn/risk/1/risk.js
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9883.07716f90cb4341cf7f8f.js?20348ec4423752f3c1b2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::516 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42e442292aacd0141b71a58afa8528f8aae4af6cbaf1da57a5cdd7c83cd2ed8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
x-amz-request-id: 7VKBVG6RWZNC0VAW
age: 3080
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45955
x-amz-id-2: lppZxtdknRChAepAvNT+VPUzz5lPreYvtQKqD3cW0r6d1CB3meLxvE3P1/Adr8YbCNJ/eIQR6XY=
x-served-by: cache-dub4352-DUB, cache-dub4343-DUB, cache-fra-eddf8230107-FRA
last-modified: Mon, 06 Nov 2023 14:43:17 GMT
server: AmazonS3
x-timer: S1705319130.970188,VS0,VE29
etag: "ee61e93ba8e7ae6b1867765a227d779e"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 0, 22642, 1

GET
H2 200 loader_v3.8.7.js Show response
fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/ Frame 5B4E 131 KB
45 KB 43ms
18ms Script
text/javascript 18.245.31.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.7.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.245.31.115 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-245-31-115.fra56.r.cloudfront.net

Software

CloudFront /

Resource Hash

94fccdae4829ddfa39d48381f1a326d165e123cc3bbaa9668be625e28ba7b5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Thu, 08 Feb 2024 17:50:33 GMT
via: 1.1 964525de46241eae6ff9f5fb91498662.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P8
age: 524796
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"HKLwBNAb6v7n+ntN0czeVWIT1Tw"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3591, s-maxage=622359
timing-allow-origin: *
x-amz-cf-id: YpTbqvd0cOkV7yD1hDuGwUvAXWJPjzTtgQxsCJbXzKUDbHvUSQoMyQ==

GET
BLOB 200
OK 65235878-8b20-428e-9149-5b152ecd8e4e
https://widget.mercuryo.io/ Frame 5B4E 462 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://widget.mercuryo.io/65235878-8b20-428e-9149-5b152ecd8e4e
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f36fc7a1b773d17bc90ed812b94ca46e18c68d8744586a655885ab4bae8f8999

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Length: 472995
Content-Type

GET
H2 200 2ba8c6cf-6eb8-408b-9a98-192838e14f59 Show response
ekr.zdassets.com/compose/ Frame 5B4E 1 KB
1 KB 298ms
208ms Fetch
application/json 104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/2ba8c6cf-6eb8-408b-9a98-192838e14f59

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e451802ca7b1de824c102635419760774daf2ecc7413d375c1d9c4b4b152f9fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: REVALIDATED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8542590cb9875e8f-SEA, 8542590cb9875e8f-SEA
x-runtime: 0.024781
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"e451802ca7b1de824c10263541976077"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4BIXDM%2Ft1%2FDo%2FgagotisWcitCXH7X2BBauSA9S2W5c534VYFh0AbLouAgMKFjHzYVF1ILl0Oi6%2FZZmrgOW2GSTbzihJzfq%2FpZek3LJdc2d1rjuH4iHar1QRS5zSiN5rTd7k%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 8557c39b4ef818d6-FRA

GET
H2 200 health
fpjs.checkout.com/ Frame 5B4E 0
0 92ms
9ms Fetch 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/health

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H2 200 configuration Show response
risk.checkout.com/collect/ Frame 5B4E 80 B
287 B 54ms
54ms Fetch
application/json 2a04:4e42:8d::516
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/configuration?integrationType=RiskJsStandalone
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::516 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 11966fc5ae15dce31a44e99ebdaad329e567ecaa533e43561ca6a66e96bdb009

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
Authorization: pk_l3jjaljrxfhw2lhzgcabzfvywuy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-dub4342-DUB, cache-dub4342-DUB, cache-fra-eddf8230127-FRA
date: Wed, 14 Feb 2024 19:37:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer: S1707939430.657383,VS0,VE7
cko-request-id: 0HN16BA1GSRC9:000083AE
cko-version: 1.0.290
cko-internal-duration: 0
x-cache: MISS, MISS, MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 80
x-cache-hits: 0, 0, 0

OPTIONS
H2 204 configuration
risk.checkout.com/collect/ Frame 0
0 74ms
53ms Preflight 2a04:4e42:8d::516
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/configuration?integrationType=RiskJsStandalone
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:8d::516 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date: Wed, 14 Feb 2024 19:37:09 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-served-by: cache-dub4354-DUB, cache-dub4354-DUB, cache-fra-eddf8230127-FRA
x-timer: S1707939430.608810,VS0,VE2

OPTIONS
H2 204 data
api.mercuryo.io/v1.6/widget/ Frame 0
0 9ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 currencies
api.mercuryo.io/v1.6/lib/ Frame 0
0 8ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 countries
api.mercuryo.io/v1.6/lib/ Frame 0
0 8ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 data Show response
api.mercuryo.io/v1.6/widget/ Frame 5B4E 422 B
857 B 78ms
78ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

857c1174aacbb0cd9ab6c86e9fd393c8dffa095a11f8e2c496f506575f7eb424

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: e0e53485b1b0bc3

GET
H2 200 currencies Show response
api.mercuryo.io/v1.6/lib/ Frame 5B4E 38 KB
5 KB 82ms
82ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

99447ef350efa9a669248c2a5b850582f11eeddd939d92aa80983ccf7c7a7113

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 20f4b908377dd05c

GET
H2 200 countries Show response
api.mercuryo.io/v1.6/lib/ Frame 5B4E 19 KB
4 KB 63ms
63ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c0b0b3b6f770e0d6df41a3c130e5b31d7bd5218603e43596d9509a26895baa1e

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 32d91a3a4c7652b6

GET
H2 200 7 Show response
eu.api.fpjs.io/DwmA/JNZ1Dz7/ Frame 5B4E 96 B
447 B 53ms
25ms XHR
text/plain 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.api.fpjs.io/DwmA/JNZ1Dz7/7?q=XKf7GIZmZFBcg5xAI7mx

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

c0fedb6b9fb6e52694d77c20d284552fed288d9ded1c5ceec422ba43348ac7a6

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H2 200 BrutalType-Regular.woff2
widget.mercuryo.io/fonts/ Frame 5B4E 27 KB
28 KB 23ms
23ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Regular.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 27668
x-request-id: 0cb772eabc347fe93d4838685546960b
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: "65c3917d-6c14"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: bPKC4WP17fZd449I1zeiomNa8d7kKRDs_hIHApsbFjA1TXn0kqWddw==
expires: Mon, 19 Feb 2024 19:37:09 GMT

GET
H2 200 / Show response
beacon.riskified.com/ Frame 5B4E 48 KB
15 KB 483ms
234ms Script
application/javascript 2600:1f18:f8a:b705:3328:15d3:26ef:af80
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=www.mercuryo.io&sid=5bbccfc5-bb7f-4583-b19b-89efca402cac

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.197b93e22eec52d7d9ca.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b705:3328:15d3:26ef:af80 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

096c3dcafc1d17608765df45f7046c59593f5dfb48f340d720e1d5c82963ddbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/d3d3Lm1lcmN1cnlvLmlv/NWJiY2NmYzUtYmI3Zi00NTgzLWIxOWItODllZmNhNDAyY2Fj
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
trace-id: fa4229a77d15c7e8d8d48042bbdd467a
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame 5B4E 13 B
436 B 13ms
12ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

x-trace-id: 038266658e0fb8974fb7d190ee77a527
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 13
x-xss-protection: 1; mode=block
x-request-id: 0a45c0388ce1e5746939c94fa642e42b

GET
H2 200 fast-mobile-pay-options Show response
api.mercuryo.io/v1.6/widget/ Frame 5B4E 714 B
794 B 100ms
100ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 6938ee339e1899f5

GET
H2 200 rates Show response
api.mercuryo.io/v1.6/widget/ Frame 5B4E 30 KB
10 KB 3414ms
3414ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e135c61f4602108d6a959231a6ac0e2cff10ef39177ac747e38d320083597442

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 670d5ec44f50ed0

GET
H2 200 data-by-ip Show response
api.mercuryo.io/v1.6/public/ Frame 5B4E 80 B
544 B 20ms
19ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3ddb71bdb936a7399db748eb4b6b7be996ab6b8d13beca61cdd4287601388bc2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 80
x-xss-protection: 1; mode=block
x-request-id: 7145bc626c5ce0e3796d41c99485ffb4
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 first-open Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 5B4E 24 B
416 B 89ms
89ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 622fce783e4f919f

GET
H2 200 Karloff-Neutral-Regular-Web.woff2
widget.mercuryo.io/fonts/ Frame 5B4E 106 KB
107 KB 22ms
22ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/Karloff-Neutral-Regular-Web.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 108584
x-request-id: ddeabd0704f5446df253b1dd75f62a9b
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: "65c3917d-1a828"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: i6IfatXwPCcmpoe5T1hLURFf9niwlMH5XLmCo5NiD5F7KuetUoJnGg==
expires: Mon, 19 Feb 2024 19:37:09 GMT

GET
H2 200 BrutalType-Medium.woff2
widget.mercuryo.io/fonts/ Frame 5B4E 26 KB
27 KB 19ms
19ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Medium.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 26940
x-request-id: 4e8e108d704779abf19e076039794265
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: "65c3917d-693c"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: oI7iZ0NRuz005hDAeY8Ub0ivZPXC1A5IXtdHkjYt2XHgH-EU_0cDeg==
expires: Mon, 19 Feb 2024 19:37:09 GMT

GET
H2 200 BrutalType-Bold.woff2
widget.mercuryo.io/fonts/ Frame 5B4E 27 KB
27 KB 23ms
22ms Font
font/woff2 52.222.214.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Bold.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.214.39 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-214-39.fra56.r.cloudfront.net

Software

Resource Hash

a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/9883.c6ea12bbe70fbbf45178.css?20348ec4423752f3c1b2
Origin: https://widget.mercuryo.io
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
via: 1.1 081c7bef6b5d3c12829ac4c99182ccea.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3
x-cache: Miss from cloudfront
content-length: 27176
x-request-id: 26a5a499b811810bfba4b5b0d8763430
last-modified: Wed, 07 Feb 2024 14:19:41 GMT
etag: "65c3917d-6a28"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
x-amz-cf-id: H-43M9c5bcmzrqWHJOm7IQsuMVQ05XnkcO9eBlNEApzh66F9X776JA==
expires: Mon, 19 Feb 2024 19:37:09 GMT

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 8ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fast-mobile-pay-options
api.mercuryo.io/v1.6/widget/ Frame 0
0 8ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rates
api.mercuryo.io/v1.6/widget/ Frame 0
0 8ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 data-by-ip
api.mercuryo.io/v1.6/public/ Frame 0
0 7ms
7ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 first-open
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 8ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-calc-id,x-widget-id
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 gWsdhYyK8qHVJMEp Show response
fpjsworker.checkout.com/vKdHeO12gpAymiKK/ Frame 5B4E 131 KB
47 KB 108ms
73ms Script
text/javascript 2606:4700:4400::ac40:96b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjsworker.checkout.com/vKdHeO12gpAymiKK/gWsdhYyK8qHVJMEp?apiKey=7dmUzMeBuN6x1YjwR3EY&version=3&loaderVersion=3.8.5

Requested by

Host: risk.checkout.com
URL: https://risk.checkout.com/cdn/risk/1/risk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::ac40:96b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

490b83d316c6a4bcc9978294864f849873031f722781918773da67c5f37178b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-encoding: gzip
via: 1.1 c63140c3859a31aa195816b9d66d1f2c.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
age: 41
x-amz-cf-pop: FRA56-P8
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server: cloudflare
etag: W/"m87GwvKsNA1DRHik/YNCDl1Iijs"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3600, s-maxage=60
cf-ray: 8557c39c8d889249-FRA
timing-allow-origin: *
x-amz-cf-id: DCSPBDj6LOsgNVJTSAijqq1d-xgXryXYS0K2Brrc1M2dYhEuRh5MOw==

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 9ms
9ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 5B4E 766 B
889 B 248ms
248ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

93e2d3116313025bce4b1b63b6969bdd0f4ed7e2a0c7d8716a52898ef08a0760

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 4cba218d9feffd69

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 5B4E 117 KB
36 KB 119ms
66ms Script
application/javascript 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.197b93e22eec52d7d9ca.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

52fb7e9057452b20c007eb6591bd75bcd68128125365b1dcbd98819c75766068

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NEJrzpixeJ2rrOylU32JrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-NEJrzpixeJ2rrOylU32JrA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjamHU4pJiCNSQYlhWKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vn6kkkCiDWAeIePB4uYz3TWN-HTWbkiprPG1U1nzQNivnXTWVWAWHf9dNZQIHZKn8EaBMQ-9TNYY4BYiIfj6Zot69gEdnxoP8MMALMvOpg"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 14 Feb 2024 19:37:09 GMT

GET
H2 200 web-widget-main-e46caa3.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C90B 426 KB
137 KB 34ms
34ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2ba8c6cf-6eb8-408b-9a98-192838e14f59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee9d2e14f32dca48fd30e2ca40ab7306a81e8a351644faf518fc7cdd1d6fac20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
x-amz-version-id: NNS74CRvslANYzFbdSZpAHMXLdB5wZUC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q2V4BBD2DK0CGF60
age: 224571
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: H0Ws5wo1tJe8yX9pvW+6jDfNeKDEuI0uiLYsIkD7aWVZXpQhXemj/ny0DQqceKxo7twc8zJE5Fw=
last-modified: Thu, 08 Feb 2024 08:29:39 GMT
server: cloudflare
etag: W/"c41d27ff2113f7e3712955c66c6955e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LYOSXwLXzqnDSCxieoeNqG6RVXGbUW2UnvHlH3W%2FtNGHbr8IszIATX37qQ2lTJbNGoTHAn%2Fabaz1sR72U66d9WQDflqDviUzsBu%2FIpFRCbLIhnln550fdJ2A4qFBOTfAeX%2BSL8k%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8557c39cccb3380d-FRA
access-control-allow-headers: *
expires: Fri, 07 Feb 2025 08:29:38 GMT

GET
H2 200 IT Show response
fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/ Frame 5B4E 96 B
446 B 10ms
10ms XHR
text/plain 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/IT?q=7dmUzMeBuN6x1YjwR3EY

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

c97783dbf560bb69f1680e609c202e5002541faff909d4b3eaf53c4e13071846

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H2 200 IT Show response
fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/ Frame 5B4E 92 B
442 B 11ms
10ms XHR
text/plain 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/IT?q=7dmUzMeBuN6x1YjwR3EY

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

029a206a9022ae0946a051a35b7944aecfa47c845318e3271ac44f7bc54368e8

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 92

GET
H2 200 en-us-json-e46caa3.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame C90B 17 KB
4 KB 23ms
22ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-e46caa3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
x-amz-version-id: 0Hw4clCIIhZEWLdGpvxII_jTVUODtVUb
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q2VFJBXV7HEQRB2F
age: 224571
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: FDMXzGuEUamL+GNXwuvdKXqR7jTFgzExJC6qyAdHhrpMdvBGKq984WmHum6QCCUeA5p+FfCMmpI=
last-modified: Thu, 08 Feb 2024 08:29:40 GMT
server: cloudflare
etag: W/"afa8158c4aa1aa2dccba0d36fd3c0e2f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D8Oj%2FsCDm7yvoaYM5nuXRTgFmss0hkCyLl44MW8npBen48kZHY7hI8drDNulirxu67UqPLOFxNgocerdQlMIl2S1Fnjc5vUcI1b4l1%2FsCZXVYDnr4vS%2BIdZuv2%2FbE1%2B3MVYtduY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8557c39d4d4f380d-FRA
access-control-allow-headers: *
expires: Fri, 07 Feb 2025 08:29:39 GMT

GET
H2 200 web-widget-4852-e46caa3.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C90B 139 KB
47 KB 53ms
53ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-4852-e46caa3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
x-amz-version-id: VpeJ4ZrAbfClFkk8QBOEwZEjMhUkNJI0
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q2V7HPGSQ4H4FZXG
age: 224564
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UOGPPTydRIhPlvGwkdwZsKaU1JlczFCqc1oiAmjO1emLufuYdEzdAIbhzvfvKWEbyuHbt2TSbig=
last-modified: Thu, 08 Feb 2024 08:29:39 GMT
server: cloudflare
etag: W/"ea51d3eb674c1f286144bbe26ba05c86"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gxCcteC3c9dhE7ChtMWPTAuJZH0tpPlAkhyn435ZS4on%2FmvxmvqqvEufMxj981y49Xc0sIXJlfrHzkOZ8vF2Ub4SWfjHZ5MEMTeRqc5j5E7jmZR0156tLFI41UDYW%2BNfhthMzkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8557c39d4d52380d-FRA
access-control-allow-headers: *
expires: Fri, 07 Feb 2025 08:29:37 GMT

GET
H2 200 web-widget-1327-e46caa3.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C90B 18 KB
7 KB 26ms
25ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-e46caa3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
x-amz-version-id: IR122uws0ha39p.h7rBxpzxTmOQD7EnC
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q2V2BB27MQ99QJE1
age: 224564
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: jssM+jhxEfc5syInYxGFMFlSUqmCEKFRSUAjB199KGgIx12gFzm94Z2KM9cK9cBPaKXvGQhGiUY=
last-modified: Thu, 08 Feb 2024 08:29:38 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QIEC00Y9ybiY2Z3Hnt1tdtWfnkaGMHpAjych1DEJygZl5hbnC4xmGqJPbwT8gT4up%2Bhb6LsSBro2NdenPH64grseUvxdm3P4EIct1Ce3fcG1GBMcrEFlzTS4%2B%2FUZyyhE%2BXBIwQ4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8557c39d4d55380d-FRA
access-control-allow-headers: *
expires: Fri, 07 Feb 2025 08:29:37 GMT

GET
H2 200 web-widget-5178-e46caa3.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C90B 24 KB
7 KB 34ms
34ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-5178-e46caa3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fbd5e8521e54e636ad82bb41a866e0227ba6c414e427e8debdee0a68fd14c456

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
x-amz-version-id: vvYKpwLde8nzMpq_pV1TQEnoumEiREgn
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q2V3R29JZ4NXM4QS
age: 224564
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 5uNSb5WmI/2Gy89iHwn3hWQ657TLaWi0pI3eV+NYONJsCJTOw7mclGoYhU+CgDa0LQ75/folzuM=
last-modified: Thu, 08 Feb 2024 08:29:39 GMT
server: cloudflare
etag: W/"931f719f7fd052e7e871e3892529881f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OInyyUmlkPtJ3j6g2W%2BPubJ9kdewiD6mfqw%2BkhPjFhDhX2lJjuNQ5ILesNV7rRzqIa69StI9XR7PR2m%2BjAIWxtlOdEayTUxoUDt959UZQskZXgpnfHrDrgFd5uLEmhOdfTbq85g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8557c39d4d56380d-FRA
access-control-allow-headers: *
expires: Fri, 07 Feb 2025 08:29:37 GMT

GET
H2 200 web-widget-9535-e46caa3.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame C90B 15 KB
6 KB 24ms
24ms Script
application/javascript 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-9535-e46caa3.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95f334c245b1ad1435f8432912e934a395467f4e7511440442652f9e5aa132ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:09 GMT
x-amz-version-id: IYiVv12Uq6RiRTB17pxmzNq4a6Xbh.BI
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Q2V9JEM3EHSJZ265
age: 224564
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: Y/Yne6/K0dO5cVi9+z1CrbmxhpZcb0l27BBpR+7p3YVQ04+HIjBbyo6B2nA68Wq+/hKn38562/k=
last-modified: Thu, 08 Feb 2024 08:29:39 GMT
server: cloudflare
etag: W/"3807a835073a7f537f2d2f554ad605ea"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hytmkHMYKKmsC9ec5GVF6RDbpj%2BqrJ5VJ2AlMKEHE4Mv8zprmC8PXOFNffA%2BePMXboBcoNt1gwtpO5RnoTzDdpv9yRQ4GL3B68C7SfH8tV%2FD6oH6j0MBZW9POfwE%2B6ZxZcZAq%2F8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 8557c39d4d57380d-FRA
access-control-allow-headers: *
expires: Fri, 07 Feb 2025 08:29:38 GMT

OPTIONS
H2 204 pv
mercuryo.zendesk.com/frontendevents/ Frame 0
0 105ms
77ms Preflight 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mercuryo.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 8557c39e3fdd18d9-FRA
date: Wed, 14 Feb 2024 19:37:10 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyUqDwooRoQfQhVcm%2BHvMME4HE5WtAdLl8Nsj8cOXZqoFGbt7OyEOLe%2FLMiZwQLBZd7N5VXl7Jl9hF931WZlrcLG%2FyVdDNGk3nqrXCFCQe1D5rEyVrtk1ojpgvVkDTdafWqhg4LZ"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 8557c39e3fdd18d9-FRA
x-zendesk-zorg: yes

POST
H2 200 pv
mercuryo.zendesk.com/frontendevents/ Frame C90B 0
0 51ms
51ms Fetch 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mercuryo.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4L1h2WpmKLNznZ9xKkwAMOUUlMVlSbFxY%2Bzee%2FCOl4qrG57vjrN7yiaLP8MCKGDxu2UP1Lbb9EIfhcEC%2BfgozTbib9HOQIVETfa6U2kzNeu%2FwEAY%2FWPLiT21YpGryO6ivjlQfWnD"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 8557c39eb8a118d9-FRA
content-length: 0
x-request-id: 8557c39eb8a118d9-FRA

GET
H2 200 config Show response
mercuryo.zendesk.com/embeddable/ Frame C90B 846 B
1 KB 95ms
68ms Fetch
application/json 104.16.51.111
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://mercuryo.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-e46caa3.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.51.111 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cff10bd4615e4ea9fac17596031f44e047e849135148f13ea065329708f3d380

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-54b9dbf9c8-j52tm
x-cached: STALE
x-request-id: 85579e3b8ac303dc-FRA
x-runtime: 0.002606
last-modified: Wed, 14 Feb 2024 19:33:37 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zvUgUR3Qhv98qAd%2FQtwfxUJGkYVTwYFEQdAjlxdjdmv2JRKptG2%2F4oLOoRiPTmVXgofuA8MTFK0ODJieSw85HSLANoMZ01mZSn2bYL%2FUMXTsKe9NQfLO0S5Ozf8zjolDPPPmiWN2"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 8557c39e3fe218d9-FRA

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame C899 19 KB
8 KB 208ms
207ms Document
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8ff902ea518f9b5725ab02173d7b938dd9759efd3c7d43f0b3af5abb10550bd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Fq3qdLAlCmCZ_AmHYkg4nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Fq3qdLAlCmCZ_AmHYkg4nA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Wed, 14 Feb 2024 19:37:10 GMT
expires: Wed, 14 Feb 2024 19:37:10 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjamHU4pJiCNSQYlhWKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vn6kkkCiDWAeIePB4uYz3TWN-HTWbkiprPG1U1nzQNivnXTWVWAWHf9dNZQIHZKn8EaBMQ-9TNYY4BYiIfj2Zot69gEZtw738gIALKSOmI"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 9ms
8ms Preflight 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true&token=75a15f82763209ffb0f01ffeee3d0e5fb5a823d3afb7f08919402fe01a81c056eyJ0IjoiMTcwNzkzOTQzMCIsInR0Ijp0cnVlLCJjIjoiQlRDIiwiYSI6IjAuMDA1Mzk4NDgiLCJmYyI6IlVTRCIsImZhIjoiMzAwLjAwIiwiZiI6IjExLjQwIiwidGYiOiIwIiwic2YiOiIxMS40MDAwMDAwMDAwIiwiciI6IjUzNDU5LjM1IiwiY2lkIjoiZTI4ZmZmMzljMzA4ZDAxYjFkMzA4YzMzYzEzZTYzOTMiLCJ3IjoiNjc3MTA5MjUtOGI0MC00NzY3LTg0NmUtM2I4OGRiNjlmMDRkIiwib3AiOiJidXkiLCJwYSI6ImNhcmQiLCJwdCI6bnVsbCwicHMiOm51bGwsIm4iOiJCSVRDT0lOIiwiZmkiOjgzNX0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Wed, 14 Feb 2024 19:37:10 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 5B4E 766 B
888 B 261ms
261ms XHR
application/json 52.59.133.25

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.133.25 Frankfurt am Main, Germany, ASN (),

Reverse DNS

ec2-52-59-133-25.eu-central-1.compute.amazonaws.com

Software

Resource Hash

93e2d3116313025bce4b1b63b6969bdd0f4ed7e2a0c7d8716a52898ef08a0760

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: 368e2e90a0f81d8a4c31ae34f6eae3b5
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 253c06b21d3d57f

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 5B4E 35 B
160 B 276ms
89ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17079394302480.13684861397380654&c=pqzqibjj3nl46kpj9uwwm2lsm71emy&p=sg82nz&a=5bbccfc5-bb7f-4583-b19b-89efca402cac&o=www.mercuryo.io&rt=1707939430043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfr... Frame C899 157 KB
56 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhTXDE11cRpHwN_nkfE1tJ2jb8-ww/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f32dcf89bd266c00f7bd15dc12b9b98a5b4bb7715f5a7fc4bfeb75d369059119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:49:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 125249
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56880
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 04:04:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 12 Feb 2025 08:49:41 GMT

POST
H3 404 cspreport
pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/ Frame C899 2 KB
2 KB 116ms
116ms Other
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Requested by: Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101

Request headers

Referer: https://pay.google.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
referrer-policy: no-referrer
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1608
content-type: text/html; charset=UTF-8

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame C899 74 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjE3M6A9Ta_XUoEs_Hn6389x_pMeg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/am=wCAN/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrhTXDE11cRpHwN_nkfE1tJ2jb8-ww/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7e9bcafece9a9f7fab2983d643869dea1e448867fd7f7efb78b2efc0e025c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 07:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42041
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27736
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 07:56:29 GMT

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame C899 1 MB
377 KB 64ms
64ms XHR
text/html 2a00:1450:400c:c09::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c09::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3ac3f7435b33f43bf37ce9eff4c02fe8d50a5f9ead944178dbc869f9925102e3

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-GyAadbIg40bEopwaYpY2qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport, script-src 'report-sample' 'nonce-GyAadbIg40bEopwaYpY2qA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjamHU4pJiCNSQYlhWKsVQUSvFsGSmFINnzU2mzj03mdZ1PWJa2P6USZPrGVN91DOmmbzPmeJOPGcSfPOc6d2_F0zvvrxk4vn6kkkCiDWAeIePB4uYz3TWN-HTWbkiprPG1U1nzQNivnXTWVWAWHf9dNZQIHZKn8EaBMQ-9TNYY4BYiIfj2Zot69gETny-cIgRALRbOuk"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Wed, 14 Feb 2024 19:37:10 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame C899 10 KB
4 KB 11ms
11ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjE3M6A9Ta_XUoEs_Hn6389x_pMeg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18bbda046e6943d4984c0b9de59c56297c71aa317fdb0aff88e4cbf504f79151

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:53:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 178993
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4131
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Tue, 11 Feb 2025 17:53:57 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy... Frame C899 37 KB
14 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.de.ECeqvbQZ24o.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.MBICSy3tTJ4.L.B1.O/am=wCAN/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjE3M6A9Ta_XUoEs_Hn6389x_pMeg/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dac63bdf453fab3e4b3afac803bd0186a87b4f6a8838a9c1c3ee7e9020fdd47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 03:43:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 57248
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14329
x-xss-protection: 0
last-modified: Tue, 30 Jan 2024 14:10:24 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Thu, 13 Feb 2025 03:43:02 GMT

POST
H3 200 log Show response
play.google.com/ Frame C899 131 B
155 B 58ms
44ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 19:37:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
13ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C899 131 B
155 B 71ms
58ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 19:37:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
15ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C899 131 B
155 B 55ms
44ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 19:37:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 35ms
16ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 40ms
22ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C899 131 B
155 B 49ms
43ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 19:37:10 GMT

POST
H3 200 log Show response
play.google.com/ Frame C899 131 B
155 B 53ms
41ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 19:37:10 GMT

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 34ms
16ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 33ms
16ms Preflight
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:10 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame C899 131 B
155 B 55ms
42ms XHR
text/plain 2a00:1450:4001:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Wed, 14 Feb 2024 19:37:10 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 5B4E 35 B
159 B 89ms
88ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17079394305380.38170266007209563&c=pqzqibjj3nl46kpj9uwwm2lsm71emy&p=sg82nz&a=5bbccfc5-bb7f-4583-b19b-89efca402cac&o=www.mercuryo.io&rt=1707939430043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H2 200 / Show response
fpjs.checkout.com/ Frame 5B4E 452 B
952 B 84ms
69ms XHR
text/plain 75.2.52.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/?ci=js/3.9.0&q=7dmUzMeBuN6x1YjwR3EY&ii=fingerprintjs-pro-cloudflare/1.5.0/procdn

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

afdd1a7789e84bffc.awsglobalaccelerator.com

Software

Resource Hash

c054a30c7678b8685cbfaa8ae78aea3f956086c11dc83c769db914ba3559f1c3

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 452

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 5B4E 35 B
159 B 89ms
89ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17079394306390.4480106733320264&c=pqzqibjj3nl46kpj9uwwm2lsm71emy&p=sg82nz&a=5bbccfc5-bb7f-4583-b19b-89efca402cac&o=www.mercuryo.io&rt=1707939430043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

PUT
H3 200 fingerprint Show response
risk.checkout.com/collect/ Frame 5B4E 55 B
409 B 210ms
210ms Fetch
application/json 2a04:4e42:8d::516
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/fingerprint
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:8d::516 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35d9952d5264c2a600334d0f13c033d5d1e33721ca7395fd764fc65790daaa0d

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
Authorization: pk_l3jjaljrxfhw2lhzgcabzfvywuy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-dub4355-DUB, cache-dub4355-DUB, cache-fra-eddf8230109-FRA
date: Wed, 14 Feb 2024 19:37:10 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer: S1707939431.767374,VS0,VE160
cko-request-id: 0HN16BA1GSR2L:000099B9
cko-version: 1.0.290
cko-internal-duration: 0
x-cache: MISS, MISS, MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55
x-cache-hits: 0, 0, 0

OPTIONS
H3 204 fingerprint
risk.checkout.com/collect/ Frame 0
0 56ms
56ms Preflight 2a04:4e42:8d::516
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/fingerprint
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 2a04:4e42:8d::516 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: PUT
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: authorization,content-type
access-control-allow-methods: PUT
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date: Wed, 14 Feb 2024 19:37:10 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-served-by: cache-dub4351-DUB, cache-dub4351-DUB, cache-fra-eddf8230109-FRA
x-timer: S1707939431.712247,VS0,VE5

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 5B4E 35 B
159 B 89ms
89ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17079394307400.7879467105308791&c=pqzqibjj3nl46kpj9uwwm2lsm71emy&p=sg82nz&a=5bbccfc5-bb7f-4583-b19b-89efca402cac&o=www.mercuryo.io&rt=1707939430043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 5B4E 35 B
159 B 89ms
89ms Image
image/gif 54.92.193.158
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17079394308410.08403718399402926&c=pqzqibjj3nl46kpj9uwwm2lsm71emy&p=sg82nz&a=5bbccfc5-bb7f-4583-b19b-89efca402cac&o=www.mercuryo.io&rt=1707939430043
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 54.92.193.158 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-92-193-158.compute-1.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:10 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 368ms
125ms Preflight
text/plain 2600:1f18:f8a:b704:8052:9743:fe27:1ab3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b704:8052:9743:fe27:1ab3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
content-length: 2
content-type: text/plain; charset=UTF-8
date: Wed, 14 Feb 2024 19:37:11 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: ca62ff6a7620d4e676cb93e04a764365

POST
H2 201 client_infos Show response
c.riskified.com/v2/ Frame 5B4E 0
338 B 125ms
125ms XHR
text/plain 2600:1f18:f8a:b704:8052:9743:fe27:1ab3
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2600:1f18:f8a:b704:8052:9743:fe27:1ab3 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Access-Control-Allow-Origin: *
Referer: https://widget.mercuryo.io/
accept-language: de-DE,de;q=0.9
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Wed, 14 Feb 2024 19:37:11 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
trace-id: c11aa36218033709580ac946a7f1fe77
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

OPTIONS
H2 204 i
r.lr-intake.com/ Frame 0
0 427ms
131ms Preflight 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-intake.com/i?a=d9d96x%2Fwidget-prod-igcku&r=5-1a6d8393-5caf-4e9a-9815-e549412961ef&t=d07e5d37-2c58-4e6f-92af-41c52aea4700&s=0&rs=0%2Cu&u=3e1d014a-848b-4518-8a68-c99eef61a827&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Wed, 14 Feb 2024 19:37:12 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.lr-intake.com/ Frame 5B4E 28 B
522 B 451ms
450ms XHR
application/json 104.198.23.205
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-intake.com/i?a=d9d96x%2Fwidget-prod-igcku&r=5-1a6d8393-5caf-4e9a-9815-e549412961ef&t=d07e5d37-2c58-4e6f-92af-41c52aea4700&s=0&rs=0%2Cu&u=3e1d014a-848b-4518-8a68-c99eef61a827&is=1

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/772.c7200f4b9d49dde19ed1.js?20348ec4423752f3c1b2

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

205.23.198.104.bc.googleusercontent.com

Software

/ Express

Resource Hash

80be7fb9f1763671e4d3cddf72349425a4d4088f7b0ed21c238ab41b8c22ac1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/
X-LogRocket-Relay-Version: 2023.12.0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 19:37:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"1c-PFMDrwGsbHZtXHXvOeVrYQ+hlvQ"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 28

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mercuryo.io/	1970-01-21 04:01:39	Name: _system_cookie Value:
widget.mercuryo.io/	1970-01-20 18:27:05	Name: _lr_tabs_-d9d96x%2Fwidget-prod-igcku Value: {%22sessionID%22:0%2C%22recordingID%22:%225-1a6d8393-5caf-4e9a-9815-e549412961ef%22%2C%22webViewID%22:null%2C%22lastActivity%22:1707939429515}
widget.mercuryo.io/	1970-01-20 18:27:05	Name: _lr_hb_-d9d96x%2Fwidget-prod-igcku Value: {%22heartbeat%22:1707939429515}
widget.mercuryo.io/	1969-12-31 23:59:59	Name: _lr_uf_-d9d96x Value: 283c4df4-1457-4817-af14-65be13ccf939
api.mercuryo.io/	1970-01-20 18:27:05	Name: session_id Value: 1e15252ea1dcf7c6536a74b08feb8d4592f9cec3bc3fc272e757f0ce0b1cbd54a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22session_id%22%3Bi%3A1%3Bs%3A36%3A%225bbccfc5-bb7f-4583-b19b-89efca402cac%22%3B%7D
.mercuryo.io/	1970-01-21 04:01:39	Name: lastRskxRun Value: 1707939430234
.mercuryo.io/	1970-01-21 04:01:39	Name: rskxRunCookie Value: 0
.mercuryo.io/	1970-01-21 04:01:39	Name: rCookie Value: pqzqibjj3nl46kpj9uwwm2lsm71emy
.google.com/	1970-01-20 22:49:10	Name: NID Value: 511=RzT1Y2oXtW6UJ4cW6aSARGYYxZiNRv1St63UY3wC0EZquV1i8EOkuGxB9weGPrkot1UsxCFkIE6a_vAPnuBugvkCID3u5DGIq5YgnpgLx03IVItE8HoLv87opNAG6fjtSMdfEKxltms6veb3Psi8lhgTZu602c1tOq32AxOwIHo
.checkout.com/	1970-01-21 03:11:15	Name: _iidt Value: tLtZIYa1Tjsk+cHbKK9E8ws9yfrncRCNWxr9wGM2RA5JZvWZUh/lYBt3TQpMPOgDHTL7GJJVt2EAww==
widget.mercuryo.io/	1970-01-20 18:25:40	Name: _dd_s Value: logs=1&id=23459f01-2ac2-4e3b-9590-92658f2b0915&created=1707939429553&expire=1707940329553

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.mercuryo.io/v1.6/user22/keep-alive Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
security	error	(Line 6) Message: This document requires 'TrustedScript' assignment.
network	error	URL: https://pay.google.com/_/InstantbuyFrontendBuyflowPayframeUi/cspreport Message: Failed to load resource: the server responded with a status of 404 ()
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mercuryo.io
beacon.riskified.com
c.riskified.com
cdn.lr-intake.com
ekr.zdassets.com
eu.api.fpjs.io
exchange.mercuryo.io
fpjs.checkout.com
fpjsworker.checkout.com
fpnpmcdn.net
img.riskified.com
mercuryo.zendesk.com
pay.google.com
play.google.com
r.lr-intake.com
risk.checkout.com
static.zdassets.com
widget.mercuryo.io
www.gstatic.com
104.16.51.111
104.18.70.113
104.18.72.113
104.198.23.205
18.245.31.115
2600:1f18:f8a:b704:8052:9743:fe27:1ab3
2600:1f18:f8a:b705:3328:15d3:26ef:af80
2606:4700:3037::6815:6a4
2606:4700:4400::ac40:96b1
2a00:1450:4001:806::200e
2a00:1450:4001:82a::2003
2a00:1450:400c:c09::5c
2a04:4e42:8d::516
35.158.186.212
52.222.214.39
52.59.133.25
54.92.193.158
75.2.52.67
029a206a9022ae0946a051a35b7944aecfa47c845318e3271ac44f7bc54368e8
096c3dcafc1d17608765df45f7046c59593f5dfb48f340d720e1d5c82963ddbc
11966fc5ae15dce31a44e99ebdaad329e567ecaa533e43561ca6a66e96bdb009
18bbda046e6943d4984c0b9de59c56297c71aa317fdb0aff88e4cbf504f79151
233ddc047e5cbbaec9d69626dd35acea426546e8467dbc2e0c196a21fb2e46c6
2ec1ffab9b6ae5dc915d1ba8e5c46bc23860b45c718254dd535f64df72645d51
3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba
35d9952d5264c2a600334d0f13c033d5d1e33721ca7395fd764fc65790daaa0d
3ac3f7435b33f43bf37ce9eff4c02fe8d50a5f9ead944178dbc869f9925102e3
3ddb71bdb936a7399db748eb4b6b7be996ab6b8d13beca61cdd4287601388bc2
3e53f18a73c934fe1c7f3c4aa74c209a907f0ac4bd954d1747a4e82207591917
42e442292aacd0141b71a58afa8528f8aae4af6cbaf1da57a5cdd7c83cd2ed8b
490b83d316c6a4bcc9978294864f849873031f722781918773da67c5f37178b0
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
5046edd0bdab7e6c5c2212eb21fdde23a2ad9d9ff3a8ff42c83b1f8e0435c5df
52fb7e9057452b20c007eb6591bd75bcd68128125365b1dcbd98819c75766068
6bdee82228728d94657bd5be86bba821ada1187c06f7ec6c598b328378fb409c
702c739a81a2d7b52fd3d3415e28f31c4b4de1bbdcdeff0e194d3a67a249788a
73fdb6464e956e692f4d5ecd646278d8fa73a378d2b2ab4fa4821045cf8635b5
7b8bc7ca4981c3ab2ab2f5e1e06a7ef51ca2c50b8b978944605a7f849a3be160
80be7fb9f1763671e4d3cddf72349425a4d4088f7b0ed21c238ab41b8c22ac1f
83da0efac1aacaf7e34a70240731690f6de5472618c5ba4a4a69def8898d72ad
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
857c1174aacbb0cd9ab6c86e9fd393c8dffa095a11f8e2c496f506575f7eb424
896b712bf7ac523cb09d7f2079a3c1b1ee8c9a5db648e49d1703ec22a6202fc6
8a0b747e58c0894e5cf81a4fe7a5f958f963e8f7e0829493d2d08980400c48a5
8dac63bdf453fab3e4b3afac803bd0186a87b4f6a8838a9c1c3ee7e9020fdd47
8ff902ea518f9b5725ab02173d7b938dd9759efd3c7d43f0b3af5abb10550bd5
90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2
93e2d3116313025bce4b1b63b6969bdd0f4ed7e2a0c7d8716a52898ef08a0760
94fccdae4829ddfa39d48381f1a326d165e123cc3bbaa9668be625e28ba7b5ec
95f334c245b1ad1435f8432912e934a395467f4e7511440442652f9e5aa132ab
99447ef350efa9a669248c2a5b850582f11eeddd939d92aa80983ccf7c7a7113
9d69063edd3b8f5051ee92f3c528ee2b610283d6645b1c3b4f32b3b03922df38
a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc
a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b7e9bcafece9a9f7fab2983d643869dea1e448867fd7f7efb78b2efc0e025c54
b98ae143e223df37f2208c44abd301c51f478a24d72c5024f65215003e8feb53
bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35
c054a30c7678b8685cbfaa8ae78aea3f956086c11dc83c769db914ba3559f1c3
c0b0b3b6f770e0d6df41a3c130e5b31d7bd5218603e43596d9509a26895baa1e
c0fedb6b9fb6e52694d77c20d284552fed288d9ded1c5ceec422ba43348ac7a6
c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f
c97783dbf560bb69f1680e609c202e5002541faff909d4b3eaf53c4e13071846
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
ceb09275cdd331c7f6a45251bade3bdf6e027c26b220bb91e53f107418b9af8c
cf37560ccd51b31de7eed4705b45e6ff515b83c84e9c40e83f1e8d7914b46047
cff10bd4615e4ea9fac17596031f44e047e849135148f13ea065329708f3d380
d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c
d6ff339ddb4525268c21fa26ded66b0703f177e742281dc9bcd558288f8e1101
e135c61f4602108d6a959231a6ac0e2cff10ef39177ac747e38d320083597442
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e451802ca7b1de824c102635419760774daf2ecc7413d375c1d9c4b4b152f9fa
e500083f3a417d437f4cb4ad3bc1a4e90052593f82ad6e1f56f84f11ed31e293
ee9d2e14f32dca48fd30e2ca40ab7306a81e8a351644faf518fc7cdd1d6fac20
eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99
f32dcf89bd266c00f7bd15dc12b9b98a5b4bb7715f5a7fc4bfeb75d369059119
f36fc7a1b773d17bc90ed812b94ca46e18c68d8744586a655885ab4bae8f8999
fbd5e8521e54e636ad82bb41a866e0227ba6c414e427e8debdee0a68fd14c456

exchange.mercuryo.io Open in urlscan Pro 52.59.133.25 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

96 Requests

99 %HTTPS

44 %IPv6

10 Domains

19 Subdomains

18 IPs

4 Countries

1891 kBTransfer

6504 kBSize

11 Cookies

0 Outgoing links

Page URL History

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

exchange.mercuryo.io Open in urlscan Pro
52.59.133.25 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

99 %
HTTPS

44 %
IPv6

10
Domains

19
Subdomains

18
IPs

4
Countries

1891 kB
Transfer

6504 kB
Size

11
Cookies

96 HTTP transactions
0 data transactions