urlscan.io logo urlscan.io
SecurityTrails logo

pay.rosebay-studios.com Open in urlscan Pro
44.222.29.108  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://pay.rosebay-studios.com/
Effective URL: https://pay.rosebay-studios.com/
Submission: On May 28 via api from US — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 1 countries across 9 domains to perform 65 HTTP transactions. The main IP is 44.222.29.108, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is pay.rosebay-studios.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 28th 2025. Valid for: 3 months.
This is the only time pay.rosebay-studios.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 44.222.29.108 14618 (AMAZON-AES)
4 54.192.51.59 16509 (AMAZON-02)
1 34.201.201.112 14618 (AMAZON-AES)
2 54.230.48.222 16509 (AMAZON-02)
1 23.200.1.150 20940 (AKAMAI-AS...)
4 172.253.62.92 15169 (GOOGLE)
5 54.192.51.88 16509 (AMAZON-02)
2 23.4.183.100 16625 (AKAMAI-AS)
2 172.253.63.103 15169 (GOOGLE)
3 54.230.48.43 16509 (AMAZON-02)
18 172.253.63.94 15169 (GOOGLE)
2 98.84.72.71 14618 (AMAZON-AES)
17 172.253.115.102 15169 (GOOGLE)
1 142.251.167.95 15169 (GOOGLE)
1 192.178.218.94 15169 (GOOGLE)
65 16
1    44.222.29.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-222-29-108.compute-1.amazonaws.com
pay.rosebay-studios.com
4    54.192.51.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-59.yul62.r.cloudfront.net
cdn.poynt.net
1    34.201.201.112 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-201-112.compute-1.amazonaws.com
paylinks.mbe.commerce.godaddy.com
2    54.230.48.222 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-222.yul62.r.cloudfront.net
d85ecz8votkqa.cloudfront.net
1    23.200.1.150 (Edison, United States)

ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL)
PTR: a23-200-1-150.deploy.static.akamaitechnologies.com
img1.wsimg.com
4    172.253.62.92 (United States)

ASN15169 (GOOGLE, US)
PTR: bc-in-f92.1e100.net
pay.google.com
5    54.192.51.88 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-51-88.yul62.r.cloudfront.net
cdn.poynt.net
2    23.4.183.100 (Ashburn, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a23-4-183-100.deploy.static.akamaitechnologies.com
csp.secureserver.net
2    172.253.63.103 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f103.1e100.net
www.google.com
3    54.230.48.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-48-43.yul62.r.cloudfront.net
d85ecz8votkqa.cloudfront.net
18    172.253.63.94 (United States)

ASN15169 (GOOGLE, US)
PTR: bi-in-f94.1e100.net
www.gstatic.com
2    98.84.72.71 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-98-84-72-71.compute-1.amazonaws.com
services.poynt.net
17    172.253.115.102 (United States)

ASN15169 (GOOGLE, US)
PTR: bg-in-f102.1e100.net
play.google.com
1    142.251.167.95 (Farmingdale, United States)

ASN15169 (GOOGLE, US)
PTR: ww-in-f95.1e100.net
fonts.googleapis.com
1    192.178.218.94 (United States)

ASN15169 (GOOGLE, US)
PTR: yuiadtq-in-f94.1e100.net
fonts.gstatic.com
Apex Domain
Subdomains		 Transfer
23 google.com
pay.google.com — Cisco Umbrella Rank: 3763
www.google.com — Cisco Umbrella Rank: 9
play.google.com — Cisco Umbrella Rank: 60
503 KB
19 gstatic.com
www.gstatic.com
fonts.gstatic.com
827 KB
11 poynt.net
cdn.poynt.net — Cisco Umbrella Rank: 175981
services.poynt.net — Cisco Umbrella Rank: 275740
343 KB
5 cloudfront.net
d85ecz8votkqa.cloudfront.net
151 KB
2 secureserver.net
csp.secureserver.net — Cisco Umbrella Rank: 18607
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 107
2 KB
1 wsimg.com
img1.wsimg.com — Cisco Umbrella Rank: 14820
20 KB
1 godaddy.com
paylinks.mbe.commerce.godaddy.com
312 B
1 rosebay-studios.com
pay.rosebay-studios.com
2 KB
65 9
Domain Requested by
18 www.gstatic.com pay.google.com
www.google.com
www.gstatic.com
17 play.google.com www.gstatic.com
9 cdn.poynt.net pay.rosebay-studios.com
cdn.poynt.net
5 d85ecz8votkqa.cloudfront.net cdn.poynt.net
4 pay.google.com cdn.poynt.net
pay.google.com
www.gstatic.com
2 services.poynt.net cdn.poynt.net
2 www.google.com cdn.poynt.net
www.gstatic.com
2 csp.secureserver.net img1.wsimg.com
1 fonts.gstatic.com fonts.googleapis.com
1 fonts.googleapis.com
1 img1.wsimg.com cdn.poynt.net
1 paylinks.mbe.commerce.godaddy.com cdn.poynt.net
1 pay.rosebay-studios.com
65 13

This site contains links to these domains. Also see Links.

Domain
policies.google.com
Subject Issuer Validity Valid
pay.rosebay-studios.com
Go Daddy Secure Certificate Authority - G2		 2025-05-28 -
2025-08-26		 3 months crt.sh
*.poynt.net
Go Daddy Secure Certificate Authority - G2		 2024-10-14 -
2025-10-14		 a year crt.sh
*.mbe.commerce.godaddy.com
Go Daddy Secure Certificate Authority - G2		 2024-05-03 -
2025-06-04		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2024-07-30 -
2025-07-03		 a year crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2024-09-19 -
2025-10-21		 a year crt.sh
*.google.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2024-10-17 -
2025-11-18		 a year crt.sh
*.gstatic.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh
upload.video.google.com
WR2		 2025-04-29 -
2025-07-22		 3 months crt.sh

This page contains 6 frames:

Primary Page: https://pay.rosebay-studios.com/
Frame ID: F16981F0E703817D6DA71EAA479CA97F
Requests: 18 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/payment-form/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&enableSurchargeFee=false&businessId=b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5&applicationId=urn%3Aaid%3A0c4f58f5-38bc-43e1-a869-dfc1f2c0f14e&sessionId=2247fb26-e067-4b28-bf1f-5dcfe29f14a5&enableCardOnFile=false&parentOrigin=https://pay.rosebay-studios.com
Frame ID: F0BFB345587A91828021115FD841B306
Requests: 8 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.rosebay-studios.com&mid=
Frame ID: EDB6E6BF62DB3D1C5DC4E8B705CADEF4
Requests: 17 HTTP requests in this frame

Frame: https://cdn.poynt.net/collect/wallet-api/index.html
Frame ID: A2029C96F0E42036D548771E9D37F622
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=wzit0u19a6bk
Frame ID: 717F6B5D3348F39A8E2F0119234A8772
Requests: 5 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&hl=en&buttonSizeMode=fill&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22AMEX%22%2C%22DISCOVER%22%2C%22JCB%22%2C%22MASTERCARD%22%2C%22VISA%22%5D%2C%22billingAddressRequired%22%3Atrue%2C%22billingAddressParameters%22%3A%7B%22format%22%3A%22FULL%22%7D%7D%7D%5D&gpayButtonVariantType=1&gpayButtonType=pay
Frame ID: C44DCD49F27063B5E5981DB72E5B3D4D
Requests: 6 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Online payment @ Rose Bay Studios

Page URL History Show full URLs

  1. http://pay.rosebay-studios.com/ HTTP 307
    https://pay.rosebay-studios.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js

Page Statistics

65
Requests

98 %
HTTPS

0 %
IPv6

9
Domains

13
Subdomains

16
IPs

1
Countries

1849 kB
Transfer

5028 kB
Size

4
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://pay.rosebay-studios.com/ HTTP 307
    https://pay.rosebay-studios.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
pay.rosebay-studios.com/
Redirect Chain
  • http://pay.rosebay-studios.com/
  • https://pay.rosebay-studios.com/
4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.rosebay-studios.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
44.222.29.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-222-29-108.compute-1.amazonaws.com
Software
/
Resource Hash
4fe17cdd5541f4ea76a5d15af68ce63f9c5a65da69ffbfb0d7a47361431e764e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

connection
close
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Wed, 28 May 2025 05:11:30 GMT
last-modified
Wed, 28 May 2025 05:11:30 GMT
transfer-encoding
chunked
vary
Accept-Encoding

Redirect headers

Location
https://pay.rosebay-studios.com/
Non-Authoritative-Reason
HttpsUpgrades
bundle.2125f.css
cdn.poynt.net/checkout/ 		31 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/checkout/bundle.2125f.css
Requested by
Host: pay.rosebay-studios.com
URL: https://pay.rosebay-studios.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-59.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a44639012926b39de261c37f54d48e372068bc9363383623d732043907cb11be

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

Content-Encoding
gzip
x-amz-version-id
4o3wdsmTC75ED9wqkAYY6BC3hcOUr5vB
ETag
W/"c6a8deeb0c0ab6ce2e5e609c46c5796e"
Age
78656
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Uj6SxuXYKAnULsiy1YalacGOMBg7htdgsOJhenRTUxt7DbTI_A5k1Q==
Date
Tue, 27 May 2025 07:20:49 GMT
Content-Type
text/css
Vary
accept-encoding
Last-Modified
Tue, 06 May 2025 18:03:46 GMT
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 9ea08c3a2524e99d2bb42ac613eb89a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
bundle.be6cb.js
cdn.poynt.net/checkout/ 		299 KB
77 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/checkout/bundle.be6cb.js
Requested by
Host: pay.rosebay-studios.com
URL: https://pay.rosebay-studios.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-59.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
33bc8c338f84b5516ec6a2473544bcee17ca1b137b88290fdd0fd0d4519ba973

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

Content-Encoding
gzip
x-amz-version-id
PdIPb.sCJfidK_IQL75PUxAhGDivqPL3
ETag
W/"71c0bdb6485355ec933899af63e15c27"
Age
81826
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
l6DilJLilSvjdTdPEJPXcMAUVNp2KQxTSMm2bbzN28r__ReWcRLoPQ==
Date
Tue, 27 May 2025 06:27:49 GMT
Content-Type
application/x-javascript
Vary
accept-encoding
Last-Modified
Tue, 06 May 2025 18:03:46 GMT
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
favicon.ico
cdn.poynt.net/checkout/ 		933 B
2 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/checkout/favicon.ico
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-59.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c6670425515377d60b8aece9b9135b29a0bc0f67c11f7b06959d4985dfd24687

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

x-amz-version-id
e1eitFA0u00TjRUJpFWxkZSjdQtFaKah
ETag
"8f5af0ab459e5d5174640f2374392b4b"
Age
79116
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
xdDem7t1GRsnE6U6pJKg1Gkjt-8vzgZzdBywQNiTYkFbkLOnHiFmwA==
Date
Tue, 27 May 2025 07:14:01 GMT
Content-Type
image/x-icon
Vary
accept-encoding
Last-Modified
Tue, 06 May 2025 18:03:46 GMT
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 19d1514f5f81da4dca6349d0f75a352c.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Content-Length
933
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
branding
paylinks.mbe.commerce.godaddy.com/api/v1/ 		37 B
312 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://paylinks.mbe.commerce.godaddy.com/api/v1/branding?storeId=7b83c81d-8ddb-407c-bcdb-1aaaab31fb0d
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.be6cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.201.201.112 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-201-201-112.compute-1.amazonaws.com
Software
/
Resource Hash
247d0c06602bff1f9843ef0d749c990b981f2b7d33932c8d65936324822ce7d7

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Accept
application/json
Referer
https://pay.rosebay-studios.com/

Response headers

access-control-expose-headers
X-Trace-Id
etag
W/"25-Fa5ij9UkzvcL0oyUXUBJ1H/azxw"
access-control-allow-credentials
true
x-trace-id
8c6dea3961e1031b7efd3f26b69e6153
access-control-allow-origin
https://pay.rosebay-studios.com
content-length
37
date
Wed, 28 May 2025 05:11:32 GMT
content-type
application/json; charset=utf-8
vary
Origin, Accept-Encoding
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-bold.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.2125f.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-222.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://pay.rosebay-studios.com
Referer
https://cdn.poynt.net/

Response headers

Access-Control-Max-Age
3000
ETag
"01ea0c70c6d59c1120d417973884a561"
x-amz-version-id
3Dyzakh4wMsc.y1PkiMMDvjFWzWRoakF
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
plr_Oof5s-469eLSW6LgMFN0G3S6mXAdz3TPeAaKatTknmJfVMzAQw==
Date
Wed, 28 May 2025 05:11:33 GMT
Content-Type
binary/octet-stream
Last-Modified
Thu, 15 Jul 2021 12:19:14 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Connection
keep-alive
Via
1.1 0fb05a472bd2fcfe266ed8a7a987ab1e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
28188
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-medium.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.2125f.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.222 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-222.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://pay.rosebay-studios.com
Referer
https://cdn.poynt.net/

Response headers

Access-Control-Max-Age
3000
ETag
"33cab99d83b92952776a42f7405bbfab"
x-amz-version-id
O2_FvwQ7bp4A8VDgoUeX_pLXSi2TQNq4
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Miss from cloudfront
X-Amz-Cf-Id
NxIevfM7UiKuf81POzS3K1Q4RQL75DnhVpxXL5LH16QClHbXngfJgA==
Date
Wed, 28 May 2025 05:11:33 GMT
Content-Type
binary/octet-stream
Last-Modified
Thu, 15 Jul 2021 12:19:23 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Connection
keep-alive
Via
1.1 8628ab00b77c57209ad876418b745f6e.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
28756
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
collect.js
cdn.poynt.net/ 		283 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.be6cb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-59.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f85745f006305201dbf36bd909121d6304b3c8bf92ab1aeafe44a1f5f6d02a15

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

Content-Encoding
gzip
x-amz-version-id
eU592eql5GGq9iiuQXM4nncUXsgyCwvN
ETag
W/"1a57752086cb0f3d7dbfac5774fd54df"
Age
81510
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
E-fSoZx-xscxiLnYh4v-zgQZOPUXe9sy6Q_1TEPAXptpprOaS8AnRw==
Date
Tue, 27 May 2025 06:33:06 GMT
Content-Type
application/x-javascript
Vary
accept-encoding
Last-Modified
Thu, 15 May 2025 16:04:33 GMT
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 9ea08c3a2524e99d2bb42ac613eb89a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
scc-c2.min.js
img1.wsimg.com/signals/js/clients/scc-c2/ 		100 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/checkout/bundle.be6cb.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.200.1.150 Edison, United States, ASN20940 (AKAMAI-ASN1 Akamai International B.V., NL),
Reverse DNS
a23-200-1-150.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c48b1fb3987eabff87f56d5f4c54d0b60484f1b949ce0e0cc9b24982a16926f0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

content-encoding
gzip
x-amz-meta-version
1.2.1
etag
"403e2d481c2573a5fd203e9be94119a7"
x-amz-version-id
SBL40tmsyLjcHeaz_2ljFrfSOSAPZNLU
expires
Wed, 28 May 2025 05:41:32 GMT
date
Wed, 28 May 2025 05:11:32 GMT
last-modified
Thu, 15 May 2025 17:03:53 GMT
content-type
text/javascript
vary
Accept-Encoding
x-amz-id-2
eujcfOgFwvGXfaQX7hezPQyRFIHRmCM3aqrtbTTIV3956S2dXXdDSy4VbZkBHGtf8xwYynR3d4U=
cache-control
max-age=1800
timing-allow-origin
*
x-amz-request-id
35XAVZ4TE9XAPX6B
accept-ranges
bytes
access-control-allow-origin
*
content-length
20320
x-amz-server-side-encryption
AES256
pay.js
pay.google.com/gp/p/js/ 		186 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f92.1e100.net
Software
ESF /
Resource Hash
65cd0817523ee62646455939a35bb2d91315a3de397b650ddc46325f1441cd1b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-xVgTGIibQlR_DiNjY31FUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 28 May 2025 05:11:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
date
Wed, 28 May 2025 05:11:32 GMT
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjamHU4pJiCNKQYlheKsWwZKYUQ8Gy6aytN8-xTgbiuQHnWcMzz7MaKlxitQfiX3mXWFnvXGItkrjC2gDCoVdZY3mvsc6yuMYakHWN1eD5ddYutRusn6pusApU32BdMOcGa2HQTdaMjpustr03WV_tvMlqoneLdc3GW6ybgbjvxS1WTo87rEI8HC3bbh1kE3jw_tMlRiXtpPzC-My84pLEvJKk0sq0ovy8ktS8lOLUorLUongjAyNTA1Mjcz0Dk_gCAwD0UU1g"
content-security-policy
require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport, script-src 'report-sample' 'nonce-xVgTGIibQlR_DiNjY31FUg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist
cache-control
private, max-age=600
cross-origin-opener-policy
same-origin
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
cross-origin
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
index.html
cdn.poynt.net/collect/payment-form/ Frame F0BF 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/payment-form/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&enableSurchargeFee=false&businessId=b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5&applicationId=urn%3Aaid%3A0c4f58f5-38bc-43e1-a869-dfc1f2c0f14e&sessionId=2247fb26-e067-4b28-bf1f-5dcfe29f14a5&enableCardOnFile=false&parentOrigin=https://pay.rosebay-studios.com
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-88.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a0afdf081d821fe678fad6e0e3ae909a78f6dbc41da50b0b28404deaa3129b94
Security Headers
Name Value
Content-Security-Policy default-src 'self'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://d85ecz8votkqa.cloudfront.net/ https://dy9dcn6pwvpv.cloudfront.net/; font-src 'self' https://d85ecz8votkqa.cloudfront.net/ https://dy9dcn6pwvpv.cloudfront.net/; connect-src 'self' https://services.poynt.net/ https://www.google.com/recaptcha/; media-src 'self'; worker-src 'self'; object-src 'none'; base-uri 'none'; form-action 'none'; report-uri https://services.poynt.net/csp-reports; report-to csp-reports;

Request headers

Referer
https://pay.rosebay-studios.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

Age
78570
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
default-src 'self'; script-src 'self' 'sha256-MS6/3FCg4WjP9gwgaBGwLpRCY6fZBgwmhVCdrPrNf3E=' 'sha256-tQjf8gvb2ROOMapIxFvFAYBeUJ0v1HCbOcSmDNXGtDo=' 'sha256-VA8O2hAdooB288EpSTrGLl7z3QikbWU9wwoebO/QaYk=' 'sha256-+5XkZFazzJo8n0iOP4ti/cLCMUudTf//Mzkb7xNPXIc=' https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/; frame-src 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; style-src 'self' 'unsafe-inline'; img-src 'self' data: https://d85ecz8votkqa.cloudfront.net/ https://dy9dcn6pwvpv.cloudfront.net/; font-src 'self' https://d85ecz8votkqa.cloudfront.net/ https://dy9dcn6pwvpv.cloudfront.net/; connect-src 'self' https://services.poynt.net/ https://www.google.com/recaptcha/; media-src 'self'; worker-src 'self'; object-src 'none'; base-uri 'none'; form-action 'none'; report-uri https://services.poynt.net/csp-reports; report-to csp-reports;
Content-Type
text/html
Date
Tue, 27 May 2025 07:22:03 GMT
ETag
W/"e691e1ccaf1304fedbc827759a56eed4"
Last-Modified
Thu, 15 May 2025 16:04:34 GMT
Reporting-Endpoints
csp-reports="https://services.poynt.net/csp-reports"
Server
AmazonS3
Transfer-Encoding
chunked
Vary
accept-encoding
Via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
X-Amz-Cf-Id
P7_BeQZAM7IZ0kPvWF7yKRSwLbbnR0D6Y3644DFw9e6oYllv3sKonA==
X-Amz-Cf-Pop
YUL62-C2
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
yfq7C.Sx1ElV40YtsUuDmd.3PXSa3CXx
index-LlXChSuu.js
cdn.poynt.net/collect/payment-form/assets/ Frame F0BF 		529 KB
169 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/payment-form/assets/index-LlXChSuu.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/payment-form/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&enableSurchargeFee=false&businessId=b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5&applicationId=urn%3Aaid%3A0c4f58f5-38bc-43e1-a869-dfc1f2c0f14e&sessionId=2247fb26-e067-4b28-bf1f-5dcfe29f14a5&enableCardOnFile=false&parentOrigin=https://pay.rosebay-studios.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-88.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
15509b5ffc67a34aa06dbfa8fdd6a6ea3273b5d541662de133c0a7194d600fc6

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/

Response headers

Content-Encoding
gzip
x-amz-version-id
H7VCnZHX4..ElZm0vW2gAZcgEP4gK3t7
ETag
W/"de5f2e10f15d35ca878abda42dda33ca"
Age
78569
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
8hyFEVgnGO8LzFy4LbgyFQOZNOMqNFdujvSItytk6KxRXcPfIST9wQ==
Date
Tue, 27 May 2025 07:22:48 GMT
Content-Type
application/x-javascript
Vary
accept-encoding
Last-Modified
Thu, 15 May 2025 16:04:33 GMT
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
index-D32pBYvD.css
cdn.poynt.net/collect/payment-form/assets/ Frame F0BF 		12 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/payment-form/assets/index-D32pBYvD.css
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/payment-form/index.html?iFrame%5Bwidth%5D=100%25&iFrame%5Bheight%5D=485px&iFrame%5Bborder%5D=0px&style%5Btheme%5D=ecommerce&displayComponents%5BemailAddress%5D=false&displayComponents%5BfirstName%5D=false&displayComponents%5BlastName%5D=false&displayComponents%5BecommerceFirstName%5D=true&displayComponents%5BecommerceLastName%5D=true&displayComponents%5BecommerceEmailAddress%5D=true&displayComponents%5BecommerceNotes%5D=false&displayComponents%5BzipCode%5D=true&displayComponents%5Blabels%5D=true&displayComponents%5BecommerceLabels%5D=true&displayComponents%5BshowEndingPage%5D=false&displayComponents%5BpaymentLabel%5D=true&additionalFieldsToValidate%5B0%5D=firstName&additionalFieldsToValidate%5B1%5D=lastName&additionalFieldsToValidate%5B2%5D=emailAddress&enableReCaptcha=true&reCaptchaOptions%5Btype%5D=TEXT&customCss%5Bcontainer%5D%5Bcolor%5D=%23111&customCss%5Bcontainer%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5Bcontainer%5D%5Bheight%5D=auto&customCss%5Bcontainer%5D%5Bflex-flow%5D=row%20wrap&customCss%5Bcontainer%5D%5Bjustify-content%5D=normal&customCss%5Bcontainer%5D%5Balign-content%5D=center&customCss%5Bcontainer%5D%5Bmargin-top%5D=-15px&customCss%5BinputLabel%5D%5Bcolor%5D=%23111&customCss%5BinputLabel%5D%5Bdisplay%5D=block&customCss%5BinputLabel%5D%5Bfont-size%5D=15px&customCss%5BinputLabel%5D%5Bfont-weight%5D=700&customCss%5BinputLabel%5D%5Bline-height%5D=20px&customCss%5BinputLabel%5D%5Bmargin-bottom%5D=7.5px&customCss%5BinputLabel%5D%5Bmargin-top%5D=5px&customCss%5BinputLabel%5D%5Btext-transform%5D=capitalize&customCss%5BinputLabel%5D%5Bletter-spacing%5D=0px&customCss%5BinputDefault%5D%5Bcolor%5D=%23111&customCss%5BinputDefault%5D%5Bfont-family%5D=%22GD%20Sherpa%22%2C%20%22objektiv-mk2%22%2C%20%22Proxima%20Nova%22%2C%20%22Myriad%20Pro%22%2C%20-apple-system%2C%20Helvetica&customCss%5BinputDefault%5D%5Bfont-size%5D=15px&customCss%5BinputDefault%5D%5Bline-height%5D=20px&customCss%5BsectionLabel%5D%5Bfont-size%5D=13px&customCss%5BsectionLabel%5D%5Bline-height%5D=18px&customCss%5BsectionLabel%5D%5Bfont-weight%5D=500&customCss%5BsectionLabel%5D%5Bletter-spacing%5D=0.5px&customCss%5BsectionLabel%5D%5Bcolor%5D=%23767676&customCss%5BsectionLabel%5D%5Btext-transform%5D=uppercase&customCss%5BsectionLabel%5D%5Bmargin-top%5D=15px&customCss%5BsectionLabel%5D%5Bmargin-bottom%5D=10px&customCss%5BsectionLabel%5D%5Bpadding-left%5D=0px&customCss%5BsectionLabel%5D%5Bpadding-right%5D=0px&customCss%5BrequiredMark%5D%5Bcolor%5D=%23ae1302&customCss%5BrequiredMark%5D%5Bfont-size%5D=15px&customCss%5BrequiredMark%5D%5Bline-height%5D=20px&customCss%5BrequiredMark%5D%5Bmargin-left%5D=3px&customCss%5BrowFirstName%5D%5Bwidth%5D=50%25&customCss%5BrowFirstName%5D%5Bpadding-left%5D=0px&customCss%5BrowLastName%5D%5Bwidth%5D=50%25&customCss%5BrowLastName%5D%5Bpadding-right%5D=0px&customCss%5BrowCardNumber%5D%5Bwidth%5D=75%25&customCss%5BrowCardNumber%5D%5Bpadding-left%5D=0px&customCss%5BrowCVV%5D%5Bwidth%5D=35%25&customCss%5BrowCVV%5D%5Bpadding-left%5D=0px&customCss%5BrowExpiration%5D%5Bwidth%5D=25%25&customCss%5BrowExpiration%5D%5Bpadding-right%5D=0px&customCss%5BrowZip%5D%5Bwidth%5D=65%25&customCss%5BrowZip%5D%5Bpadding-right%5D=0px&customCss%5BrowEmailAddress%5D%5Bwidth%5D=100%25&customCss%5BrowEmailAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowEmailAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowShippingZip%5D%5Bwidth%5D=100%25&customCss%5BrowShippingZip%5D%5Bpadding-left%5D=0px&customCss%5BrowShippingZip%5D%5Bpadding-right%5D=0px&customCss%5BrowCountry%5D%5Bwidth%5D=100%25&customCss%5BrowCountry%5D%5Bpadding-left%5D=0px&customCss%5BrowCountry%5D%5Bpadding-right%5D=0px&customCss%5BrowAddress%5D%5Bwidth%5D=100%25&customCss%5BrowAddress%5D%5Bpadding-left%5D=0px&customCss%5BrowAddress%5D%5Bpadding-right%5D=0px&customCss%5BrowCity%5D%5Bwidth%5D=50%25&customCss%5BrowCity%5D%5Bpadding-left%5D=0px&customCss%5BrowTerritory%5D%5Bwidth%5D=50%25&customCss%5BrowTerritory%5D%5Bpadding-right%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bwidth%5D=100%25&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-left%5D=0px&customCss%5BrowSameAsBillingCheckbox%5D%5Bpadding-right%5D=0px&customCss%5BrowPhone%5D%5Bwidth%5D=100%25&customCss%5BrowPhone%5D%5Bmargin-bottom%5D=3px&customCss%5BrowPhone%5D%5Bpadding-left%5D=0px&customCss%5BrowPhone%5D%5Bpadding-right%5D=0px&fields%5Bphone%5D=&locale=en-US&enableSurchargeFee=false&businessId=b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5&applicationId=urn%3Aaid%3A0c4f58f5-38bc-43e1-a869-dfc1f2c0f14e&sessionId=2247fb26-e067-4b28-bf1f-5dcfe29f14a5&enableCardOnFile=false&parentOrigin=https://pay.rosebay-studios.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-88.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dad53cb7d92ddb8a0e3aeae0b9b7a714e22e5fb731ef23270d6ca1f62738082f

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/

Response headers

Content-Encoding
gzip
x-amz-version-id
yJVcXnVASjbJQEwe_HHFu.SLPbEdOjEA
ETag
W/"6751e06c3d5fc233cbf842e04a6fbaeb"
Age
80872
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
Wym1SUmIT4rVpDinO0pApN1KE2Kqpy2OVq61uYMkVnUP1M356jwkFA==
Date
Tue, 27 May 2025 06:44:47 GMT
Content-Type
text/css
Vary
accept-encoding
Last-Modified
Thu, 15 May 2025 16:04:33 GMT
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 ac1cb1fdb7cf3984f94f9f190169eb3a.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
web
csp.secureserver.net/eventbus/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus/web?clientid=b18ef4f046435b64a469b32c3c1c20a3
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.4.183.100 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-183-100.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.rosebay-studios.com/

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
93
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 28 May 2025 05:11:33 GMT
x-bus-trace-id
329997385488459457443818540123325866000
Access-Control-Allow-Origin
*
Content-Length
2
Date
Wed, 28 May 2025 05:11:33 GMT
Content-Type
application/json
web
csp.secureserver.net/eventbus/ 		2 B
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://csp.secureserver.net/eventbus/web?clientid=8da2217409854bee82e12dc4ca0b39fb
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/signals/js/clients/scc-c2/scc-c2.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.4.183.100 Ashburn, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-4-183-100.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains ; preload

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://pay.rosebay-studios.com/

Response headers

Strict-Transport-Security
max-age=86400 ; includeSubDomains ; preload
Cache-Control
max-age=0, no-cache, no-store
x-envoy-upstream-service-time
76
Pragma
no-cache
Connection
keep-alive
Expires
Wed, 28 May 2025 05:11:33 GMT
x-bus-trace-id
316262971017794382599971148455137515124
Access-Control-Allow-Origin
*
Content-Length
2
Date
Wed, 28 May 2025 05:11:33 GMT
Content-Type
application/json
payframe
pay.google.com/gp/p/ui/ Frame EDB6 		13 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.rosebay-studios.com&mid=
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f92.1e100.net
Software
ESF /
Resource Hash
ab5284fad168555191816f46e2f5e560ca43224ff6ec3af56172588edd4f99e0
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-vQef0L7pKb2z-8W09_YKUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.rosebay-studios.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=3600
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-vQef0L7pKb2z-8W09_YKUA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 28 May 2025 05:11:33 GMT
expires
Wed, 28 May 2025 05:11:33 GMT
origin-trial
AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzj6mHU4pJiCNKQYlheKsWwZKYUQ8Gy6aytN8-xTgbiuQHnWcMzz7MaKlxitQfiX3mXWFnvXGItkrjC2gDCoVdZY3mvsc6yuMYakHWN1eD5ddYutRusn6pusApU32BdMOcGaxL7TdYCIC4Musma0XGT1bb3JuurnTdZTfRusa7ZeIt1MxD3vbjFyulxh1WIm6N1262DbAIXbh8MVNJOyi-Mz8wrLknMK0kqrUwrys8rSc1LKU4tKkstijcyMDI1MDUy1zMwiS8wAADIHE8t"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-ua-compatible
IE=edge
x-xss-protection
0
index.html
cdn.poynt.net/collect/wallet-api/ Frame A202 		535 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/wallet-api/index.html
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-88.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
027081fff12683e614ec16ba1d514438363b3a48ccb4299d74c204314ea5eb52

Request headers

Referer
https://pay.rosebay-studios.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

Accept-Ranges
bytes
Age
79804
Connection
keep-alive
Content-Length
535
Content-Type
text/html
Date
Tue, 27 May 2025 07:01:30 GMT
ETag
"9e3b413eb02453d65c5a2f00fba52e02"
Last-Modified
Thu, 15 May 2025 16:04:34 GMT
Server
AmazonS3
Vary
accept-encoding
Via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
X-Amz-Cf-Id
wGACTtUdg8lD3W5Le_CuxxaHxGoLPD3MgoYa1_DjuWyj3qQ8X6S0fg==
X-Amz-Cf-Pop
YUL62-C2
X-Cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
x-amz-server-side-encryption
AES256
x-amz-version-id
l09Xam2ZClOA1WYcDwWOzE3yIr5ZolPJ
index-DFKcYlHS.js
cdn.poynt.net/collect/wallet-api/assets/ Frame A202 		55 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.poynt.net/collect/wallet-api/assets/index-DFKcYlHS.js
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/wallet-api/index.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.51.88 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-51-88.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
8bc0ebe78998383a7086ee88c0fab9d0c9350ddfefaa16596505a8dd0702b9ec

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/collect/wallet-api/index.html

Response headers

Content-Encoding
gzip
x-amz-version-id
9KpcjekGAtc67Bbg87QYlNe80I1v5Qmk
ETag
W/"a53c339a5ca33aa18b54b7e38c241130"
Age
64452
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
TN2XJo57qF-sAdB3w45o8nN787hFEhSIk8BQkwxMVpW71NnCFzCfPg==
Date
Tue, 27 May 2025 11:17:59 GMT
Content-Type
application/x-javascript
Vary
accept-encoding
Last-Modified
Thu, 15 May 2025 16:04:34 GMT
Transfer-Encoding
chunked
x-amz-replication-status
COMPLETED
Connection
keep-alive
Via
1.1 c83536c4e12f4a229fa27266fc5fdd56.cloudfront.net (CloudFront)
Access-Control-Allow-Origin
*
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
x-amz-server-side-encryption
AES256
enterprise.js
www.google.com/recaptcha/ Frame F0BF 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/payment-form/assets/index-LlXChSuu.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
ESF /
Resource Hash
4cc49c6e3075a4be69064a2601b4fdcd229b59101b83874abe1e64b0bb9727bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://cdn.poynt.net/

Response headers

cache-control
private, max-age=300
content-encoding
gzip
cross-origin-resource-policy
cross-origin
report-to
{"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
x-content-type-options
nosniff
expires
Wed, 28 May 2025 05:11:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
date
Wed, 28 May 2025 05:11:33 GMT
x-xss-protection
0
content-type
text/javascript; charset=utf-8
server
ESF
x-frame-options
SAMEORIGIN
gd-sherpa-medium.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame F0BF 		28 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-medium.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/payment-form/assets/index-D32pBYvD.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-43.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/

Response headers

Access-Control-Max-Age
3000
ETag
"33cab99d83b92952776a42f7405bbfab"
x-amz-version-id
O2_FvwQ7bp4A8VDgoUeX_pLXSi2TQNq4
Age
79463
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
9CxXLVAfS4sFAX0r8eP7CGi-Jyu4dhvk7E90ostF_RJ70aR-vwzekA==
Date
Tue, 27 May 2025 07:07:11 GMT
Content-Type
binary/octet-stream
Last-Modified
Thu, 15 Jul 2021 12:19:23 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Connection
keep-alive
Via
1.1 0df778cadb5eaa000de4f1d7838b16e0.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
28756
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
gd-sherpa-bold.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame F0BF 		28 KB
28 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-bold.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/payment-form/assets/index-D32pBYvD.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-43.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/

Response headers

Access-Control-Max-Age
3000
ETag
"01ea0c70c6d59c1120d417973884a561"
x-amz-version-id
3Dyzakh4wMsc.y1PkiMMDvjFWzWRoakF
Age
46574
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
QHsODPBy5OV-g51Y8BYR9S12MgwS_QTy4S5hCvpF9uWETXmQz-MARw==
Date
Tue, 27 May 2025 16:15:20 GMT
Content-Type
binary/octet-stream
Last-Modified
Thu, 15 Jul 2021 12:19:14 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Connection
keep-alive
Via
1.1 49a31eb192d176b36bdbd7d7f218656a.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
28188
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
gd-sherpa-regular.woff
d85ecz8votkqa.cloudfront.net/fonts/ Frame F0BF 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d85ecz8votkqa.cloudfront.net/fonts/gd-sherpa-regular.woff
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/payment-form/assets/index-D32pBYvD.css
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.230.48.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-48-43.yul62.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/

Response headers

Access-Control-Max-Age
3000
x-amz-version-id
LlnImV1k4.8VH0ionwgOdCfmIburlnAU
ETag
"b6a90e27204597cb6eddb31f93a90bfa"
Age
10275
Access-Control-Allow-Methods
GET, HEAD, DELETE, PUT, POST
X-Cache
Hit from cloudfront
X-Amz-Cf-Id
og5IOwkR-zD4LUSoVeJG21aQ8FVxRa4O1xFTokwo5AZIRWfKZKBdcA==
Date
Wed, 28 May 2025 02:20:19 GMT
Content-Type
binary/octet-stream
Last-Modified
Thu, 15 Jul 2021 12:19:12 GMT
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Connection
keep-alive
Via
1.1 3bff6c700d376f51ba81ef57dc2bd6e6.cloudfront.net (CloudFront)
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Content-Length
37104
X-Amz-Cf-Pop
YUL62-C2
Server
AmazonS3
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs... Frame EDB6 		172 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfribUzraB-5679WZQs5wpPRQV-Ga_Q/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Fpay.rosebay-studios.com&mid=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
fe22a639627e9ee6b2115f5f2d0a5e466dbd9aca1568d3126e79b216f5ca7bb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
46535
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:15:58 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:15:58 GMT
last-modified
Sat, 24 May 2025 03:33:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
62101
x-xss-protection
0
server
sffe
validate
services.poynt.net/businesses/b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5/google-pay/ Frame A202 		295 B
798 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://services.poynt.net/businesses/b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5/google-pay/validate
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect/wallet-api/assets/index-DFKcYlHS.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.84.72.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-84-72-71.compute-1.amazonaws.com
Software
/
Resource Hash
d98e69bdbf80f2a30410951aead0579bcae9a0e1e7a14e3786948cf5b00ab4c2

Request headers

Poynt-Session-Id
6a058762-2ddd-4789-836b-73bc6a8a6f2b
Poynt-Collect-Version
v2.0.63
Referer
https://cdn.poynt.net/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Accept
application/json, text/plain, */*
Content-Type
application/json
Poynt-Request-Id
3f7e42b0-0e8c-4a74-a0aa-9347280c3818

Response headers

X-Request-Id
3f7e42b0-0e8c-4a74-a0aa-9347280c3818
Connection
keep-alive
Instance-Id
poynt-fargate/65ce1d48a91842b8ac890f77aab87bf7
Access-Control-Allow-Origin
https://cdn.poynt.net
Content-Length
295
Poynt-Build-Info
1.4.395-2025-05-21T03:04:49Z
Date
Wed, 28 May 2025 05:11:34 GMT
Content-Type
application/json;charset=UTF-8
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Poynt-Request-Id
3f7e42b0-0e8c-4a74-a0aa-9347280c3818
validate
services.poynt.net/businesses/b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5/google-pay/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://services.poynt.net/businesses/b1263bbd-d8e3-429f-ae3b-bd06bc6c8aa5/google-pay/validate
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
98.84.72.71 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-98-84-72-71.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,poynt-collect-version,poynt-request-id,poynt-session-id
Access-Control-Request-Method
POST
Origin
https://cdn.poynt.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

Access-Control-Allow-Headers
content-type, poynt-collect-version, poynt-request-id, poynt-session-id
Access-Control-Allow-Methods
POST
Access-Control-Allow-Origin
https://cdn.poynt.net
Access-Control-Max-Age
1800
Allow
GET, HEAD, POST, PUT, DELETE, OPTIONS, PATCH
Connection
keep-alive
Content-Length
0
Date
Wed, 28 May 2025 05:11:33 GMT
Instance-Id
poynt-fargate/1ab3438569b84375b39d313582a07eaa
Poynt-Build-Info
1.4.395-2025-05-21T03:04:49Z
Poynt-Request-Id
73c488f7-ebfc-4528-bcb1-cae311a17628
Vary
Origin Access-Control-Request-Method Access-Control-Request-Headers
X-Request-Id
73c488f7-ebfc-4528-bcb1-cae311a17628
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame F0BF 		638 KB
272 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://cdn.poynt.net
Referer
https://cdn.poynt.net/

Response headers

content-encoding
gzip
age
30130
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 20:49:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 20:49:24 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
277777
x-xss-protection
0
server
sffe
m=uZmJdd
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv... Frame EDB6 		83 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfribUzraB-5679WZQs5wpPRQV-Ga_Q/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
a3f379536e68b260c368b7256193845307bfa663b4e63ac27d638d3907ebfcc9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
46033
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:24:21 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:24:21 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
30478
x-xss-protection
0
server
sffe
pay
pay.google.com/gp/p/ui/ Frame EDB6 		1 MB
390 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/ui/pay
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfribUzraB-5679WZQs5wpPRQV-Ga_Q/m=_b,_tp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.62.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f92.1e100.net
Software
ESF /
Resource Hash
d3d931a3396ac9b4f7dbed3f8b9c00cb678356237dbd3cc99d8f16ec408ceca5
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-jGUBApvoOpzpOqGs5aZ1UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com https://payments.google.com/payments/v4/js/integrator.js https://payments.sandbox.google.com/payments/v4/js/integrator.js;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 28 May 2025 05:11:34 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-ua-compatible
IE=edge
date
Wed, 28 May 2025 05:11:34 GMT
content-type
text/html; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
DENY
strict-transport-security
max-age=31536000
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzj6mHU4pJiCNKQYlheKsWwZKYUQ8Gy6aytN8-xTgbiuQHnWcMzz7MaKlxitQfiX3mXWFnvXGItkrjC2gDCoVdZY3mvsc6yuMYakHWN1eD5ddYutRusn6pusApU32BdMOcGaxL7TdYCIC4Musma0XGT1bb3JuurnTdZTfRusa7ZeIt1MxD3vbjFyulxh1WIh6Nt262DbAInpj2cy6iknZRfGJ-ZV1ySmFeSVFqZVpSfV5Kal1KcWlSWWhRvZGBkamBqZK5nYBJfYAAADWpPTw"
content-security-policy
script-src 'report-sample' 'nonce-jGUBApvoOpzpOqGs5aZ1UQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com https://payments.google.com/payments/v4/js/integrator.js https://payments.sandbox.google.com/payments/v4/js/integrator.js;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport
cache-control
private, max-age=3600
cross-origin-opener-policy
unsafe-none
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy
same-site
content-security-policy-report-only
script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayUi.en_US.zk3nmgXlHe4.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/fine-allowlist
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection
0
server
ESF
m=Wt6vjf,hhhU8,FCpbqb,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv... Frame EDB6 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfribUzraB-5679WZQs5wpPRQV-Ga_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
642d0020cf324a84e0b427818ca170b27c90f2148d551d0c9a291eff9aef7a13
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
45530
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:32:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:32:44 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
3528
x-xss-protection
0
server
sffe
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv... Frame EDB6 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfribUzraB-5679WZQs5wpPRQV-Ga_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
f06db989bd0b663db403dad520a62a3db477b23c4ddc87ad5125723a91f7024c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
45530
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:32:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:32:44 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
14937
x-xss-protection
0
server
sffe
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
x-goog-authuser
Access-Control-Request-Method
POST
Origin
https://pay.google.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://pay.google.com
access-control-max-age
86400
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=UTF-8
date
Wed, 28 May 2025 05:11:34 GMT
server
Playlog
x-frame-options
SAMEORIGIN
x-xss-protection
0
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
m=p3hmRc,LvGhrf,RqjULd
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv... Frame EDB6 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/am=AAADHgAE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfribUzraB-5679WZQs5wpPRQV-Ga_Q/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
096fc7afe3cf517b3704416d5c36d644cf4b5c621edfca76ba6cbf9202d5cce7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
45529
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:32:45 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:32:45 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
8424
x-xss-protection
0
server
sffe
anchor
www.google.com/recaptcha/enterprise/ Frame 717F 		73 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=wzit0u19a6bk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.103 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f103.1e100.net
Software
ESF /
Resource Hash
d2e5cfd43d5a4bf17788954cad78b28a24b6ef4ccd032db576d848a8d5d3b812
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-O4qBUylr22e3lcmy-k1ySQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://cdn.poynt.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-O4qBUylr22e3lcmy-k1ySQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy-report-only
same-origin; report-to="coop_38fac9d5b82543fc4729580d18ff2d3d"
cross-origin-resource-policy
cross-origin
date
Wed, 28 May 2025 05:11:34 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]} {"group":"coop_38fac9d5b82543fc4729580d18ff2d3d","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/38fac9d5b82543fc4729580d18ff2d3d"}]}
server
ESF
x-content-type-options
nosniff
x-xss-protection
0
transparent_square.svg
www.gstatic.com/instantbuy/svg/ 		69 B
616 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/instantbuy/svg/transparent_square.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

content-encoding
gzip
age
419796
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 08:34:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 08:34:59 GMT
last-modified
Thu, 20 Feb 2025 17:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
81
x-xss-protection
0
server
sffe
styles__ltr.css
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame 717F 		77 KB
41 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=wzit0u19a6bk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
6671fed8c2d19f5f79b545e73b099e1fe4fbea186a46b9cdfc9c31e8103ac219
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
30129
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 20:49:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 20:49:25 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/css
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
42060
x-xss-protection
0
server
sffe
recaptcha__en.js
www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/ Frame 717F 		638 KB
271 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LcdO24hAAAAABf5vhNrKlG7hX8gF_wM8xdtIiee&co=aHR0cHM6Ly9jZG4ucG95bnQubmV0OjQ0Mw..&hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd&size=invisible&cb=wzit0u19a6bk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://www.google.com/

Response headers

content-encoding
gzip
age
30130
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 20:49:24 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 20:49:24 GMT
last-modified
Mon, 19 May 2025 21:04:58 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
access-control-allow-origin
*
content-length
277777
x-xss-protection
0
server
sffe
transparent_square.svg
www.gstatic.com/instantbuy/svg/ 		69 B
0 		Other
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/instantbuy/svg/transparent_square.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

content-encoding
gzip
age
419796
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 08:34:59 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 08:34:59 GMT
last-modified
Thu, 20 Feb 2025 17:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
81
x-xss-protection
0
server
sffe
css
fonts.googleapis.com/ 		10 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans_old:500
Requested by
Host:
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.167.95 Farmingdale, United States, ASN15169 (GOOGLE, US),
Reverse DNS
ww-in-f95.1e100.net
Software
ESF /
Resource Hash
986417f1238149fa58faa25725f00b6957e1d757a35728e33be47b9bcc89be50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Wed, 28 May 2025 05:11:35 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 05:11:35 GMT
content-type
text/css; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified
Wed, 28 May 2025 03:35:02 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
generate_gpay_btn_img
pay.google.com/gp/p/ Frame C44D 		21 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&hl=en&buttonSizeMode=fill&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22AMEX%22%2C%22DISCOVER%22%2C%22JCB%22%2C%22MASTERCARD%22%2C%22VISA%22%5D%2C%22billingAddressRequired%22%3Atrue%2C%22billingAddressParameters%22%3A%7B%22format%22%3A%22FULL%22%7D%7D%7D%5D&gpayButtonVariantType=1&gpayButtonType=pay
Requested by
Host: cdn.poynt.net
URL: https://cdn.poynt.net/collect.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.62.92 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bc-in-f92.1e100.net
Software
ESF /
Resource Hash
4c780c2a0cfce66a5e230cdfd296e2fc5b9543ce22ed549ed0023a2730f1da3d
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-LS04bqMdvY_tPd69PqD3pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/fine-allowlist
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://pay.rosebay-studios.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport script-src 'report-sample' 'nonce-LS04bqMdvY_tPd69PqD3pw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/cspreport/fine-allowlist
content-type
text/html; charset=utf-8
cross-origin-opener-policy
same-origin
cross-origin-resource-policy
same-site
date
Wed, 28 May 2025 05:11:35 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
origin-trial
AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
reporting-endpoints
default="/gp/p/_/InstantbuyFrontendBuyflowPayButtonUi/web-reports?context=eJzj6mHU4pJiCNKQYlheKsWwZKYUQ8Gy6aytN8-xTgbiuQHnWcMzz7MaKlxitQfiX3mXWFnvXGItkrjC2gDCoVdZY3mvsc6yuMYakHWN1eD5ddYutRusn6pusApU32BdMOcGaxL7TdYCIC4Musma0XGT1bb3JuurnTdZTfRusa7ZeIt1MxD3vbjFyulxh1WIh6N9262DbAIPbn-fzaiknZRfGJ-ZV1ySmFeSVFqZVpSfV5Kal1KcWlSWWhRvZGBkamBqZK5nYBJfYAAAI0lPwQ"
server
ESF
strict-transport-security
max-age=31536000
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options
nosniff
x-xss-protection
0
dark_gpay.svg
www.gstatic.com/instantbuy/svg/ 		2 KB
992 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark_gpay.svg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

content-encoding
br
age
418170
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Sat, 23 May 2026 09:02:05 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Fri, 23 May 2025 09:02:05 GMT
last-modified
Sun, 25 Jun 2023 02:58:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
871
x-xss-protection
0
server
sffe
payment_white_36dp.png
www.gstatic.com/images/icons/material/system/1x/ 		149 B
446 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/1x/payment_white_36dp.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.rosebay-studios.com/

Response headers

age
327859
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Sun, 24 May 2026 10:07:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Sat, 24 May 2025 10:07:16 GMT
last-modified
Thu, 02 Nov 2023 22:48:00 GMT
content-type
image/png
vary
Origin
cache-control
public, max-age=31536000
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
149
x-xss-protection
0
server
sffe
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
log
play.google.com/ Frame EDB6 		131 B
151 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://play.google.com/log?format=json&hasfast=true&authuser=0
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.en_US.mNh0zmT-l7I.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.5qv00tM2aoo.L.B1.O/am=AAADHgAE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrhFST5E47O-5iUJR5S_DSF0m7ISuQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=uZmJdd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.115.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bg-in-f102.1e100.net
Software
Playlog /
Resource Hash
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
Security Headers
Name Value
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://pay.google.com/
User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Content-Type
text/plain;charset=UTF-8
X-Goog-AuthUser
0

Response headers

x-frame-options
SAMEORIGIN
content-encoding
gzip
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
https://pay.google.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
date
Wed, 28 May 2025 05:11:35 GMT
x-xss-protection
0
content-type
text/plain; charset=UTF-8
server
Playlog
access-control-allow-headers
X-Playlog-Web
m=_b,_tp
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/am=AAADNgAI/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0... Frame C44D 		174 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/am=AAADNgAI/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgB86cGe1EqtDetPv-nLbIbAqecmA/m=_b,_tp
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&hl=en&buttonSizeMode=fill&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22AMEX%22%2C%22DISCOVER%22%2C%22JCB%22%2C%22MASTERCARD%22%2C%22VISA%22%5D%2C%22billingAddressRequired%22%3Atrue%2C%22billingAddressParameters%22%3A%7B%22format%22%3A%22FULL%22%7D%7D%7D%5D&gpayButtonVariantType=1&gpayButtonType=pay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
fdf6682ccccfc363f750510593f59b8e23dab8e9de0a11c7a436b8342e3c1e24
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
46071
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:23:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:23:44 GMT
last-modified
Sat, 24 May 2025 03:33:39 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
63041
x-xss-protection
0
server
sffe
webworker.js
www.google.com/recaptcha/enterprise/ Frame 717F 		0
0
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 717F 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://www.gstatic.com/recaptcha/releases/jt8Oh2-Ue1u7nEbJQUIdocyd/styles__ltr.css

Response headers

age
14507
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
x-content-type-options
nosniff
expires
Wed, 04 Jun 2025 01:09:48 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 01:09:48 GMT
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
image/png
cache-control
public, max-age=604800
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
accept-ranges
bytes
content-length
2228
x-xss-protection
0
server
sffe
en.svg
www.gstatic.com/instantbuy/svg/dark/pay/ Frame C44D 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/instantbuy/svg/dark/pay/en.svg
Requested by
Host: pay.google.com
URL: https://pay.google.com/gp/p/generate_gpay_btn_img?buttonColor=black&browserLocale=en&hl=en&buttonSizeMode=fill&allowedPaymentMethods=%5B%7B%22type%22%3A%22CARD%22%2C%22parameters%22%3A%7B%22allowedAuthMethods%22%3A%5B%22PAN_ONLY%22%2C%22CRYPTOGRAM_3DS%22%5D%2C%22allowedCardNetworks%22%3A%5B%22AMEX%22%2C%22DISCOVER%22%2C%22JCB%22%2C%22MASTERCARD%22%2C%22VISA%22%5D%2C%22billingAddressRequired%22%3Atrue%2C%22billingAddressParameters%22%3A%7B%22format%22%3A%22FULL%22%7D%7D%7D%5D&gpayButtonVariantType=1&gpayButtonType=pay
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
bcd98ddc437c94e78b6ea1d852219ff438803ddd2ea7350c4a17fa7172b024bf
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
br
age
14438
report-to
{"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options
nosniff
expires
Thu, 28 May 2026 01:10:57 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Wed, 28 May 2025 01:10:57 GMT
last-modified
Tue, 01 Jun 2021 16:28:00 GMT
content-type
image/svg+xml
vary
Accept-Encoding
content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control
public, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
access-control-allow-origin
*
content-length
2003
x-xss-protection
0
server
sffe
m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.tUwd... Frame C44D 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.tUwdSXcuzHE.L.B1.O/am=AAADNgAI/d=1/exm=_b,_tp/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfriiDrTTkOSEp2vKe6rXSYf2ikRLgQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=Wt6vjf,hhhU8,FCpbqb,ws9Tlc,WhJNk
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/am=AAADNgAI/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgB86cGe1EqtDetPv-nLbIbAqecmA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
7e5e479d5076a2807576c3c11ca5d8dc9e30b39e695d66273b1300331b9db9ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
45363
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:35:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:35:32 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
7125
x-xss-protection
0
server
sffe
m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.tUwd... Frame C44D 		38 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.tUwdSXcuzHE.L.B1.O/am=AAADNgAI/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfriiDrTTkOSEp2vKe6rXSYf2ikRLgQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/am=AAADNgAI/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgB86cGe1EqtDetPv-nLbIbAqecmA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
c256ea01a8f9ee0273547632e6cc58dcca9e020c6ea722eeb8a03f7a616d1c52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
45363
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:35:32 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:35:32 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
14643
x-xss-protection
0
server
sffe
m=p3hmRc,LvGhrf,RqjULd
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.tUwd... Frame C44D 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.tUwdSXcuzHE.L.B1.O/am=AAADNgAI/d=1/exm=EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,ws9Tlc/excm=_b,_tp,generategooglepaybuttonimage/ed=1/wt=2/ujg=1/rs=AMitfriiDrTTkOSEp2vKe6rXSYf2ikRLgQ/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qafBPd:yDVVkb;qddgKe:xQtZb;tbg2ob:Up7mff;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/m=p3hmRc,LvGhrf,RqjULd
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayButtonUi.en.6AesvJHLlE8.es5.O/am=AAADNgAI/d=1/excm=_b,_tp,generategooglepaybuttonimage/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrgB86cGe1EqtDetPv-nLbIbAqecmA/m=_b,_tp
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.253.63.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bi-in-f94.1e100.net
Software
sffe /
Resource Hash
9c2863fbeb617e4fd41ae09aa41c314fd53b9016dc49a1de42a52985e1fc743c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Referer
https://pay.google.com/

Response headers

content-encoding
gzip
age
45362
report-to
{"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options
nosniff
expires
Wed, 27 May 2026 16:35:33 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 27 May 2025 16:35:33 GMT
last-modified
Sat, 24 May 2025 00:31:28 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding, Origin
cache-control
public, immutable, max-age=31536000
cross-origin-opener-policy
same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges
bytes
content-length
14724
x-xss-protection
0
server
sffe
4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpynAESo4.woff2
fonts.gstatic.com/s/googlesans/v60/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v60/4Ua_rENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RFD48TE63OOYKtrw2IJllpynAESo4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google+Sans_old:500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
192.178.218.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
yuiadtq-in-f94.1e100.net
Software
sffe /
Resource Hash
29f605fc24ea879aa72da254db3e1dbf12f6d8c21e2b20a8c87c5f65bb8e933d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.6613.88 Mobile Safari/537.36
Origin
https://pay.rosebay-studios.com
Referer
https://fonts.googleapis.com/

Response headers

age
495209
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Fri, 22 May 2026 11:38:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Thu, 22 May 2025 11:38:07 GMT
last-modified
Wed, 31 Jul 2024 20:34:05 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
22312
x-xss-protection
0
server
sffe

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.google.com
URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=en&v=jt8Oh2-Ue1u7nEbJQUIdocyd

Verdicts & Comments Add Verdict or Comment

24 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| _trfd function| sendMessage function| checkHeight object| observer object| payLink object| _signalsDataLayer function| TokenizeJs object| _tcclInternal object| _expDataLayer object| _trfq object| scc-c2 object| denylistedDomainsHashedValueListForGpayButtonWithCardInfo object| whitelistedDomainsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchentIdsHashedValueListForGpayButtonWithCardInfo object| denylistedMerchantIdsHashedValueListForGpayButtonVariant object| allowlistedMerchantDomainsForBnplDynamicButton object| allowlistedMerchantDomainsForRlmiaDynamicButton object| allowlistedMerchantDomainsForPopupModeLoadingScreen string| dynamicGpayButtonVariant object| google

4 Cookies

Domain/Path Name / Value
.rosebay-studios.com/ Name: _tccl_visitor
Value: e5d57373-e0d5-419d-a992-f43d3bf62996
.rosebay-studios.com/ Name: _tccl_visit
Value: e5d57373-e0d5-419d-a992-f43d3bf62996
.rosebay-studios.com/ Name: _scc_session
Value: pc=1&C_TOUCH=2025-05-28T05:11:32.347Z
.google.com/ Name: NID
Value: 524=UY_hv3qc1Y46GJTU9yLzGxFVyNp77EmBJU44g-GyfT1Byf4D9_BQQ_kg5NfBI0daNtqbycwuZIPm5JoguOAHVn2morn19BYbuUK1p0miuD4YTAc7PfoEHAkpOIYXnTnMgJLlEV_WARaCayzQq1DfXyZLTY5ifBfuGmjTcNVX4VNkHNcxGilteEbM8PXd_z1cvEPrfA

4 Console Messages

Source Level URL
Text
other warning URL: https://pay.rosebay-studios.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://pay.rosebay-studios.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".
other warning URL: https://pay.rosebay-studios.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "sizes".
other warning URL: https://pay.rosebay-studios.com/
Message:
Each dictionary in the list "icons" should contain a non-empty UTF8 string field "type".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.poynt.net
csp.secureserver.net
d85ecz8votkqa.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
img1.wsimg.com
pay.google.com
pay.rosebay-studios.com
paylinks.mbe.commerce.godaddy.com
play.google.com
services.poynt.net
www.google.com
www.gstatic.com
www.google.com
142.251.167.95
172.253.115.102
172.253.62.92
172.253.63.103
172.253.63.94
192.178.218.94
23.200.1.150
23.4.183.100
34.201.201.112
44.222.29.108
54.192.51.59
54.192.51.88
54.230.48.222
54.230.48.43
98.84.72.71
004d7aa90e2889f6291a71c84ac3d3e394e0cade32bd41dc214736418f769181
027081fff12683e614ec16ba1d514438363b3a48ccb4299d74c204314ea5eb52
096fc7afe3cf517b3704416d5c36d644cf4b5c621edfca76ba6cbf9202d5cce7
15509b5ffc67a34aa06dbfa8fdd6a6ea3273b5d541662de133c0a7194d600fc6
18be51100aea5e40a812a05a39800ca49cbd5c5fd49cb7487d5c864cbc4745f7
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
247d0c06602bff1f9843ef0d749c990b981f2b7d33932c8d65936324822ce7d7
29f605fc24ea879aa72da254db3e1dbf12f6d8c21e2b20a8c87c5f65bb8e933d
33bc8c338f84b5516ec6a2473544bcee17ca1b137b88290fdd0fd0d4519ba973
444bded5a29f871e7b27ab0710058c73446f46aea1242fdd8af03c220d6c140f
4c780c2a0cfce66a5e230cdfd296e2fc5b9543ce22ed549ed0023a2730f1da3d
4cc49c6e3075a4be69064a2601b4fdcd229b59101b83874abe1e64b0bb9727bf
4fe17cdd5541f4ea76a5d15af68ce63f9c5a65da69ffbfb0d7a47361431e764e
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
53bcb1ac12397043989c7cfd3e39017e0dc80711ef4a0f36eb5a12e3c2e2bf3a
642d0020cf324a84e0b427818ca170b27c90f2148d551d0c9a291eff9aef7a13
65cd0817523ee62646455939a35bb2d91315a3de397b650ddc46325f1441cd1b
6671fed8c2d19f5f79b545e73b099e1fe4fbea186a46b9cdfc9c31e8103ac219
7e5e479d5076a2807576c3c11ca5d8dc9e30b39e695d66273b1300331b9db9ba
8bc0ebe78998383a7086ee88c0fab9d0c9350ddfefaa16596505a8dd0702b9ec
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
986417f1238149fa58faa25725f00b6957e1d757a35728e33be47b9bcc89be50
9c2863fbeb617e4fd41ae09aa41c314fd53b9016dc49a1de42a52985e1fc743c
a0afdf081d821fe678fad6e0e3ae909a78f6dbc41da50b0b28404deaa3129b94
a3f379536e68b260c368b7256193845307bfa663b4e63ac27d638d3907ebfcc9
a44639012926b39de261c37f54d48e372068bc9363383623d732043907cb11be
ab5284fad168555191816f46e2f5e560ca43224ff6ec3af56172588edd4f99e0
bcd98ddc437c94e78b6ea1d852219ff438803ddd2ea7350c4a17fa7172b024bf
c256ea01a8f9ee0273547632e6cc58dcca9e020c6ea722eeb8a03f7a616d1c52
c48b1fb3987eabff87f56d5f4c54d0b60484f1b949ce0e0cc9b24982a16926f0
c6670425515377d60b8aece9b9135b29a0bc0f67c11f7b06959d4985dfd24687
d2e5cfd43d5a4bf17788954cad78b28a24b6ef4ccd032db576d848a8d5d3b812
d3d931a3396ac9b4f7dbed3f8b9c00cb678356237dbd3cc99d8f16ec408ceca5
d98e69bdbf80f2a30410951aead0579bcae9a0e1e7a14e3786948cf5b00ab4c2
dad53cb7d92ddb8a0e3aeae0b9b7a714e22e5fb731ef23270d6ca1f62738082f
dcad914962ca2218e1178a3f93abcbeaa168406321a8e1744def00d8ebd4b3ac
f06db989bd0b663db403dad520a62a3db477b23c4ddc87ad5125723a91f7024c
f383d270511912b2da11555947cb3e6012e6375cb5f0d90493c25f6048169073
f85745f006305201dbf36bd909121d6304b3c8bf92ab1aeafe44a1f5f6d02a15
fdf6682ccccfc363f750510593f59b8e23dab8e9de0a11c7a436b8342e3c1e24
fe22a639627e9ee6b2115f5f2d0a5e466dbd9aca1568d3126e79b216f5ca7bb6