exchange.mercuryo.io Open in urlscan Pro
3.124.100.26 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://exchange.mercuryo.io/
Submission: On March 07 via api (March 7th 2024, 12:15:55 am UTC) from CA — Scanned from CA

Summary HTTP 96 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 2 countries across 10 domains to perform 96 HTTP transactions. The main IP is 3.124.100.26, located in Frankfurt am Main, Germany and belongs to AMAZON-02, US. The main domain is exchange.mercuryo.io.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 29th 2023. Valid for: a year.

This is the only time exchange.mercuryo.io was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
40	3.124.100.26 3.124.100.26	16509 (AMAZON-02) (AMAZON-02)
1	104.21.6.164 104.21.6.164	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	104.18.72.113 104.18.72.113	() ()
5	146.75.30.4 146.75.30.4	() ()
1	54.192.51.50 54.192.51.50	() ()
1	104.18.70.113 104.18.70.113	() ()
1	75.2.52.67 75.2.52.67	() ()
4	99.83.255.25 99.83.255.25	() ()
1	3.228.180.36 3.228.180.36	() ()
1	104.18.37.79 104.18.37.79	() ()
3	172.253.63.92 172.253.63.92	() ()
5	52.3.58.105 52.3.58.105	() ()
3	104.16.53.111 104.16.53.111	() ()
2	104.198.23.205 104.198.23.205	() ()
4	172.253.122.94 172.253.122.94	() ()
2	18.208.104.147 18.208.104.147	() ()
12	172.253.63.138 172.253.63.138	() ()
96	18

40 3.124.100.26 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

exchange.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
api.mercuryo.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.21.6.164 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 104.18.72.113 (None, )

ASN- ()

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 146.75.30.4 (None, )

ASN- ()

risk.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.192.51.50 (None, )

ASN- ()

fpnpmcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (None, )

ASN- ()

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 75.2.52.67 (None, )

ASN- ()

eu.api.fpjs.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.83.255.25 (None, )

ASN- ()

fpjs.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.228.180.36 (None, )

ASN- ()

beacon.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.37.79 (None, )

ASN- ()

fpjsworker.checkout.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 172.253.63.92 (None, )

ASN- ()

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.3.58.105 (None, )

ASN- ()

img.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.16.53.111 (None, )

ASN- ()

mercuryo.zendesk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.198.23.205 (None, )

ASN- ()

r.lr-intake.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 172.253.122.94 (None, )

ASN- ()

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.208.104.147 (None, )

ASN- ()

c.riskified.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.253.63.138 (None, )

ASN- ()

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
40	mercuryo.io exchange.mercuryo.io widget.mercuryo.io api.mercuryo.io	825 KB
15	google.com pay.google.com play.google.com	422 KB
10	checkout.com risk.checkout.com fpjs.checkout.com fpjsworker.checkout.com	95 KB
9	zdassets.com static.zdassets.com ekr.zdassets.com	216 KB
8	riskified.com beacon.riskified.com img.riskified.com c.riskified.com	16 KB
4	gstatic.com www.gstatic.com	102 KB
3	zendesk.com mercuryo.zendesk.com	1 KB
3	lr-intake.com cdn.lr-intake.com — Cisco Umbrella Rank: 42782 r.lr-intake.com	166 KB
1	fpjs.io eu.api.fpjs.io	447 B
1	fpnpmcdn.net fpnpmcdn.net	47 KB
96	10

	Domain	Requested by
23	api.mercuryo.io	widget.mercuryo.io
13	widget.mercuryo.io	exchange.mercuryo.io widget.mercuryo.io
12	play.google.com	www.gstatic.com
8	static.zdassets.com	widget.mercuryo.io static.zdassets.com
5	img.riskified.com
5	risk.checkout.com	widget.mercuryo.io
4	www.gstatic.com	pay.google.com www.gstatic.com
4	fpjs.checkout.com	widget.mercuryo.io
4	exchange.mercuryo.io	exchange.mercuryo.io
3	mercuryo.zendesk.com	static.zdassets.com
3	pay.google.com	widget.mercuryo.io pay.google.com www.gstatic.com
2	c.riskified.com	widget.mercuryo.io
2	r.lr-intake.com	widget.mercuryo.io
1	fpjsworker.checkout.com	risk.checkout.com
1	beacon.riskified.com	widget.mercuryo.io
1	eu.api.fpjs.io	widget.mercuryo.io
1	ekr.zdassets.com	widget.mercuryo.io
1	fpnpmcdn.net	widget.mercuryo.io
1	cdn.lr-intake.com	widget.mercuryo.io
96	19

This site contains no links.

Subject Issuer	Validity	Valid
*.mercuryo.io Go Daddy Secure Certificate Authority - G2	`2023-05-29` - `2024-05-28`	a year	crt.sh
lr-intake.com E1	`2024-01-21` - `2024-04-20`	3 months	crt.sh
zdassets.com E1	`2024-03-03` - `2024-06-01`	3 months	crt.sh
risk.checkout.com GlobalSign Atlas R3 DV TLS CA 2023 Q3	`2023-09-06` - `2024-10-07`	a year	crt.sh
fpcdn.io Amazon RSA 2048 M03	`2023-10-10` - `2024-11-08`	a year	crt.sh
eu.api.fpjs.io Amazon RSA 2048 M03	`2023-11-26` - `2024-12-25`	a year	crt.sh
fpjs.checkout.com Amazon RSA 2048 M01	`2023-08-23` - `2024-09-19`	a year	crt.sh
*.riskified.com Amazon RSA 2048 M03	`2024-03-04` - `2025-04-01`	a year	crt.sh
checkout.com E1	`2024-01-22` - `2024-04-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
img.riskified.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-17` - `2024-05-16`	a year	crt.sh
mercuryo.zendesk.com Cloudflare Inc ECC CA-3	`2023-09-26` - `2024-09-24`	a year	crt.sh
api.logrocket.com R3	`2024-02-05` - `2024-05-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://exchange.mercuryo.io/
Frame ID: 2F867A2296237C7ECD3E45EC8842E3DC
Requests: 4 HTTP requests in this frame

Frame: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
Frame ID: 367514E1AF046CD102543A5455BA8D3D
Requests: 48 HTTP requests in this frame

Frame: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Frame ID: 9E96BB1D232BE3B54156360266109637
Requests: 9 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=
Frame ID: 8A0D70528B9F84D29BCF910791B5642D
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Mercuryo | Cryptocurrency Exchange Service Available 24/7

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

96
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

19
Subdomains

18
IPs

2
Countries

1891 kB
Transfer

6522 kB
Size

9
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

96 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
exchange.mercuryo.io/ 3 KB
2 KB 396ms
102ms Document
text/html 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

32dd37bdcd81eeb38079a37bbdfd3a22e775ce4d3d0882cb995e7a01ff47b1b9

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors none
content-type: text/html
date: Thu, 07 Mar 2024 00:15:42 GMT
etag: W/"65e739ac-c0c"
expires: Thu, 07 Mar 2024 00:15:42 GMT
last-modified: Tue, 05 Mar 2024 15:26:36 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: deny
x-xss-protection: 1; mode=block

GET
H2 200 embed.2.1.js Show response
exchange.mercuryo.io/ 238 KB
72 KB 130ms
129ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/embed.2.1.js?ab902f38d9f1e9d067c9

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

7b8bc7ca4981c3ab2ab2f5e1e06a7ef51ca2c50b8b978944605a7f849a3be160

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Tue, 05 Mar 2024 15:26:36 GMT
etag: W/"65e739ac-3b61c"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 41d711e53455710e57f0a6b51f6abe73
expires: Tue, 12 Mar 2024 00:15:43 GMT

GET
H2 200 3122.1deedbe3c366ddd63e0e.js Show response
exchange.mercuryo.io/ 37 KB
12 KB 322ms
322ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/3122.1deedbe3c366ddd63e0e.js?ab902f38d9f1e9d067c9

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8a0b747e58c0894e5cf81a4fe7a5f958f963e8f7e0829493d2d08980400c48a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-94a2"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 3d8e8f17eec792e89196354dd99605b2
expires: Tue, 12 Mar 2024 00:15:43 GMT

GET
H2 200 exchange.62715406d059ef2fbf19.js Show response
exchange.mercuryo.io/ 14 KB
7 KB 258ms
256ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://exchange.mercuryo.io/exchange.62715406d059ef2fbf19.js?ab902f38d9f1e9d067c9

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

2b513d8f429f1f238a9b4f5dd9e0c3276ee56e2db01ddb9c71732c20b850f670

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://exchange.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-39c5"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: f8ee38115d43b0ca43d265c6f6ba155c
expires: Tue, 12 Mar 2024 00:15:43 GMT

GET
H2 200 / Show response
widget.mercuryo.io/ Frame 3675 2 KB
1 KB 171ms
145ms Document
text/html 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: exchange.mercuryo.io
URL: https://exchange.mercuryo.io/embed.2.1.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f4a04af43942d435b3689431c49db0c0f94dabb803cd932f81d22cd03d30e0ac

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors https://exchange.mercuryo.io
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	allow-from https://exchange.mercuryo.io
X-Xss-Protection	1; mode=block

Request headers

Referer: https://exchange.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

cache-control: max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors https://exchange.mercuryo.io
content-type: text/html
date: Thu, 07 Mar 2024 00:15:44 GMT
etag: W/"65e7390f-941"
expires: Thu, 07 Mar 2024 00:15:44 GMT
last-modified: Tue, 05 Mar 2024 15:23:59 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: allow-from https://exchange.mercuryo.io
x-request-id: 0ef3e7d5d26b555dd78adbcdf8dc0b96
x-xss-protection: 1; mode=block

GET
H2 200 65.8c0ed5746c846a2c94a7.css
widget.mercuryo.io/ Frame 3675 49 KB
8 KB 134ms
117ms Stylesheet
text/css 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a0a09c7249a04929ae2d9843827f3558336c4b6e524cb8a32ab08be0bc2bd9e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-c59f"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 222d66aaab6ab0e1de1ca9cd73e4ff50
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 main.b0bdd8b548a382e287e9.css
widget.mercuryo.io/ Frame 3675 49 KB
9 KB 138ms
121ms Stylesheet
text/css 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.b0bdd8b548a382e287e9.css?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

00c0fcff69a79da6e75a970c578793288d1df191fab781976acda4b8a9028a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-c431"
content-type: text/css
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 61f5986be12b3fff68ee1284b2dfbea6
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 3122.1deedbe3c366ddd63e0e.js Show response
widget.mercuryo.io/ Frame 3675 37 KB
12 KB 123ms
121ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/3122.1deedbe3c366ddd63e0e.js?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8a0b747e58c0894e5cf81a4fe7a5f958f963e8f7e0829493d2d08980400c48a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-94a2"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 6beb62e898f541e5202a27e348a68250
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 110.323ce15abc43dd230c51.js Show response
widget.mercuryo.io/ Frame 3675 739 KB
228 KB 125ms
124ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/110.323ce15abc43dd230c51.js?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

573953fb3e78f44363bb8062ec821d205a8ab22dc9ddda24d24f2472ca513a09

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-b8d11"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: bacd05e58ff3078dc133d8fcc94a712b
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 6642.ba7b54b63f9ab532c325.js Show response
widget.mercuryo.io/ Frame 3675 353 KB
112 KB 212ms
211ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

353e10d175e9628d32f1c6e063516e2586f82531f17d6659be51c644f9eab5cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-58428"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: fd63dc41158a11fee7d07cb93ab7beb0
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 65.410ea4e72d69f3f67a6c.js Show response
widget.mercuryo.io/ Frame 3675 236 KB
55 KB 128ms
127ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/65.410ea4e72d69f3f67a6c.js?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

1ba72db9c33fae0077cddce5b30deb07155cbcb7ff9aba8e04ae2f9c4ba15c14

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-3aea1"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 27c24c464610bb726ce19b08f3456368
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 main.01b1cc68d4c9d58f9abe.js Show response
widget.mercuryo.io/ Frame 3675 318 KB
92 KB 735ms
735ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/main.01b1cc68d4c9d58f9abe.js?ab902f38d9f1e9d067c9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

6d9180e0f88e3e0356a5cfa96bc98405948705784c9de1b74ab66500f55b1fce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-4f820"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 9b0c9d56da20beebf1915e2e5b59f31f
expires: Tue, 12 Mar 2024 00:15:44 GMT

GET
H2 200 logger-1.min.js Show response
cdn.lr-intake.com/ Frame 3675 833 KB
165 KB 200ms
109ms Script
text/javascript 104.21.6.164
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.lr-intake.com/logger-1.min.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/110.323ce15abc43dd230c51.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.6.164 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8929d0c063175ea507f6e6bb25176562576f5a93fb1ad3a4b64ed09fc852af36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:45 GMT
strict-transport-security: max-age=31556926
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 172
x-cache: MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-yyz4543-YYZ
last-modified: Wed, 06 Mar 2024 17:45:48 GMT
server: cloudflare
x-timer: S1709747253.383601,VS0,VE85
etag: W/"6781d8b667a1d8f532b6533adf23115ae47211a47440b8291ada842667899630-br"
vary: x-fh-requested-host, accept-encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EQnycOqCzBTsqPkrOhqDpz1WbXvQ0Mr6YUN1WYgcAnbQYsoSSANyBQRCuJwFRX3%2FK%2BYK4e9TYlyVlGGAevCngHVQw6nWMomnBpoGKgDiPMceRXSYW2fHYL62yXL3aRh9uWh9oA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cf-ray: 86066495ac9f3a04-YYZ
x-cache-hits: 0

GET
H2 200 8637.381bbd1113d2754ff03f.js Show response
widget.mercuryo.io/ Frame 3675 36 KB
11 KB 657ms
123ms Script
application/javascript 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/8637.381bbd1113d2754ff03f.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.01b1cc68d4c9d58f9abe.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e7699e0f7ef7023e86ce9e7c0583b9ac3287782d46c5a6469134e2156faf3a9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: W/"65e1a903-8e31"
content-type: application/javascript
cache-control: max-age=432000
x-xss-protection: 1; mode=block
x-request-id: 9a05340df103dc754d0066d353b05ba1
expires: Tue, 12 Mar 2024 00:15:46 GMT

GET
H2 200 snippet.js Show response
static.zdassets.com/ekr/ Frame 3675 10 KB
5 KB 201ms
41ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/snippet.js?key=2ba8c6cf-6eb8-408b-9a98-192838e14f59

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.01b1cc68d4c9d58f9abe.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:46 GMT
x-amz-version-id: sR7NItkX1i3nKckB5vEat7T2DUmPnRiJ
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: ATPJN2BBRNAVEP8C
age: 54
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yZSnXp5joC1jEUcdstI6JJxXe+57NDQVrgC8bP2Gtlxd0OKsnfmbb0FPfdOCVjDBGs07rFDX82g=
last-modified: Mon, 15 Jan 2024 02:56:11 GMT
server: cloudflare
etag: W/"c0053b411b753138af468db1bd3b19f3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rydDeJYyAXtzF0quviNTUg1bMBWDI9kVJxr6JvcHIYTci8WDqthFWVLV1XaJ0cjiTKNBlvhU3daNnHKBFmJoif5hc%2B7iHr42Rom%2B%2FFZyD9P5w%2FpXBEcncTPBuVmhg6lMU5qasm0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=3600, s-maxage=60
access-control-max-age: 0
cf-ray: 8606649b28baa210-YYZ
access-control-allow-headers: *

GET
H2 401 keep-alive Show response
api.mercuryo.io/v1.6/user22/ Frame 3675 112 B
434 B 649ms
149ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 5a95b5e64ff74d6

GET
H2 200 start Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 3675 68 B
458 B 653ms
153ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

ea5e66f54cd329059bb6dd339ff90e8a8b951610cc90c7ae64b09e4502d003d5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 232284d273b16220

GET
H2 200 risk.js Show response
risk.checkout.com/cdn/risk/1/ Frame 3675 223 KB
45 KB 220ms
48ms Script
application/javascript 146.75.30.4

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/cdn/risk/1/risk.js
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/65.410ea4e72d69f3f67a6c.js?ab902f38d9f1e9d067c9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 146.75.30.4 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42e442292aacd0141b71a58afa8528f8aae4af6cbaf1da57a5cdd7c83cd2ed8b

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:46 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
content-encoding: gzip
x-amz-request-id: 3GYCW26X0K7A7N39
age: 4794
x-amz-server-side-encryption: AES256
x-cache: MISS, HIT, HIT
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 45955
x-amz-id-2: pJJpU3C00ruLuhLHmXVnkBSulBXgLXjxEx3cVHBLHb8HYoFOVUzd0Y+iteLu2aBCEjAPh6T0bHEGemjK2UpE7g==
x-served-by: cache-dub4329-DUB, cache-dub4343-DUB, cache-iad-kiad7000123-IAD
last-modified: Mon, 06 Nov 2023 14:43:17 GMT
server: AmazonS3
x-timer: S1707878408.008801,VS0,VE41
etag: "ee61e93ba8e7ae6b1867765a227d779e"
vary: Accept-Encoding
content-type: application/javascript
accept-ranges: bytes
x-cache-hits: 0, 771, 3

GET
H2 200 loader_v3.8.7.js Show response
fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/ Frame 3675 131 KB
47 KB 192ms
39ms Script
text/javascript 54.192.51.50

General

Check archive.org

Show headers Download Go to

Full URL

https://fpnpmcdn.net/v3/XKf7GIZmZFBcg5xAI7mx/loader_v3.8.7.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

54.192.51.50 -, , ASN (),

Reverse DNS

Software

CloudFront /

Resource Hash

94fccdae4829ddfa39d48381f1a326d165e123cc3bbaa9668be625e28ba7b5ec

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 01 Mar 2024 15:15:08 GMT
via: 1.1 612d3e065148a94cbbe94139733f662e.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C2
age: 464465
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
server: CloudFront
etag: W/"HKLwBNAb6v7n+ntN0czeVWIT1Tw"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3447, s-maxage=596067
timing-allow-origin: *
x-amz-cf-id: IkA-KnzxeC9uc29QVE0JGDueUZh_dB4ToX4OU5pdkwiPFIB7xDIrWQ==

OPTIONS
H2 204 keep-alive
api.mercuryo.io/v1.6/user22/ Frame 0
0 453ms
115ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/user22/keep-alive

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 start
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 450ms
115ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/start

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:46 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
BLOB 200
OK bb8ae30a-0abc-4612-94bc-21b086c8d728
https://widget.mercuryo.io/ Frame 3675 463 KB
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://widget.mercuryo.io/bb8ae30a-0abc-4612-94bc-21b086c8d728
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/?origin=https://exchange.mercuryo.io&widget_id=67710925-8b40-4767-846e-3b88db69f04d
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f339e81579b8f0f6f1b2fc1ca1452c7b4935fe80868560fca80c210051fa5289

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Length: 474307
Content-Type

GET
H2 200 BrutalType-Regular.woff2
widget.mercuryo.io/fonts/ Frame 3675 27 KB
27 KB 125ms
125ms Font
font/woff2 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Regular.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9
Origin: https://widget.mercuryo.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: "65e1a903-6c14"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27668
x-request-id: d0f6c48ed89c4bd9cb96c34ed1317bf8
expires: Tue, 12 Mar 2024 00:15:47 GMT

GET
H2 200 2ba8c6cf-6eb8-408b-9a98-192838e14f59 Show response
ekr.zdassets.com/compose/ Frame 3675 1 KB
1 KB 126ms
40ms Fetch
application/json 104.18.70.113

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/2ba8c6cf-6eb8-408b-9a98-192838e14f59

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

331a369f35ad5045b23767a7f25a52507b1983705fcc7540246805c72eda292e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
strict-transport-security: max-age=0
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-permitted-cross-domain-policies: none
age: 59
content-encoding: br
cdn-cache-control: max-age=60
x-xss-protection: 1; mode=block
x-request-id: 8601a2781bc52a4d-SEA, 8601a2781bc52a4d-SEA
x-runtime: 0.011159
referrer-policy: strict-origin-when-cross-origin
server: cloudflare
etag: W/"331a369f35ad5045b23767a7f25a5250"
x-download-options: noopen
x-frame-options: SAMEORIGIN
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sGSTC0AFhvDqQw3O5NwYQBh%2BQ7oTRE1yI%2FrsBMiHzxXrCv5m11KQIPXEsdu0dtUje1RuExVyOcSe8yv3sNDagjEEW%2BhRIpSakSV%2FX%2FnxT%2BjOYVSijlog0ATAM7iTw7gPFl0%3D"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
vary: Accept, Origin, Accept-Encoding
cache-control: max-age=300, public, stale-while-revalidate=300, stale-if-error=21600
content-type: application/json; charset=utf-8
x-zendesk-zorg: yes
cf-ray: 860664a10c7039c3-YYZ

GET
H2 200 7 Show response
eu.api.fpjs.io/DwmA/JNZ1Dz7/ Frame 3675 96 B
447 B 883ms
564ms XHR
text/plain 75.2.52.67

General

Check archive.org

Show headers Download Go to

Full URL

https://eu.api.fpjs.io/DwmA/JNZ1Dz7/7?q=XKf7GIZmZFBcg5xAI7mx

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

75.2.52.67 -, , ASN (),

Reverse DNS

Software

Resource Hash

ebff5f3bf5289a1a5ca9aaee172f5e4bb45bac090020cfa958c8f29420d31616

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H2 200 health
fpjs.checkout.com/ Frame 3675 0
0 790ms
547ms Fetch 99.83.255.25

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/health

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.255.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
x-robots-tag: noindex
content-length: 0

GET
H3 200 configuration Show response
risk.checkout.com/collect/ Frame 3675 80 B
434 B 592ms
592ms Fetch
application/json 146.75.30.4

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/configuration?integrationType=RiskJsStandalone
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 146.75.30.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 11966fc5ae15dce31a44e99ebdaad329e567ecaa533e43561ca6a66e96bdb009

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
accept-language: en-CA,en;q=0.9
Authorization: pk_l3jjaljrxfhw2lhzgcabzfvywuy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-dub4336-DUB, cache-dub4336-DUB, cache-iad-kiad7000135-IAD
date: Thu, 07 Mar 2024 00:15:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer: S1709770548.695017,VS0,VE8
cko-request-id: 0HN1H8SLQQQ7G:0005CE62
cko-internal-duration: 0
cko-version: 1.0.297
vary: Accept-Encoding
x-cache: MISS, MISS, MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 80
x-cache-hits: 0, 0, 0

OPTIONS
H3 204 configuration
risk.checkout.com/collect/ Frame 0
0 212ms
145ms Preflight 146.75.30.4

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/configuration?integrationType=RiskJsStandalone
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 146.75.30.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: authorization,content-type
access-control-allow-methods: GET
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date: Thu, 07 Mar 2024 00:15:47 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-served-by: cache-dub4328-DUB, cache-dub4328-DUB, cache-iad-kiad7000135-IAD
x-timer: S1709770548.553660,VS0,VE2

OPTIONS
H2 204 data
api.mercuryo.io/v1.6/widget/ Frame 0
0 126ms
126ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 currencies
api.mercuryo.io/v1.6/lib/ Frame 0
0 123ms
122ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 countries
api.mercuryo.io/v1.6/lib/ Frame 0
0 123ms
122ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:47 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 data Show response
api.mercuryo.io/v1.6/widget/ Frame 3675 422 B
862 B 581ms
580ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/data?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

8c7c110074e227c9eb87f65df859f3b449d07abd03a338e02104dabb385f0ba5

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 5b3a568c117dce82

GET
H2 200 currencies Show response
api.mercuryo.io/v1.6/lib/ Frame 3675 41 KB
6 KB 580ms
579ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/currencies

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

22ef39f007ec5c08101af588e544b8b21d004f9b37ce982f97bfb36c6b3ae1b4

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 63e09d8fa0c95fb7

GET
H2 200 countries Show response
api.mercuryo.io/v1.6/lib/ Frame 3675 19 KB
4 KB 579ms
578ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/lib/countries

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

03ea5560314b60d69386c26a33c0a79184b5569d2b74b86005ba25b4dc93fffe

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 6250637426414ca5

GET
H2 200 web-widget-main-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9E96 436 KB
139 KB 519ms
518ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/ekr/snippet.js?key=2ba8c6cf-6eb8-408b-9a98-192838e14f59

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

1ca5ea647188d6456824815a451fae306cbfec45e84c532f58e88c21c5bb995e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:47 GMT
x-amz-version-id: NoZGXivVFad6sjcxal_Ijp_zIAteJX42
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: Z3WGVQMA38N78DSS
age: 49935
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: UjA3bV/MLtWGg+G2+b0Ia1D0bGu/1fuPVX+alwZtlL++S7cYeiO0qYN5isk3dTyvUWc+Bxte35s=
last-modified: Mon, 04 Mar 2024 14:01:38 GMT
server: cloudflare
etag: W/"8f8af5ca40083828ecfcdfb3dad9cd3a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sesKeJIMGXA2bfvk6oKApj4sq2AOcIjD64jb%2B9kAAPwWcEEljTckHBJFWiGx8sPdOigOoKUVyzbIQhOYiX1c54MAcKdwbQ4JhFijiRaLF%2FNRDyX0GK6vhqSfT6x%2BcrxFaUwyvCg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664a32e7fa210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:37 GMT

OPTIONS
H2 204 methods
api.mercuryo.io/wallet/acquiring/ Frame 0
0 183ms
112ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 fast-mobile-pay-options
api.mercuryo.io/v1.6/widget/ Frame 0
0 181ms
112ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 rates
api.mercuryo.io/v1.6/widget/ Frame 0
0 143ms
125ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 data-by-ip
api.mercuryo.io/v1.6/public/ Frame 0
0 137ms
126ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

OPTIONS
H2 204 first-open
api.mercuryo.io/v1.6/widget/calc-log/ Frame 0
0 186ms
108ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-calc-id,x-widget-id
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 / Show response
beacon.riskified.com/ Frame 3675 48 KB
15 KB 343ms
99ms Script
application/javascript 3.228.180.36

General

Check archive.org

Show headers Download Go to

Full URL

https://beacon.riskified.com/?shop=www.mercuryo.io&sid=bc94f9a7-57b7-42d3-9137-b3e3485a2da9

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.01b1cc68d4c9d58f9abe.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.228.180.36 -, , ASN (),

Reverse DNS

Software

Resource Hash

b8d71af5997b9b3f569bd06e8fabbc79c5fa1d089b4e4aca3fd21d6cbcf4ebe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:48 GMT
access-control-request-method: *
content-encoding: gzip
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-sourcemap: sm/d3d3Lm1lcmN1cnlvLmlv/YmM5NGY5YTctNTdiNy00MmQzLTkxMzctYjNlMzQ4NWEyZGE5
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=600
trace-id: b3bfcb905e523564855f49ed705a7d19
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256

GET
H2 200 methods Show response
api.mercuryo.io/wallet/acquiring/ Frame 3675 13 B
436 B 654ms
614ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/wallet/acquiring/methods?currency=USD

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: c60e8c6f13e8377b7db318406e1010a4
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

x-trace-id: 09ba5edd96c3d7b3513a8a86090baeed
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
grpc-metadata-content-type: application/grpc
content-length: 13
x-xss-protection: 1; mode=block
x-request-id: fe64884a6f295d0d2a38debc0dbd0d19

GET
H2 200 fast-mobile-pay-options Show response
api.mercuryo.io/v1.6/widget/ Frame 3675 714 B
794 B 649ms
614ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/fast-mobile-pay-options?fiat_currency=USD&fiat_amount=0&payment_system=google

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: c60e8c6f13e8377b7db318406e1010a4
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 388a2d82395ce77f

GET rates
api.mercuryo.io/v1.6/widget/ Frame 3675 0
0

GET
H2 200 data-by-ip Show response
api.mercuryo.io/v1.6/public/ Frame 3675 79 B
543 B 620ms
613ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/public/data-by-ip

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

32a5c6facc35927e6020e7ed8d418cbd80a2f55dddbb561bbea50f6b9c5818d8

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: c60e8c6f13e8377b7db318406e1010a4
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
access-control-allow-credentials: true
content-length: 79
x-xss-protection: 1; mode=block
x-request-id: 57e8a2c55aefeb1d71f57a8ca834f631
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 first-open Show response
api.mercuryo.io/v1.6/widget/calc-log/ Frame 3675 24 B
416 B 539ms
533ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/calc-log/first-open

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: c60e8c6f13e8377b7db318406e1010a4
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 6e0b64e0f1173df1

GET
H2 200 Karloff-Neutral-Regular-Web.woff2
widget.mercuryo.io/fonts/ Frame 3675 106 KB
107 KB 169ms
122ms Font
font/woff2 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/Karloff-Neutral-Regular-Web.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9
Origin: https://widget.mercuryo.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: "65e1a903-1a828"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 108584
x-request-id: 27b366a9e0e19148414d3ffda7625947
expires: Tue, 12 Mar 2024 00:15:48 GMT

GET
H2 200 BrutalType-Medium.woff2
widget.mercuryo.io/fonts/ Frame 3675 26 KB
27 KB 155ms
108ms Font
font/woff2 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Medium.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9
Origin: https://widget.mercuryo.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: "65e1a903-693c"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 26940
x-request-id: 9970cb109fdc99a33458b3c917937b38
expires: Tue, 12 Mar 2024 00:15:48 GMT

GET
H2 200 BrutalType-Bold.woff2
widget.mercuryo.io/fonts/ Frame 3675 27 KB
27 KB 192ms
145ms Font
font/woff2 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://widget.mercuryo.io/fonts/BrutalType-Bold.woff2

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/65.8c0ed5746c846a2c94a7.css?ab902f38d9f1e9d067c9
Origin: https://widget.mercuryo.io
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:48 GMT
strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Fri, 01 Mar 2024 10:08:03 GMT
etag: "65e1a903-6a28"
content-type: font/woff2
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
cache-control: max-age=432000
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 27176
x-request-id: 955c9c6f3a9c8498d2a40e922c0dd8ba
expires: Tue, 12 Mar 2024 00:15:48 GMT

GET
H2 200 gWsdhYyK8qHVJMEp Show response
fpjsworker.checkout.com/vKdHeO12gpAymiKK/ Frame 3675 131 KB
47 KB 666ms
81ms Script
text/javascript 104.18.37.79

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjsworker.checkout.com/vKdHeO12gpAymiKK/gWsdhYyK8qHVJMEp?apiKey=7dmUzMeBuN6x1YjwR3EY&version=3&loaderVersion=3.8.5

Requested by

Host: risk.checkout.com
URL: https://risk.checkout.com/cdn/risk/1/risk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.37.79 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

490b83d316c6a4bcc9978294864f849873031f722781918773da67c5f37178b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
content-encoding: gzip
via: 1.1 9d44e85808045d940d36e8cfb772edae.cloudfront.net (CloudFront)
cf-cache-status: HIT
x-content-type-options: nosniff
age: 41
x-amz-cf-pop: YUL62-C2
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
server: cloudflare
etag: W/"m87GwvKsNA1DRHik/YNCDl1Iijs"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=3496, s-maxage=60
cf-ray: 860664acbde45407-YYZ
timing-allow-origin: *
x-amz-cf-id: _at0bmHo4uVZkFrTz1nHMyNrAA5CxLqVc6PiKg8P0fgf9ZliqauZcg==

GET
H2 200 en-us-json-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/ Frame 9E96 18 KB
4 KB 50ms
48ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-locales/messenger/en-us-json-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
x-amz-version-id: jKKgj16E81Y7P._SBG2RPBC9Tc2kVwY8
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: MM3YDDW42GX9FPQT
age: 49936
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: RhAWnJNEpmN+o/er85Opbgm8OSzXn5+eZO/U1IVIXy5THMCh5QKmYR7158AMNT+qdQ3ydqX7XAcFf1s/2y/n3A==
last-modified: Mon, 04 Mar 2024 14:01:40 GMT
server: cloudflare
etag: W/"3ac3100c0ffed8d435c31e09d2196883"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ckXyO2EV5l8CIcum%2BZSNZYThLj1Ye4PNF8uAMvleRPJUtakfgwLMhi0xVM8VAfWyqu85R%2BZWthVjRES3qcIAOPsNcFvPLbw0EQ%2FreBgwThfGp9%2FEKIfAwht0Cyg7YraQC%2B6Grno%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664accea8a210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:39 GMT

GET
H2 200 web-widget-84852-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9E96 139 KB
47 KB 51ms
50ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-84852-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
x-amz-version-id: mGkRK77zS5lYh4yawUvMGfT4dldOVhrP
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V40PHGC9BEKM4E
age: 49936
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: dP3pidc3CdqFsHQVW6Fs69OvVZlyC3ccFW1iei9F1K9fhopply/ugwtJMooIRlxGTss0ZVQbPXk=
last-modified: Mon, 04 Mar 2024 14:01:37 GMT
server: cloudflare
etag: W/"d19f02a4d0c4a8500e3d2de6c4f5e6d1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vRRdbVQ%2FJPSyyk%2Ffp%2B8lHy4JQ781bbScm0VNiAmDrWlwkhRNAcn5r19ZYp%2BOjfyOa4PCCUTbC2aAQWQOT7ajgK2pXVSdQiL7bl81i2TFkM6KA1KgsQa%2FYWPIiyjPXglTe68h39o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664acceaba210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:35 GMT

GET
H2 200 web-widget-1327-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9E96 18 KB
6 KB 44ms
43ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-1327-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
x-amz-version-id: 8p.sJ1E8aiCe1oLZCVAZtOADpUTrOiTI
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V4A4ZKP6Z0PWKY
age: 49936
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yp0xO+rL7++XEHyTTKYWWrk3O8xBPFVRMwabfy0plO4edhJ9xQX7KSTdwWXWObZpKF4NqAfDFug=
last-modified: Mon, 04 Mar 2024 14:01:30 GMT
server: cloudflare
etag: W/"bd26f2d30e94f25a4a0b875c335aca6c"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RlrsJx34Os9dEvJ7VYlbJmd2Lb8ocObzHNc9BgOTyvSjKjn%2BYY1eJ0DHykErGDH9dMgJQ%2FvNUTSvjcWo%2BW4aGLPmPxAmJmUy2B%2FdzmjitU7wp12WsyfrEvwhRwNbn9Sui5f7sXk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664acceaca210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:29 GMT

GET
H2 200 web-widget-92795-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9E96 14 KB
4 KB 47ms
46ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-92795-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
x-amz-version-id: jPEtbIkAgr7cqpiEztg0pOZiRKvDd.yh
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V3TZ4QGNFJHYPP
age: 49936
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: yFlaUZj4TAaHlMe1Hs7wtqKxFUJgXvfMzbWTv1/z46BuwKinYAGHaWV4y4GacLIwf1sgtvr0YI0=
last-modified: Mon, 04 Mar 2024 14:01:38 GMT
server: cloudflare
etag: W/"0ddb1019371eba2e87775cd507d5bf90"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=frotfQZ580ir1XKMTFZ5EmQYxz1kcxv0j4JVTiGRY2O7gtNVHA4CLUooA1cjdZpHvneELmgdFTp8BjoqWVe5D0SImbu9jGcH1qePJmeAqzk69irXjYBwYSDlm3Qu9uXZU6GSI3g%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664acceaea210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:37 GMT

GET
H2 200 web-widget-15178-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9E96 12 KB
5 KB 56ms
55ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-15178-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
x-amz-version-id: lZmXYOfDIEm2Ja6CtCnwlcied3._WX1A
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: 5EVANSE4DXPNC2QT
age: 49936
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: 0pPo0H4Vtoah2ECB+NeIq1Scg3/bKQmins3b+XsqhFgHS8hzf/S4+4bZmIeuv32u04EHwo9YXoA=
last-modified: Mon, 04 Mar 2024 14:01:31 GMT
server: cloudflare
etag: W/"db77198393a490e11834f06f319204f4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cva6N9wEoyq%2FYhtGxzkeq1NRP5d2VkZatJ4mqcqKChDLBZPr6j%2BoKUcMX9y2qMIk2rfF7c1ykxNnG%2BlgZ3PT%2F2jdS2rHxMnDiRnhBjW9PPa8q5qbYa080bqVMam%2BkZ1hDPI1rJ0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664acceb0a210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:29 GMT

GET
H2 200 web-widget-59535-a8e2471.js Show response
static.zdassets.com/web_widget/messenger/latest/ Frame 9E96 15 KB
6 KB 46ms
45ms Script
application/javascript 104.18.72.113

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/web_widget/messenger/latest/web-widget-59535-a8e2471.js

Requested by

Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
x-amz-version-id: tKcwk7_9aIKSrtN.en5uXnGAJYkAqsLy
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
x-amz-request-id: B5V9VRNDD55AY8W9
age: 49936
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
x-amz-id-2: pjIVyZxXgW6BXo4jmuZ73YAELrNgoaidix4bAdy6Gy8u1BMruDQm02I3V9sYcHrsCDJjrFYHrHICaQbNPVEVBQ==
last-modified: Mon, 04 Mar 2024 14:01:34 GMT
server: cloudflare
etag: W/"781401f7f5de09fdd2c7e3f9fa812fd7"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9ezu%2FXC6iKBjb%2FU2SOQp3iSIm3dXp3XE6jp1Lr6oxmYzeph2ajKD%2FEPhuIeHW4uIE1P%2BIG3rGz%2FpOmrGPrdj%2Fpk7cJQ92zbbx0KwGbqslmFZJ79B6UnaEbXUDkrVGGmDpYC5U58%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
cache-control: public, max-age=31536000
access-control-max-age: 0
cf-ray: 860664acceb3a210-YYZ
access-control-allow-headers: *
expires: Tue, 04 Mar 2025 14:01:33 GMT

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 126ms
119ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:49 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 3675 766 B
892 B 1015ms
925ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f11484601b83dcabb692015e973da721e2155454db03153220ede163a21e431f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: c60e8c6f13e8377b7db318406e1010a4
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 21003c289a7b0bdd

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ Frame 3675 117 KB
36 KB 335ms
67ms Script
application/javascript 172.253.63.92

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/main.01b1cc68d4c9d58f9abe.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.92 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

7f9c759cf5c578de883f94efb8ccb7a9c49db6f898f1bf094d27912234aabd4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-vbcBNt7uTXLcSFwvZGMVHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:49 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-vbcBNt7uTXLcSFwvZGMVHw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjqtHikmLw1ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTBxfXzJJALEaEG_38WAR85nOejh6OivfuumsKkCsuX46ayAQO6XPYA0AYp_6GaxRQNx68xzrZCAW4uHY2rdkPZvAhxNzlzIBAJ-_N5E"
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: same-origin
server: ESF
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: private, max-age=600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Mar 2024 00:15:49 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 3675 35 B
160 B 826ms
45ms Image
image/gif 52.3.58.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17097705494050.6845088596692657&c=x0t8v931xml2gpocsy8qxbltgh8n7j&p=2pmcko&a=bc94f9a7-57b7-42d3-9137-b3e3485a2da9&o=www.mercuryo.io&rt=1709770548651
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.3.58.105 -, , ASN (),
Reverse DNS
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

POST
H2 200 pv
mercuryo.zendesk.com/frontendevents/ Frame 9E96 0
0 172ms
171ms Fetch 104.16.53.111

General

Check archive.org

Show headers Download Go to

Full URL: https://mercuryo.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-zendesk-zorg: yes
vary: Origin
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GlVdWJZ2gX1NLdgTV65GXkG%2Beop5lq5OJb0lTazi2dgT%2FgeHUrA4Zj5%2F07NStJekauDuu3Dm1CuA%2BJhqif6duPNfF1iGZuG6uGBmwQniH8dAliJgH%2FBHN%2BtxBLhG2TwUAZyXSVeI"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: *
cf-ray: 860664b3ec3b39e9-YYZ
content-length: 0
x-request-id: 860664b3ec3b39e9-YYZ

GET
H2 200 config Show response
mercuryo.zendesk.com/embeddable/ Frame 9E96 846 B
1 KB 904ms
181ms Fetch
application/json 104.16.53.111

General

Check archive.org

Show headers Download Go to

Full URL: https://mercuryo.zendesk.com/embeddable/config
Requested by: Host: static.zdassets.com
URL: https://static.zdassets.com/web_widget/messenger/latest/web-widget-main-a8e2471.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: cff10bd4615e4ea9fac17596031f44e047e849135148f13ea065329708f3d380

Request headers

accept-language: en-CA,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
content-encoding: br
cf-cache-status: EXPIRED
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-zendesk-origin-server: embeddable-app-server-64967c44cf-m4rwr
x-cached: MISS
x-request-id: 860664b2da7d39e9-YYZ
x-runtime: 0.001511
last-modified: Thu, 07 Mar 2024 00:14:48 GMT
server: cloudflare
access-control-max-age: 7200
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s9XSedZ7Wbv4PQgVauKGA9KvgO5ehjfUK7UqJ%2BDnr0cxHkDvpzARw4760sqqE%2FqR%2B84DdjYi7gr2RditKKa4xSKD%2FRngBfp0yAiNNUTgzxcJseYGyYsyuHE3S7cIUg1juzbfIAhE"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
cache-control: public, max-age=60, stale-while-revalidate=600, stale-if-error=3600
vary: Origin, Accept-Encoding
cf-ray: 860664b2da7d39e9-YYZ

OPTIONS
H2 204 pv
mercuryo.zendesk.com/frontendevents/ Frame 0
0 904ms
181ms Preflight 104.16.53.111

General

Check archive.org

Show headers Download Go to

Full URL: https://mercuryo.zendesk.com/frontendevents/pv?client=1B752747-577B-429A-A0E0-83861AF69088
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 104.16.53.111 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-origin: *
access-control-max-age: 600
cache-control: max-age=600
cf-cache-status: DYNAMIC
cf-ray: 860664b2da8039e9-YYZ
date: Thu, 07 Mar 2024 00:15:50 GMT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OakOlFS7qPVJQHlYAFTcRB9c9IuqJXzLW4cDfBRrLaBk2kzSN6h1Q8AXILMh%2BJ8yJ27RhPObMMnD6UQXKKEW%2BkA363r16x6%2BBbQiRnx2MgdLakBJeC48KQMD%2Ffjfx4ERRjCJFjC5"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Origin
x-request-id: 860664b2da8039e9-YYZ
x-zendesk-zorg: yes

GET
H2 200 IT Show response
fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/ Frame 3675 96 B
446 B 140ms
118ms XHR
text/plain 99.83.255.25

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/IT?q=7dmUzMeBuN6x1YjwR3EY

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.255.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

9135656edda3b0535f2378c4a8261acca9c47f598aa0a487d88d1ed1a05a9c39

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

GET
H2 200 IT Show response
fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/ Frame 3675 96 B
446 B 124ms
119ms XHR
text/plain 99.83.255.25

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/ywRkzzq/VYTW/mjMGIs/IT?q=7dmUzMeBuN6x1YjwR3EY

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.255.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

1a8854dcf7b024e6b04ede2323a501d5361e6005cdc74fdaf66cc41815f9d76a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
x-frame-options: DENY
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Retry-After
cache-control: max-age=31536000, immutable, private
timing-allow-origin: *
x-robots-tag: noindex
content-length: 96

OPTIONS
H2 204 i
r.lr-intake.com/ Frame 0
0 151ms
42ms Preflight 104.198.23.205

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-intake.com/i?a=d9d96x%2Fwidget-prod-igcku&r=5-8fe82459-875d-4f78-8133-c5c66c08f6b1&t=109c7c91-b508-4998-b723-304012b1471e&s=0&rs=0%2Cu&u=3407f34a-6243-4dbf-8499-3ba5f1a12373&is=1

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: x-logrocket-relay-version
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
content-length: 0
date: Thu, 07 Mar 2024 00:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 201 i Show response
r.lr-intake.com/ Frame 3675 28 B
522 B 605ms
603ms XHR
application/json 104.198.23.205

General

Check archive.org

Show headers Download Go to

Full URL

https://r.lr-intake.com/i?a=d9d96x%2Fwidget-prod-igcku&r=5-8fe82459-875d-4f78-8133-c5c66c08f6b1&t=109c7c91-b508-4998-b723-304012b1471e&s=0&rs=0%2Cu&u=3407f34a-6243-4dbf-8499-3ba5f1a12373&is=1

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.198.23.205 -, , ASN (),

Reverse DNS

Software

/ Express

Resource Hash

80be7fb9f1763671e4d3cddf72349425a4d4088f7b0ed21c238ab41b8c22ac1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://widget.mercuryo.io/
X-LogRocket-Relay-Version: 2023.12.0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
strict-transport-security: max-age=31536000; includeSubDomains
etag: W/"1c-PFMDrwGsbHZtXHXvOeVrYQ+hlvQ"
x-powered-by: Express
access-control-max-age: 1728000
access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-Relay-Version
content-length: 28

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 8A0D 19 KB
8 KB 110ms
102ms Document
text/html 172.253.63.92

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.92 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

c02e7d459313418e3875c2738c11d775a9f001513aa1ab5bcc2e078c94495da6

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kf6vjivynn5LBWZwW0sLTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://widget.mercuryo.io/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: en-CA,en;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Kf6vjivynn5LBWZwW0sLTQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Thu, 07 Mar 2024 00:15:50 GMT
expires: Thu, 07 Mar 2024 00:15:50 GMT
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjqtHikmLw1ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTBxfXzJJALEaEG_38WAR85nOejh6OivfuumsKkCsuX46ayAQO6XPYA0AYp_6GaxRQNx68xzrZCAW4uHY1rdkPZvAh32XFzEBAKA-N7s"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 3675 35 B
159 B 39ms
37ms Image
image/gif 52.3.58.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17097705505310.1303787334943376&c=x0t8v931xml2gpocsy8qxbltgh8n7j&p=2pmcko&a=bc94f9a7-57b7-42d3-9137-b3e3485a2da9&o=www.mercuryo.io&rt=1709770548651
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.3.58.105 -, , ASN (),
Reverse DNS
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 204 rate
api.mercuryo.io/v1.6/widget/buy/ Frame 0
0 133ms
118ms Preflight 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.mercuryo.io/v1.6/widget/buy/rate?from=USD&to=BTC&amount=300.00&network=BITCOIN&widget_id=67710925-8b40-4767-846e-3b88db69f04d&is_total=true&token=d269b99f4242874a23d30182ac517a3aa286730d8d2b00325cfe76b4b54a4410eyJ0IjoiMTcwOTc3MDU1MCIsInR0Ijp0cnVlLCJjIjoiQlRDIiwiYSI6IjAuMDA0MjI4MTUiLCJmYyI6IlVTRCIsImZhIjoiMzAwLjAwIiwiZiI6IjExLjQwIiwidGYiOiIwIiwic2YiOiIxMS40MDAwMDAwMDAwIiwiciI6IjY4MjU2LjU5IiwiY2lkIjoiZGQyNjU3N2QxZWE0OTc5YTAzNzRmYWU0ZGFhY2RlZjAiLCJ3IjoiNjc3MTA5MjUtOGI0MC00NzY3LTg0NmUtM2I4OGRiNjlmMDRkIiwib3AiOiJidXkiLCJwYSI6ImNhcmQiLCJwdCI6bnVsbCwicHMiOm51bGwsIm4iOiJCSVRDT0lOIiwiZmkiOjgzNX0%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: x-calc-id,x-widget-id
Access-Control-Request-Method: GET
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Accept,Accept-Encoding,Accept-Language,Authorization,b2b-bearer-token,Connection,Content-Type,DNT,Host,If-Modified-Since,Init-Token,Keep-Alive,Origin,Referer,User-Agent,X-Requested-With,X-Api-Token,X-Api-Edit-Token,X-Widget-Id,X-Calc-Id
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS
access-control-allow-origin: https://widget.mercuryo.io
access-control-max-age: 1728000
content-security-policy: frame-ancestors 'none'
date: Thu, 07 Mar 2024 00:15:50 GMT
strict-transport-security: max-age=15724800; includeSubDomains
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H2 200 rate Show response
api.mercuryo.io/v1.6/widget/buy/ Frame 3675 766 B
893 B 533ms
532ms XHR
application/json 3.124.100.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.124.100.26 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-124-100-26.eu-central-1.compute.amazonaws.com

Software

Resource Hash

f11484601b83dcabb692015e973da721e2155454db03153220ede163a21e431f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json
X-Calc-Id: c60e8c6f13e8377b7db318406e1010a4
Referer: https://widget.mercuryo.io/
X-Widget-Id: 67710925-8b40-4767-846e-3b88db69f04d
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=15724800; includeSubDomains
content-security-policy: frame-ancestors 'none'
x-frame-options: DENY
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Content-Disposition
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
x-request-id: 71d3bb89f86b90b3

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 3675 35 B
159 B 37ms
37ms Image
image/gif 52.3.58.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17097705506290.5664143056266744&c=x0t8v931xml2gpocsy8qxbltgh8n7j&p=2pmcko&a=bc94f9a7-57b7-42d3-9137-b3e3485a2da9&o=www.mercuryo.io&rt=1709770548651
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.3.58.105 -, , ASN (),
Reverse DNS
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMi... Frame 8A0D 159 KB
57 KB 532ms
454ms Script
text/javascript 172.253.122.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjKiz5c9fN5ZHdhJeTQ1FzzBN7otQ/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fwidget.mercuryo.io&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

04eb802924bceeb55f7489ad8889dda72ae63b98029e265e6671b72a17431552

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57681
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 05:06:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 20:47:33 GMT

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 3675 35 B
159 B 454ms
453ms Image
image/gif 52.3.58.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17097705507450.17707651996572604&c=x0t8v931xml2gpocsy8qxbltgh8n7j&p=2pmcko&a=bc94f9a7-57b7-42d3-9137-b3e3485a2da9&o=www.mercuryo.io&rt=1709770548651
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.3.58.105 -, , ASN (),
Reverse DNS
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:50 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 image-l.gif
img.riskified.com/img/ Frame 3675 35 B
159 B 44ms
36ms Image
image/gif 52.3.58.105

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.riskified.com/img/image-l.gif?t=17097705512750.4396085592732448&c=x0t8v931xml2gpocsy8qxbltgh8n7j&p=2pmcko&a=bc94f9a7-57b7-42d3-9137-b3e3485a2da9&o=www.mercuryo.io&rt=1709770548651
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 52.3.58.105 -, , ASN (),
Reverse DNS
Software: nginx/1.23.3 /
Resource Hash: b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://widget.mercuryo.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:51 GMT
last-modified: Thu, 29 Sep 2022 08:50:09 GMT
server: nginx/1.23.3
accept-ranges: bytes
etag: "63355c41-23"
content-length: 35
content-type: image/gif

GET
H2 200 m=Das5Le Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gic... Frame 8A0D 75 KB
27 KB 40ms
39ms Script
text/javascript 172.253.122.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEE2/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0sdQ6nlHnI8yQ-Or3NCAwGfC3iQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Das5Le

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/am=gEE2/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrjKiz5c9fN5ZHdhJeTQ1FzzBN7otQ/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.122.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

528b767fc3eec8c987f625dd1f0ad36ce8c541a07eabeb692e31cb1db0e37cb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27689
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 20:47:33 GMT

OPTIONS
H2 200 client_infos
c.riskified.com/v2/ Frame 0
0 262ms
41ms Preflight
text/plain 18.208.104.147

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.104.147 -, , ASN (),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Accept: */*
Access-Control-Request-Headers: access-control-allow-headers,access-control-allow-origin,content-type
Access-Control-Request-Method: POST
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
access-control-request-method: *
content-length: 2
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
timing-allow-origin: *
trace-id: 0a48bed781aa5caa4c910028cc0a9797

POST
H2 201 client_infos Show response
c.riskified.com/v2/ Frame 3675 0
338 B 41ms
41ms XHR
text/plain 18.208.104.147

General

Check archive.org

Show headers Download Go to

Full URL

https://c.riskified.com/v2/client_infos

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.208.104.147 -, , ASN (),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload

Request headers

Access-Control-Allow-Origin: *
Referer: https://widget.mercuryo.io/
accept-language: en-CA,en;q=0.9
Access-Control-Allow-Headers: Content-Type
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:51 GMT
access-control-request-method: *
strict-transport-security: max-age=15768000; includeSubDomains; preload
access-control-allow-methods: PUT, OPTIONS, GET, DELETE, POST
access-control-allow-origin: *
trace-id: c39789e2334210d09bea91988176546e
timing-allow-origin: *
access-control-allow-headers: Content-Type,Access-Control-Allow-Headers,Access-Control-Allow-Origin,x-csrf-token,X_CI_HMAC_SHA256
content-length: 0

GET
H3 200 pay Show response
pay.google.com/gp/p/ui/ Frame 8A0D 1 MB
377 KB 73ms
73ms XHR
text/html 172.253.63.92

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.92 -, , ASN (),

Reverse DNS

Software

ESF /

Resource Hash

10009c18c5c35cf434cdc051598af0375b8efc2b550e98333e6fccef44cfe51b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6nIC5E9f0u-4sUe1lMpIsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 00:15:51 GMT
strict-transport-security: max-age=31536000
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-6nIC5E9f0u-4sUe1lMpIsg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com;report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendBuyflowPayUi/cspreport
x-content-type-options: nosniff
cross-origin-resource-policy: same-site
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjqtHikmLw1ZBiWF4qxVBRK8WwZKYUg2fNTabOPTeZ1nU9YlrY_pRJk-sZU33UM6aZvM-Z4k48ZxJ885zp3ZeXTBxfXzJJALEaEG_38WAR85nOejh6OivfuumsKkCsuX46ayAQO6XPYA0AYp_6GaxRQNx68xzrZCAW4uHY3rdkPZvAgm3zfzMCAJ6uN4g"
x-ua-compatible: IE=edge
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy: unsafe-none
server: ESF
x-frame-options: DENY
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type: text/html; charset=utf-8
cache-control: private, max-age=3600
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires: Thu, 07 Mar 2024 00:15:51 GMT

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gic... Frame 8A0D 10 KB
4 KB 41ms
41ms Script
text/javascript 172.253.122.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEE2/d=1/exm=Das5Le,_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0sdQ6nlHnI8yQ-Or3NCAwGfC3iQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

17ddfc827c2004e082b80622981bbcb085e4c8edf724f7f3c2dc8ab3d4e45266

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4162
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 20:47:33 GMT

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gic... Frame 8A0D 37 KB
14 KB 42ms
41ms Script
text/javascript 172.253.122.94

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.RUUsDMZCx7M.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.gicXl1wwshw.L.B1.O/am=gEE2/d=1/exm=Das5Le,FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrh0sdQ6nlHnI8yQ-Or3NCAwGfC3iQ/ee=EmZ2Bf:zr1jrb;Erl4fe:FloWmf;JsbNhc:Xd8iUd;LBgRLc:XVMNvd;Me32dd:MEeYgc;NPKaK:PVlQOd;NSEoX:lazG7b;Oj465e:KG2eXe;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;eBAeSb:zbML3c;iFQyKf:vfuNJf;io8t5d:yDVVkb;kMFpHd:OTA3Ae;nAFL3:NTMZac;oGtAuc:sOXFj;qddgKe:xQtZb;sP4Vbe:VwDzFe;uY49fb:COQbmf;ul9GGd:VDovNc;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.122.94 -, , ASN (),

Reverse DNS

Software

sffe /

Resource Hash

8a0b7c8ee37eec42eb0256461248abe5330be262f7b9b6e2783189a77f1ddf5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-CA,en;q=0.9
Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 20:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98898
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14348
x-xss-protection: 0
last-modified: Thu, 29 Feb 2024 02:22:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
vary: Accept-Encoding, Origin
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 20:47:33 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8A0D 131 B
155 B 751ms
68ms XHR
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 00:15:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8A0D 131 B
155 B 746ms
73ms XHR
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 00:15:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8A0D 131 B
155 B 721ms
89ms XHR
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 00:15:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8A0D 131 B
155 B 749ms
70ms XHR
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 00:15:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8A0D 131 B
155 B 697ms
58ms XHR
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 00:15:52 GMT

POST
H3 200 log Show response
play.google.com/ Frame 8A0D 131 B
155 B 751ms
72ms XHR
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
X-Goog-AuthUser: 0
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

date: Thu, 07 Mar 2024 00:15:52 GMT
content-encoding: gzip
server: Playlog
x-frame-options: SAMEORIGIN
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://pay.google.com
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: X-Playlog-Web
content-length: 131
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 07 Mar 2024 00:15:52 GMT

POST
H2 200 / Show response
fpjs.checkout.com/ Frame 3675 458 B
957 B 659ms
413ms XHR
text/plain 99.83.255.25

General

Check archive.org

Show headers Download Go to

Full URL

https://fpjs.checkout.com/?ci=js/3.9.0&q=7dmUzMeBuN6x1YjwR3EY&ii=fingerprintjs-pro-cloudflare/1.5.0/procdn

Requested by

Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.83.255.25 -, , ASN (),

Reverse DNS

Software

Resource Hash

4cd3f9fba06cca51c435ad3fb63574a52ae8032df4add6a7a68268b36261de8b

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; frame-ancestors 'none'
Strict-Transport-Security	max-age=63072000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://widget.mercuryo.io/
accept-language: en-CA,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain

Response headers

date: Thu, 07 Mar 2024 00:15:51 GMT
content-security-policy: default-src 'none'; frame-ancestors 'none'
referrer-policy: no-referrer
strict-transport-security: max-age=63072000
x-content-type-options: nosniff
vary: Origin
x-frame-options: DENY
content-type: text/plain
access-control-allow-origin: https://widget.mercuryo.io
access-control-expose-headers: Retry-After
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 458

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 153ms
48ms Preflight
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 158ms
55ms Preflight
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 155ms
55ms Preflight
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 145ms
48ms Preflight
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 144ms
49ms Preflight
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 143ms
48ms Preflight
text/plain 172.253.63.138

General

Check archive.org

Show headers Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.253.63.138 -, , ASN (),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Thu, 07 Mar 2024 00:15:51 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

OPTIONS
H3 204 fingerprint
risk.checkout.com/collect/ Frame 0
0 140ms
139ms Preflight 146.75.30.4

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/fingerprint
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 146.75.30.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,content-type
Access-Control-Request-Method: PUT
Origin: https://widget.mercuryo.io
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: authorization,content-type
access-control-allow-methods: PUT
access-control-allow-origin: *
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
date: Thu, 07 Mar 2024 00:15:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-cache: MISS, MISS, MISS
x-cache-hits: 0, 0, 0
x-served-by: cache-dub4351-DUB, cache-dub4351-DUB, cache-iad-kiad7000135-IAD
x-timer: S1709770552.283043,VS0,VE2

PUT
H3 200 fingerprint Show response
risk.checkout.com/collect/ Frame 3675 55 B
408 B 215ms
214ms Fetch
application/json 146.75.30.4

General

Check archive.org

Show headers Download Go to

Full URL: https://risk.checkout.com/collect/fingerprint
Requested by: Host: widget.mercuryo.io
URL: https://widget.mercuryo.io/6642.ba7b54b63f9ab532c325.js?ab902f38d9f1e9d067c9
Protocol: H3
Security: QUIC, , AES_256_GCM
Server: 146.75.30.4 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 720a95140d4db126703de1859f129b82512e89c2684c87686ad103326368d409

Request headers

Accept: application/json
Referer: https://widget.mercuryo.io/
accept-language: en-CA,en;q=0.9
Authorization: pk_l3jjaljrxfhw2lhzgcabzfvywuy
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: application/json

Response headers

x-served-by: cache-dub4363-DUB, cache-dub4363-DUB, cache-iad-kiad7000135-IAD
date: Thu, 07 Mar 2024 00:15:52 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
x-timer: S1709770552.426652,VS0,VE75
cko-request-id: 0HN1H8SLQTTK0:0005541A
cko-internal-duration: 0
cko-version: 1.0.297
vary: Accept-Encoding
x-cache: MISS, MISS, MISS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
accept-ranges: bytes
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 55
x-cache-hits: 0, 0, 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: api.mercuryo.io
URL: https://api.mercuryo.io/v1.6/widget/rates?widget_id=67710925-8b40-4767-846e-3b88db69f04d

Verdicts & Comments Add Verdict or Comment

6 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mercuryo.io/	1970-01-21 04:32:10	Name: _system_cookie Value:
widget.mercuryo.io/	1970-01-20 18:57:36	Name: _lr_tabs_-d9d96x%2Fwidget-prod-igcku Value: {%22sessionID%22:0%2C%22recordingID%22:%225-8fe82459-875d-4f78-8133-c5c66c08f6b1%22%2C%22webViewID%22:null%2C%22lastActivity%22:1709770546374}
widget.mercuryo.io/	1970-01-20 18:57:36	Name: _lr_hb_-d9d96x%2Fwidget-prod-igcku Value: {%22heartbeat%22:1709770546375}
widget.mercuryo.io/	1969-12-31 23:59:59	Name: _lr_uf_-d9d96x Value: 62149ee6-dc71-41a4-aaa3-1e81fe1a2c24
api.mercuryo.io/	1970-01-20 18:57:36	Name: session_id Value: 659d62d48b5f2439a4df4ace82fc9a17678c5d5df259e8ec37019bd8c3a4d633a%3A2%3A%7Bi%3A0%3Bs%3A10%3A%22session_id%22%3Bi%3A1%3Bs%3A36%3A%22bc94f9a7-57b7-42d3-9137-b3e3485a2da9%22%3B%7D
.mercuryo.io/	1970-01-21 04:32:10	Name: lastRskxRun Value: 1709770549370
.mercuryo.io/	1970-01-21 04:32:10	Name: rskxRunCookie Value: 0
.mercuryo.io/	1970-01-21 04:32:10	Name: rCookie Value: x0t8v931xml2gpocsy8qxbltgh8n7j
widget.mercuryo.io/	1970-01-20 18:56:11	Name: _dd_s Value: logs=1&id=3fecaa2a-8fc9-48f1-a586-8a85c6b82d78&created=1709770547383&expire=1709771447388

17 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://api.mercuryo.io/v1.6/user22/keep-alive Message: Failed to load resource: the server responded with a status of 401 ()
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://exchange.mercuryo.io/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors none
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	deny
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.mercuryo.io
beacon.riskified.com
c.riskified.com
cdn.lr-intake.com
ekr.zdassets.com
eu.api.fpjs.io
exchange.mercuryo.io
fpjs.checkout.com
fpjsworker.checkout.com
fpnpmcdn.net
img.riskified.com
mercuryo.zendesk.com
pay.google.com
play.google.com
r.lr-intake.com
risk.checkout.com
static.zdassets.com
widget.mercuryo.io
www.gstatic.com
api.mercuryo.io
104.16.53.111
104.18.37.79
104.18.70.113
104.18.72.113
104.198.23.205
104.21.6.164
146.75.30.4
172.253.122.94
172.253.63.138
172.253.63.92
18.208.104.147
3.124.100.26
3.228.180.36
52.3.58.105
54.192.51.50
75.2.52.67
99.83.255.25
00c0fcff69a79da6e75a970c578793288d1df191fab781976acda4b8a9028a03
03ea5560314b60d69386c26a33c0a79184b5569d2b74b86005ba25b4dc93fffe
04eb802924bceeb55f7489ad8889dda72ae63b98029e265e6671b72a17431552
10009c18c5c35cf434cdc051598af0375b8efc2b550e98333e6fccef44cfe51b
11966fc5ae15dce31a44e99ebdaad329e567ecaa533e43561ca6a66e96bdb009
17ddfc827c2004e082b80622981bbcb085e4c8edf724f7f3c2dc8ab3d4e45266
1a8854dcf7b024e6b04ede2323a501d5361e6005cdc74fdaf66cc41815f9d76a
1ba72db9c33fae0077cddce5b30deb07155cbcb7ff9aba8e04ae2f9c4ba15c14
1ca5ea647188d6456824815a451fae306cbfec45e84c532f58e88c21c5bb995e
22ef39f007ec5c08101af588e544b8b21d004f9b37ce982f97bfb36c6b3ae1b4
28ebd6c5198d4781e605f1c547ef8fd3af65972fc6e97aadf97da364b4a92064
2b513d8f429f1f238a9b4f5dd9e0c3276ee56e2db01ddb9c71732c20b850f670
2e994cb0b343d3edeb1b58566cc21a641fc7d06bf0f285d5988cca28b0089f20
32a5c6facc35927e6020e7ed8d418cbd80a2f55dddbb561bbea50f6b9c5818d8
32dd37bdcd81eeb38079a37bbdfd3a22e775ce4d3d0882cb995e7a01ff47b1b9
331a369f35ad5045b23767a7f25a52507b1983705fcc7540246805c72eda292e
3530334e95010f90dccbc852b0e51e301020f695479c15dd584f4ac4351b9dba
353e10d175e9628d32f1c6e063516e2586f82531f17d6659be51c644f9eab5cc
42e442292aacd0141b71a58afa8528f8aae4af6cbaf1da57a5cdd7c83cd2ed8b
490b83d316c6a4bcc9978294864f849873031f722781918773da67c5f37178b0
4cd3f9fba06cca51c435ad3fb63574a52ae8032df4add6a7a68268b36261de8b
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
528b767fc3eec8c987f625dd1f0ad36ce8c541a07eabeb692e31cb1db0e37cb2
573953fb3e78f44363bb8062ec821d205a8ab22dc9ddda24d24f2472ca513a09
6d9180e0f88e3e0356a5cfa96bc98405948705784c9de1b74ab66500f55b1fce
720a95140d4db126703de1859f129b82512e89c2684c87686ad103326368d409
7b8bc7ca4981c3ab2ab2f5e1e06a7ef51ca2c50b8b978944605a7f849a3be160
7f9c759cf5c578de883f94efb8ccb7a9c49db6f898f1bf094d27912234aabd4d
80be7fb9f1763671e4d3cddf72349425a4d4088f7b0ed21c238ab41b8c22ac1f
8525380ed6e0ca2e8e4b80c9650de2d7c96fbaf342aee8c63fe1bca13a55df53
8929d0c063175ea507f6e6bb25176562576f5a93fb1ad3a4b64ed09fc852af36
8a0b747e58c0894e5cf81a4fe7a5f958f963e8f7e0829493d2d08980400c48a5
8a0b7c8ee37eec42eb0256461248abe5330be262f7b9b6e2783189a77f1ddf5e
8c7c110074e227c9eb87f65df859f3b449d07abd03a338e02104dabb385f0ba5
90be27f61ac23f13c4c1d9c8e90e20fb23073aa8b5c4c2a7ecfab2dd13e9efd2
9135656edda3b0535f2378c4a8261acca9c47f598aa0a487d88d1ed1a05a9c39
94fccdae4829ddfa39d48381f1a326d165e123cc3bbaa9668be625e28ba7b5ec
a0a09c7249a04929ae2d9843827f3558336c4b6e524cb8a32ab08be0bc2bd9e6
a2497148f72e2839707d55316931a3c71b2b355d7bec48cf672c026f4903ddfc
a6f0df6e385325b7a94aaf1005890c9c6d090205098efd6afc55a3e920d48e2c
b03a66cf3c1b8d1757cb7fb0268c86aae035e91a39e18cb571f8fcc3508e1f4d
b8d71af5997b9b3f569bd06e8fabbc79c5fa1d089b4e4aca3fd21d6cbcf4ebe7
bdd55a68f73148a791895019a8da139e3b9b4e01b061ba31318359c20bcacc35
c02e7d459313418e3875c2738c11d775a9f001513aa1ab5bcc2e078c94495da6
c52c73407a0d652b51d31bdcb5dff0050e9f916b58bca340d677fddb22b76572
c5bb940a126652fd050f1da415f4c8beaf477f010840ee4ed6edf12fb605269f
c63532942750a29059902d0a490f1b270ce1125c059e1afdd93193be44f56d47
ce337ec7dda4b3a741363a2673c7edce5c736f1660e2aa908131ecfd9dd1343f
cff10bd4615e4ea9fac17596031f44e047e849135148f13ea065329708f3d380
d4e2f225c7210510da972ad60b3253fead2d2063121c568f75740aee904c368c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7699e0f7ef7023e86ce9e7c0583b9ac3287782d46c5a6469134e2156faf3a9e
ea5e66f54cd329059bb6dd339ff90e8a8b951610cc90c7ae64b09e4502d003d5
ebff5f3bf5289a1a5ca9aaee172f5e4bb45bac090020cfa958c8f29420d31616
edc6615cbf86cc4784338f530963b5da942552f1fea45bb3b1db81f6b9eaea17
eea30d77847b2d433e61933006a0fffc094452f86be84c4533b3d6122ab77a99
f11484601b83dcabb692015e973da721e2155454db03153220ede163a21e431f
f339e81579b8f0f6f1b2fc1ca1452c7b4935fe80868560fca80c210051fa5289
f4a04af43942d435b3689431c49db0c0f94dabb803cd932f81d22cd03d30e0ac

exchange.mercuryo.io Open in urlscan Pro 3.124.100.26 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

96 Requests

98 %HTTPS

0 %IPv6

10 Domains

19 Subdomains

18 IPs

2 Countries

1891 kBTransfer

6522 kBSize

9 Cookies

0 Outgoing links

Redirected requests

96 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

exchange.mercuryo.io Open in urlscan Pro
3.124.100.26 Public Scan

Screenshot
Live screenshot

Full Image

96
Requests

98 %
HTTPS

0 %
IPv6

10
Domains

19
Subdomains

18
IPs

2
Countries

1891 kB
Transfer

6522 kB
Size

9
Cookies

96 HTTP transactions
0 data transactions