rageportal.online Open in urlscan Pro
188.114.96.3 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://rageportal.online/
Effective URL:
https://rageportal.online/portal
Submission: On January 30 via api (January 30th 2026, 5:02:29 pm UTC) from GB — Scanned from FR

Summary HTTP 33 Redirects Behaviour Indicators

Summary

This website contacted 11 IPs in 6 countries across 7 domains to perform 33 HTTP transactions. The main IP is 188.114.96.3, located in Ascension Island and belongs to CLOUDFLARENET - Cloudflare, Inc., US. The main domain is rageportal.online.
TLS certificate: Issued by WE1 on January 30th 2026. Valid for: 3 months.

This is the only time rageportal.online was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 9	188.114.96.3 188.114.96.3	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:400c:c09::5c	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a04:4e42:600... 2a04:4e42:600::485	54113 (FASTLY) (FASTLY - Fastly)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:400a:1000::5f	15169 (GOOGLE) (GOOGLE - Google LLC)
2	142.251.140.163 142.251.140.163	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2606:4700:20:... 2606:4700:20::ac43:4b78	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
3	142.250.201.67 142.250.201.67	15169 (GOOGLE) (GOOGLE - Google LLC)
5	2a00:1450:400... 2a00:1450:4001:806::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
5	142.251.140.174 142.251.140.174	15169 (GOOGLE) (GOOGLE - Google LLC)
33	11

9 188.114.96.3 (Ascension Island) 1 redirects

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

rageportal.online	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:400c:c09::5c (Belgium)

ASN15169 (GOOGLE - Google LLC, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a04:4e42:600::485 (United States)

ASN54113 (FASTLY - Fastly, Inc., US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 104.17.24.14 (Ascension Island)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2a00:1450:400a:1000::5f (Switzerland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

2 142.251.140.163 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bt-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

1 2606:4700:20::ac43:4b78 (None, )

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

ui-avatars.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

3 142.250.201.67 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: tzfraa-aq-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 2a00:1450:4001:806::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

5 142.251.140.174 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: lcfraa-bt-in-f14.1e100.net

play.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Domaintools

	Apex Domain Subdomains	Transfer
13	google.com pay.google.com — Cisco Umbrella Rank: 2439 play.google.com — Cisco Umbrella Rank: 42	456 KB
9	rageportal.online 1 redirects rageportal.online	309 KB
8	gstatic.com www.gstatic.com fonts.gstatic.com	171 KB
1	ui-avatars.com ui-avatars.com — Cisco Umbrella Rank: 44259	1012 B
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 58	1 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 265	30 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 325	21 KB
33	7

	Domain	Requested by
10	play.google.com	www.gstatic.com
9	rageportal.online	1 redirects rageportal.online
6	www.gstatic.com	rageportal.online pay.google.com www.gstatic.com
3	pay.google.com	rageportal.online pay.google.com www.gstatic.com
2	fonts.gstatic.com	fonts.googleapis.com
1	ui-avatars.com	rageportal.online
1	fonts.googleapis.com	rageportal.online
1	cdnjs.cloudflare.com	rageportal.online
1	cdn.jsdelivr.net	rageportal.online
33	9

This site contains no links.

Subject Issuer	Validity	Valid
rageportal.online WE1	`2026-01-30` - `2026-04-30`	3 months	crt.sh
*.google.com WR2	`2026-01-12` - `2026-04-06`	3 months	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2025 Q2	`2025-06-02` - `2026-07-04`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2026-01-13` - `2026-04-13`	3 months	crt.sh
*.gstatic.com WE2	`2026-01-12` - `2026-04-06`	3 months	crt.sh
upload.video.google.com WR2	`2026-01-12` - `2026-04-06`	3 months	crt.sh
ui-avatars.com WE1	`2025-12-20` - `2026-03-20`	3 months	crt.sh

This page contains 2 frames:

Primary Page: https://rageportal.online/portal
Frame ID: E77150AE7F9EA5473AA059B33600E452
Requests: 16 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Frageportal.online&mid=
Frame ID: 0B742CDC72CBD9219682830EBC28AAEF
Requests: 12 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Rage Portal VX

Page URL History Show full URLs

http://rageportal.online/ HTTP 307
https://rageportal.online/ HTTP 301
https://rageportal.online/portal Page URL

Detected technologies

Google Pay (Payment processors) Expand

Overall confidence: 100%
Detected patterns

pay\.google\.com/([a-z/]+)/pay\.js

Socket.io (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

socket\.io.*\.js

SweetAlert2 (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

/npm/sweetalert2@([\d.]+)

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

cdn\.jsdelivr\.net

cdnjs (CDN) Expand

Overall confidence: 100%
Detected patterns

cdnjs\.cloudflare\.com

Page Statistics

33
Requests

100 %
HTTPS

55 %
IPv6

7
Domains

9
Subdomains

11
IPs

6
Countries

990 kB
Transfer

3119 kB
Size

1
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://rageportal.online/ HTTP 307
https://rageportal.online/ HTTP 301
https://rageportal.online/portal Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

33 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3

200

Primary Request portal Show response
rageportal.online/
Redirect Chain

http://rageportal.online/
https://rageportal.online/
https://rageportal.online/portal

1 KB
1 KB

61ms
61ms

Document
text/html

188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/portal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d6c61cd3d544efa77dd44f6c0253ec8cc98a933c884e3cae8878cf52679e966c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=60, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 9c62898d1d81b868-CDG
content-encoding: zstd
content-type: text/html; charset=UTF-8
date: Fri, 30 Jan 2026 17:02:29 GMT
expires: Fri, 30 Jan 2026 17:03:29 GMT
last-modified: Thu, 29 Jan 2026 20:10:29 GMT
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
priority: u=0,i
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=1ocXTADt4sXVZZl%2F%2BXd8C8ZuECqKVPwifKqOgaYNWkLCnlS9U8%2B0BOXg5LDtpFQy7JnSS%2BMXCKFvuBQK6SdcL2gOixnv9Ryao5YG50AOIiTa"}]}
server: cloudflare
server-timing: cfExtPri
vary: Origin
x-powered-by: Express

Redirect headers

cf-ray: 9c62898cfd17b868-CDG
content-length: 0
date: Fri, 30 Jan 2026 17:02:29 GMT
location: /portal
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=sxx%2Ff%2FG30GErWWCdiskoFYXaQeMp%2FQe1516aMuapL%2B7l9AYd%2FrGy4RoXUmKYCDvf%2FykO3gVbFy79k4FFGybwbSxPBuDRaM19YwCueudPEBfC"}]}
server: cloudflare
vary: accept-encoding

GET
H2 200 pay.js Show response
pay.google.com/gp/p/js/ 212 KB
60 KB 121ms
67ms Script
application/javascript 2a00:1450:400c:c09::5c
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pay.google.com/gp/p/js/pay.js

Requested by

Host: rageportal.online
URL: https://rageportal.online/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c , Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

09e7f345e9a9b252eb15c9d67e27fa3f4b5d780901f0a62c2dae3a61943518db

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--0AC9XSBQ5_BmCw8NzkDNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 30 Jan 2026 17:02:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
date: Fri, 30 Jan 2026 17:02:30 GMT
content-type: application/javascript; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendHttp/web-reports?context=eJzjusCoxSXF4KEhxbC8VIphyUwphoJl01lbb55jnQrEcwPOs4ZnnmftWnSedRYQGypcYnUE4l95l1g_NVxiLZK4wtoExA2hV1lnWVxjDci6xipeeYP1U9UNVqHqG6wL5txgzei4yfpq501W7yc3WU30brHGiNxh5fS4w6rOfJd1ZZYX2x1NbzZtf2-2c-nebA9febP1e_mwfaj3YZvc68Pm-NSHzd3al-1bsS8bW4kvG7uUH9tiMz-2hz7-bH0bA9jUjgawmQHxnEcBbLmegWzPwwLZhLg5lp34fJpN4MbxDmMl7aT8wvjMvOKSxLySpNLKtKL8vJLUvJTi1KKy1KJ4IwMjMwNDI0s9A6P4AgMAUt9kcw"
content-security-policy: script-src 'report-sample' 'nonce--0AC9XSBQ5_BmCw8NzkDNw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/allowlist, script-src 'unsafe-inline' 'unsafe-eval' blob: data:;report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport/fine-allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendHttp/cspreport
cache-control: private, max-age=600
cross-origin-opener-policy: same-origin
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H2 200 sweetalert2@11 Show response
cdn.jsdelivr.net/npm/ 78 KB
21 KB 758ms
244ms Script
application/javascript 2a04:4e42:600::485
Fastly

General

Check archive.org

Download Go to

Full URL

https://cdn.jsdelivr.net/npm/sweetalert2@11

Requested by

Host: rageportal.online
URL: https://rageportal.online/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::485 , United States, ASN54113 (FASTLY - Fastly, Inc., US),

Reverse DNS

Software

Resource Hash

dece79c79aef9e61d79ea2e5320d2ff3f60eb1e68c35d89317a23f08ac5c4151

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

access-control-expose-headers: *
content-encoding: br
etag: W/"13803-OU4+1PlKgoH2W6mia/4Zt6JRkIc"
age: 8327
x-content-type-options: nosniff
x-jsd-version-type: version
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
x-cache: HIT, HIT
date: Fri, 30 Jan 2026 17:02:30 GMT
content-type: application/javascript; charset=utf-8
x-served-by: cache-fra-eddf8230135-FRA, cache-ixm4290024-IXM
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 21347
x-jsd-version: 11.26.17

GET
H3 200 socket.io.js Show response
cdnjs.cloudflare.com/ajax/libs/socket.io/4.1.2/ 181 KB
30 KB 48ms
29ms Script
application/javascript 104.17.24.14
Cloudflare

General

Check archive.org

Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/socket.io/4.1.2/socket.io.js

Requested by

Host: rageportal.online
URL: https://rageportal.online/portal

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

5481fe6eefbcc6bc662fb5b44f84018622b4bb493d1dde8844fe9c563374829c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

cf-cdnjs-via: cfworker/kv
content-encoding: br
cf-cache-status: HIT
etag: "60bee51f-75d1"
age: 4684378
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fh4Amz4waAXplMYJKTqQzmscHHzhn8JsGhe98dXParOWQqPJVvhdK5DmABLebZNrAWSUrXCl3FDWt30RPfwHYK5%2FcMr9IN7OspMgaTvWLNZAkMXGhAg3rz70QWQWYMNgwF%2FjLA1g"}],"group":"cf-nel","max_age":604800}
x-content-type-options: nosniff
expires: Wed, 20 Jan 2027 17:02:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:30 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 08 Jun 2021 03:33:51 GMT
vary: Accept-Encoding
priority: u=1,i=?0
strict-transport-security: max-age=15780000
cache-control: public, max-age=30672000
timing-allow-origin: *
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
cross-origin-resource-policy: cross-origin
cf-ray: 9c62898dc94dd145-CDG
accept-ranges: bytes
access-control-allow-origin: *
content-length: 30161
server: cloudflare

GET
H3 200 index-DUP7hSz8.js Show response
rageportal.online/assets/ 905 KB
282 KB 74ms
73ms Script
application/javascript 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/assets/index-DUP7hSz8.js
Requested by: Host: rageportal.online
URL: https://rageportal.online/portal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8810c90427a274f0494fb77ce09b1e57cde67b3ce7210ed4ebf2435a93806d15

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin: https://rageportal.online
Referer: https://rageportal.online/portal

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"e2285-19c0b60f3d7"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=an3gTu2FHZtmC6rAJObRG152dOLs0a08sS0FkhmEUxV4ahjvf8RvqSkOYLE6VlXG0gOYt1sxfc6WwPDykOwzv43o2VDixjuhLnd%2BiBHqyKk9"}]}
expires: Fri, 30 Jan 2026 17:03:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:30 GMT
content-type: application/javascript; charset=UTF-8
vary: Origin, accept-encoding
last-modified: Thu, 29 Jan 2026 20:10:29 GMT
priority: u=1,i=?0
cache-control: public, max-age=120, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-credentials: true
cf-ray: 9c62898daf04b868-CDG
access-control-allow-origin: https://rageportal.online
x-powered-by: Express
server: cloudflare

GET
H3 200 index-2QRIsTVz.css
rageportal.online/assets/ 104 KB
23 KB 73ms
72ms Stylesheet
text/css 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/assets/index-2QRIsTVz.css
Requested by: Host: rageportal.online
URL: https://rageportal.online/portal
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1d14966180380b0fae811467bf9d0c0ec460d7bf76a9b92ef9af8f7665d5269d

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin: https://rageportal.online
Referer: https://rageportal.online/portal

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"19e63-19c0b60f3d0"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=ZZfu04qsWrWZXIgftT8vBCn1xF%2BeXeGUmP22eJGxoEDC2FJnv3JL8nG8y%2FTOp8VSH1ncx6dPVAH5nzDazdQl7d7cc%2FLF8i21HFt18WVm25mm"}]}
expires: Fri, 30 Jan 2026 17:03:30 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:30 GMT
content-type: text/css; charset=UTF-8
vary: Origin, accept-encoding
last-modified: Thu, 29 Jan 2026 20:10:29 GMT
priority: u=0,i=?0
cache-control: public, max-age=120, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-credentials: true
cf-ray: 9c62898daf03b868-CDG
access-control-allow-origin: https://rageportal.online
x-powered-by: Express
server: cloudflare

GET
H2 200 transparent_square.svg
www.gstatic.com/instantbuy/svg/ 69 B
614 B 91ms
31ms Other
image/svg+xml 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/instantbuy/svg/transparent_square.svg

Requested by

Host: rageportal.online
URL: https://rageportal.online/portal

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

content-encoding: gzip
age: 60018
report-to: {"group":"instantbuy-eng","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/instantbuy-eng"}]}
x-content-type-options: nosniff
expires: Sat, 30 Jan 2027 00:22:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 30 Jan 2026 00:22:12 GMT
last-modified: Thu, 20 Feb 2025 17:58:00 GMT
content-type: image/svg+xml
vary: Accept-Encoding
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/instantbuy-eng
cache-control: public, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="instantbuy-eng"
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
access-control-allow-origin: *
content-length: 81
x-xss-protection: 0
server: sffe

GET
H2 200 css2
fonts.googleapis.com/ 11 KB
1 KB 129ms
58ms Stylesheet
text/css 2a00:1450:400a:1000::5f
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700;800&family=Orbitron:wght@400;700;800;900&display=swap

Requested by

Host: rageportal.online
URL: https://rageportal.online/assets/index-2QRIsTVz.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a00:1450:400a:1000::5f , Switzerland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

3309085cd3d8e6fc747c8371dbde694663df2bc14618592d3fbc197b78f6be9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 30 Jan 2026 17:02:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 30 Jan 2026 17:02:31 GMT
content-type: text/css; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
last-modified: Fri, 30 Jan 2026 17:02:31 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-xss-protection: 0
server: ESF

GET
H3 200 sync
rageportal.online/api/ 46 B
0 57ms
57ms Fetch
application/json 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/api/sync
Requested by: Host: rageportal.online
URL: https://rageportal.online/assets/index-DUP7hSz8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/portal

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"2e-35X2OTKe1dWOkLNG8MlR8YxVHuY"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=eck2IYhOxqphPML8llIOnGkRDagOjM7ISjtRYxrjdf6QE75Ix3ZcY6xOkKXEDYvVIuUEOK7gRYxhmay13hP8dKj1vPcvzgB5WXZkc6q2qa3s"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:31 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
cache-control: no-cache, no-store, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 9c6289954b33b868-CDG
x-powered-by: Express
server: cloudflare

GET
H2 200 payframe Show response
pay.google.com/gp/p/ui/ Frame 0B74 15 KB
8 KB 246ms
208ms Document
text/html 2a00:1450:400c:c09::5c
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Frageportal.online&mid=

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/js/pay.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c , Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

2ceadd434671a2b0846d247144073e390a6e62a8e26327b526a808aaddb4ea52

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ah28UWBEcJMWbogzPOD6Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rageportal.online/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=3600
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ah28UWBEcJMWbogzPOD6Kw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/allowlist script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport/fine-allowlist require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-type: text/html; charset=utf-8
cross-origin-opener-policy: same-origin
cross-origin-resource-policy: same-site
date: Fri, 30 Jan 2026 17:02:31 GMT
expires: Fri, 30 Jan 2026 17:02:31 GMT
origin-trial: AssDE6uDpaVUq9mb8HyrCnDR4hxNa3P1PQl8E0huFRpGw4MFWswRwyuk1E68LufiBFMulCrRk3VCexIRW39eYwoAAABMeyJvcmlnaW4iOiJodHRwczovL3BheS5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJUcGNkIiwiZXhwaXJ5IjoxNzM1MzQzOTk5fQ==
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayframeUi/web-reports?context=eJzjusGoxSXF4KEhxbC8VIphyUwphoJl01lbb55jnQrEcwPOs4ZnnmftWnSedRYQGypcYnUE4l95l1g_NVxiLZK4wtoExA2hV1lnWVxjDci6xipeeYP1U9UNVqHqG6wL5txgTWK_yVoExBkdN1lf7bzJ6v3kJquJ3i3WGJE7rJwed1jVme-yrszyYruj6c2m7e_Ndi7dm-3hK2-2fi8ftg_1PmyTe33YHJ_6sLlb-7J9K_ZlYyvxZWOX8mNbbObH9tDHn61vYwCb2tEANjMgnvMogC3XM5DteVggmxAPx_ITn0-zCZyYP_suo5J2Un5hfGZecUliXklSaWVaUX5eSWpeSnFqUVlqUbyRgZGZgaGRpZ6BUXyBAQDSKWeh"
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-content-type-options: nosniff
x-ua-compatible: IE=edge
x-xss-protection: 0

GET
H3 200 UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2
fonts.gstatic.com/s/inter/v20/ 47 KB
47 KB 59ms
25ms Font
font/woff2 142.251.140.163
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/inter/v20/UcC73FwrK3iLTeHuS_nVMrMxCp50SjIa1ZL7W0Q5nw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700;800&family=Orbitron:wght@400;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.163 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f3.1e100.net

Software

sffe /

Resource Hash

c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin: https://rageportal.online
Referer: https://fonts.googleapis.com/

Response headers

age: 534159
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Sun, 24 Jan 2027 12:39:52 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Sat, 24 Jan 2026 12:39:52 GMT
last-modified: Tue, 09 Sep 2025 18:40:32 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 48432
x-xss-protection: 0
server: sffe

GET
H3 200 yMJRMIlzdpvBhQQL_Qq7dy1biN15.woff2
fonts.gstatic.com/s/orbitron/v35/ 11 KB
12 KB 68ms
34ms Font
font/woff2 142.251.140.163
Google LLC

General

Check archive.org

Download Go to

Full URL

https://fonts.gstatic.com/s/orbitron/v35/yMJRMIlzdpvBhQQL_Qq7dy1biN15.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Inter:wght@400;600;700;800&family=Orbitron:wght@400;700;800;900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.163 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f3.1e100.net

Software

sffe /

Resource Hash

967b3909a7d6a5cc6365e9947775060fca15efdb62bc70099aef2e7d86e10205

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Origin: https://rageportal.online
Referer: https://fonts.googleapis.com/

Response headers

age: 358321
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options: nosniff
expires: Tue, 26 Jan 2027 13:30:30 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Mon, 26 Jan 2026 13:30:30 GMT
last-modified: Thu, 04 Sep 2025 17:04:38 GMT
content-type: font/woff2
cache-control: public, max-age=31536000
timing-allow-origin: *
cross-origin-opener-policy: same-origin; report-to="apps-themes"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges: bytes
access-control-allow-origin: *
content-length: 11768
x-xss-protection: 0
server: sffe

GET
H2 200 /
ui-avatars.com/api/ 560 B
1012 B 69ms
25ms Image
image/svg+xml 2606:4700:20::ac43:4b78
Cloudflare

General

Check archive.org

Download Go to Show image

Full URL: https://ui-avatars.com/api/?name=Guest
Requested by: Host: rageportal.online
URL: https://rageportal.online/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4b78 -, , ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06f6063334b1e4a89dc1f99ec51e61073f5a0894c259585165a53e57c3dc4cd5

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

access-control-max-age: 31536000, 31536000
content-encoding: gzip
cf-cache-status: HIT
age: 872317
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=zlRqbRVlTmCrpXFettlIoC%2FcWMboew9S%2FRhFWrj%2B2KwzfEYolDnDp%2BMuGylimWikDF2VcWoFsAUHlqzB%2FK8308YE2fCFO41uiiKtQFuxx6livq7P1PzQNNs%3D"}]}
access-control-allow-methods: GET, OPTIONS, GET, OPTIONS
expires: Wed, 20 Jan 2027 14:43:53 GMT
date: Fri, 30 Jan 2026 17:02:31 GMT
content-type: image/svg+xml
vary: Accept-Encoding
last-modified: Tue, 20 Jan 2026 14:43:53 GMT
access-control-allow-headers: Content-Type, Accept, X-Requested-With, remember-me, cache-control, Content-Type, Accept, X-Requested-With, remember-me, cache-control
cache-control: public, max-age=31536000
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: public
access-control-allow-credentials: true, true
cf-ray: 9c628995fb62bb6c-CDG
access-control-allow-origin: *, *
server: cloudflare

GET
H3 200 active Show response
rageportal.online/api/coin-drop/ 35 B
564 B 32ms
31ms Fetch
application/json 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/api/coin-drop/active
Requested by: Host: rageportal.online
URL: https://rageportal.online/assets/index-DUP7hSz8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a8863a4e1bb9fe79c455ebd031723de607ec1fdd5ab5c52fb5418400eecd3bc

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json
Referer: https://rageportal.online/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"23-KlbIGkT5CWYOm/I95xoqAFWcU2U"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=IdXgsax6RIu%2BtWaDtoPq0TUnwXIco5YoLMt06pviduihZDB7tIFQ1ZrFLcAhiKL%2F02iBh3NW1%2FClykEQtnQie2rVfp47i4IJv3RSEnE3LpFR"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:31 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
cache-control: no-cache, no-store, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 9c628995bc59b868-CDG
x-powered-by: Express
server: cloudflare

GET
H2 200 m=_b,_tp Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AM... Frame 0B74 147 KB
56 KB 93ms
38ms Script
text/javascript 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh3NgI1YvHnND8LTOKhsXAzlrB2iQ/dti=1/m=_b,_tp

Requested by

Host: pay.google.com
URL: https://pay.google.com/gp/p/ui/payframe?origin=https%3A%2F%2Frageportal.online&mid=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

2f2362a5551d633ecf42598653f2e6ab6c8c96e65202ec2e498d7ea6e1423570

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://pay.google.com/

Response headers

content-encoding: gzip
age: 83306
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Fri, 29 Jan 2027 17:54:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 29 Jan 2026 17:54:05 GMT
last-modified: Thu, 29 Jan 2026 10:22:57 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges: bytes
content-length: 56260
x-xss-protection: 0
server: sffe

GET
H2 200 m=uZmJdd Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2E... Frame 0B74 82 KB
31 KB 27ms
26ms Script
text/javascript 2a00:1450:4001:81d::2003
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh3NgI1YvHnND8LTOKhsXAzlrB2iQ/dti=1/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

502a384bc19a07102fb6a29b01ca9fd9723ffc188c53b1b23e9391eb09efb9ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://pay.google.com/

Response headers

content-encoding: gzip
age: 74114
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Fri, 29 Jan 2027 20:27:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 29 Jan 2026 20:27:17 GMT
last-modified: Wed, 28 Jan 2026 21:24:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges: bytes
content-length: 31284
x-xss-protection: 0
server: sffe

GET
H2 200 pay Show response
pay.google.com/gp/p/ui/ Frame 0B74 1 MB
387 KB 63ms
63ms XHR
text/html 2a00:1450:400c:c09::5c
Google LLC

General

Check archive.org

Download Go to

Full URL

https://pay.google.com/gp/p/ui/pay

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh3NgI1YvHnND8LTOKhsXAzlrB2iQ/dti=1/m=_b,_tp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c09::5c , Belgium, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

51c5d13b613db92f9e0e358a1921e1fa1dd2949d4c9c3fe1240994bb0f1d7c4d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-m9mAjrRXpcuQVSSEYfYQiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com https://payments.google.com/payments/v4/js/integrator.js https://payments.sandbox.google.com/payments/v4/js/integrator.js;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://pay.google.com/

Response headers

content-encoding: gzip
x-content-type-options: nosniff
expires: Fri, 30 Jan 2026 17:02:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-ua-compatible: IE=edge
date: Fri, 30 Jan 2026 17:02:31 GMT
content-type: text/html; charset=utf-8
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options: DENY
strict-transport-security: max-age=31536000
reporting-endpoints: default="/gp/p/_/InstantbuyFrontendBuyflowPayUi/web-reports?context=eJzjusGoxSXF4KEhxbC8VIphyUwphoJl01lbb55jnQrEcwPOs4ZnnmftWnSedRYQGypcYnUE4l95l1g_NVxiLZK4wtoExA2hV1lnWVxjDci6xipeeYP1U9UNVqHqG6wL5txgTWK_yVoExBkdN1lf7bzJ6v3kJquJ3i3WGJE7rJwed1jVme-yrszyYruj6c2m7e_Ndi7dm-3hK2-2fi8ftg_1PmyTe33YHJ_6sLlb-7J9K_ZlYyvxZWOX8mNbbObH9tDHn61vYwCb2tEANjMgnvMogC3XM5DteVggmxAPx_ITn0-zCXx49uUGk5J2Un5hfGZecUliXklSaWVaUX5eSWpeSnFqUVlqUbyRgZGZgaGRpZ6BUXyBAQD3g2hl"
content-security-policy: script-src 'report-sample' 'nonce-m9mAjrRXpcuQVSSEYfYQiw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport;worker-src 'self', script-src 'unsafe-inline' 'unsafe-eval' blob: data: 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com https://sandbox.google.com https://payments.google.com https://payments.sandbox.google.com https://pay.google.com https://pay.sandbox.google.com https://payments.google.com/payments/v4/js/integrator.js https://payments.sandbox.google.com/payments/v4/js/integrator.js;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/allowlist, require-trusted-types-for 'script';report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport
cache-control: private, max-age=3600
cross-origin-opener-policy: unsafe-none
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factors, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-resource-policy: same-site
content-security-policy-report-only: script-src 'unsafe-inline' 'unsafe-eval' blob: data: https://www.gstatic.com/_/mss/boq-one-google/_/ https://www.gstatic.com/og/_/js/ https://apis.google.com/js/api.js https://apis.google.com/js/client.js https://www.googletagmanager.com/gtag/js https://www.google-analytics.com/analytics.js https://www.googletagmanager.com/gtag/destination https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayUi.fr.R1csy9ZJpe4.2018.O/ https://apis.google.com/_/scs/abc-static/_/js/;report-uri /gp/p/_/InstantbuyFrontendBuyflowPayUi/cspreport/fine-allowlist
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factors=*, ch-ua-platform=*, ch-ua-platform-version=*
x-xss-protection: 0
server: ESF

GET
H3 200 m=Wt6vjf,hhhU8,FCpbqb,WhJNk Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2E... Frame 0B74 8 KB
4 KB 29ms
28ms Script
text/javascript 142.250.201.67
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=Wt6vjf,hhhU8,FCpbqb,WhJNk

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh3NgI1YvHnND8LTOKhsXAzlrB2iQ/dti=1/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.67 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

tzfraa-aq-in-f3.1e100.net

Software

sffe /

Resource Hash

19c548a5df42775271946ebbbec5be80dc7b55c0debf0893b5747f5d255398f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://pay.google.com/

Response headers

content-encoding: gzip
age: 74114
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Fri, 29 Jan 2027 20:27:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 29 Jan 2026 20:27:17 GMT
last-modified: Wed, 28 Jan 2026 21:24:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges: bytes
content-length: 3638
x-xss-protection: 0
server: sffe

GET
H3 200 m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2E... Frame 0B74 36 KB
14 KB 29ms
29ms Script
text/javascript 142.250.201.67
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=FCpbqb,WhJNk,Wt6vjf,_b,_tp,hhhU8,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=byfTOb,lsjVmc,LEikZe,lwddkf,EFQ78c

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh3NgI1YvHnND8LTOKhsXAzlrB2iQ/dti=1/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.67 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

tzfraa-aq-in-f3.1e100.net

Software

sffe /

Resource Hash

df36b5084847db60280d43842779911f3d29519528198a2cca444d5843c31022

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://pay.google.com/

Response headers

content-encoding: gzip
age: 1680
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Sat, 30 Jan 2027 16:34:31 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Fri, 30 Jan 2026 16:34:31 GMT
last-modified: Wed, 28 Jan 2026 21:24:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges: bytes
content-length: 14307
x-xss-protection: 0
server: sffe

GET
H3 200 favicon.ico
rageportal.online/ 774 B
1 KB 65ms
65ms Other
image/x-icon 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/favicon.ico
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6160d2cbbc84f0653d40eeae5f48b0b3ffde3d65e53785aadb982499fac419dd

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://rageportal.online/

Response headers

content-encoding: zstd
cf-cache-status: MISS
etag: W/"306-18d59f8fb50"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=yYsIdlqo4k2hY1hAK9KxL9PCFebi1EM711hqKB1PBPDgWVMEw2i0M1K516tIOWP64vFaWgOgL936cQFi2yEPoZma%2FVUfM6ohJov2CKHvPxZL"}]}
expires: Fri, 30 Jan 2026 17:03:31 GMT
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:31 GMT
content-type: image/x-icon
vary: Origin, accept-encoding
last-modified: Tue, 30 Jan 2024 10:45:06 GMT
priority: u=1,i
cache-control: public, max-age=120, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
access-control-allow-credentials: true
cf-ray: 9c6289982af5b868-CDG
x-powered-by: Express
server: cloudflare

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 150ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 30 Jan 2026 17:02:31 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B74 131 B
151 B 94ms
61ms Fetch
text/plain 142.251.140.174
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.174 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://pay.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Fri, 30 Jan 2026 17:02:31 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 149ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 30 Jan 2026 17:02:31 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B74 131 B
151 B 92ms
59ms Fetch
text/plain 142.251.140.174
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.174 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://pay.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Fri, 30 Jan 2026 17:02:31 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 149ms
56ms Preflight
text/plain 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 30 Jan 2026 17:02:31 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B74 131 B
151 B 100ms
67ms Fetch
text/plain 142.251.140.174
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.174 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://pay.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Fri, 30 Jan 2026 17:02:31 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 150ms
57ms Preflight
text/plain 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 30 Jan 2026 17:02:31 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B74 131 B
151 B 91ms
58ms Fetch
text/plain 142.251.140.174
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.174 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://pay.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Fri, 30 Jan 2026 17:02:31 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

OPTIONS
H2 200 log
play.google.com/ Frame 0
0 151ms
59ms Preflight
text/plain 2a00:1450:4001:806::200e
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Playlog /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: x-goog-authuser
Access-Control-Request-Method: POST
Origin: https://pay.google.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.

Response headers

access-control-allow-credentials: true
access-control-allow-headers: X-Playlog-Web,authorization,origin,x-goog-authuser
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://pay.google.com
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/plain; charset=UTF-8
date: Fri, 30 Jan 2026 17:02:31 GMT
server: Playlog
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 log Show response
play.google.com/ Frame 0B74 131 B
151 B 96ms
64ms Fetch
text/plain 142.251.140.174
Google LLC

General

Check archive.org

Download Go to

Full URL

https://play.google.com/log?format=json&hasfast=true&authuser=0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=_b,_tp/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=uZmJdd

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.140.174 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

lcfraa-bt-in-f14.1e100.net

Software

Playlog /

Resource Hash

502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://pay.google.com/
User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: text/plain;charset=UTF-8
X-Goog-AuthUser: 0

Response headers

x-frame-options: SAMEORIGIN
content-encoding: gzip
cross-origin-resource-policy: cross-origin
access-control-allow-credentials: true
access-control-allow-origin: https://pay.google.com
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131
date: Fri, 30 Jan 2026 17:02:31 GMT
x-xss-protection: 0
content-type: text/plain; charset=UTF-8
server: Playlog
access-control-allow-headers: X-Playlog-Web

GET
H3 200 m=p3hmRc,LvGhrf,RqjULd Show response
www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2E... Frame 0B74 21 KB
8 KB 25ms
25ms Script
text/javascript 142.250.201.67
Google LLC

General

Check archive.org

Download Go to

Full URL

https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/ck=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.pf-2Eskgt2M.L.B1.O/am=AAAA4AE/d=1/exm=EFQ78c,FCpbqb,LEikZe,WhJNk,Wt6vjf,_b,_tp,byfTOb,hhhU8,lsjVmc,lwddkf,uZmJdd/excm=_b,_tp,payframeview/ed=1/wt=2/ujg=1/rs=AMitfrjxew5xtp9Rk8Qhii0KQ-Bpya16JA/ee=EmZ2Bf:zr1jrb;JsbNhc:Xd8iUd;K5nYTd:ZDZcre;LBgRLc:XVMNvd;Me32dd:MEeYgc;NJ1rfe:yGfSdd;NPKaK:PVlQOd;NSEoX:lazG7b;Pjplud:EEDORb;QGR0gd:Mlhmy;SNUn3:ZwDk9d;ScI3Yc:e7Hzgb;Uvc8o:VDovNc;YIZmRd:A1yn5d;a56pNe:JEfCwb;cEt90b:ws9Tlc;dIoSBb:SpsfSb;dowIGb:ebZ3mb;eBAeSb:zbML3c;iFQyKf:vfuNJf;lOO0Vd:OTA3Ae;oGtAuc:sOXFj;qQEoOc:KUM7Z;qafBPd:yDVVkb;qddgKe:xQtZb;wR5FRb:siKnQd;yEQyxe:p8L0ob;yxTchf:KUM7Z/dti=1/m=p3hmRc,LvGhrf,RqjULd

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-payments-consumer/_/js/k=boq-payments-consumer.InstantbuyFrontendBuyflowPayframeUi.fr.APK0RgamQQg.2018.O/am=AAAA4AE/d=1/excm=_b,_tp,payframeview/ed=1/dg=0/wt=2/ujg=1/rs=AMitfrh3NgI1YvHnND8LTOKhsXAzlrB2iQ/dti=1/m=_b,_tp

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.201.67 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

tzfraa-aq-in-f3.1e100.net

Software

sffe /

Resource Hash

e5db93e1be0b38652ad4d50b99be60a0994d0fd9352b97e8ed730f582a5e16ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Referer: https://pay.google.com/

Response headers

content-encoding: gzip
age: 74114
report-to: {"group":"boq-infra/payments-consumer-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/payments-consumer-boq-js-css-signers"}]}
x-content-type-options: nosniff
expires: Fri, 29 Jan 2027 20:27:17 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date: Thu, 29 Jan 2026 20:27:17 GMT
last-modified: Wed, 28 Jan 2026 21:24:28 GMT
content-type: text/javascript; charset=UTF-8
vary: Accept-Encoding, Origin
cache-control: public, immutable, max-age=31536000
cross-origin-opener-policy: same-origin; report-to="boq-infra/payments-consumer-boq-js-css-signers"
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/payments-consumer-boq-js-css-signers
accept-ranges: bytes
content-length: 8183
x-xss-protection: 0
server: sffe

GET
H3 200 active Show response
rageportal.online/api/coin-drop/ 35 B
567 B 32ms
32ms Fetch
application/json 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/api/coin-drop/active
Requested by: Host: rageportal.online
URL: https://rageportal.online/assets/index-DUP7hSz8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a8863a4e1bb9fe79c455ebd031723de607ec1fdd5ab5c52fb5418400eecd3bc

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json
Referer: https://rageportal.online/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"23-KlbIGkT5CWYOm/I95xoqAFWcU2U"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=hIMEi%2BkOVSY%2FMr2y0nQ4dYbS3Agy6jcM6X07UHXT2cmPCZxo%2FK342z2FtKfIZ511wVOjgy%2BDnd3GakUK7y9a5eUbzxBmp8PAiDlfkv5779tr"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:33 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
cache-control: no-cache, no-store, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 9c6289a23e0ab868-CDG
x-powered-by: Express
server: cloudflare

GET
H3 200 active Show response
rageportal.online/api/coin-drop/ 35 B
568 B 33ms
32ms Fetch
application/json 188.114.96.3
Cloudflare

General

Check archive.org

Download Go to

Full URL: https://rageportal.online/api/coin-drop/active
Requested by: Host: rageportal.online
URL: https://rageportal.online/assets/index-DUP7hSz8.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.96.3 , Ascension Island, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1a8863a4e1bb9fe79c455ebd031723de607ec1fdd5ab5c52fb5418400eecd3bc

Request headers

User-Agent: Mozilla/5.0 (Linux; Android 10; SM-A205U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.114 Mobile Safari/537.36.
Content-Type: application/json
Referer: https://rageportal.online/

Response headers

content-encoding: zstd
cf-cache-status: DYNAMIC
etag: W/"23-KlbIGkT5CWYOm/I95xoqAFWcU2U"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https://a.nel.cloudflare.com/report/v4?s=%2BfLLZjEU1SLZs4R7Rl9Okbk%2BT6VWZN7gxviTyIEyd%2Fx1CdIVWMMVHFnX6ZFsPEhEitT8epzGRMoJd8o9bJTgFWuOv0yAuYbOvqYbF8MJBnJl"}]}
expires: 0
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri
date: Fri, 30 Jan 2026 17:02:35 GMT
content-type: application/json; charset=utf-8
vary: Origin
priority: u=1,i
cache-control: no-cache, no-store, must-revalidate
nel: {"report_to":"cf-nel","success_fraction":0.0,"max_age":604800}
pragma: no-cache
access-control-allow-credentials: true
cf-ray: 9c6289aebeacb868-CDG
x-powered-by: Express
server: cloudflare

Verdicts & Comments Add Verdict or Comment

24 JavaScript Window variables

These are the non-standard variables defined on the window object. These include var declarations and global functions and can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.google.com/	1970-01-21 16:00:03	Name: NID Value: 528=QPK-IY0tXA9Ahpx7RiNVsN1ivdj9844-kgUviBSHBSpOCUUUJcsMdE4jDMHeGgRwIt3mgLKHLrPxa0ARUAYJeBJrbSQCM4d3GCbHRiBrYLbmQnrxOIpg_ZhFIc28NALWHDZKoQbvrlRDAc8QPxg4VDkiGLtcMnQ_2Tg-j1MSBHEIQtCIpJ4pU0Sr0H36eYjENbpmzlv3Zi11MnpAZyXS1i7MVbTg4CzgHvvYA-znFm0SMXDSZfcfXA

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.jsdelivr.net
cdnjs.cloudflare.com
fonts.googleapis.com
fonts.gstatic.com
pay.google.com
play.google.com
rageportal.online
ui-avatars.com
www.gstatic.com
104.17.24.14
142.250.201.67
142.251.140.163
142.251.140.174
188.114.96.3
2606:4700:20::ac43:4b78
2a00:1450:4001:806::200e
2a00:1450:4001:81d::2003
2a00:1450:400a:1000::5f
2a00:1450:400c:c09::5c
2a04:4e42:600::485
06f6063334b1e4a89dc1f99ec51e61073f5a0894c259585165a53e57c3dc4cd5
09e7f345e9a9b252eb15c9d67e27fa3f4b5d780901f0a62c2dae3a61943518db
19c548a5df42775271946ebbbec5be80dc7b55c0debf0893b5747f5d255398f4
1a8863a4e1bb9fe79c455ebd031723de607ec1fdd5ab5c52fb5418400eecd3bc
1d14966180380b0fae811467bf9d0c0ec460d7bf76a9b92ef9af8f7665d5269d
2ceadd434671a2b0846d247144073e390a6e62a8e26327b526a808aaddb4ea52
2f2362a5551d633ecf42598653f2e6ab6c8c96e65202ec2e498d7ea6e1423570
3309085cd3d8e6fc747c8371dbde694663df2bc14618592d3fbc197b78f6be9d
502a384bc19a07102fb6a29b01ca9fd9723ffc188c53b1b23e9391eb09efb9ae
502e9680cfa78fa8be779cbf4f1947c8eaa3d43bf8c7464800ec772b2ddea358
51c5d13b613db92f9e0e358a1921e1fa1dd2949d4c9c3fe1240994bb0f1d7c4d
5481fe6eefbcc6bc662fb5b44f84018622b4bb493d1dde8844fe9c563374829c
6160d2cbbc84f0653d40eeae5f48b0b3ffde3d65e53785aadb982499fac419dd
8810c90427a274f0494fb77ce09b1e57cde67b3ce7210ed4ebf2435a93806d15
8cb82f4e773caf89305f1158d3f08ea77c6b8dafb247efc3c3f591ed528d0333
967b3909a7d6a5cc6365e9947775060fca15efdb62bc70099aef2e7d86e10205
c940764593d0fe5d596be327ca7558855e018039fb78509aa21921fd3644c3e4
d6c61cd3d544efa77dd44f6c0253ec8cc98a933c884e3cae8878cf52679e966c
dece79c79aef9e61d79ea2e5320d2ff3f60eb1e68c35d89317a23f08ac5c4151
df36b5084847db60280d43842779911f3d29519528198a2cca444d5843c31022
e5db93e1be0b38652ad4d50b99be60a0994d0fd9352b97e8ed730f582a5e16ca

rageportal.online Open in urlscan Pro 188.114.96.3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

33 Requests

100 %HTTPS

55 %IPv6

7 Domains

9 Subdomains

11 IPs

6 Countries

990 kBTransfer

3119 kBSize

1 Cookies

0 Outgoing links

Page URL History

Redirected requests

33 HTTP transactions Everything HTML Script Fetch XHR CSS Image Font Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

rageportal.online Open in urlscan Pro
188.114.96.3 Public Scan

Screenshot
Live screenshot

Full Image

33
Requests

100 %
HTTPS

55 %
IPv6

7
Domains

9
Subdomains

11
IPs

6
Countries

990 kB
Transfer

3119 kB
Size

1
Cookies

33 HTTP transactions
0 data transactions